Since the feature development phase for WildFly 19 has now started, we wanted to highlight the security features that we are planning to work on for this release.

Planned Features

• WFLY-12609 Add support for MicroProfile JWT 1.1

Details on what is being planned for this feature can be found here.

• WFCORE-4150 Support automatically adding and updating credentials in a credential store

Instead of needing to first add a credential to a credential store in order to reference it from a credential-reference, WildFly 19 will add the ability to automatically add a credential to a previously defined credential store. Check out this blog post for an introduction to this new feature.

• WFLY-11697 Web Services integration with WildFly Elytron

The WildFly Elytron integration added a new API and configuration file to configure client side security for outgoing calls. This feature request is to increase the integration for web services clients. For an introduction to this new feature, take a look at this blog post.

• WFLY-11868 RESTEasy integration with WildFly Elytron

This feature request looks at integration for RESTEasy clients. More information about this feature can be found here.

• WFCORE-4484 Support SSH authentication for Git persistence

This new feature will make it possible to use SSH authentication via Elytron when using Git to manage and persist your WildFly configuration file. More details are available here.

• WFLY-12661 Make the IP address of a remote EJB client accessible to the developer from within app authentication code

• WFCORE-4172 Add support for TLS 1.3

• WFLY-7232 Add support for Elytron provided SSLContexts in Artemis

• WFCORE-4314 Enhance keystore CLI commands

This feature request looks at allowing users to configure how much output should appear when invoking certain operations on Elytron key-stores.

Feedback

As usual, please keep in mind that this blog post is a summary of our general plans and not a guarantee that each of these features will be merged. However, this blog post does give an indication of our team’s current priorities. If any of these features are a priority for you, please let us know. Please also let us know if there are any security features that are missing that you would like to see prioritized as we can take this kind of feedback into account for future releases.