Merge pull request #144 from mposolda/master
KEYCLOAK-4975 Use authenticationSession binding name in ScriptBasedAu…
This commit is contained in:
Marek Posolda
GitHub
commit
93389f2516
2 changed files with 6 additions and 2 deletions
|
|
@ -227,8 +227,8 @@ You need to explicitly add `scope=openid` parameter to have ID Token included.
|
||||||
===== Authentication sessions and Action tokens
|
===== Authentication sessions and Action tokens
|
||||||
|
|
||||||
We are working on support for multiple datacenters. As the initial step, we introduced authentication session and action tokens.
|
We are working on support for multiple datacenters. As the initial step, we introduced authentication session and action tokens.
|
||||||
Authentication session replaces Client session, which was used in previous versions. Action tokens are used especially for the scenarios, where the authenticator or requiredActionProvider
|
Authentication session replaces Client session, which was used in previous versions. Action tokens are currently used especially for the scenarios, where
|
||||||
requires sending email to the user and requires user to click on the link in email.
|
the authenticator or requiredActionProvider requires sending email to the user and requires user to click on the link in email.
|
||||||
|
|
||||||
Here are concrete changes related to this, which may affect you for the migration.
|
Here are concrete changes related to this, which may affect you for the migration.
|
||||||
|
|
||||||
|
|
@ -244,6 +244,8 @@ The route is added to the new `AUTH_SESSION_ID` cookie. More info in the cluster
|
||||||
|
|
||||||
Another change is, that `token.getClientSession()` was removed. This may affect you for example if you're using Client Initiated Identity Broker Linking feature.
|
Another change is, that `token.getClientSession()` was removed. This may affect you for example if you're using Client Initiated Identity Broker Linking feature.
|
||||||
|
|
||||||
|
The `ScriptBasedAuthenticator` changed the binding name from `clientSession` to `authenticationSession`, so you would need to update your scripts if you're using this authenticator.
|
||||||
|
|
||||||
Finally we added some new timeouts to the admin console. This allows you for example to specify different timeouts for the email actions triggered by admin and by user himself.
|
Finally we added some new timeouts to the admin console. This allows you for example to specify different timeouts for the email actions triggered by admin and by user himself.
|
||||||
|
|
||||||
==== Migrating to 2.5.1
|
==== Migrating to 2.5.1
|
||||||
|
|
|
||||||
|
|
@ -68,6 +68,8 @@ The following script `javax.script.Bindings` are available for convenient use wi
|
||||||
the current `UserModel`
|
the current `UserModel`
|
||||||
`session`::
|
`session`::
|
||||||
the active `KeycloakSession`
|
the active `KeycloakSession`
|
||||||
|
`authenticationSession`::
|
||||||
|
the current `AuthenticationSessionModel`
|
||||||
`httpRequest`::
|
`httpRequest`::
|
||||||
the current `org.jboss.resteasy.spi.HttpRequest`
|
the current `org.jboss.resteasy.spi.HttpRequest`
|
||||||
`LOG`::
|
`LOG`::
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue