New Security Features in WildFly 26.1
source link: https://wildfly-security.github.io/wildfly-elytron/blog/new-security-features-wildfly-26-1/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Automatic Registration of a Client Side Default SSLContext
The Elytron authentication client now provides a Java security provider that can be used
to register a JVM wide default SSLContext. When this provider is registered with high enough
priority, all client libraries that use SSLContext.getDefault() will obtain an SSLContext instance
using the configuration from your Elytron client configuration file. For more details about this new feature
and an example of how to use it, check out this
blog post.
Support for Encrypting Filesystem Security Realms
It’s now possible to encrypt the identity files that back filesystem security realms using a secret key.
For all the details about this new feature and a complete guide on how to configure a filesystem-realm
with encryption enabled, take a look at this blog post.
Encrypting an Existing Realm
If you already have a filesystem-realm configured, it’s possible to encrypt it using a new Elytron Tool
command. Check out this blog post
for all the details on how to do this.
Enhancements for Keystore CLI Operations
The read-alias and read-aliases operations for key stores in the Elytron subsystem have been updated
to improve usability. Check out this blog post to learn more.
Securing WildFly Applications with OpenID Connect on OpenShift
Since WildFly 25, applications deployed to WildFly can be secured with OpenID Connect, without needing to use the Keycloak client adapter.
In a recent vlog, we show how to use this feature with WildFly on OpenShift.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK