libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-4975 Use authenticationSession binding name in ScriptBasedAuthenticator

Browse source
This commit is contained in:
mposolda 2017-05-30 08:04:38 +02:00
parent b5801e9a6c
commit 7dd30a2cfa
2 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
server_admin/topics/MigrationFromOlderVersions.adoc
View file

@ -227,8 +227,8 @@ You need to explicitly add `scope=openid` parameter to have ID Token included.
===== Authentication sessions and Action tokens
We are working on support for multiple datacenters. As the initial step, we introduced authentication session and action tokens.
Authentication session replaces Client session, which was used in previous versions. Action tokens are used especially for the scenarios, where the authenticator or requiredActionProvider
requires sending email to the user and requires user to click on the link in email.
Authentication session replaces Client session, which was used in previous versions. Action tokens are currently used especially for the scenarios, where
the authenticator or requiredActionProvider requires sending email to the user and requires user to click on the link in email.
Here are concrete changes related to this, which may affect you for the migration.
@ -244,6 +244,8 @@ The route is added to the new `AUTH_SESSION_ID` cookie. More info in the cluster
Another change is, that `token.getClientSession()` was removed. This may affect you for example if you're using Client Initiated Identity Broker Linking feature.
The `ScriptBasedAuthenticator` changed the binding name from `clientSession` to `authenticationSession`, so you would need to update your scripts if you're using this authenticator.
Finally we added some new timeouts to the admin console. This allows you for example to specify different timeouts for the email actions triggered by admin and by user himself.
==== Migrating to 2.5.1

2
server_admin/topics/authentication/flows.adoc
View file

@ -68,6 +68,8 @@ The following script `javax.script.Bindings` are available for convenient use wi
the current `UserModel`
`session`::
the active `KeycloakSession`
`authenticationSession`::
the current `AuthenticationSessionModel`
`httpRequest`::
the current `org.jboss.resteasy.spi.HttpRequest`
`LOG`::