libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Remove Jetty 9.4 adapters (#26261)

Browse source 
Only removing the distribution of the Jetty adapter for now, and leaving the rest for now. This is due to the complexity of removing all Jetty adapter code due to Spring, OSGI, Fuse, testsuite, etc. and it will be better to leave the rest of the clean-up to after 24 when we are removing most adapters

Closes #26255

Signed-off-by: stianst <stianst@gmail.com>
This commit is contained in:
Stian Thorgersen 2024-01-24 11:17:29 +01:00 committed by GitHub
parent ee5593a88f
commit fea49765f0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
21 changed files with 23 additions and 569 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
distribution/adapters/jetty94-adapter-zip/assembly.xml
View file

@ -1,56 +0,0 @@
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<assembly>
<id>war-dist</id>
<formats>
<format>zip</format>
<format>tar.gz</format>
</formats>
<includeBaseDirectory>false</includeBaseDirectory>
<fileSets>
<fileSet>
<directory></directory>
<includes>
<include>keycloak.mod</include>
</includes>
<outputDirectory>modules</outputDirectory>
</fileSet>
<fileSet>
<directory>${project.build.directory}/modules</directory>
<outputDirectory></outputDirectory>
</fileSet>
</fileSets>
<dependencySets>
<dependencySet>
<unpack>false</unpack>
<useTransitiveDependencies>true</useTransitiveDependencies>
<useTransitiveFiltering>true</useTransitiveFiltering>
<includes>
<include>org.keycloak:keycloak-jetty94-adapter</include>
</includes>
<excludes>
<exclude>org.eclipse.jetty:jetty-server</exclude>
<exclude>org.eclipse.jetty:jetty-util</exclude>
<exclude>org.eclipse.jetty:jetty-security</exclude>
</excludes>
<outputDirectory>lib/keycloak</outputDirectory>
</dependencySet>
</dependencySets>
</assembly>

28
distribution/adapters/jetty94-adapter-zip/keycloak.mod
View file

@ -1,28 +0,0 @@
#
# Keycloak Jetty Adapter
#
[depend]
server
security
[lib]
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
lib/keycloak/*.jar

68
distribution/adapters/jetty94-adapter-zip/pom.xml
View file

@ -1,68 +0,0 @@
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>999.0.0-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-jetty94-adapter-dist</artifactId>
<packaging>pom</packaging>
<name>Keycloak Jetty 9.4.x Adapter Distro</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jetty94-adapter</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>assemble</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptors>
<descriptor>assembly.xml</descriptor>
</descriptors>
<outputDirectory>
target
</outputDirectory>
<workDirectory>
target/assembly/work
</workDirectory>
<appendAssemblyId>false</appendAssemblyId>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

1
distribution/adapters/pom.xml
View file

@ -33,6 +33,5 @@
<modules>
<module>wildfly-adapter</module>
<module>tomcat-adapter-zip</module>
<module>jetty94-adapter-zip</module>
</modules>
</project>

2
distribution/downloads/src/main/resources/files
View file

@ -1,10 +1,8 @@
mvn:keycloak-quarkus-dist:keycloak
mvn:keycloak-api-docs-dist:keycloak-api-docs
mvn:keycloak-jetty94-adapter-dist:keycloak-oidc-jetty94-adapter
mvn:keycloak-tomcat-adapter-dist:keycloak-oidc-tomcat-adapter
mvn:keycloak-saml-jetty94-adapter-dist:keycloak-saml-jetty94-adapter
mvn:keycloak-saml-tomcat-adapter-dist:keycloak-saml-tomcat-adapter
mvn:documentation/keycloak-documentation:keycloak-documentation

56
distribution/saml-adapters/jetty94-adapter-zip/assembly.xml
View file

@ -1,56 +0,0 @@
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<assembly>
<id>war-dist</id>
<formats>
<format>zip</format>
<format>tar.gz</format>
</formats>
<includeBaseDirectory>false</includeBaseDirectory>
<fileSets>
<fileSet>
<directory></directory>
<includes>
<include>keycloak.mod</include>
</includes>
<outputDirectory>modules</outputDirectory>
</fileSet>
<fileSet>
<directory>${project.build.directory}/modules</directory>
<outputDirectory></outputDirectory>
</fileSet>
</fileSets>
<dependencySets>
<dependencySet>
<unpack>false</unpack>
<useTransitiveDependencies>true</useTransitiveDependencies>
<useTransitiveFiltering>true</useTransitiveFiltering>
<includes>
<include>org.keycloak:keycloak-saml-jetty94-adapter</include>
</includes>
<excludes>
<exclude>org.eclipse.jetty:jetty-server</exclude>
<exclude>org.eclipse.jetty:jetty-util</exclude>
<exclude>org.eclipse.jetty:jetty-security</exclude>
</excludes>
<outputDirectory>lib/keycloak</outputDirectory>
</dependencySet>
</dependencySets>
</assembly>

28
distribution/saml-adapters/jetty94-adapter-zip/keycloak.mod
View file

@ -1,28 +0,0 @@
#
# Keycloak Jetty Adapter
#
[depend]
server
security
[lib]
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
lib/keycloak/*.jar

68
distribution/saml-adapters/jetty94-adapter-zip/pom.xml
View file

@ -1,68 +0,0 @@
<!--
~ Copyright 2016 Red Hat, Inc. and/or its affiliates
~ and other contributors as indicated by the @author tags.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>keycloak-parent</artifactId>
<groupId>org.keycloak</groupId>
<version>999.0.0-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>
<artifactId>keycloak-saml-jetty94-adapter-dist</artifactId>
<packaging>pom</packaging>
<name>Keycloak SAML Jetty 9.4.x Adapter Distro</name>
<description/>
<dependencies>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-saml-jetty94-adapter</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<executions>
<execution>
<id>assemble</id>
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
<configuration>
<descriptors>
<descriptor>assembly.xml</descriptor>
</descriptors>
<outputDirectory>
target
</outputDirectory>
<workDirectory>
target/assembly/work
</workDirectory>
<appendAssemblyId>false</appendAssemblyId>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

1
distribution/saml-adapters/pom.xml
View file

@ -32,7 +32,6 @@
<modules>
<module>wildfly-adapter</module>
<module>jetty94-adapter-zip</module>
<module>tomcat-adapter-zip</module>
</modules>

21
docs/documentation/release_notes/topics/24_0_0.adoc
View file

@ -1,3 +1,24 @@
= Java adapter deprecation and removal
Back in 2022 we announced the https://www.keycloak.org/2022/02/adapter-deprecation.html[deprecation of Keycloak adapters in Keycloak 19].
To give the community more time to adopt this https://www.keycloak.org/2023/03/adapter-deprecation-update.html[was delayed].
With that in mind this will be the last major release of Keycloak to include OpenID Connect and SAML adapters.
As Jetty 9.x has not been supported since 2022 the Jetty adapter has been removed already in this release.
The generic Authorization Client library will continue to be supported, and aims to be used in combination with any
other OAuth 2.0 or OpenID Connect libraries.
The only adapter we will continue to deliver is the SAML adapter for latest releases of WildFly and EAP 8.x. Reasoning
for continuing to support this is down to the fact that the majority of the SAML codebase in Keycloak was a contribution
from WildFly. As part of this contribution we agreed to maintain SAML adapters for WildFly and EAP in the long run.
== Jetty adapter removed
Jetty 9.4 has not been supported in the community for a long time, and reached end-of-life in 2022. At the same time the
adapter has not been updated or tested with more recent versions of Jetty. For these reasons the Jetty adapter has been
removed from this release.
= New Welcome Page
The 'welcome' page that is shown when a user starts Keycloak for the first time, has been redesigned to provide a better setup experience and has been upgraded to the latest version of https://www.patternfly.org/[PatternFly]. The page layout has been simplified and now includes only a form to register the administrative user. After completing the registration, the user is redirected directly to the Administration Console.

1
docs/documentation/securing_apps/topics/oidc/java/java-adapters.adoc
View file

@ -21,7 +21,6 @@ include::spring-boot-adapter.adoc[]
ifeval::[{project_community}==true]
include::tomcat-adapter.adoc[]
include::jetty9-adapter.adoc[]
include::spring-security-adapter.adoc[]
endif::[]

141
docs/documentation/securing_apps/topics/oidc/java/jetty9-adapter.adoc
View file

@ -1,141 +0,0 @@
[[_jetty9_adapter]]
==== Jetty 9.4 adapter
include::adapter-deprecation-notice.adoc[]
{project_name} has a separate adapter for Jetty 9.4 that you will have to install into your Jetty installation.
You then have to provide some extra configuration in each WAR you deploy to Jetty.
[[_jetty9_adapter_installation]]
===== Installing the adapter
Adapters are no longer included with the appliance or war distribution. Each adapter is a separate download on the {project_name} downloads site. They are also available as a maven artifact.
.Procedure
. Download the {project_name} Jetty 9.4 adapter ZIP archive from the link:https://www.keycloak.org/downloads[Keycloak Downloads] site.
. Unzip the Jetty 9.4 distro into Jetty 9.4's link:https://eclipse.dev/jetty/documentation/jetty-9/index.html[base directory]. In the example below, the Jetty base is named `your-base`:
+
[source, subs="attributes"]
----
$ cd your-base
$ unzip keycloak-jetty94-adapter-dist-{project_version}.Final.zip
----
. Enable the `keycloak` module for your Jetty base:
+
[source]
----
$ java -jar $JETTY_HOME/start.jar --add-to-startd=keycloak
----
+
====
[NOTE]
Including the adapter's jars within your WEB-INF/lib directory will not work.
====
[[_jetty9_per_war]]
===== Jetty 9 Securing a WAR
Use this procedure to secure a WAR directly by adding config and editing files within your WAR package.
.Procedure
. Create a `WEB-INF/jetty-web.xml` file in your WAR package. This is a Jetty specific config fil. You define a {project_name} specific authenticator within it.
+
[source]
----
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
</New>
</Set>
</Get>
</Configure>
----
. Create a `keycloak.json` adapter config file within the `WEB-INF` directory of your WAR.
+
The format of this config file is described in the <<_java_adapter_config,Java adapter configuration>> section.
+
WARNING: The Jetty 9.4 adapter will not be able to find the `keycloak.json` file.
You will have to define all adapter settings within the `jetty-web.xml` file as described below.
Instead of using keycloak.json, you can define everything within the `jetty-web.xml`.
You'll just have to figure out how the json settings match to the `org.keycloak.representations.adapters.config.AdapterConfig` class.
+
[source,subs="attributes+"]
----
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.jetty.KeycloakJettyAuthenticator">
<Set name="adapterConfig">
<New class="org.keycloak.representations.adapters.config.AdapterConfig">
<Set name="realm">tomcat</Set>
<Set name="resource">customer-portal</Set>
<Set name="authServerUrl">http://localhost:8081{kc_base_path}</Set>
<Set name="sslRequired">external</Set>
<Set name="credentials">
<Map>
<Entry>
<Item>secret</Item>
<Item>password</Item>
</Entry>
</Map>
</Set>
</New>
</Set>
</New>
</Set>
</Get>
</Configure>
----
. Create the jetty-web.xml file in your webapps directory with the name of yourwar.xml.
Jetty should pick it up. You do not need to open your WAR to secure it with {project_name}.
In this mode, you declare keycloak.json configuration directly within the xml file.
. Specify both a `login-config` and use standard servlet security to specify role-base constraints on your URLs. Here's an example:
+
[source,xml]
----
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<module-name>customer-portal</module-name>
<security-constraint>
<web-resource-collection>
<web-resource-name>Customers</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>this is ignored currently</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
</web-app>
----

1
docs/documentation/securing_apps/topics/oidc/java/spring-boot-adapter.adoc
View file

@ -55,7 +55,6 @@ Currently the following embedded containers are supported and do not require any
* Tomcat
* Undertow
* Jetty
[[_spring_boot_adapter_configuration]]
===== Configuring the Spring Boot Adapter

4
docs/documentation/securing_apps/topics/overview/getting-started.adoc
View file

@ -15,7 +15,6 @@ ifeval::[{project_community}==true]
* {quickstartRepo_link}/tree/latest/spring/rest-authz-resource-server[Spring Boot]
* <<_jboss_adapter, {project_name} Wildfly Adapter>> (Deprecated)
* <<_tomcat_adapter,{project_name} Tomcat Adapter>> (Deprecated)
* <<_jetty9_adapter,{project_name} Jetty 9>> (Deprecated)
* <<_servlet_filter_adapter,{project_name} Servlet Filter>> (Deprecated)
* <<_spring_boot_adapter,{project_name} Spring Boot>> (Deprecated)
* <<_spring_security_adapter,{project_name} Spring Security>> (Deprecated)
@ -55,9 +54,6 @@ ifeval::[{project_community}==true]
* <<_saml-tomcat-adapter,Tomcat>>
endif::[]
* <<_java-servlet-filter-adapter,Servlet filter>>
ifeval::[{project_community}==true]
* <<_jetty_saml_adapter,Jetty>>
endif::[]
===== Apache HTTP Server

3
docs/documentation/securing_apps/topics/saml/java/java-adapters.adoc
View file

@ -27,9 +27,6 @@ include::tomcat-adapter.adoc[]
include::tomcat-adapter/tomcat_adapter_installation.adoc[]
include::tomcat-adapter/tomcat_adapter_per_war_config.adoc[]
include::tomcat-adapter/tomcat-adapter-samesite-setting.adoc[]
include::jetty-adapter.adoc[]
include::jetty-adapter/jetty9_installation.adoc[]
include::jetty-adapter/jetty9_per_war_config.adoc[]
endif::[]
include::servlet-filter-adapter.adoc[]

9
docs/documentation/securing_apps/topics/saml/java/jetty-adapter.adoc
View file

@ -1,9 +0,0 @@
[[_jetty_saml_adapter]]
==== Jetty SAML adapters
WARNING: The {project_name} Jetty SAML adapter is deprecated. We recommend that you use another client adapter if possible.
To be able to secure WAR apps deployed on Jetty you must install the {project_name} Jetty 9.4 SAML adapter into your Jetty installation. You then provide some extra configuration in each WAR you deploy to Jetty.
Use the following installation and configuration procedures.

30
docs/documentation/securing_apps/topics/saml/java/jetty-adapter/jetty9_installation.adoc
View file

@ -1,30 +0,0 @@
[[_jetty9_saml_adapter_installation]]
===== Jetty 9 Installing the adapter
{project_name} has a separate SAML adapter for Jetty 9.4. Adapters are no longer included with the appliance or war distribution. Each adapter is a separate download on the Keycloak download site.
They are also available as a maven artifact.
.Procedure
. Download the {project_name} Jetty 9.4 adapter ZIP archive from the link:https://www.keycloak.org/downloads[Keycloak Downloads] site.
. Unzip the Jetty 9.4 distro into Jetty 9.4's root directory.
+
====
[NOTE]
Including adapter's jars within your WEB-INF/lib directory will not work.
====
+
[source]
----
$ cd $JETTY_HOME
$ unzip keycloak-saml-jetty94-adapter-dist.zip
----
. Enable the keycloak module for your jetty.base.
+
[source]
----
$ cd your-base
$ java -jar $JETTY_HOME/start.jar --add-to-startd=keycloak
----

64
docs/documentation/securing_apps/topics/saml/java/jetty-adapter/jetty9_per_war_config.adoc
View file

@ -1,64 +0,0 @@
[[_saml-jetty9-per-war]]
===== Jetty 9 WAR Configuration
Use this procedure to secure a WAR directly.
.Procedure
. Create a `WEB-INF/jetty-web.xml` file in your WAR package.
This is a Jetty specific config file and you must define a Keycloak specific authenticator within it.
+
[source,xml]
----
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Get name="securityHandler">
<Set name="authenticator">
<New class="org.keycloak.adapters.saml.jetty.KeycloakSamlAuthenticator">
</New>
</Set>
</Get>
</Configure>
----
. Create a `keycloak-saml.xml` adapter config file within the `WEB-INF` directory of your WAR.
The format of this config file is described in the <<_saml-general-config,General Adapter Config>> section.
. Specify both a `login-config` and use standard servlet security to specify role-base constraints on your URLs. Here's an example:
+
[source,xml]
----
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<module-name>customer-portal</module-name>
<security-constraint>
<web-resource-collection>
<web-resource-name>Customers</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>this is ignored currently</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
</web-app>
----

2
docs/documentation/server_admin/topics/overview/features.adoc
View file

@ -23,7 +23,7 @@
ifeval::[{project_community}==true]
* Service Provider Interfaces (SPI) - A number of SPIs to enable customizing various aspects of the server. Authentication flows, user federation providers,
protocol mappers and many more.
* Client adapters for JavaScript applications, WildFly, JBoss EAP, Tomcat, Jetty, Spring, etc.
* Client adapters for JavaScript applications, WildFly, JBoss EAP, Tomcat, Spring, etc.
endif::[]
ifeval::[{project_product}==true]
* Client adapters for JavaScript applications, JBoss EAP, etc.

2
docs/documentation/upgrading/topics/keycloak/changes.adoc
View file

@ -910,7 +910,7 @@ Same goes with mongo and Infinispan under modules keycloak-model-mongo and keycl
==== For adapters, session id changed after login
To plug a security attack vector, for platforms that support it (Tomcat 8, Undertow/WildFly, Jetty 9), the Keycloak OIDC and SAML adapters will change the session id after login.
To plug a security attack vector, for platforms that support it (Tomcat 8, Undertow/WildFly), the Keycloak OIDC and SAML adapters will change the session id after login.
You can turn off this behavior check adapter config switches.
==== SAML SP Client adapter changes

6
pom.xml
View file

@ -1461,12 +1461,6 @@
<version>${project.version}</version>
<type>zip</type>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-jetty94-adapter-dist</artifactId>
<version>${project.version}</version>
<type>zip</type>
</dependency>
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-as7-adapter-dist</artifactId>