Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Security component documentation for v4 #326

Merged
merged 6 commits into from
Jun 26, 2024
Merged

Update Security component documentation for v4 #326

merged 6 commits into from
Jun 26, 2024

Conversation

TimHess
Copy link
Member

@TimHess TimHess commented Jun 21, 2024

also resolves #11 and resolves #52

@TimHess TimHess added this to the 4.0.0 milestone Jun 21, 2024
@TimHess TimHess added the 4.x label Jun 21, 2024
@TimHess TimHess self-assigned this Jun 21, 2024
This was linked to issues Jun 21, 2024
Security configuration is lacking detail on local setup #11
Closed
Rework SSO Section(s) #52
Closed
@github-actions GitHub Actions
Copy link

Preview link: https://docs-steeltoe-pr-326.azurewebsites.net

  • Your changes have been deployed to the preview site. The preview site will update as you add more commits to this branch.
  • The preview link is shareable, but will be deleted when the pull request is merged or closed.

This is an automated message.

@TimHess TimHess marked this pull request as ready for review June 24, 2024 14:55
@TimHess TimHess requested a review from bart-vmware June 24, 2024 14:55
bart-vmware
bart-vmware reviewed Jun 25, 2024
View reviewed changes
Copy link
Member

@bart-vmware bart-vmware left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, to the point, and well explained.

Overall looks good, I've provided feedback on minor details.

@bart-vmware
Copy link
Member

Regarding certificates, do we need to mention it only works with https, if that's the case?
Should we note anything about using HTTP/2 and/or v3 (QUIC)?

@TimHess
Copy link
Member Author

TimHess commented Jun 25, 2024

Regarding certificates, do we need to mention it only works with https, if that's the case? Should we note anything about using HTTP/2 and/or v3 (QUIC)?

The https restriction is Microsoft's, as is support for HTTP 2 and 3. Our sample still works if configured for http2-only or http3-only. While I don't expect Microsoft to remove the https restriction, since these items are not in our control (and CertificateAuthentication is a pre-requisite to Steeltoe's Authorization package), I did not think it was necessary mention them here.

@TimHess TimHess requested a review from bart-vmware June 25, 2024 21:12
bart-vmware
bart-vmware reviewed Jun 26, 2024
View reviewed changes
bart-vmware
bart-vmware reviewed Jun 26, 2024
View reviewed changes
Copy link
Member

@bart-vmware bart-vmware left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See feedback.

@TimHess TimHess requested a review from bart-vmware June 26, 2024 13:30
@TimHess TimHess merged commit 0436c30 into v4 Jun 26, 2024
5 checks passed
@TimHess TimHess deleted the app-security-updates branch June 26, 2024 14:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bart-vmware bart-vmware bart-vmware approved these changes

Assignees

@TimHess TimHess

Labels
4.x
Projects
None yet
Milestone
4.0.0
Development

Successfully merging this pull request may close these issues.

Rework SSO Section(s) Security configuration is lacking detail on local setup
2 participants
@TimHess @bart-vmware