Skip to content

Gluu Server Community Edition 3.0.1

Compare
Choose a tag to compare
@jschristie jschristie released this 14 Jul 07:26
· 225 commits to master since this release

Notice

This document, also known as the Gluu Release Note, relates to the Gluu Release versioned 3.0.1. The work is licensed under “The MIT License” allowing the use, copy, modify, merge, publish, distribute, sub-license and sale without limitation and liability. This document extends only to the aforementioned release version in the heading.

UNLESS IT HAS BEEN EXPRESSLY AGREED UPON BY ANY WRITTEN AGREEMENT BEFOREHAND, THE WORK/RELEASE IS PROVIDED “AS IS”, WITHOUT ANY WARRANTY OR GUARANTEE OF ANY KIND EXPRESS OR IMPLIED. UNDER NO CIRCUMSTANCE, THE AUTHOR, OR GLUU SHALL BE LIABLE FOR ANY CLAIMS OR DAMAGES CAUSED DIRECTLY OR INDIRECTLY TO ANY PROPERTY OR LIFE WHILE INSTALLING OR USING THE RELEASE.

Overview

Purpose

The document is released with the Version 3.0.1 of the Gluu Software. The purpose of this document is to provide the changes made/new features included in this release of the Gluu Software. The list is not exhaustive and there might be some omission of negligible issues, but the noteworthy features, enhancements and fixes are covered.

Background

The Gluu Server is a free open source identity and access management (IAM) platform. The Gluu Server is a container distribution composed of software written by Gluu and incorporated from other open source projects.

The most common use cases for the Gluu Server include single sign-on (SSO), mobile authentication, API access management, two-factor authentication, customer identity and access management (CIAM) and identity federation.

Documentation

Please visit Gluu Documentation Page for the complete documentation and administrative guide.

Components included in Gluu Server CE 3.0.1

  • oxAuth, oxTrust,oxCore v3.0.1
  • OpenLDAP v2.4.44-5
  • Shibboleth v3.2.1
  • Asimba forked from v1.3.0 + v1.3.1 snapshot changes (v1.3.1 was never released)
  • Passport v0.3.2
  • Java v1.8.0_112
  • Node.js v6.9.1
  • Jetty-distribution-9.3.15.v20161220
  • Jython v2.7.0

What's new in version 3.0.1

There are some major changes in Gluu Server Community Edition 3.0.1 from replacing tomcat with jetty to dropping opendj for openldap. The changes are available in the documentation hosted at https://gluu.org/docs/operation/intro.
Please see the specific component release pages for details.

oxAuth

Added: Escape parameter values to prevent XSS attack #459
Added: EndSession endpoint accepts id_token or session_state to end session #439
Added: Support JSON Property for HTTPOnly #412
Added: JSON property to control writing last update time to LDAP #410
Updated: log4j: 2.x from log4j 1.x $416
Updated: Login page #414
Updated: Jquery library updated to 1.12.4 #411
Fixed: NPE in 3.0.0 #347
Fixed: UMA AM validation for oxauth behind proxy #472
Fixed: oxLastLoginTime fail : print also exception
Fixed: High load performance fixed #461 #463 #438 #408 #400 #399 #384
Fixed: Failed to register client with custom attribute "oxAuthTrustedClient" #476
Fixed: U2F Authentication #455
Fixed: hostname required to match in request to token_endpoint #451
Fixed: Login page footer message #449
Fixed: metricService doesn't persist statistics to LDAP #448
Fixed: DUO script fail #444
Fixed: Persist authorizations throws NPE #442
Fixed: Setting Pre-Auth true should not allow anything writter under ou=clientAuthorizations #441
Fixed: Persist Authorization not functioning #440
Fixed: Any primaryKey except UID does not function #436
Fixed: Token Introspection fixes #433 #432
Fixed: Pairwise identifier shows inum in id_token and Userinfo #430
Fixed: Replaced activemq-all jar with required libraries #425
Fixed: SCIM-Client fails to authenticate with UMA #402
Fixed: Attribute values stored as UTF-8 string #387
Fixed: default_acr_value is not used in authentication process #383
Fixed: Authenticator should not add default message if count of messages >0 #379
Fixed: Show error page with timestamp on oxauth error #377
Fixed: SCIM with certain values causes Server Error 500 #372
Fixed: auth_level_mapping discovery has double array #366

oxTrust

Added: Toggle persist authorization to false when pre-authorization = true #444
Added: Logging updated to log4j 2.x #434
Added: JQuery Library updated to 1.12.4 #421
Added: OpenID Scope search uses ldap name for attribute #419
Added: oxTrust UMA properties renamed #407
Added: Creation and update stamp for users in LDAP #406
Added: Display Name used to identify users in oxTrust #398
Removed: White Pages tab and option #423
Removed: Password from TR attribute list #466
Removed: SAML 1 and ShibbolethSSO #465
Fixed: Duplicate message for menu update #375
Fixed: SAML submenu not appearing #391
Fixed: Cache Refresh not functioning #396
Fixed: OpenID Manual Client Registration validation update #410
Fixed: Unable to delete Trust Relationship #418 #416
Fixed: Login redirect URI broken #422
Fixed: Aesthetic updates in oxTrust UI #425 #417
Fixed: Unable to add users via oxTrust UI #427
Fixed: Unable to create Trust Relationship with metadata file #428 #416 #19
Fixed: Long value of Username causes interface to break #430
Fixed: Email format validation in user update tab #432
Fixed: Passport from strategy not mandatory #433
Fixed: Configure Relying Party not functioning #436 #405
Fixed: Failed to update default authentication mechanism #437
Fixed: Passport authentication appearing in default authentication tab #438
Fixed: OpenIDC client removal non-functional #439
Fixed: OpenIDC client secret disappears when response_type is added #440
Fixed: Passport from broken #441
Fixed: Changes in Configure Relying Party not saved #446
Fixed: Error adding group in oxTurst #448
Fixed: Attribute from missing from SAML URI values #452
Fixed: Cache Refresh page errors #453 #413
Fixed: applianceStatus Page throws error #454
Fixed: SP Metadata File link non-functional #455 #429
Fixed: Certificate mis-named #456
Fixed: Trust Relationship search in oxTrust UI non-functional #457
Fixed: Failed to update user via oxTrust UI #459
Fixed: Cache Refresh link not functional #460
Fixed: Exception handling on passport authentication field #462
Fixed: Created User password does not work #468
Fixed: User Registration page redirects to home #471
Fixed: Don't display list of claims in OpenID dynamic scope creation #472
Fixed: User Registration throws error #478
Fixed: Removed Add Resource button from UMA #480
Fixed: Federation SP list not loading #488

Community Edition Setup

Updated: o=site uses different filesystem folder #261
Updated: Jetty - Basic Hardening #251
Updated: oxAuth default configuration #246
Fixed: LDAP running as root #262
Fixed: Setup script in CentOS 6.x #260
Fixed: OpenDJ schema #259
Fixed: Incorrect syntax of DN attributes #258
Fixed: Update dynamic scope scripts to conform new references to script #257
Fixed: Restart command not working in Ubuntu 14.04 #256
Fixed: CAS service fails to start in Ubuntu 14.04 #253
Fixed: Hide CAS installation by default #252
Fixed: baseDN o=gluu not readable #243
Fixed: Uninstall in Ubuntu 14.04 #237
Fixed: Gluu OpenLDAP schema #234
Fixed: OpenLDAP should listen on localhost only #236
Fixed: Remove unnecessary dependency of /etc/hostname from setup.py #281
Fixed: Rendering idp3 templates under some python builds #269
Fixed: Warning at lastest CE install #235
Fixed: Include Twilio SMS script into CE #223