Release notes 3.x

3.18.0

Features

• Added support to use externally generated person identifier as internal one.
• Added possibility to enable email verification notifications when sign-up is triggered via persons API.

Bug fixes

• Step-Up will be triggered in case person account is created with JIT sign-up functionality and used IDP has lower authentication level than requested by the Service Provider.
• User is being redirect back to service provider when cancelling step-up during a SAML login.

3.17.0

Features

• Added support for custom SAML Authentication Contexts which allows to log in with predefined social identity provider (more info).
• Captcha configuration has been moved to administration panel (more info).
• Added possibility to disable captcha.
• Added possibility to enable welcome email notifications when sign-up is triggered via persons API.

3.16.2

Bug fixes

• Fixed attribute validation in Jit-signup

3.16.0

Features

• Added possibility to enable/disable email notifications via admin panel
• Facebook graph API updated to version 2.9

Bug fixes

• Fixed possible NPE in kerberos configuration when IDP_KERBEROS_SERVER_KEYTAB_PATH variable not set

3.15.0

Features

• Extension can discover device type and serve appropriate messages for for mobiles and tablets

Bug fixes

• Fixed Persistable Properties functionality when IDP is started within Docker
• Fixed Kerberos Authentication when IDP is started within Docker

3.14.0

Features

• Just-in-time migration extended by filling user's profile with LDAP mobile phone number (more info).

3.13.1

Bug fixes

• AD user attribute will be used instead of personId when communicating with Token Server

3.13.0

Features

• Added support for Microsoft SQL Server database
• Added just-in-time sign-up feature which can be used to perform automatic sign-up when logging in with LDAP identity provider
• Added Mobile-login functionality
• Removed exclusive login page for Logging in with identity provider of LDAP type, it is done using standard (Username and Password) login form

Bug fixes

• LDAP authentication possible by providing query like specified in documentation.

3.12.0

Features

• LDAP account attributes are returned with SAML login response

Bug fixes

• Fixed showing message box in the dashboard

Since this version the component versioning scheme does not contain leading zeros in the version numbers

3.11.00

Features

• Remote cache provider changed to Redis
• Added possibility to define multiple LDAP identity providers with configuration provided via admin panel

Bug fixes

• Fixed cache replication

3.10.01

Features

• Added possibility to map SAML attributes name on Organisation and Service Provider level (more information in documentation
• IDP will validate the SDK API version and log appropriate error in case of mismatch

Bug fixes

• Fixed NPE in statistics module when IDP is started within a docker container and the DB is empty

3.09.00

• Enhanced Client Proxy SAML (ECP) flow support added to IDP

3.08.00

Features

• Person API extended by new api for coupling account with external idp (more info in person api documentation)

3.07.00

Compatibility

• Compatiblity with idp-extension-sdk v3 dropped, please use v4. More information available in idp-extension-sdk documentation

Bug fixes

• Fixed Infinispan cache replication

3.06.00

Features

• Added support for authentication over Kerberos protocol
• Added persistable properties functionality

Bug fixes

• Corrected a bug where email_address request parameter was ignored unless include_fileds was provided in search API call

3.05.00

Features

• Introduced additional parameters for person search api (last_modified and include_fields). Please read person search api documentation for more details.
• Introduced api to create and automatically signup of users
• Introduced api to set user password without current on verification

3.04.02

Bug fixes

• SAML Artifact Binding wrong protocol error fixed by introducing additional properties (more in upgrade instructions).

3.04.01

Bug fixes

• SAML Single Logout error fixed when custom subject name id is used.

3.04.00

Features

• Added support for LDAP authentication (more on properties page).
• SAML artifacts replication enabled after introducting infinispan replicated cache (more information available at properties section and jgroups page for more information).
• SAML Artifact Resolution Service is served on port together with API
• SAML Subject Name value configurable via admin panel

3.03.00

Features

• Added support for SAML Artifact Bindings

Bug fixes

• Read X-Forwarded-[Proto, Host, Port] headers on each redirect
• Properties name format fixed (more in upgrade instructions)

3.02.00

Features

• Switch from xml to env properties configuration
• Introduce an option to configure HTTP-headers for responses
• Password reset pages template reworked

3.02.01

Bug fixes

• Fix missing custom headers in some responses

3.01.00

Features

• Optional SAML Authentication
• Previous successful authentication attempt time returned in SAML attributes
• Introduce headless integration tests driver PhantomJs

3.00.00

Features

• Overlays support removed
• Added cleaning crone scheduler tasks on application shutdown
• Automate documentation publishing
• Number of dependencies updated
• Login page template reworked

Bug fixes

• Fixed email validation to include external services
• Fixed unable to modify custom messages defined only in extension in administration panel