v1.3.0

We are excited to announce a new version of KumuluzEE Security - 1.3.0.

This release adds support for new authentication provider - Firebase Authentication

Features

• Validate ID tokens generated by Firebase.
• Check roles provided in custom claims and deny access if user lacks required roles.
• Validate session cookie instead of ID token.

v1.2.0

This release provides some new features for configuring the Keycloak integration.

Features

• Add a new property to specify custom configuration resolver class for Keycloak.
• Support for adding the Keycloak configuration via yaml properties and roles from resources.

v1.1.0

This release of KumuluzEE Security project provides integration with KumuluzEE GraphQL project. Furthermore, it includes updated dependencies, support for Java 9+, and some minor improvements and bugfixes.

Features

• Integration with KumuluzEE GraphQL.
• Jetty adapter is now excluded from the project and must be included manually by developer.

Enhancements

• Added Java 9+ support.
• Updated dependency versions.
• Added switch to disable Jetty servlet security

v1.0.1

This quick release includes a fix for interaction with other extensions that also use annotation processing (e.g. KumuluzEE-Discovery)

Bugs

• Fixed annotation processor to work with other KumuluzEE extensions

v1.0.0

We're happy to announce the initial version of the KumuluzEE Security extension v1.0.0 for the KumuluzEE framework.

The extension currently comes with support for using Keycloak as the OpenID Connect authentication provider. You can quickly and easily secure your service by either using the standard web.xml configuration or the standard Java Security annotations and can even seamlessly transition between them. We're looking forward to adding additional providers in the future.

We're excited to get the extension into your hands!