Keycloak Alpha 3 是另外一个大的新特性发行版本,值得关注的改进包括:
Minimal support for OpenID Connect. Claims like email, full name, etc. can now be transmitted and viewed with IDToken passed after login.
Configurable allowed claims. What identity claims are made in id and access tokens can be configured per application or oauth client within the admin console
Remote logout and session stats available from management console
Refresh token support
Not before revocation policy. You can set it per realm, oauth client, or application. Policies are pushed to applications that have an admin url
Fine grain admin console permissions and roles. In the main admin realm, you can now specify when users are allowed to view what in the admin console. An awesome side effect of this is that if you enable registration in the master admin realm and set a default global role of create only, keycloak can become a SaaS for SSO.
Installed Application feature to support non-browser applications that want to use Keycloak
You can now add social network links through account management
下一个版本将是 Beta1 版本,将会提供 LDAP/活动目录支持。
项目主页:http://sourceforge.net/projects/keycloak/
下载地址:http://sourceforge.net/projects/keycloak/files/
来自:oschina开源中国社区
