Keycloak “frontend” client can be changed to be not public, but then the client secret from the keycloak UI has to be provided by shipped text file in docker-compose or kubernetes secret. A restart after setting the client secret is mandatory.
For docker-compose the docker-compose.yaml file has to be changed according to the changed or added lines in the docker-compose.yaml provided in the new sources.
New files and folders from the release have to be added.
In the Kubernetes variant, the new “bff” container has to be build according to Dockerfile.
Change PostgreSQL95Dialect to PostgreSQLDialect in docker-compose.yaml (in docker variant).
If internal postgres is used a database backup has to be made manually and uploaded to the new database after the “postgres-data” folder has been cleared. Alternatively the version of postgres has to be changed in docker-compose.yaml back to 13.
External URL in docker-compose.yml or kubernetes config has to be changed according to the real external URL.
Frontend URL has to be set via the keycloak realm UI for the “master”-realm to the external URL + “/auth”.
Fixed changing of groups assigned to an existing user in Admin UI
Newest Keycloak version from official docker repository and migration
Sub roles from groups and role composites are now used for authorization
Authorization wildcard contexts applying to a context with specific key and all values or specific value for all keys
Full context on hover as tooltip
Password not anymore required when creating new user
“Are you sure?” for deleting any entity in Admin UI
Button for deleting context disabled when Authorization is assigned
Checkbox bulk delete of comments in Admin UI
37 Chars Authorization-Name Limit fixed -> 255 chars and UI restriction
Edit context assignments to existing comment
Default Keycloak roles are hidden in Admin UI