Merge pull request #74 from mposolda/master
KEYCLOAK-4151 Migration guide is missing changes required to caches
This commit is contained in:
commit
0e6b275538
1 changed files with 16 additions and 0 deletions
|
@ -164,6 +164,16 @@ The version specific section below will mention if any changes are required to a
|
|||
|
||||
=== Version specific migration
|
||||
|
||||
==== Migrating to 2.5.0
|
||||
|
||||
===== Changes to the infinispan caches
|
||||
|
||||
The `realms` cache defined in the infinispan subsystem in `standalone.xml` or `standalone-ha.xml` configuration file, now has the eviction with the 10000 records by default.
|
||||
This is the same default like the `users` cache.
|
||||
|
||||
Also the `authorization` cache now doesn't have any eviction on it by default.
|
||||
|
||||
|
||||
==== Migrating to 2.4.0
|
||||
|
||||
===== Server SPI split into Server SPI and Sever SPI Private
|
||||
|
@ -204,6 +214,12 @@ Note this option is still supported, but it may be useful just if you really wan
|
|||
and never download the public key from Keycloak. In theory, one reason for this can be to avoid man-in-the-middle attack if you have untrusted network between adapter and Keycloak,
|
||||
however in that case, it is much better option to use HTTPS, which will secure all the requests between adapter and Keycloak.
|
||||
|
||||
===== Added infinispan cache `keys`
|
||||
|
||||
In this release, we added new cache `keys` to the infinispan subsystem, which is defined in `standalone.xml` or `standalone-ha.xml` configuration file.
|
||||
It has also some eviction and expiration defined. This cache is internally used for caching the external public keys of the entities
|
||||
trusted by the server (Identity providers or clients, which uses authentication with signed JWT).
|
||||
|
||||
==== Migrating to 2.2.0
|
||||
|
||||
===== `databaseSchema` property deprecated
|
||||
|
|
Loading…
Reference in a new issue