I really want to thank Ron Sigal, Weinan Li, and the rest of the Resteasy community for having my back the last 5 months while I was focused on other things. Thanks for your hard work and patience. 3.0.9.Final is a maintenance release. There are a few minor migration notes you should read before you upgrade, but most applications shouldn’t be affected. We’ll try and do another maintenance release in like 6-8 weeks. Check out resteasy.jboss.org for download links, jira release notes, and documentation.
September 10, 2014
After 1 year of hard work, the team is proud to release our first final 1.0 release of Keycloak. We’ve stabilized our database schemas, improved performance, and refactored our SPIs and you should be good to go! I don’t want to list all the features, but check out our project website at http://keycloak.org for more information. You can find our download links there as well as screen cast tutorials on our documentation page.
Keycloak 1.1 will be our integration release where we start bringing Keycloak to different protocols, projects, and environments. Here’s a priority list of what we’re tackling
- SAML 2.0 – by merging with Picketlink IDP
- Uberfire/BRMS adapter
- Fuse FSW adapter
- EAP 6.x and Wildfly console integration
- Tomcat 7 adapter
- …More planned, but we’ll see how fast we can move before we announce anymore
In parallel, we hope to look into a few new features:
- TOTP Improvements like allowing multiple token generators
- IP Filtering
August 20, 2014
Many bugs fixes and cleanup. Not much for features although we did add a ton of tooltips to the admin console. We’re getting very close to a final release and are still on schedule to release 2nd week on September.
See keycloak.org for links to download and documentation.
August 6, 2014
After a summer of multiple vacations from various team members, we’re finally ready to release Keycloak 1.0 Beta 4. There’s not a lot of new features in the release because we focused mainly on performance, creating new SPIs, refactoring code, improving usability, and lastly fixing bugs. 64 issues completed. As usually go to the main keycloak.org page to find download links and to browse our documentation, release notes, or view our screencast tutorials. Here are some of the highlights of the release:
- Server side memory cache for all UI pages.
- Cache-control settings for UI pages
- Server side cache for all backend metadata: realms, applications, and users.
- In-memory implementation for user sessions
- New Federation SPI. Gives you a lot of flexibility to federation external stores into Keycloak
- Improved LDAP/Active Directory support
- Token validation REST API
- Support for HttpServletRequest.logout()
- Lots and lots of bugs fixes and minor improvements
You should see a big performance increase with this release as everything is cachable in memory and the database can be fully bypassed.
1.0 Final is on the way!
What’s next for Keycloak? This month we will be focusing on resolving the remaining issues logged in Jira, improving our test coverage, and updating our documentation and screencasts. No new major features. We’ll have a RC release around 3rd week of August, then our first Final release 2nd week of September!
May 29, 2014
Keycloak Beta-1 has been released! We’re edging closer to 1.0! Please visit the Keycloak website for links to documentation and downloads. A lot of hard work the last few months by Stian, Marek, myself and other contributors to bring you loads of new features and improvements:
- LDAP/Active Directory integration built on Picketlink. Thanks Marek!
- User Session management – can now view login IP address and which applications and oauth clients have open tokens. Works with any type of app too. Can view and manage sessions through user account pages or admin console
- Audit log for important events. Integration with admin console and ability to receive emails on certain events.
- Account log viewable in user account management pages
- Export database. Allows you to export a full dump of keycloak database into an encrypted file. Will help out tremendously to migrate between Keycloak versions.
- Authentication SPI. Allows you to plug in different mechanisms to retrieve and authenticate users.
- Theme support for the admin console and any sent email.
- Per-realm admin console. You can now designate a user within a realm that is an admin of that realm.
- Documented the Admin REST API finally. (Docs still kinda suck here)
- CORS support for Admin REST API
- Support for relative URLs when configuring admin console
- Server configuration file
- Social Only Logins
- Installed application adapter
- Expanded the number of example projects
What’s next? This is the last major feature release of Keycloak. We will now be focusing on performance, clustering, security audits, testing, documentation, and usability for the next few releases. We hope to release 1.0 Final sometime in July.
January 23, 2014
Keycloak is an SSO authentication server and appliance for securing web applications and RESTful web services. After 7 months of hard work, the Keycloak team (Bill Burke, Stian Thorgersen, Gabriel Cardoso, Viliam Rockai, Alexandre Mendonca, and Bolesław Dawidowicz) is proud to announce our first release, Alpha-1! There’s still a lot to do, but there’s a lot you of features you can try out. Besides written documentation, we’ve put together a bunch of video screencasts that you can view to learn and experience the features of Keycloak.
These are some of the core feature of Keycloak:
- SSO and Single Log Out for browser applications
- Social Broker. Enable Google, Facebook, Yahoo, Twitter social login with no code required.
- Openshift Quick Start so you can deploy Keycloak on the cloud
- Optional User Registration
- Password and TOTP support (via Google Authenticator). Client cert auth coming soon.
- Forgot password management
- OAuth Bearer token auth for REST Services
- Integrated Browser App to REST Service token propagation
- OAuth Bearer token auth for REST Services
- OAuth 2.0 Grant requests
- CORS Support
- CORS Web Origin management and validation
- Completely centrally managed user and role mapping metadata. Minimal configuration at the application side
- Admin Console for managing users, roles, role mappings, applications, user sessions, allowed CORS web origins, and OAuth clients.
- Deployable as a WAR, appliance, or on Openshift.
- Supports JBoss AS7, EAP 6.x, and Wildfly applications. Plans to support Node.js, RAILS, GRAILS, and other non-Java application
Go to the Keycloak website and follow the links to download, view documentation and videos, browse our source code, and submit bugs.
- Stan Silvert has written a Wildfly subsystem for Keycloak that didn’t get into the Alpha 1 release. When we get this in, it will be super easy to secure web applications within a Wildfly environment. You won’t have to crack open your WARs to add Keycloak configuration and enabling Keycloak security may be as easy as a doing a few clicks in the admin console.
- Storage protection. We’ll be adding support for more secure password hashing as well as storage encryption capabilities for the Keycloak database. Its uber important to be able to have a 2nd level of defense for hacks.
- Revocation policies. We need to be able to expire all tokens just in case somebody gets hacked and broadcast this information to deployed applications.
- User session management. This will allow you to view which users are logged in and give you the ability to log out one or more users.
- Composite roles. This will be the concept of a role group. This will make it easier to change role mappings for a large set of users.
November 12, 2013
My 2nd edition of RESTful Java is out! RESTful Java with JAX-RS 2.0 covers the spec additions to JAX-RS 2.0 including 3 new chapters:
- JAX-RS 2.0 Client API
- Asynchronous Client and Server APIs
- Filters and Interceptors
The book has also been revised here and there to cover some of the smaller features that were added to JAX-RS 2.0 like ParamConverters, Link, an the extensions added to UriBuilder. The workbook examples and chapters have been revised and expanded to cover this new content as well, so you really get 6 new chapters in total. Many thanks to Fernando Nasser, Melanie Yarborough, Meghan Blanchette, Meghan Connolly, and Charlie Roumeliotis for making this happen. I’d also like to thank the JAX-RS 2.0 JSR Expert Group, especially Marek Potociar, Santiago Pericas-Geertsen, and Sergey Beryozkin.