From 006a58eb41877a648e476d28c68e9340321a32c3 Mon Sep 17 00:00:00 2001 From: pedroigor Date: Tue, 30 Jan 2018 17:25:41 -0200 Subject: [PATCH] [RHSSO-1225] - Informing deprecation of UMA 1.0 --- .../topics/auth-services-overview.adoc | 1 + .../authz-service-deprecated-features.adoc | 24 +++++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 topics/templates/authz-service-deprecated-features.adoc diff --git a/authorization_services/topics/auth-services-overview.adoc b/authorization_services/topics/auth-services-overview.adoc index bb3a3e3bd0..f61440fb1c 100644 --- a/authorization_services/topics/auth-services-overview.adoc +++ b/authorization_services/topics/auth-services-overview.adoc @@ -3,6 +3,7 @@ :tech_feature_name: Authorization Services include::templates/techpreview.adoc[] +include::templates/authz-service-deprecated-features.adoc[] {project_name} supports fine-grained authorization policies and is able to combine different access control mechanisms such as: diff --git a/topics/templates/authz-service-deprecated-features.adoc b/topics/templates/authz-service-deprecated-features.adoc new file mode 100644 index 0000000000..b1f3ed0997 --- /dev/null +++ b/topics/templates/authz-service-deprecated-features.adoc @@ -0,0 +1,24 @@ +ifeval::[{project_product}==true] +[WARNING] +==== +In future releases we'll be updating User-Managed Access(UMA) implementation to conform +with the latest version of UMA specification, version 2.0. + +Due to differences between versions 1.0 (currently supported) and 2.0 of UMA, we are deprecating specific functionalities +in order to keep compliance with the new version. Here is a list of deprecated features: + +* *Entitlement API* + + This REST API will be removed in future releases in favor of a more OAuth2 based way to obtain permissions from the server using a specific grant type. This grant type + is based on UMA 2.0 with extensions to make it work without permission tickets. Same behavior as Entitlement API. + +* *Authorization API* + + This REST API was removed by UMA working group in version 2.0. As a consequence, we'll be removing it too. It will + be replaced by a specific OAuth2 grant type as defined by UMA 2.0 specification. + +Other changes are related with the Policy Enforcer, Authorization Client Java API and configuration. For these areas in particular changes are minimal, specially regarding policy enforcer configuration. + +We'll be updating docs accordingly, specially on how to migrate to the new version. +==== +endif::[]