64 lines
3.5 KiB
Text
64 lines
3.5 KiB
Text
= Support for multiple instances of a social broker in a realm
|
|
|
|
It is now possible to have multiple instances of the same social broker in a realm.
|
|
|
|
Most of the time a realm does not need multiple instances of the same social broker. But due to the introduction
|
|
of the `organization` feature, it should be possible to link different instances of the same social broker
|
|
to different organizations.
|
|
|
|
When creating a social broker, you should now provide an `Alias` and optionally a `Display name` just like any other
|
|
broker.
|
|
|
|
= Removal of OSGi metadata
|
|
|
|
Since all of the Java adapters that used OSGi metadata have been removed we have stopped generating OSGi metadata for our jars.
|
|
|
|
= Infinispan marshalling changes to Infinispan Protostream
|
|
|
|
Marshalling is the process of converting Java objects into bytes to send them across the network between {project_name} servers.
|
|
With {project_name} 26, we changed the marshalling format from JBoss Marshalling to Infinispan Protostream.
|
|
|
|
WARNING: JBoss Marshalling and Infinispan Protostream are not compatible with each other and incorrect usage may lead to data loss.
|
|
Consequently, all caches are cleared when upgrading to this version.
|
|
|
|
Infinispan Protostream is based on https://protobuf.dev/programming-guides/proto3/[Protocol Buffers] (proto 3), which has the advantage of backwards/forwards compatibility.
|
|
|
|
= Group-related events no longer fired when removing a realm
|
|
|
|
With the goal of improving the scalability of groups, they are now removed directly from the database when removing a realm.
|
|
As a consequence, group-related events like the `GroupRemovedEvent` are no longer fired when removing a realm.
|
|
|
|
For information on how to migrate, see the link:{upgradingguide_link}[{upgradingguide_name}].
|
|
|
|
|
|
= Keycloak CR supports standard scheduling options
|
|
|
|
The Keycloak CR now exposes first class properties for controlling the scheduling of your Keycloak Pods.
|
|
|
|
For more details, see the
|
|
https://www.keycloak.org/operator/advanced-configuration[Operator Advanced Configuration].
|
|
|
|
= Configuring the LDAP Connection Pool
|
|
|
|
In this release, the LDAP connection pool configuration relies solely on system properties.
|
|
|
|
For more details, see link:{adminguide_link}#_ldap_connection_pool[Configuring the connection pool].
|
|
|
|
= The `java-keystore` key provider supports more algorithms and vault secrets
|
|
|
|
The `java-keystore` key provider, which allows loading a realm key from an external java keystore file, has been modified to manage all {project_name} algorithms. Besides, the keystore and key secrets, needed to retrieve the actual key from the store, can be configured using the link:{adminguide_link}#_vault-administration[vault]. Therefore a {project_name} realm can externalize any key to the encrypted file without sensitive data stored in the database.
|
|
|
|
For more information about this subject, see link:{adminguide_link}#realm_keys[Configuring realm keys].
|
|
|
|
= Customizable Footer in login Themes
|
|
|
|
The `template.ftl` file in the `base/login` and the `keycloak.v2/login` theme now allows to customize the footer
|
|
of the login box. This can be used to show common links or include custom scripts at the end of the page.
|
|
|
|
The new `footer.ftl` template provides a `content` macro that is rendered at the bottom of the "login box".
|
|
|
|
= Deprecating `keycloak` login Theme
|
|
|
|
The `keycloak` login theme has been deprecated in favour of the new `keycloak.v2` and will be removed in a future version.
|
|
While it remains the default for the new realms for compatibility reasons, it is strongly recommended to switch all the
|
|
realm themes to `keycloak.v2`.
|