Merge pull request #3131 from pda/hmac-not-encryption

sso_secret: cryptographically authenticate, not encrypt.
This commit is contained in:
Jeff Atwood 2015-01-26 14:28:55 -08:00
commit 246c376f48

View file

@ -792,7 +792,7 @@ en:
enable_sso: "Enable single sign on via an external site (WARNING: can prevent anyone from logging in if not properly configured when enabled; also disables invites)"
enable_sso_provider: "Implement Discourse SSO protocol at the /session/sso_provider endpoint, requires sso_secret to be set"
sso_url: "URL of single sign on endpoint"
sso_secret: "Secret string used to encrypt/decrypt SSO information, be sure it is 10 chars or longer"
sso_secret: "Secret string used to cryptographically authenticate SSO information, be sure it is 10 characters or longer"
sso_overrides_email: "Overrides local email with external site email from SSO payload (WARNING: discrepancies can occur due to normalization of local emails)"
sso_overrides_username: "Overrides local username with external site username from SSO payload (WARNING: discrepancies can occur due to differences in username length/requirements)"
sso_overrides_name: "Overrides local name with external site name from SSO payload (WARNING: discrepancies can occur due to normalization of local names)"