“T]hose who do not understand HTTP are doomed to re-implement it on top of itself
February 12, 2015
December 6, 2014
A lot of new features this release.
- Tomcat 6, 7, and 8 adapters
- Jetty 8.1, 9.1, and 9.2 adapters
- HTTP Security Proxy for platforms that don’t have an adapter based on Undertow.
- Wildfly subsystem for auth server. Allows you to run keycloak in domain mode to make it easier to run in a cluster.
Hope to do 1.1.0.Final sometime end of January. See http://keycloak.org for more details.
November 5, 2014
- SAML 2.0 support. Keycloak already supports OpenID Connect, but with this release we’re also introducing support for SAML 2.0. We did this by pulling in and building on top of Picketlink’s SAML libraries.
- Vastly improved clustering support. We’ve also significantly improved our clustering support, for the server and application adapters. The server can now be configured to use an invalidation cache for realm meta-data and user profiles, while user-sessions can be stored in a distributed cache allowing for both increased scalability and availability. Application adapters can be configured for either sticky-session or stateless if sticky-sessions are not available. We’ve also added support for nodes to dynamically register with Keycloak to receive for example logout notifications.
- Adapter multi-tenancy support. Thanks to Juraci Paixão Kröhling we now have multi-tenancy support in application adapters. His contribution makes it easy to use more than one realm for a single application. It’s up to you to decide which realm is used for a request, but this could for example be depending on domain name or context-path. For anyone interested in this feature there’s a simple example that shows how to get started.
- Tomcat 7 Adapter. A while back Davide Ungari contributed a Tomcat 7 application adapter for Keycloak, but we haven’t had time to document, test and make it a supported adapter until now.
September 17, 2014
I really want to thank Ron Sigal, Weinan Li, and the rest of the Resteasy community for having my back the last 5 months while I was focused on other things. Thanks for your hard work and patience. 3.0.9.Final is a maintenance release. There are a few minor migration notes you should read before you upgrade, but most applications shouldn’t be affected. We’ll try and do another maintenance release in like 6-8 weeks. Check out resteasy.jboss.org for download links, jira release notes, and documentation.
September 10, 2014
After 1 year of hard work, the team is proud to release our first final 1.0 release of Keycloak. We’ve stabilized our database schemas, improved performance, and refactored our SPIs and you should be good to go! I don’t want to list all the features, but check out our project website at http://keycloak.org for more information. You can find our download links there as well as screen cast tutorials on our documentation page.
Keycloak 1.1 will be our integration release where we start bringing Keycloak to different protocols, projects, and environments. Here’s a priority list of what we’re tackling
- SAML 2.0 – by merging with Picketlink IDP
- Uberfire/BRMS adapter
- Fuse FSW adapter
- EAP 6.x and Wildfly console integration
- Tomcat 7 adapter
- …More planned, but we’ll see how fast we can move before we announce anymore
In parallel, we hope to look into a few new features:
- TOTP Improvements like allowing multiple token generators
- IP Filtering
August 20, 2014
Many bugs fixes and cleanup. Not much for features although we did add a ton of tooltips to the admin console. We’re getting very close to a final release and are still on schedule to release 2nd week on September.
See keycloak.org for links to download and documentation.
August 6, 2014
After a summer of multiple vacations from various team members, we’re finally ready to release Keycloak 1.0 Beta 4. There’s not a lot of new features in the release because we focused mainly on performance, creating new SPIs, refactoring code, improving usability, and lastly fixing bugs. 64 issues completed. As usually go to the main keycloak.org page to find download links and to browse our documentation, release notes, or view our screencast tutorials. Here are some of the highlights of the release:
- Server side memory cache for all UI pages.
- Cache-control settings for UI pages
- Server side cache for all backend metadata: realms, applications, and users.
- In-memory implementation for user sessions
- New Federation SPI. Gives you a lot of flexibility to federation external stores into Keycloak
- Improved LDAP/Active Directory support
- Token validation REST API
- Support for HttpServletRequest.logout()
- Lots and lots of bugs fixes and minor improvements
You should see a big performance increase with this release as everything is cachable in memory and the database can be fully bypassed.
1.0 Final is on the way!
What’s next for Keycloak? This month we will be focusing on resolving the remaining issues logged in Jira, improving our test coverage, and updating our documentation and screencasts. No new major features. We’ll have a RC release around 3rd week of August, then our first Final release 2nd week of September!