docs

2016-01-28 23:28:11 -05:00 · 2016-01-28 23:28:11 -05:00 · 34095ef522
commit 34095ef522
parent a068d83dd8
5 changed files with 48 additions and 0 deletions
--- a/docbook/auth-server-docs/reference/en/en-US/modules/MigrationFromOlderVersions.xml
+++ b/docbook/auth-server-docs/reference/en/en-US/modules/MigrationFromOlderVersions.xml
@ -112,6 +112,14 @@
                    check adapter config switches.
                </para>
            </simplesect>
+            <simplesect>
+                <title>SAML SP Client Adapter Changes</title>
+                <para>
+                    Keycloak SAML SP Client Adapter now requires a specific endpoint, <literal>/saml</literal> to be
+                    registered with your IDP.
+                </para>
+            </simplesect>
+
        </section>
        <section>
            <title>Migrating to 1.8.0</title>
--- a/docbook/saml-adapter-docs/reference/en/en-US/master.xml
+++ b/docbook/saml-adapter-docs/reference/en/en-US/master.xml
@ -12,6 +12,8 @@
                <!ENTITY Logout SYSTEM "modules/logout.xml">
                <!ENTITY ErrorHandling SYSTEM "modules/adapter_error_handling.xml">
                <!ENTITY DEBUGGING SYSTEM "modules/debugging.xml">
+                <!ENTITY Migrating SYSTEM "modules/MigrationFromOlderVersions.xml">
+                <!ENTITY IDP_REG SYSTEM "modules/idp-registration.xml">
                ]>

 <book>
@ -51,10 +53,12 @@ This one is short
    &Jetty9Adapter;
    &Jetty8Adapter;
    &FilterAdapter;
+    &IDP_REG;
    &Logout;
    &Assertions;
    &ErrorHandling;
    &DEBUGGING;
+    &Migrating;



--- a/docbook/saml-adapter-docs/reference/en/en-US/modules/MigrationFromOlderVersions.xml
+++ b/docbook/saml-adapter-docs/reference/en/en-US/modules/MigrationFromOlderVersions.xml
@ -0,0 +1,21 @@
+<chapter id="Migration_from_older_versions">
+    <title>Migration from older versions</title>
+
+    <section>
+        <title>Version specific migration</title>
+        <section>
+            <title>Migrating to 1.9.0</title>
+            <simplesect>
+                <title>SAML SP Client Adapter Changes</title>
+                <para>
+                    Keycloak SAML SP Client Adapter now requires a specific endpoint, <literal>/saml</literal> to be
+                    registered with your IDP.  The SamlFilter must also be bound to /saml in addition to any other binding it has.
+                    This had to be done because SAML POST binding would eat the request input stream and this would be really
+                    bad for clients that relied on it.
+                </para>
+            </simplesect>
+
+        </section>
+
+    </section>
+</chapter>
--- a/docbook/saml-adapter-docs/reference/en/en-US/modules/idp-registration.xml
+++ b/docbook/saml-adapter-docs/reference/en/en-US/modules/idp-registration.xml
@ -0,0 +1,7 @@
+<chapter id="idp-reg">
+    <title>Registering with an IDP</title>
+    <para>
+        For each servlet based adapter, the endpoint you register for the assert consumer service url and and single logout service
+        must be the base url of your servlet application with <literal>/saml</literal> appended to it i.e. https://example.com/contextPath/saml
+    </para>
+</chapter>
--- a/docbook/saml-adapter-docs/reference/en/en-US/modules/servlet-filter-adapter.xml
+++ b/docbook/saml-adapter-docs/reference/en/en-US/modules/servlet-filter-adapter.xml
@ -42,6 +42,14 @@
        The Keycloak filter has the same configuration parameters available as the other adapters except you must define
        them as filter init params instead of context params.
    </para>
+    <para>
+        You can define multiple filter mappings if you have various different secure and unsecure url patterns.
+    </para>
+    <warning>
+        <para>
+            You must have a filter mapping for <literal>/saml</literal>
+        </para>
+    </warning>
    <para>
        To use this filter, include this maven artifact in your WAR poms
    </para>