6:17 p.m.
Hello everybody,
It’s intuitively clear to me that an outdated adapter communicating with a *newer*
Keycloak isn’t a great idea and the documentation suggests importing the javascript
adapter from the server itself.
What about the opposite case of a new backend adapter with version 4.0.0.Final and an
older Keycloak 3.4.3. Is this insecure? We’re considering this option to reduce the hassle
of updating keycloak itself and upgrading our custom theme.
Best regards,
Tim Benke
3:17 p.m.
I wouldn't say it's insecure, but you may miss some important bug fixes.
Keep everything up to date if possible is always the best alternative.
On 2018-07-19, Benke, Tim wrote:
Hello everybody,
It’s intuitively clear to me that an outdated adapter communicating with a *newer*
Keycloak isn’t a great idea and the documentation suggests importing the javascript
adapter from the server itself.
What about the opposite case of a new backend adapter with version 4.0.0.Final and an
older Keycloak 3.4.3. Is this insecure? We’re considering this option to reduce the hassle
of updating keycloak itself and upgrading our custom theme.
Best regards,
Tim Benke
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
abstractj
2350
days inactive
2362
days old
1 comments
2 participants
participants (2)
-
Benke, Tim -
Bruno Oliveira