19240: Mention federation case in upgrade note.

author Tom Clegg <tom@curii.com>

Mon, 7 Nov 2022 15:09:01 +0000 (10:09 -0500)

committer Tom Clegg <tom@curii.com>

Mon, 7 Nov 2022 15:09:01 +0000 (10:09 -0500)
author Tom Clegg <tom@curii.com>
Mon, 7 Nov 2022 15:09:01 +0000 (10:09 -0500)
committer Tom Clegg <tom@curii.com>
Mon, 7 Nov 2022 15:09:01 +0000 (10:09 -0500)
diff --git a/doc/admin/upgrading.html.textile.liquid b/doc/admin/upgrading.html.textile.liquid

index 984b15aa9a60c2e1d0a30aafa57c4a8a318b6f77..5a88ba50d091f96b29c64108279a09e06e8e5259 100644 (file)
--- a/doc/admin/upgrading.html.textile.liquid
+++ b/doc/admin/upgrading.html.textile.liquid
@@ -35,7 +35,7 @@ h2(#main). development main (as of 2022-10-31)
  
  h3. Google or OpenID Connect login restricted to trusted clients
  
-If you use OpenID Connect or Google login, and your users log in from a web application other than the Workbench1 and Workbench2 @ExternalURL@ addresses in your configuration file, the additional URL(s) must be listed explicitly in @Login.TrustedClients@, otherwise login will fail. Previously, login would succeed with a less-privileged token.
+If you use OpenID Connect or Google login, and your cluster serves as the @LoginCluster@ in a federation _or_ your users log in from a web application other than the Workbench1 and Workbench2 @ExternalURL@ addresses in your configuration file, the additional web application URLs (e.g., the other clusters' Workbench addresses) must be listed explicitly in @Login.TrustedClients@, otherwise login will fail. Previously, login would succeed with a less-privileged token.
  
  h3. New keepstore S3 driver enabled by default
author	Tom Clegg <tom@curii.com>
	Mon, 7 Nov 2022 15:09:01 +0000 (10:09 -0500)
committer	Tom Clegg <tom@curii.com>
	Mon, 7 Nov 2022 15:09:01 +0000 (10:09 -0500)