Skip to content

Version 2.4.0

Compare
Choose a tag to compare
@zamilskhan zamilskhan released this 16 Nov 21:03
· 5086 commits to master since this release

Notice

This document, also known as the Gluu Release Note, relates to the Gluu Release versioned 2.4.0. The work is licensed under “The MIT License” allowing the use, copy, modify, merge, publish, distribute, sub-license and sale without limitation and liability. This document extends only to the "oxAuth" component of Gluu Server

UNLESS IT HAS BEEN EXPRESSLY AGREED UPON BY ANY WRITTEN AGREEMENT BEFOREHAND, THE WORK/RELEASE IS PROVIDED “AS IS”, WITHOUT ANY WARRANTY OR GUARANTEE OF ANY KIND EXPRESS OR IMPLIED. UNDER NO CIRCUMSTANCE, THE AUTHOR, OR GLUU SHALL BE LIABLE FOR ANY CLAIMS OR DAMAGES CAUSED DIRECTLY OR INDIRECTLY TO ANY PROPERTY OR LIFE WHILE INSTALLING OR USING THE RELEASE.

What's new in version 2.4.0

oxAuth

  1. Enhanced logout capabilities based on the new OpenID Connect draft for HTTP front channel logout
    2 .Support for persistent pairwise identifiers in OpenID Connect
  2. Support for private key OAuth2 client authentication #88
  3. Added support for OAuth 2.0 Form Post Response Mode #33
  4. Added ability to request PAT, AAT with client secret jwt
  5. Added meta tag for Internet Explorer compatability
  6. Added simple TokenRequest builder to simplify request construction for PAT/AAT
  7. Changed RDN of authorization_code grant #66
  8. Refresh token not persisted if token lifetime is 0
  9. Persist Authorizations by Person #83
  10. Script engine logs separated to new log file #77
  11. Skip client during html page construction if logout_uri is blank
  12. Added wikid person authentication module
  13. Disabled org.xdi.oxauth.ws.rs.ClientAuthenticationFilterEmbeddedTest.requestAccessTokenCustomClientAuth3
  14. Session not required to call logout.xhtml
  15. Fixed gplus login form
  16. Fixed various issues in front channel logout
  17. Fixed various issues with JWKs endpoints
  18. Cookie removed on session end if authorization grant is successfully identified by id_token_hint
  19. Pass client_id for PRIVATE_KEY_JWT authentication method
  20. Pass client_id parameter for PRIVATE_KEY_JWT