Merge pull request #310 from pedroigor/RHSSO-1225

[RHSSO-1225] - Informing deprecation of UMA 1.0
This commit is contained in:
Matthew Helmke 2018-01-30 13:44:41 -06:00 committed by GitHub
commit 1cfb44cd29
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 25 additions and 0 deletions

View file

@ -3,6 +3,7 @@
:tech_feature_name: Authorization Services
include::templates/techpreview.adoc[]
include::templates/authz-service-deprecated-features.adoc[]
{project_name} supports fine-grained authorization policies and is able to combine different access control
mechanisms such as:

View file

@ -0,0 +1,24 @@
ifeval::[{project_product}==true]
[WARNING]
====
In future releases we will update our User-Managed Access(UMA) implementation to conform
to the latest version of the UMA specification, version 2.0.
Due to differences between versions 1.0 (currently supported) and 2.0 of UMA, we are deprecating specific functionalities,
in order to keep compliance with the new version. Here is a list of deprecated features:
* *Entitlement API*
This REST API will be removed in future releases in favor of a more OAuth2 based way to obtain permissions from the server using a specific grant type. This grant type
is based on UMA 2.0 with extensions to make it work without permission tickets. This will have the same behavior as the Entitlement API.
* *Authorization API*
This REST API was removed by UMA working group in version 2.0. As a consequence, we will be removing it too. It will
be replaced by a specific OAuth2 grant type, as defined by UMA 2.0 specification.
Other related changes will occur with the Policy Enforcer, Authorization Client Java API and configuration. Changes to these are minimal, specially regarding policy enforcer configuration.
We'll be updating docs accordingly, specially on how to migrate to the new version.
====
endif::[]