19240: Add upgrade note.

author Tom Clegg <tom@curii.com>

Fri, 4 Nov 2022 19:06:20 +0000 (15:06 -0400)

committer Tom Clegg <tom@curii.com>

Fri, 4 Nov 2022 19:06:20 +0000 (15:06 -0400)
author Tom Clegg <tom@curii.com>
Fri, 4 Nov 2022 19:06:20 +0000 (15:06 -0400)
committer Tom Clegg <tom@curii.com>
Fri, 4 Nov 2022 19:06:20 +0000 (15:06 -0400)
diff --git a/doc/admin/upgrading.html.textile.liquid b/doc/admin/upgrading.html.textile.liquid

index 5fbbda2aef1ac171eb1d743327be2ef33c7561c4..984b15aa9a60c2e1d0a30aafa57c4a8a318b6f77 100644 (file)
--- a/doc/admin/upgrading.html.textile.liquid
+++ b/doc/admin/upgrading.html.textile.liquid
@@ -33,6 +33,10 @@ h2(#main). development main (as of 2022-10-31)
  
  "previous: Upgrading to 2.4.3":#v2_4_3
  
+h3. Google or OpenID Connect login restricted to trusted clients
+
+If you use OpenID Connect or Google login, and your users log in from a web application other than the Workbench1 and Workbench2 @ExternalURL@ addresses in your configuration file, the additional URL(s) must be listed explicitly in @Login.TrustedClients@, otherwise login will fail. Previously, login would succeed with a less-privileged token.
+
  h3. New keepstore S3 driver enabled by default
  
  A more actively maintained S3 client library is now enabled by default for keeepstore services. The previous driver is still available for use in case of unknown issues. To use the old driver, set @DriverParameters.UseAWSS3v2Driver@ to @false@ on the appropriate @Volumes@ config entries.
author	Tom Clegg <tom@curii.com>
	Fri, 4 Nov 2022 19:06:20 +0000 (15:06 -0400)
committer	Tom Clegg <tom@curii.com>
	Fri, 4 Nov 2022 19:06:20 +0000 (15:06 -0400)