(camel) branch main updated: CAMEL-23738: add camel-keycloak upgrade note to 4.18 guide (doc-sync for backport #23981) (#23986)

Fri, 12 Jun 2026 02:31:14 -0700 

This is an automated email from the ASF dual-hosted git repository.

oscerd pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git


The following commit(s) were added to refs/heads/main by this push:
     new 1831c14168e6 CAMEL-23738: add camel-keycloak upgrade note to 4.18 
guide (doc-sync for backport #23981) (#23986)
1831c14168e6 is described below

commit 1831c14168e6d465fb49285d77f3e84775874e79
Author: Andrea Cosentino <[email protected]>
AuthorDate: Fri Jun 12 11:30:56 2026 +0200

    CAMEL-23738: add camel-keycloak upgrade note to 4.18 guide (doc-sync for 
backport #23981) (#23986)
    
    Signed-off-by: Andrea Cosentino <[email protected]>
    Co-authored-by: Claude Opus 4.8 (1M context) <[email protected]>
---
 .../modules/ROOT/pages/camel-4x-upgrade-guide-4_18.adoc       | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git 
a/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_18.adoc 
b/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_18.adoc
index fcf43e8de478..476a5a79f1a4 100644
--- a/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_18.adoc
+++ b/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_18.adoc
@@ -13,6 +13,17 @@ See the xref:camel-upgrade-recipes-tool.adoc[documentation] 
page for details.
 
 == Upgrading from 4.18.1 to 4.18.3
 
+=== camel-keycloak
+
+The `KeycloakSecurityPolicy` route policy now always verifies the access token 
when one is present - signature,
+issuer and expiry for local JWT verification, or active state and issuer when 
token introspection is enabled -
+even when neither `requiredRoles` nor `requiredPermissions` is configured. 
Previously the token was only verified
+when at least one role or permission was required.
+
+Routes that attach a `KeycloakSecurityPolicy` without any roles or permissions 
and that previously forwarded an
+unverified or invalid token will now have such requests rejected with a 
`CamelAuthorizationException`. Provide a
+valid, verifiable token (or configure `requiredRoles` / `requiredPermissions`) 
for these routes.
+
 === camel-core
 
 The `org.apache.camel.support.DefaultHeaderFilterStrategy` changed default 
setting for lowercase from `false` to `true`.

Reply via email to