libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions
keycloak-scim/release_notes/topics/19_0_0.adoc

47 lines
3.1 KiB
Text
Raw Normal View History

Remove adapters that are EOL from docs (#1512) * Remove adapters that are EOL from docs Closes #1510 * Update securing_apps/topics/oidc/java/servlet-filter-adapter.adoc * f
2022-05-04 08:28:16 +00:00
= OpenID Connect and SAML Adapters End-of-life
Some Keycloak OpenID Connect adapters have reached end-of-life and are not included in this release.
== Fuse 6 and 7 (OpenID Connect)
Keycloak will no longer be providing adapters for Fuse 6 or 7. If you need adapters for Fuse please leverage https://access.redhat.com/products/red-hat-single-sign-on[Red Hat Single Sign-On] 7.x adapters.
== JBoss AS 7 and EAP 6 (OpenID Connect and SAML)
JBoss AS 7 has been unmaintained for a very long time. If you are still using JBoss AS 7 we recommend migrating to WildFly and leveraging the native OIDC support in WildFly.
Red Hat customers using Red Hat JBoss Enterprise Application Platform 6.x should use https://access.redhat.com/products/red-hat-single-sign-on[Red Hat Single Sign-On] 7.x adapters. These can be used in combination with the Keycloak server.
== Jetty 9.2 and 9.3 (OpenID Connect and SAML)
Jetty 9.2 reached end of life in 2018, while Jetty 9.3 reached end of life in 2020. If you are still using these versions we recommend upgrading to Jetty 9.4 as soon as possible.
== Spring Boot 1 (OpenID Connect)
Spring Boot 1.x reached end of life in 2019. If you are still using Spring Boot 1 we recommend upgrading to Spring Boot 2 as soon as possible.
== WildFly legacy security layer (OpenID Connect and SAML)
In WildFly 25 the legacy security layer was removed, going forward only Elytron will be supported. We recommend anyone using an older version of WildFly to upgrade and leverage native OIDC support in WildFly.
Red Hat customers using Red Hat JBoss Enterprise Application Platform 7.x should use https://access.redhat.com/products/red-hat-single-sign-on[Red Hat Single Sign-On] 7.x adapters. These can be used in combination with the Keycloak server.
Adding migration guide for the extraction of the legacy modules. Related to keycloak/keycloak#10279 Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2022-05-24 14:40:51 +00:00
= Changes in Keycloak storage
The Keycloak storage is changing, and the current storage, while still supported, will eventually be replaced with a brand-new implementation.
This change brings better support for cloud-native storages, no-downtime abilities, and better support for implementing custom storages for additional areas apart from users.
It means several deep changes in the supported features of the current store will become _legacy_ features.
The legacy store and the new store cannot be used simultaneously; only one store can be active at a time.
The most visible change is that the User Storage SPI is incompatible with the new storage API, the Map Storage API.
Thus, the User Storage SPI will be deprecated with legacy store and will move to a separate module called `keycloak-model-legacy`.
This change impacts several areas, especially areas related to user federation and custom user providers.
Furthermore, APIs have been consolidated so that the details of the storage layer will be transparent to the REST service layer.
Specifically, the services will not be able to differentiate cached and non-cached objects, nor specifically access federated versus local storage.
Hence, custom extensions that access objects in local storage or cache through `KeycloakSession`
methods must be reviewed.
See link:{upgradingguide_link}[{upgradingguide_name}] for details.
Reference in a new issue Copy permalink