Specification for "login.aliasEntitiesEnabled" Setting #899
Conversation
|
We have created an issue in Pivotal Tracker to manage this: https://www.pivotaltracker.com/story/show/187727238 The labels on this github issue will be updated when the story is started. |
…s-uaa.yml and deprecated-properties-still-work-uaa.yml
There was a problem hiding this comment.
So far only a minor comment.
Missing to me: We should have a document similar to
https://github.com/cloudfoundry/uaa/blob/develop/docs/UAA-Rate-Limiting.md
Which describes
- the current state ( experimental , produtive usage, etc)
- bootstraping
- and maybe a section, why we add this feature with alias
jobs/uaa/spec
Outdated
| @@ -438,6 +438,16 @@ properties: | |||
| description: "This value can be set to the origin key of an identity provider. If set, the user will be directed to this identity provider automatically if no other identity provider is discovered or selected via login_hint. When not set, legacy chained authentication (where uaa is attempted first followed by ldap) is used." | |||
| example: uaa | |||
| default: null | |||
| login.aliasEntitiesEnabled: | |||
| description: | | |||
| Enable the creation, update and deletion of aliases for identity providers and users. The alias feature allows | |||
There was a problem hiding this comment.
Enable the creation, update and deletion for identity providers and users, which have alias configured.
There was a problem hiding this comment.
fixed with commit 684312b
jobs/uaa/spec
Outdated
| its alias reference each other through the properties "aliasId" (ID of the alias) and "aliasZid" (ID of the zone | ||
| containing the alias). Please note that existing entities with an alias will not be removed when deactivating the | ||
| flag. Instead, the creation of new aliases and the update and deletion of entities with an existing alias is | ||
| prohibited. |
There was a problem hiding this comment.
@adrianhoelzl-sap I propose some smaller adaptions:
Enable the creation, update and deletion of identity providers and users with an alias. The alias feature enables
the synchronization of an identity provider or user entity between a custom identity zone and the "uaa" zone (its
"alias"). By this, the entity can be managed in an isolated custom identity zone while still being
effective for other components that only operate on the "uaa" zone, e.g. the CF Cloud Controller. An entity and
its alias reference each other through the properties "aliasId" (ID of the alias) and "aliasZid" (ID of the zone
containing the alias). Note that existing entities with an alias will not be removed when deactivating the
flag. Instead, the creation, update and deletion of identity providers and users with an alias is prohibited.
Apart from this the PR looks fine :)
There was a problem hiding this comment.
fixed with commit 10d6788
No description provided.