libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions
keycloak-scim/docs/documentation/release_notes/topics/26_0_0.adoc
rmartinc 764ef4831a Release notes and some notes for JavaKeystoreProvider changes 
Closes #31226

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-07-17 10:44:45 +02:00

51 lines
No EOL
2.8 KiB
Text
Raw Blame History

= Support for multiple instances of a social broker in a realm
It is now possible to have multiple instances of the same social broker in a realm.
Most of the time a realm does not need multiple instances of the same social broker. But due to the introduction
of the `organization` feature, it should be possible to link different instances of the same social broker
to different organizations.
When creating a social broker, you should now provide an `Alias` and optionally a `Display name` just like any other
broker.
= Removal of OSGi metadata
Since all of the Java adapters that used OSGi metadata have been removed we have stopped generating OSGi metadata for our jars.
= Infinispan marshalling changes to Infinispan Protostream
Marshalling is the process of converting Java objects into bytes to send them across the network between {project_name} servers.
With {project_name} 26, we changed the marshalling format from JBoss Marshalling to Infinispan Protostream.
WARNING: JBoss Marshalling and Infinispan Protostream are not compatible with each other and incorrect usage may lead to data loss.
Consequently, all caches are cleared when upgrading to this version.
Infinispan Protostream is based on https://protobuf.dev/programming-guides/proto3/[Protocol Buffers] (proto 3), which has the advantage of backwards/forwards compatibility.
= Group-related events no longer fired when removing a realm
With the goal of improving the scalability of groups, they are now removed directly from the database when removing a realm.
As a consequence, group-related events like the `GroupRemovedEvent` are no longer fired when removing a realm.
For information on how to migrate, see the link:{upgradingguide_link}[{upgradingguide_name}].
= Keycloak CR supports standard scheduling options
The Keycloak CR now exposes first class properties for controlling the scheduling of your Keycloak Pods.
For more details, see the
https://www.keycloak.org/operator/advanced-configuration[Operator Advanced Configuration].
= Configuring the LDAP Connection Pool
In this release, the LDAP connection pool configuration relies solely on system properties.
For more details, see link:{adminguide_link}#_ldap_connection_pool[Configuring the connection pool].
= The `java-keystore` key provider supports more algorithms and vault secrets
The `java-keystore` key provider, which allows loading a realm key from an external java keystore file, has been modified to manage all {project_name} algorithms. Besides, the keystore and key secrets, needed to retrieve the actual key from the store, can be configured using the link:{adminguide_link}#_vault-administration[vault]. Therefore a {project_name} realm can externalize any key to the encrypted file without sensitive data stored in the database.
For more information about this subject, see link:{adminguide_link}#realm_keys[Configuring realm keys].
Reference in a new issue View git blame Copy permalink