Upgrade Instructions 2.x
2.5.0
Configuration API
Due to the bug in UMA 2.4.0 the properties for providing the Configuration API credentials were not in line with the documentation. If you're upgrading from 2.4.0 make sure you are using the correct environment properties:
UMA ver. 2.4.0 | UMA ver. >2.4.0 |
---|---|
ONEGINI_IDP_CCC_IDP_CONFIGURATIONAPI_USERNAME |
ONEGINI_IDP_CCC_IDP_CONFIGURATION_API_USERNAME |
ONEGINI_IDP_CCC_IDP_CONFIGURATIONAPI_PASSWORD |
ONEGINI_IDP_CCC_IDP_CONFIGURATION_API_PASSWORD |
2.4.0
Events API usage
Because of changes in usage of events API, latest UMA requires IDP 6.0.0 (or newer) to work.
Device Management
From this version it is possible to manage devices of a user. Configure the connection to Onegini Token Server to use this functionality.
Spring Boot update
Because of SB update we had to update all properties which were not in kebab-case. ie.
oneginiIdpCcc.idp.protocol=http
oneginiIdpCcc.idp.host=idp-core.dev.onegini.me
oneginiIdpCcc.port=8081
are now:
onegini-idp-ccc.idp.protocol=http
onegini-idp-ccc.idp.host=idp-core.dev.onegini.me
onegini-idp-ccc.idp.port=8081
because of that also environment variables have to be updated from:
- SECURITY_USER_NAME=user
- SECURITY_USER_PASSWORD=password
...
- ONEGINIIDPCCC_IDP_PERSONAPI_USERNAME=api_username
- ONEGINIIDPCCC_IDP_PERSONAPI_PASSWORD=api_password
to:
- SPRING_SECURITY_USER_NAME=user
- SPRING_SECURITY_USER_PASSWORD=password
...
- ONEGINI_IDP_CCC_IDP_PERSON_API_USERNAME=api_username
- ONEGINI_IDP_CCC_IDP_PERSON_API_PASSWORD=api_password
Properties related with security have to be prefixed with "spring", example:
spring.security.user.name=user
spring.security.user.password=password
spring.security.user.roles[0]=USERS_ALL
spring.security.user.roles[1]=AGENTS_READ
spring.security.user.roles[2]=STATISTICS_READ
Property security.enable-csrf
has been renamed to onegini-idp-ccc.enable-csrf
For all the changes please see updates in appropriate section in Configuration documentation.
2.0.0
If you wish to see profile information your extension must provide additional configuration
Those extension points must be implemented
com.onegini.sdk.extension.ccc.ModulesConfigExtension
com.onegini.sdk.extension.ccc.PersonDetailsExtension
com.onegini.sdk.extension.ccc.PersonSearchExtension
In addition, special messages file must be created under
ccc-resources/messages/messages.properties
There is a list of required properties to be passed
ccc.modules.person.defaultSearchKey=urn #default search key for users
#list of possible search keys for users
ccc.modules.person.searchKeys[0].attributeName=naam
ccc.modules.person.searchKeys[0].labelMessageCode=sk_label_message_code_01
ccc.modules.person.searchKeys[1].attributeName=geboortedatum
ccc.modules.person.searchKeys[1].labelMessageCode=sk_label_message_code_11
ccc.modules.person.searchKeys[2].attributeName=urn
ccc.modules.person.searchKeys[2].labelMessageCode=sk_label_message_code_01
ccc.modules.person.searchKeys[3].attributeName=reset_password_date
ccc.modules.person.searchKeys[3].labelMessageCode=sk_label_message_code_11
ccc.modules.person.searchKeys[4].attributeName=agreed_to_terms
ccc.modules.person.searchKeys[4].labelMessageCode=sk_label_message_code_11
#list of possible extended search keys for users
ccc.modules.person.extendedSearchConfig.emailSearch=true
ccc.modules.person.extendedSearchConfig.phoneSearch=true
ccc.modules.person.extendedSearchConfig.customAttributeSearch=true
#list of possible profile attributes from CIM to be displayed and their labels
ccc.modules.person.cim.detailProfileAttributes[0].attributeName=PREFERRED_LOCALE
ccc.modules.person.cim.detailProfileAttributes[1].attributeName=PHONE_NUMBERS
ccc.modules.person.cim.detailProfileAttributes[2].attributeName=ResetPasswordDate
ccc.modules.person.cim.detailProfileAttributes[3].attributeName=EMAIL_ADDRESSES
ccc.modules.person.cim.detailProfileAttributes[4].attributeName=AkkoordMetVoorwaarden
ccc.modules.person.cim.detailProfileAttributes[5].attributeName=DISPLAY_NAME
ccc.modules.person.cim.detailProfileAttributes[6].attributeName=Urn
ccc.modules.person.cim.detailProfileAttributes[7].attributeName=ID
Configuration of SAML authorities has changed
The prefix has been changed from oneginiIdpCcc.saml.
to saml.sp.
. Authorities' names has been renamed to underscore case. The following properties has been renamed:
oneginiIdpCcc.saml.authorities.fullAccessGranted -> saml.sp.fullAccessGranted
oneginiIdpCcc.saml.authorities.attributeName -> saml.sp.attributeName
Please consider the following examples. Old configuration example:
oneginiIdpCcc.saml.authorities.fullAccessGranted=false
oneginiIdpCcc.saml.authorities.attributeName=urn:oid:1.3.6.1.4.1.5923.1.5.1.1
oneginiIdpCcc.saml.authorities.usersAll[0]=CustomerSupport
oneginiIdpCcc.saml.authorities.usersAll[1]=Supervisor
oneginiIdpCcc.saml.authorities.usersAll[2]=SysAdmin
oneginiIdpCcc.saml.authorities.agentsRead[0]=Supervisor
oneginiIdpCcc.saml.authorities.agentsRead[1]=SysAdmin
oneginiIdpCcc.saml.authorities.statisticsRead[0]=SysAdmin
oneginiIdpCcc.saml.idpMetadata.base64
oneginiIdpCcc.saml.idpMetadata.file
Corresponding new configuration example:
saml.sp.fullAccessGranted=false
saml.sp.attributeName=urn:oid:1.3.6.1.4.1.5923.1.5.1.1
saml.sp.authorities.USERS_ALL[0]=CustomerSupport
saml.sp.authorities.USERS_ALL[1]=Supervisor
saml.sp.authorities.USERS_ALL[2]=SysAdmin
saml.sp.authorities.AGENTS_READ[0]=Supervisor
saml.sp.authorities.AGENTS_READ[1]=SysAdmin
saml.sp.authorities.STATISTICS_READ[0]=SysAdmin
saml.sp.idpMetadata.base64
saml.sp.idpMetadata.file