Keycloak Wildfly Adapter Deprecation

[Gregor Tudan]

Hi everyone!

The release notes for Keycloak 15.1 mention that the wildfly adapter is deprecated and will not be supported for Wildfly 25.

https://www.keycloak.org/docs/latest/release_notes/#wildfly-adapter-deprecation

This feels a bit premature. The new OpenID-Connect Elytron adapter is brand new. It is also missing one important feature for us: multi-tenancy. The keycloak adapter had an important feature that allowed us to determine the config from the URL:

https://github.com/keycloak/keycloak-documentation/blob/main/securing_apps/topics/oidc/java/multi-tenancy.adoc

I haven't seen anything like this in the Elytron-Adapter. This would mean that some of us will be stuck on wildfly 24 until similar becomes available.

Any chance to reconsider the deprecation? Even a bit of grace time would give the community the chance to work things out with the elytron team.

Thanks, 

Gregor

[Gregor Tudan]

After diving a bit into this, it looks even worse then expected. The new built in Adapter is definitely a good step forward, but lacks quiet a lot of commonly used features:

* bearer-only authentication: https://issues.redhat.com/browse/WFLY-15633

* Multi-Tenancy-Support: https://issues.redhat.com/browse/WFLY-15885

* Policy-Enforcement

There is an issue for improving the client: https://issues.redhat.com/browse/WFLY-15260

Just to get an idea: is it feasible to try and port the existing adapter to Wildfly 25? I'm definitely willing to give it a try, as it will probably take quiet a while for the Elytron Adapter to catch up with the legacy adapter. 

[Tobias Häfner]

Multi-Tenancy-Support is really needed for a lot of projects. That should be fixed!