Merge pull request #74 from mposolda/master

KEYCLOAK-4151 Migration guide is missing changes required to caches
2017-01-10 11:19:58 +01:00 · 2017-01-10 11:19:58 +01:00 · 0e6b275538
commit 0e6b275538
parent 2c0d4ab237 666165d35b
1 changed files with 16 additions and 0 deletions
--- a/topics/MigrationFromOlderVersions.adoc
+++ b/topics/MigrationFromOlderVersions.adoc
@ -164,6 +164,16 @@ The version specific section below will mention if any changes are required to a

 === Version specific migration

+==== Migrating to 2.5.0
+
+===== Changes to the infinispan caches
+
+The `realms` cache defined in the infinispan subsystem in `standalone.xml` or `standalone-ha.xml` configuration file, now has the eviction with the 10000 records by default.
+This is the same default like the `users` cache.
+
+Also the `authorization` cache now doesn't have any eviction on it by default.
+
+
 ==== Migrating to 2.4.0

 ===== Server SPI split into Server SPI and Sever SPI Private
@ -204,6 +214,12 @@ Note this option is still supported, but it may be useful just if you really wan
 and never download the public key from Keycloak. In theory, one reason for this can be to avoid man-in-the-middle attack if you have untrusted network between adapter and Keycloak,
 however in that case, it is much better option to use HTTPS, which will secure all the requests between adapter and Keycloak.

+===== Added infinispan cache `keys`
+
+In this release, we added new cache `keys` to the infinispan subsystem, which is defined in `standalone.xml` or `standalone-ha.xml` configuration file.
+It has also some eviction and expiration defined. This cache is internally used for caching the external public keys of the entities
+trusted by the server (Identity providers or clients, which uses authentication with signed JWT).
+
 ==== Migrating to 2.2.0

 ===== `databaseSchema` property deprecated