keycloak-scim/docs/documentation/release_notes/topics/11_0_0.adoc
rmartinc ccab30d5f2 Move saml documentation to guides
Closes #31330

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-07-24 11:50:24 +02:00

39 lines
2 KiB
Text

= Highlights
== LDAPv3 password modify operation
Support for LDAPv3 password modify operation was added. Also the ability in the admin console to request metadata from the configured
LDAP server to see if it supports LDAPv3 password modify operation.
Thanks to https://github.com/cachescrubber[cachescrubber]
== Namespace support for LDAP group mapper
Namespace support for LDAP group mapper allows you to map groups from LDAP under specified branch (namespace) of the Keycloak groups tree.
Previously groups from LDAP were always added as the top level groups in Keycloak.
Thanks to https://github.com/tjuerge[Torsten Juergeleit]
== Upgrade to WildFly 20
Keycloak server was upgraded to use WildFly 20.0.1.Final under the covers. For more details,
please take a look at link:{upgradingguide_link_latest}[{upgradingguide_name}].
== SAML POST binding is broken in the latest versions of browsers
The `SameSite` value `None` for `JSESSIONID` cookie is necessary for correct behavior of the {project_name} SAML adapter.
Usage of a different value is causing resetting of the container's session with each request to {project_name}, when
the SAML POST binging is used. Refer to the following steps for
link:https://www.keycloak.org/guides#securing-apps[Keycloak SAML Galleon feature pack for WildFly and EAP] guide to keep the correct behavior. Notice, that this
workaround should be working also with the previous versions of the adapter.
== Other improvements
* Support for client offline session lifespan. Thanks to https://github.com/y-tabata[Yoshiyuki Tabata]
* Czech translation. Thanks to https://github.com/jakubknejzlik[Jakub Knejzlík]
* Possibility to fetch additional fields from the Facebook identity provider. Thanks to https://github.com/BartoszSiemienczuk[Bartosz Siemieńczuk]
* Support for AES 192 and AES 256 algorithms used for signed and encrypted ID tokens. Thanks to https://github.com/tnorimat[Takashi Norimatsu]
* Ability to specify signature algorithm in Signed JWT Client Authentication. Thanks to https://github.com/tnorimat[Takashi Norimatsu]