-
Task
-
Resolution: Done
-
Neutral
-
3.0.0
-
None
-
-
Empty show more show less
-
Empty show more show less
-
Yes
-
AdminX 10, AdminX 11
-
8
- dropped ?client_name in redirect URI
- provides a FixedRoleAuthorizationGenerator to add static group/role mappings regardless of what IDP returns.
Additional input:
Question/rubber-ducking about MP config & SSO 1.3/2.0: config changes slightly with authorizationGenerators configured first while groupMappings move below one specific impl (configured via typical 2bean / class-property ways), see the README for an example. MP config doesn't use 2bean or type-mapping facilities, or does it?
Here's how I can imagine rebasing, without requiring arbitrary class instantiation:
- We never need multiple authGenerator instances of the same type (both mappings and fixed-roles/groups can always be added to the same piece of config)
- Generators would rather be registered in SPI ways and let themselves be configured via MP config, e.g.
magnolia.sso.authorizationGenerators.fixed.roles=superuser magnolia.sso.authorizationGenerators.groups.mappings[0].roles=marketing ...
- Therefore still suitable for java extensibility (must-have to merge back to the main branch), without having to allow arbitrary class mappings
Acceptance criteria
- is duplicated by
-
MGNLSSO-91 Bump up master to 3.0, adapt all 1.2-cloud changes up on 2.0.2 and merge
- Closed
- relates to
-
MGNLSSO-132 Enhance multiple clients configuration and support configurable authenticator for direct client
- Closed
1.
|
Merge release/2.0 and master | Completed | Evzen Fochr | |
2.
|
Update Saas configuration to align with merge changes | Closed | Evzen Fochr | |
3.
|
QA | Completed | Nguyen Phung Chi | |
4.
|
Rw changes after merge | Completed | Nguyen Phung Chi | |
5.
|
Update sso 3.0 documentation according to config changes done in read.me file | Completed | Alex Mansell |