Proper documentation on in-memory SSO
We should make clear that the in-memory SSO mode is only to be used for development or test settings.
The following discussion from !1 (merged) should be addressed:
-
@otto started a discussion: (+2 comments) a public getPassword function sounds scary...
In addition to this, maybe check spring profile and error if profile is not e.g. 'dev' when using in memory user provider
Edited by Ruben Backx