Keycloak 1.7.0.CR1 发布,主要更新如下:
Groups - users can belong to one or more groups and inherit role mappings and attributes from the group.
First Broker Login Flow - we've introduced a number of improvements to first login with identity brokers as well as the ability to customize the flow used.
Client Registration - clients can now dynamically register themselves with a Keycloak server. This supports Keycloak client representations, OpenID Connect Dynamic Client Registration and SAML Entity Descriptors. Client registration are simple REST endpoints, there's also a Java library and a CLI is coming soon.
OpenID Connect Implicit and Hybrid flows - we've added support for the Implicit and Hybrid flows. It's also possible to select what flows are available for a specific client.
Add User script - as a first step to not having a default admin user we've added a script that allows creating an initial admin account.
Cache fixes - there's a number of fixes related to caching, which should improve performance especially in clusters.
Email Sender SPI - previously we had one SPI that created email content from FreeMarker and also sent emails. We've now split this into two separate SPIs.
SAML SP WildFly subsystem - there's now a WildFly subsystem for the SAML SP adapter, which makes it easier to use the SAML SP adapter on WildFly.
WildFly 10 adapter support - the WildFly adapter, including adapter subsystem, now supports WildFly 10.
Keycloak 是一个为浏览器和 RESTful Web 服务提供 SSO 的集成。基于 OAuth 2.0 和 JSON Web Token(JWT) 规范。最开始是面向 JBoss 和 Wildfly 通讯,但已经计划为其他诸如 Tomcat、Jetty、Node.js、Rails、Grails 等环境提供解决方案。
软件详情:http://blog.keycloak.org/2015/12/keycloak-170cr1-released.html
下载地址:http://sourceforge.net/projects/keycloak/files/
来自:开源中国社区
