[keycloak-dev] PR - Remove Keycloak version from resource paths
Stian Thorgersen
sthorger at redhat.com
Thu Nov 14 09:49:56 EST 2019
I was thinking something even simpler and just add a themes/resourcesTag
file that would allow overriding it, but yes possible some option in admin
console/cli would be better.
On Thu, 14 Nov 2019 at 15:40, Marek Posolda <mposolda at redhat.com> wrote:
> Approved the PR, but there are conflicts due the already merged
> "authentication flow" PR.
>
> As a future enhancement, it will be nice if administrator has a way to
> manually invalidate the stored random characters. It could be useful in
> case that admin deployed some changes in themes and he wants all the
> users to see latest theme files. I think we already discuss this some
> time ago. Not sure if this would require some more changes in the model
> as I can see that randomly generated characters are used as ID of the
> migrationModel entity. But that can be likely re-evaluated in the future
> if needed.
>
> Marek
>
> On 14. 11. 19 14:26, Stan Silvert wrote:
> > +1
> >
> > On 11/14/2019 6:36 AM, Stian Thorgersen wrote:
> >> Today, Keycloak includes the Keycloak version in resource paths to make
> >> sure browsers fetch the new versions of resources after an upgrade.
> >>
> >> It is not good practice to expose the version of software on public
> >> endpoints, as such we need to change this behavior.
> >>
> >> To achieve this I've updated the migration model to create a random 5
> >> character URL friendly id that is persisted in the database, which is
> then
> >> used in place of the Keycloak version.
> >>
> >> That means there will be a unique resource version for each
> installation of
> >> Keycloak, which is updated when Keycloak is upgraded. To prevent
> conflicts
> >> the previous versions are not deleted from the migration model.
> >>
> >> PR is here: https://github.com/keycloak/keycloak/pull/6473
> >> _______________________________________________
> >> keycloak-dev mailing list
> >> keycloak-dev at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> >
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
More information about the keycloak-dev
mailing list