Keycloak 1.0 Final Released

1 Comment

After 1 year of hard work, the team is proud to release our first final 1.0 release of Keycloak.  We’ve stabilized our database schemas, improved performance, and refactored our SPIs and you should be good to go!  I don’t want to list all the features, but check out our project website at for more information.  You can find our download links there as well as screen cast tutorials on our documentation page.

What’s Next?

Keycloak 1.1 will be our integration release where we start bringing Keycloak to different protocols, projects, and environments.  Here’s a priority list of what we’re tackling

  • SAML 2.0 – by merging with Picketlink IDP
  • Uberfire/BRMS adapter
  • Fuse FSW adapter
  • EAP 6.x and Wildfly console integration
  • Tomcat 7 adapter
  • …More planned, but we’ll see how fast we can move before we announce anymore

In parallel, we hope to look into a few new features:

  • Internationalization
  • TOTP Improvements like allowing multiple token generators
  • IP Filtering

Keycloak 1.0 RC 1 Released

Leave a comment

Many bugs fixes and cleanup.  Not much for features although we did add a ton of tooltips to the admin console.  We’re getting very close to a final release and are still on schedule to release 2nd week on September.

See for links to download and documentation.

Keycloak Beta 4 Released


After a summer of multiple vacations from various team members, we’re finally ready to release Keycloak 1.0 Beta 4.  There’s not a lot of new features in the release because we focused mainly on performance, creating new SPIs, refactoring code, improving usability, and lastly fixing bugs. 64 issues completed.  As usually go to the main page to find download links and to browse our documentation, release notes, or view our screencast tutorials.  Here are some of the highlights of the release:

  • Server side memory cache for all UI pages.
  • Cache-control settings for UI pages
  • Server side cache for all backend metadata: realms, applications, and users.
  • In-memory implementation for user sessions
  • New Federation SPI.  Gives you a lot of flexibility to federation external stores into Keycloak
  • Improved LDAP/Active Directory support
  • Token validation REST API
  • Support for HttpServletRequest.logout()
  • Lots and lots of bugs fixes and minor improvements

You should see a big performance increase with this release as everything is cachable in memory and the database can be fully bypassed.

1.0 Final is on the way!

What’s next for Keycloak?  This month we will be focusing on resolving the remaining issues logged in Jira, improving our test coverage, and updating our documentation and screencasts.  No new major features.  We’ll have a RC release around 3rd week of August, then our first Final release 2nd week of September!


Keycloak Beta 3 Released

Leave a comment

Mostly a bunch of bug fixes that we needed to push out for users.  We’re still pretty focused on performance and hope that Beta 4 will allow Keycloak to run in a cluster with some caching capabilities.  See for links on downloading, docs, and jira release notes.

Keycloak Beta-1 Released!

1 Comment

Keycloak Beta-1 has been released!  We’re edging closer to 1.0! Please visit the Keycloak website for links to documentation and downloads.  A lot of hard work the last few months by Stian, Marek, myself and other contributors to bring you loads of new features and improvements:

  • LDAP/Active Directory integration built on Picketlink.  Thanks Marek!
  • User Session management – can now view login IP address and which applications and oauth clients have open tokens.  Works with any type of app too.  Can view and manage sessions through user account pages or admin console
  • Audit log for important events.  Integration with admin console and ability to receive emails on certain events.
  • Account log viewable in user account management pages
  • Export database.  Allows you to export a full dump of keycloak database into an encrypted file.  Will help out tremendously to migrate between Keycloak versions.
  • Authentication SPI.  Allows you to plug in different mechanisms to retrieve and authenticate users.
  • Theme support for the admin console and any sent email.
  • Per-realm admin console.  You can now designate a user within a realm that is an admin of that realm.
  • Documented the Admin REST API finally.  (Docs still kinda suck here)
  • CORS support for Admin REST API
  • Improvements in Javascript adapter.  Including OpenID Connect session iframe style for single-sign out and support for Cordova.
  • Support for relative URLs when configuring admin console
  • Server configuration file
  • Social Only Logins
  • Installed application adapter
  • Expanded the number of example projects

What’s next? This is the last major feature release of Keycloak.  We will now be focusing on performance, clustering, security audits, testing, documentation, and usability for the next few releases.  We hope to release 1.0 Final sometime in July.


Translating “Right tool for the job”


When I hear somebody say “Right tool for the job” I cringe.  The acid in my stomach starts to churn.  My blood pressure goes up.  I just feel like lashing out or screaming.  Why do I get this reaction?  Its a simple, logical statement.  Sounds like great advice, right?  In my experience though, “right tool for the job” is often code for something else.  Its an often used, cliche excuse to hide hidden motives.  So, let me translate for you the true meaning of “Right tool for the job”.

  • There’s this cool fad new language that everybody is talking about.  I’m going to use this new language to implement a new feature even though nobody else on my team will be able to maintain it but me.  Even though the code will hard to maintain because I’ll be experimenting with every possible new feature of the new fad language I’m using. Thus: New language XXX is the RIGHT TOOL FOR THE JOB!.
  • Everybody is talking about this new cool No SQL stuff, but I’m stuck coding RDBMS with Hibernate.  Thus: No-SQL DB XXX is the RIGHT TOOL FOR THE JOB!
  • This job sucks and I need to train myself in a new technology so I can get a new job. Thus: Technology XXX is the RIGHT TOOL FOR THE JOB!
  • My product/project is missing a key fundamental feature that a competing, more mature technology has had for years.  I can’t say that this competing older, mature technology is better, I need an excuse so instead I say: You need to pick the RIGHT TOOL FOR THE RIGHT JOB!

Consultants are even more notorious for this.

  • I need to make myself invaluable to this company so I can keep billing high rates for myself and my underlings.  So, I will find a technology that nobody in this company has experience. Thus, Technology XXX is the RIGHT TOOL FOR THE JOB!
  • I need to train a bunch of my new consultants in a new technology.  Better to charge this training on somebody else’s dime.  Thus, Technology XXX is the RIGHT TOOL FOR THE JOB!
  • I need to drum up business, sales are lagging.  So, I’ll create a new methodology and pay some Thought Leader to bless the methodology.  Then I’ll get my best speaker to troll all the developer conferences touting this new methodology.  Thus, Methodology XXX is the RIGHT TOOL FOR THE JOB!

Admit it! You see this happening everywhere.  We’ve all done it at least once.  But no more for me!  Just like I want to purge swearing and cursing in front of my kids, I want Right Tool for the Job out of my vocabulary as well.  If you ever hear or see my say this phrase, call me a hypocrite.  Flame me.  Chastise me.  Remind me of this blog!



Resteasy 3.0.7.Final Released

Leave a comment

Ron fixed a few bugs in validation. Netty improvements. A few other bug fixes here and there.

As usual, follow links from to download and view documentation and release notes.

Older Entries Newer Entries

%d bloggers like this: