keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2026-04-09 02:58:28 -04:00

Author	SHA1	Message	Date
Mike	8cda7d6f26	Fix NPE when synchronizing LDAP user attributes Signed-off-by: Mike <mmelvin0@gmail.com>	2026-04-06 10:58:27 -03:00
Stefan Guilhen	b92e062a39	Use pwdUpdateTime attribute for password modification time on 389 DS/RHDS Closes #47675 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2026-04-03 15:42:11 -03:00
Marek Posolda	7f29bc7956	Make sure to close FileInputStream in Util.readProperties(File) in SSSD code closes #40753 Signed-off-by: mposolda <mposolda@gmail.com>	2026-03-23 23:16:40 +01:00
Pedro Igor	f61822f15f	Brief user representation should not return attributes Closes #46296 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2026-03-12 14:07:41 +01:00
Tero Saarni	128384ca15	Implement forced password change for LDAP federated user (password policy control) (#15253 ) * Add limited support for LDAP password policy control Signed-off-by: Tero Saarni <tero.saarni@est.tech>	2026-02-20 09:15:51 -03:00
Pedro Ruivo	7e00961ee1	Cache evaluation of client roles with dots for role mapper Closes #43726 Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>	2026-02-17 12:45:37 +01:00
Stefan Guilhen	dd0edc24c2	Decode objectGUID when it is imported as a group attribute Closes #45917 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2026-02-11 11:13:39 -03:00
Ricardo Martin	047230a052	Remove XMLUtils.java from the SSSD federation provider Closes #45962 Signed-off-by: rmartinc <rmartinc@redhat.com>	2026-02-03 12:40:14 +00:00
Ricardo Martin	1aa1621eaa	Use MIME decoder instead of the default one to replace deprecated Base64 class Closes #45226 Signed-off-by: rmartinc <rmartinc@redhat.com>	2026-01-09 16:38:09 +01:00
Pedro Igor	6a437521a9	Only allow LDAP URL references when following referrals (#44993 ) Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Signed-off-by: Stian Thorgersen <stian@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com> Co-authored-by: Stian Thorgersen <stianst@gmail.com>	2025-12-18 14:27:10 +01:00
Pedro Igor	3ec0dd24fe	Avoid multiple calls to LDAP when querying group memberships Closes #44558 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-12-01 14:01:58 +01:00
schnillerman	4e87b1f5a0	Fix grammar in LDAP federation group mapper Closes #44341 Signed-off-by: schnillerman <till.reymann@gmail.com>	2025-11-19 23:11:24 +00:00
Stian Thorgersen	a2c1055f8d	Proposed import order (#43432 ) * Add importOrder to Spotless Closes #43235 Signed-off-by: stianst <stianst@gmail.com> * Re-order imports with Spotless Signed-off-by: stianst <stianst@gmail.com> --------- Signed-off-by: stianst <stianst@gmail.com>	2025-11-14 09:34:49 +01:00
Pedro Igor	ded372a57f	Adding utility class for working with throwables and updating the cause check to limit the number of iterations on the stacktrace Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-11-11 08:48:26 -03:00
Martin Kanis	c28cde359c	Local user can't login when ldap error Closes #43639 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-11-11 08:48:26 -03:00
Stian Thorgersen	d8275fe5df	Remove wildcard imports (#44060 ) Closes #44059 Signed-off-by: stianst <stianst@gmail.com>	2025-11-10 11:46:05 +01:00
Tomáš Kyjovský	4c64b7189c	Deprecate `org.keycloak.common.util.Base64` Closes #43370 Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com> Signed-off-by: 1867605+tkyjovsk@users.noreply.github.com Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>	2025-10-30 09:12:14 +01:00
Pedro Igor	6527b139dc	Do not lower-case username and email if users are not imported from LDAP Closes #43621 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-23 13:02:33 +02:00
stianst	aedd7fe5db	Remove unused imports as part of #43233 Signed-off-by: stianst <stianst@gmail.com>	2025-10-13 13:32:01 +02:00
Pedro Igor	54289f0130	Lowercase username and email when fetching values from LDAP object Closes #43254 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-10-07 14:14:50 +00:00
Stian Thorgersen	dbd516f8e6	Refactor SimpleHttp to make it injectable and usable outside server (#42936 ) Closes #42902 Signed-off-by: stianst <stianst@gmail.com>	2025-09-29 08:37:05 +02:00
Pedro Igor	41b64c91aa	Do not update email if there is no email from the IdP Closes #42390 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-24 04:05:05 -03:00
Pedro Igor	d65c17ebc7	Do not fail when querying user federation providers and log messages to indicate the problem Closes #42276 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-24 04:03:13 -03:00
Pedro Igor	8f0d528126	Make sure inner transactions are using their own session Closes #41942 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-09-03 17:38:19 +02:00
Steven Hawkins	b6f039a4cc	fix: adding a default for ldap connection timeout (#41726 ) closes: #39299 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com>	2025-08-19 16:43:42 +00:00
sguilhen	b7d3c8eb8b	Forward isMemberOf call to the next delegate if the group is not managed by the mapper instance Closes #40680 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-08-15 15:49:08 -03:00
Pedro Igor	3136ec25e6	memberOf attribute empty or values with a DN that does not match the role base DN fetches all roles Closes #41842 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-08-14 11:15:52 +02:00
Peter Skopek	651d651c30	Add missing artifact descriptions to allow Maven Central Portal Publisher pass validation process. (#40822 ) Signed-off-by: Peter Skopek <pskopek@redhat.com>	2025-08-12 16:50:17 +02:00
Stefan Guilhen	5b4973f0e8	Change e-mail verification to perform a find by UUID on LDAP only when the local and imported users are different Closes #41532 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-08-07 15:28:01 -03:00
Martin Kanis	235691b6cb	LDAP Import: KERBEROS_PRINCIPAL not updated when UserPrincipal changes and KERBEROS_PRINCIPAL was null on creation Closes #41520 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-07-31 17:28:28 +02:00
Martin Kylian	d97d27f827	Kerberos Server fields now trims whitespace Closes #41335 Signed-off-by: Martin Kylián <kylianm@plzen.eu> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Martin Kylián <kylianm@plzen.eu> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2025-07-28 08:07:52 +00:00
Pedro Igor	d5206b61f6	Update email feature only enabled if the required action is enabled at the realm Closes #41045 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-07-14 16:31:15 -03:00
Sylvere Richard	173471a1c9	Fix #40995 avoid ModelException: At least one condition should be provided to OR query Closes #40995 Signed-off-by: Sylvere Richard <sylvere.richard@gmail.com>	2025-07-10 15:34:02 -03:00
Martin Kanis	5a42390341	Make UPDATE_EMAIL a supported feature Closes #40227 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-07-09 10:15:48 -03:00
Pedro Igor	0188d276d8	Invalidate user cache entries when email or username are different from storage Closes #40085 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2025-06-17 20:44:01 +00:00
Pedro Igor	9412e339a8	Password modification time attribute as an operational and read-only attribute Closes #40270 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-06-10 16:28:55 +02:00
vramik	6bf5727b7b	LDAP group mapper skips configured filter and imports all groups with memberOf strategy when fetching the user's groups Closes #37537 Signed-off-by: vramik <vramik@redhat.com>	2025-05-22 09:57:31 -03:00
vramik	f45b8e0c6d	Move FGAP classes to specific package Signed-off-by: vramik <vramik@redhat.com>	2025-05-22 09:53:16 -03:00
Pedro Igor	953ba04018	Skip updating account controls if no control is set when enabling/disabling users Closes #37720 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-09 09:11:21 +02:00
Pedro Igor	9ad0e1abfa	Check if LDAP entry is still valid before validating duplicate emails Closes #39345 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-05-06 21:54:30 +02:00
Pedro Igor	68fc5aa44b	Make sure LDAP connections are released when closing sessions Closes #38660 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-28 20:13:30 +02:00
Stefan Guilhen	9976f9380c	Fix NPE in LDAPUtils.loadAllLDAPObjects when batch size is set to value <= 0 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Closes #39022	2025-04-16 12:32:57 -03:00
Pedro Igor	ab41366757	Allow setting locale when edit mode is READ_ONLY Closes #38981 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-04-16 08:55:30 +02:00
Stefan Guilhen	86b2a6a95c	Fix docs to also mention roles Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Closes #28569 Signed-off-by: Jakob Overrein <jakob.overrein@basefarm-orange.com>	2025-03-10 16:13:36 -03:00
Stefan Guilhen	a0a314aece	Append comma to the relative DN only if it is missing Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-03-10 16:13:36 -03:00
Jakob Overrein	aec62803c7	Allow users, roles, and groups, to be created in a specified DN relative to the parent DN The new field introduced will prefix the parent DN as a relative path and allow created items to be placed in a subtree instead of the parent DN. Closes #28569 Signed-off-by: Jakob Overrein <jakob.overrein@basefarm-orange.com>	2025-03-10 16:13:36 -03:00
Ricardo Martin	6751c8cb35	Include JNA dependency for the SSSD in the keycloak server (#37905 ) Closes #37898 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-03-07 11:56:33 -05:00
Stefan Guilhen	5babc6c1a3	Ensure the group being joined is not an organization group in GroupLDAPStorageMapper Closes #37393 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2025-02-17 14:41:53 -03:00
Pedro Igor	4b2d5ed472	Minor fixes, test coverage, and allow deleting local users Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-02-07 10:42:45 -03:00
Pedro Igor	602df06191	Allows querying credential from user storage providers Closes #35020 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-02-05 07:56:05 -03:00

1 2 3 4 5 ...

568 commits