v22.06: Added update notices, docs updates, outlined post
This commit is contained in:
parent 42c6cca483
commit 0220c44020
GPG key ID: 46D9F943C24A2EF9
5 changed files with 76 additions and 8 deletions
| | @ -103,7 +103,7 @@ LDAP_THUMBNAIL_ATTRIBUTE=thumbnailPhoto | |||
### LDAP Group Sync | ||||
| ||||
BookStack has the ability to sync LDAP user groups with BookStack roles. By default this will match LDAP group names with the BookStack role display names with casing ignored. | ||||
This can be overridden by via the 'External Authentication IDs' field which can be seen when editing a role while LDAP authentication is enabled. This field can be populated with common names (CNs) of accounts *or* groups. If filled, CNs in this field will be used and the role name will be ignored. You can match on multiple CNs by separating them with a comma. | ||||
This can be overridden by via the 'External Authentication IDs' field which can be seen when editing a role while LDAP authentication is enabled. This field can be populated with common names (CNs) of accounts *or* groups. If filled, CNs in this field will be used and the role name will be ignored. You can match on multiple CNs by separating them with a comma. Commas can be escaped with a backslash (`/,`) if you need to map to a CN using a literal comma character. | ||||
| ||||
When matching LDAP groups with role names or 'External Authentication IDs' values, BookStack will standardise the names of ldap groups to be lower-cased and spaces will be replaced with hyphens. For example, to match a LDAP group named "United Kingdom" an 'External Authentication IDs' value of "united-kingdom" could be used. | ||||
| ||||
| | | |||
| | @ -33,6 +33,12 @@ To set up OIDC based authentication add or modify the following variables in you | |||
# Set OIDC to be the authentication method | ||||
AUTH_METHOD=oidc | ||||
| ||||
# Control if BookStack automatically initiates login via your OIDC system | ||||
# if it's the only authentication method. Prevents the need for the | ||||
# user to click the "Login with x" button on the login page. | ||||
# Setting this to true enables auto-initiation. | ||||
AUTH_AUTO_INITIATE=false | ||||
| ||||
# Set the display name to be shown on the login button. | ||||
# (Login with <name>) | ||||
OIDC_NAME=SSO | ||||
| | | |||
| | @ -17,6 +17,11 @@ To set up SAML 2.0 based authentication add or modify the following variables in | |||
# Set authentication method to be saml2 | ||||
AUTH_METHOD=saml2 | ||||
| ||||
# Control if BookStack automatically initiates login via your SAML system if it's the only authentication method. | ||||
# Prevents the need for the user to click the "Login with x" button on the login page. | ||||
# Setting this to true enables auto-initiation. | ||||
AUTH_AUTO_INITIATE=false | ||||
| ||||
# Set the display name to be shown on the login button. | ||||
# (Login with <name>) | ||||
SAML2_NAME=SSO | ||||
| | @ -118,7 +123,7 @@ SAML2_ONELOGIN_OVERRIDES=<json_format_data> | |||
### SAML Group Sync | ||||
| ||||
BookStack has the ability to sync SAML user groups with BookStack roles. By default this will match SAML group names with the BookStack role display names with casing ignored. | ||||
This can be overridden by via the 'External Authentication IDs' field which can be seen when editing a role while SAML authentication is enabled. If filled, the names in this field will be used and the role display name will be ignored. You can match on multiple names by separating them with a comma. | ||||
This can be overridden by via the 'External Authentication IDs' field which can be seen when editing a role while SAML authentication is enabled. If filled, the names in this field will be used and the role display name will be ignored. You can match on multiple names by separating them with a comma. Commas can be escaped with a backslash (`/,`) if you need to map using a literal comma character. | ||||
| ||||
When matching SAML groups with role names or 'External Authentication IDs' values, BookStack will standardise the names of SAML groups to be lower-cased and spaces will be replaced with hyphens. For example, to match a SAML group named "United Kingdom" an 'External Authentication IDs' value of "united-kingdom" could be used. | ||||
| ||||
| | | |||
| | @ -39,6 +39,10 @@ This is primarily a list of breaking changes & security notices. | |||
Details of updates can be found on [our blog](https://www.bookstackapp.com/blog/) or via | ||||
the [GitHub releases page](https://github.com/BookStackApp/BookStack/releases). | ||||
| ||||
#### Updating to v22.06 or higher | ||||
| ||||
**SAML/LDAP Group Mapping** - Within the "External Authentication Ids" field for a BookStack role, a backslash followed by a comma (`\,`) will now cause the comma to be treated as a literal comma within the mapping name, instead of acting as a value separator to define multiple mappings. | ||||
| ||||
#### Updating to v22.04 or higher | ||||
| ||||
**Database Changes** - This release makes some significant changes to data within the database which may cause the update to take a little longer than usual to run. Please give the update extra time to complete. | ||||
| | | |||
Loading…
Add table
Add a link
Reference in a new issue