libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Merge pull request #31 from ssilvert/threat-model-chapter

Browse source 
Minor changes for threat model chapter.
This commit is contained in:
Stian Thorgersen 2016-06-10 09:44:13 +02:00 committed by GitHub
commit 1ae64e1f86
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
topics/threat/ssl.adoc
View file

@ -8,7 +8,7 @@ Once they have an access token they can do any operation that the token has been
{{book.project.name}} has <<fake/../../realms/ssl.adoc#_ssl_modes,three modes for SSL/HTTPS>>.
SSL can be hard to set up, so out of the box, {{book.project.name}} allows non-HTTPS communication over private IP addresses like
localhost, 192.168.x.x, and other private IP addresses.
localhost and 192.168.x.x.
In production, you should make sure SSL is enabled and required across the board.
On the adapter/client side, {{book.project.name}} allows you to turn off the SSL trust manager.