Deploying to main from @ dbdde29bb78493ee442e9c99d8949702f1937d18 🚀

Author: ahus1

2024/11/keycloak-2606-released.html

@@ -70,6 +70,9 @@
     <h1>Keycloak 26.0.6 released</h1>
     <p class="blog-date text-muted">November 22 2024</p>
 
+    <div class="alert alert-warning" role="alert" data-nosnippet>
+    This post is more than one year old. The content within the blog post is likely to be out of date.
+    </div>
 
 <p>To download the release go to <a href="https://www.keycloak.org/downloads.html">Keycloak downloads</a>.</p>
 

extensions.html

@@ -453,7 +453,7 @@ <h5 class="card-title">ORCID Social Identity Provider</h5>
                                     <div class="d-flex align-items-center">
                                         <img src="resources/images/github.png" width="16px" alt="GitHub logo"
                                              class="me-2"/>
-                                        <span>13 stars</span>
+                                        <span>14 stars</span>
                                     </div>
                                 </div>
                         </div>

nightly/server/db.html

@@ -513,6 +513,8 @@ <h3 id="_configuring_unicode_support_for_a_postgresql_database"><a class="anchor
 <div class="sect1">
 <h2 id="_preparing_for_postgresql"><a class="anchor" href="#_preparing_for_postgresql"></a>Preparing for PostgreSQL</h2>
 <div class="sectionbody">
+<div class="sect2">
+<h3 id="_writer_and_reader_instances"><a class="anchor" href="#_writer_and_reader_instances"></a>Writer and reader instances</h3>
 <div class="paragraph">
 <p>When running PostgreSQL reader and writer instances, Keycloak needs to always connect to the writer instance to do its work.
 When using the original PostgreSQL driver, Keycloak sets the <code>targetServerType</code> property of the PostgreSQL JDBC driver to <code>primary</code> to ensure that it always connects to a writable primary instance and never connects to a secondary reader instance in failover or switchover scenarios.</p>
@@ -534,14 +536,19 @@ <h2 id="_preparing_for_postgresql"><a class="anchor" href="#_preparing_for_postg
 </tr>
 </table>
 </div>
-<div class="admonitionblock tip">
-<table>
-<tr>
-<td class="icon">
-<i class="fa icon-tip" title="Tip"></i>
-</td>
-<td class="content">
-<div class="title">Secure Your PostgreSQL Connection</div>
+</div>
+<div class="sect2">
+<h3 id="_permissions_of_the_database_user"><a class="anchor" href="#_permissions_of_the_database_user"></a>Permissions of the database user</h3>
+<div class="paragraph">
+<p>Ensure that the database user has <code>SELECT</code> permissions to the following tables to ensure an efficient upgrade: <code>pg_class</code>, <code>pg_namespace</code>.</p>
+</div>
+<div class="paragraph">
+<p>This is used during upgrades of Keycloak to determine an estimated number of rows in a table.
+If Keycloak does not have permissions to access these tables, it will log a warning and proceed with the less efficient <code>SELECT COUNT(*) ...</code> operation during the upgrade to determine the number of rows in tables affected by schema changes.</p>
+</div>
+</div>
+<div class="sect2">
+<h3 id="_secure_your_connection"><a class="anchor" href="#_secure_your_connection"></a>Secure your connection</h3>
 <div class="paragraph">
 <p>To secure your database connection, configure your PostgreSQL server to use TLS and perform full server certificate verification on the client side.</p>
 </div>
@@ -568,9 +575,6 @@ <h2 id="_preparing_for_postgresql"><a class="anchor" href="#_preparing_for_postg
 </li>
 </ul>
 </div>
-</td>
-</tr>
-</table>
 </div>
 </div>
 </div>