Skip to content

Releases: GluuFederation/docs

Gluu Server Community Edition 3.0.2

13 Jul 17:36
@jschristie jschristie
v3.0.2
78dfdb2
Compare
Choose a tag to compare
Gluu Server Community Edition 3.0.2 Latest
Latest

Notice

This document, also known as the Gluu Release Note, relates to the Gluu Release versioned 3.0.2. The work is licensed under “The MIT License” allowing the use, copy, modify, merge, publish, distribute, sub-license and sale without limitation and liability. This document extends only to the aforementioned release version in the heading.

UNLESS IT HAS BEEN EXPRESSLY AGREED UPON BY ANY WRITTEN AGREEMENT BEFOREHAND, THE WORK/RELEASE IS PROVIDED “AS IS”, WITHOUT ANY WARRANTY OR GUARANTEE OF ANY KIND EXPRESS OR IMPLIED. UNDER NO CIRCUMSTANCE, THE AUTHOR, OR GLUU SHALL BE LIABLE FOR ANY CLAIMS OR DAMAGES CAUSED DIRECTLY OR INDIRECTLY TO ANY PROPERTY OR LIFE WHILE INSTALLING OR USING THE RELEASE.

Overview

Purpose

The document is released with the Version 3.0.2 of the Gluu Software. The purpose of this document is to provide the changes made/new features included in this release of the Gluu Software. The list is not exhaustive and there might be some omission of negligible issues, but the noteworthy features, enhancements and fixes are covered.

Background

The Gluu Server is a free open source identity and access management (IAM) platform. The Gluu Server is a container distribution composed of software written by Gluu and incorporated from other open source projects.

The most common use cases for the Gluu Server include single sign-on (SSO), mobile authentication, API access management, two-factor authentication, customer identity and access management (CIAM) and identity federation.

Documentation

The documentation for Gluu software is available at Gluu Documentation Page. Please visit the link for the complete documentation and administrative guide.

Components included in Gluu Server CE 3.0.2

  • oxAuth, oxTrust,oxCore v3.0.2
  • OpenLDAP v2.4.44-5
  • Shibboleth v3.2.1
  • Asimba forked from v1.3.0 + v1.3.1 snapshot changes (v1.3.1 was never released)
  • Passport v0.3.2
  • Java v1.8.0_112
  • Node.js v6.9.1
  • Jetty-distribution-9.3.15.v20161220
  • Jython v2.7.0

What's new in version 3.0.2

Major bugs have been fixed as below

oxAuth

Added: Default CORS support in web.xml file #523
Added: Client registration allowed with http for localhost #496
Added: UMA RPT audit logs contain client_id and user_id #483
Fixed: CORS filter not processing pre-flight requests #541 #458
Fixed: "X-Frame-Options" header set by Apache prevents opiframe from being used by RP #543
Fixed: Security error thrown using implicit flow when request the userinfo endpoint #529
Fixed: UserInfoRestWebServiceImpl throwing 503 error #518
Fixed: Error message #462
Fixed: Binary tokens are indexed #194
Fixed: UMA resource_set name is mandatory #468
Fixed: Certificate authentication jetty support #481

oxTrust

Added: Central log4j2.xml location #522
Added: TR download metadata file in background #349
Added: Validated id_token acr claim equals specified oxTrust authn method #513
Added: IDP v3 CAS configuration in oxTrust #377
Added: Password reminder action uses wrong condition to enable/disable this functionality #334
Added: Support inetOrgPerson #516
Fixed: Birthday attribute schema does not match format #562
Fixed: SAML metadata fix #561 #529
Fixed: Password reset #552
Fixed: Unable to remove custom script #537
Fixed: UMA resource set GUI corrupts scopes field #484
Fixed: SAML TR add issue #505 #351
Fixed: User entry created via oxTrust lacks "eduPerson" objectclass #499
Changed: Default authentication method names changed #518 #506 #521
Removed: Extra Update Password button #224

Community Edition

Added: Check LDAP passwords and reject invalid shell characters like $ #299
Added: Remove IP address from https config #300
Fixed: Gluu Server 3.0.1 fails to start after VM reboot#274
Fixed: Error in import30.py script #279
Fixed: import30.py is not importing SPs #280
Fixed: Change attribute ldif to better support inetOrgPerson #282
Fixed: OpenLDAP certificates are signed with wrong CN #289
Fixed: 3.0.2 debian 8 services are not starting after reboot#304
Fixed: 3.0.2 Ubuntu 16.04 - all services are not starting after VM reboot #305
Fixed: Gluu Server v3.0.2 not installing in Ubuntu 16.04 #312

Assets 2
Loading

Gluu CE 2.4.4 Service Pack 3

13 Jul 17:41
@zamilskhan zamilskhan
2.4.4-sp3
47afde8
Compare
Choose a tag to compare
Gluu CE 2.4.4 Service Pack 3

Notice

This document, also known as the Gluu Release Note, relates to the Gluu Release versioned 2.4.4-sp3 The work is licensed under “The MIT License” allowing the use, copy, modify, merge, publish, distribute, sub-license and sale without limitation and liability. This document extends only to the aforementioned release version in the heading.

UNLESS IT HAS BEEN EXPRESSLY AGREED UPON BY ANY WRITTEN AGREEMENT BEFOREHAND, THE WORK/RELEASE IS PROVIDED “AS IS”, WITHOUT ANY WARRANTY OR GUARANTEE OF ANY KIND EXPRESS OR IMPLIED. UNDER NO CIRCUMSTANCE, THE AUTHOR, OR GLUU SHALL BE LIABLE FOR ANY CLAIMS OR DAMAGES CAUSED DIRECTLY OR INDIRECTLY TO ANY PROPERTY OR LIFE WHILE INSTALLING OR USING THE RELEASE.

Purpose

The document is released with the Version 2.4.4-sp3 of the Gluu Software. The purpose of this document is to provide the changes made/new features included in this release of the Gluu Software. The list is not exhaustive and there might be some omission of negligible issues, but the noteworthy features, enhancements and fixes are covered.

Background

The Gluu Server is a free open source identity and access management (IAM) platform. The Gluu Server is a container distribution composed of software written by Gluu and incorporated from other open source projects.

The most common use cases for the Gluu Server include single sign-on (SSO), mobile authentication, API access management, two-factor authentication, customer identity and access management (CIAM) and identity federation.

Documentation

The documentation for Gluu software is available at Gluu Documentation Page. Please visit the link for the complete documentation and administrative guide.

What's new in version 2.4.4-sp3

oxTrust

  1. Added: Change IDP order from oxTrust #23
  2. Added: User status drop-down menu in oxTrust
  3. Fixed: System error on creating user from oxTrust #447
  4. Fixed: Null Pointer Exception when Token is empty
  5. Fixed: Unable to remove logout URI property of OIDC client #470

oxAuth

  1. Added: Check if user is a part of audit/duo group sub-entries
  2. Added: Debug token endpoing
  3. Updated: Host validation method to support proxy server
  4. Fixed: WebApplicationException in OIDC register client
  5. Fixed: Validate OIDC client registration script result
  6. Fixed: Hostname not required in token endpoint request #451
  7. Fixed: Remove old trace method which led to error during authentication with mail
  8. Fixed: Persist client authorization throws null pointer exception #442

Others

  1. Community Edition Setup: Added missing indexes
  2. Community Edition Setup: Fixed Asimba IDP - add certificate exception #341
  3. Community Edition Setup: Updated authorization script to support a wider range of clients
  4. Gluu-Asimba: Updated to new version
  5. Gluu-Asimba: Updated LDAP IDP Entries
Assets 2
Loading

Gluu Server Community Edition 3.0.1

14 Jul 07:26
@jschristie jschristie
v3.0.1
543c02a
Compare
Choose a tag to compare
Gluu Server Community Edition 3.0.1

Notice

This document, also known as the Gluu Release Note, relates to the Gluu Release versioned 3.0.1. The work is licensed under “The MIT License” allowing the use, copy, modify, merge, publish, distribute, sub-license and sale without limitation and liability. This document extends only to the aforementioned release version in the heading.

UNLESS IT HAS BEEN EXPRESSLY AGREED UPON BY ANY WRITTEN AGREEMENT BEFOREHAND, THE WORK/RELEASE IS PROVIDED “AS IS”, WITHOUT ANY WARRANTY OR GUARANTEE OF ANY KIND EXPRESS OR IMPLIED. UNDER NO CIRCUMSTANCE, THE AUTHOR, OR GLUU SHALL BE LIABLE FOR ANY CLAIMS OR DAMAGES CAUSED DIRECTLY OR INDIRECTLY TO ANY PROPERTY OR LIFE WHILE INSTALLING OR USING THE RELEASE.

Overview

Purpose

The document is released with the Version 3.0.1 of the Gluu Software. The purpose of this document is to provide the changes made/new features included in this release of the Gluu Software. The list is not exhaustive and there might be some omission of negligible issues, but the noteworthy features, enhancements and fixes are covered.

Background

The Gluu Server is a free open source identity and access management (IAM) platform. The Gluu Server is a container distribution composed of software written by Gluu and incorporated from other open source projects.

The most common use cases for the Gluu Server include single sign-on (SSO), mobile authentication, API access management, two-factor authentication, customer identity and access management (CIAM) and identity federation.

Documentation

Please visit Gluu Documentation Page for the complete documentation and administrative guide.

Components included in Gluu Server CE 3.0.1

  • oxAuth, oxTrust,oxCore v3.0.1
  • OpenLDAP v2.4.44-5
  • Shibboleth v3.2.1
  • Asimba forked from v1.3.0 + v1.3.1 snapshot changes (v1.3.1 was never released)
  • Passport v0.3.2
  • Java v1.8.0_112
  • Node.js v6.9.1
  • Jetty-distribution-9.3.15.v20161220
  • Jython v2.7.0

What's new in version 3.0.1

There are some major changes in Gluu Server Community Edition 3.0.1 from replacing tomcat with jetty to dropping opendj for openldap. The changes are available in the documentation hosted at https://gluu.org/docs/operation/intro.
Please see the specific component release pages for details.

oxAuth

Added: Escape parameter values to prevent XSS attack #459
Added: EndSession endpoint accepts id_token or session_state to end session #439
Added: Support JSON Property for HTTPOnly #412
Added: JSON property to control writing last update time to LDAP #410
Updated: log4j: 2.x from log4j 1.x $416
Updated: Login page #414
Updated: Jquery library updated to 1.12.4 #411
Fixed: NPE in 3.0.0 #347
Fixed: UMA AM validation for oxauth behind proxy #472
Fixed: oxLastLoginTime fail : print also exception
Fixed: High load performance fixed #461 #463 #438 #408 #400 #399 #384
Fixed: Failed to register client with custom attribute "oxAuthTrustedClient" #476
Fixed: U2F Authentication #455
Fixed: hostname required to match in request to token_endpoint #451
Fixed: Login page footer message #449
Fixed: metricService doesn't persist statistics to LDAP #448
Fixed: DUO script fail #444
Fixed: Persist authorizations throws NPE #442
Fixed: Setting Pre-Auth true should not allow anything writter under ou=clientAuthorizations #441
Fixed: Persist Authorization not functioning #440
Fixed: Any primaryKey except UID does not function #436
Fixed: Token Introspection fixes #433 #432
Fixed: Pairwise identifier shows inum in id_token and Userinfo #430
Fixed: Replaced activemq-all jar with required libraries #425
Fixed: SCIM-Client fails to authenticate with UMA #402
Fixed: Attribute values stored as UTF-8 string #387
Fixed: default_acr_value is not used in authentication process #383
Fixed: Authenticator should not add default message if count of messages >0 #379
Fixed: Show error page with timestamp on oxauth error #377
Fixed: SCIM with certain values causes Server Error 500 #372
Fixed: auth_level_mapping discovery has double array #366

oxTrust

Added: Toggle persist authorization to false when pre-authorization = true #444
Added: Logging updated to log4j 2.x #434
Added: JQuery Library updated to 1.12.4 #421
Added: OpenID Scope search uses ldap name for attribute #419
Added: oxTrust UMA properties renamed #407
Added: Creation and update stamp for users in LDAP #406
Added: Display Name used to identify users in oxTrust #398
Removed: White Pages tab and option #423
Removed: Password from TR attribute list #466
Removed: SAML 1 and ShibbolethSSO #465
Fixed: Duplicate message for menu update #375
Fixed: SAML submenu not appearing #391
Fixed: Cache Refresh not functioning #396
Fixed: OpenID Manual Client Registration validation update #410
Fixed: Unable to delete Trust Relationship #418 #416
Fixed: Login redirect URI broken #422
Fixed: Aesthetic updates in oxTrust UI #425 #417
Fixed: Unable to add users via oxTrust UI #427
Fixed: Unable to create Trust Relationship with metadata file #428 #416 #19
Fixed: Long value of Username causes interface to break #430
Fixed: Email format validation in user update tab #432
Fixed: Passport from strategy not mandatory #433
Fixed: Configure Relying Party not functioning #436 #405
Fixed: Failed to update default authentication mechanism #437
Fixed: Passport authentication appearing in default authentication tab #438
Fixed: OpenIDC client removal non-functional #439
Fixed: OpenIDC client secret disappears when response_type is added #440
Fixed: Passport from broken #441
Fixed: Changes in Configure Relying Party not saved #446
Fixed: Error adding group in oxTurst #448
Fixed: Attribute from missing from SAML URI values #452
Fixed: Cache Refresh page errors #453 [#413](https://github.com/GluuFederatio...

Read more
Assets 2
Loading