[keycloak-dev] Automatic Security Advisory for Keycloak Settings
Thomas Darimont
thomas.darimont at googlemail.com
Wed Apr 4 06:18:57 EDT 2018
Hello,
After upgrading Keycloak some settings are not updated and
left as is, either because the they were changed by the admin
or contain the previous default value.
This settings might not match the current recommendations.
Since there is currently no automatic configuration check
Keycloak admins potentially need to revisit every
setting after an upgrade / migration.
As an example for settings that need to be upgraded regularly after
a Keycloak upgrade are the Header configurations in the Security Settings.
It would be great if Keycloak would be aware of the current
best practice recommendations for configuration settings and
would list / highlight deviations.
One way to show this to admins would be a list in a dedicated
"Security Advisory" section or as a hint on a particular setting
in the admin console.
Do you have any plans for implementing something like this?
Cheers,
Thomas
More information about the keycloak-dev
mailing list