Release notes old versions
- Fixed an encoding issue: URL parameters where in some cases encoded invalid if they contained special characters.
- Allow to configure the max body size for multipart file uploads.
- Added support to set a custom host header in the resource gateway calls.
- Cleaned up documentation.
- Support for disabling token validation per resource gateway.
Note: from this version we removed the leading zeros from our versioning scheme.
- Proxy support for CIM and UMA backends.
- Support for multiple resource servers based on host name.
- Make the call from the Token Validation service towards the Token Server direct.
- Add support for multiple resource gateways to be configured via the environment variables.
- Make X-Forwarded-Host and X-Forwarded-Port optional
- SSL offloading in external load balancer causes redirects to http instead of https
- HTTPS support for request mapper
- Java components not properly booting
- Usage of JAVA_OPTS setting in docker compose file ignored
- Embedded basic resource gateway functionality
- Token validation service
- Hook to map token validation result to resource server request
- Prevent duplicated security headers on Token Server endpoints
- X-Forwarded-for-* headers not set on all proxied requests
- X-Forwarded-Host, X-Forwarded-Proto & X-Forwarded-Port can be disabled.
- Hide X-XSS-Protection, X-Content-Type-Options and X-Frame-Options headers from proxied upstreams because value are explicitly set by security proxy.
- Fix SSL cert/key parsing with confd
- Add provisioner for configuration settings.
- Add Strict Transport Security header on all successful responses via nginx
- Use the GCMParameterSpec to get the IV instead of the default IvParameterSpec
- Add message compression and decompression
- Fixed an issue where the app could get stuck due to invalid client credentials
- Make it possible to configure a certificate chain on the SSL listener
- Removed binary encoding of encrypted messages
- Add automated tests
- Improved documentation
- Improve error handling
- Full functionality of Security Proxy, including:
- Handshake using JPAKE algorithm
- Message encryption/decryption
- Message padding
- Message routing (with load balancer)
- TLS/SSL support