[keycloak-user] Using Keycloak 3.4 with Spring Boot 2 Adapter 4

Bruno Oliveira bruno at abstractj.org
Tue Jul 31 09:17:08 EDT 2018


I wouldn't say it's insecure, but you may miss some important bug fixes.
Keep everything up to date if possible is always the best alternative.

On 2018-07-19, Benke, Tim wrote:
> Hello everybody,
> 
> It’s intuitively clear to me that an outdated adapter communicating with a *newer* Keycloak isn’t a great idea and the documentation suggests importing the javascript adapter from the server itself.
> 
> What about the opposite case of a new backend adapter with version 4.0.0.Final and an older Keycloak 3.4.3. Is this insecure? We’re considering this option to reduce the hassle of updating keycloak itself and upgrading our custom theme.
> 
> Best regards,
> Tim Benke
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-- 

abstractj


More information about the keycloak-user mailing list