Releases: apereo/cas
Releases · apereo/cas
v4.1.4
- #1459 Wait for Quartz threads to shutdown (@frett)
- 66defc3 Allow CAS cookie paths to be overridden (@mmoayyed)
- #1454 Fix url for ba-debug JS dependency (@nicolasmoreira)
- ef08efe Disable SAML external entities, includes, and entity reference expansion (@mmoayyed)
- #1437 Fixing typo in
RegisteredServiceThemeBasedViewResolver
bean def (@jtgasper3) - 2730fd0 Update the OAuth error view name (@mmoayyed)
- #1435 Update X.509 Authentication Guide (@jbjonesjr)
- #1430 Management webapp docs; time-based access strategy UI changes (@mmoayyed)
- #1427 Ensure SAML UI extensions are not null (@mmoayyed)
- f6eaa29 Allow attribute values for access strategy to support regex (@mmoayyed)
- 7bb4e77 Allow the pac4j credential to ignore the typedid if configured (@mmoayyed)
- #1412 Fixed typo in PAC4J documentation (@jtgasper3)
- #1410 Login throttling using
JdbcAuditTrailManager
won't work (@mateofacu) - #1409 Registered Service properties (@mmoayyed)
- #1407 Allow the logout manager to use CAS local truststore (@mmoayyed)
- #1407 Update Kryo serializers (@smicyk)
v4.2.0-RC1
- #1343 Decouple authentication from CASImpl (@dima767)
- #1385
private
methods that don't access instance data should be "static" (@kirill-vlasov) - #1383 Update to gradle 2.10 (@mmoayyed)
- 60085d7 fixed checkstyle issues (@mmoayyed)
- #1381 Dead stores should be removed (@DevFactory)
- #1380 Ensure CAS attributes are encoded (@mmoayyed)
- #1382 Unused private fields should be removed (@DevFactory)
- ea7a2c2 Fixing squid:S1068 - Unused private fields should be removed (@kirill-vlasov)
- 4c3b646 Remove protocol constants from webflow action (@mmoayyed)
- 0fe35cf Allow SLO messages to reach into the CAS truststore (@mmoayyed)
- #1372 Allow the warning cookie to be set conditionally in non-interactive actions (@mmoayyed)
- #1366 Allow oauth services to be verified against services manager (@mmoayyed)
- #1368 Ticket registry based on Infinispan cache (@mmoayyed)
- #1369 Doc correction - header level (@PetrGasparik)
- #1354 JWT/Token authentication support (@mmoayyed)
v4.1.3
- #1363 Serialize/Deserialize the registered service for memcached (@mmoayyed)
- 2e6ea05 Allowed the use of Inspektr's
ClientInfo
when running JDBC throttling queries (@mmoayyed) - 7c854e3 Allowed JPA registry to detect PGTs (@frett)
- #1349 Added
@JsonIgnore
annotation when configuring salt for username attribute providers (@frett) - #1341 Added authZ strategy by date/time (@mmoayyed)
- c25d7df Fixed issue with missing JPA transactional entity manager (@mmoayyed)
- #1330 Fixed issue with Google Apps SAML2 timezones (@agaikwad)
- 8d5f45b Use static loggers for expiration policy (@frett)
- d42f436 Extended JPA field length for lobs (@mmoayyed)
- 6fabe3d Fixed skew allowance for google apps (@agaikwad)
- 265a7ad Allowed management app to reload services (@mmoayyed)
- #1320 Added missing namespace declaration into doc for JPA (@robertoschwald)
- 0237fe0 Allowed rest credentials to be extracted via a pluggable strategy (@dima767)
- #1303 Create a new Array for modified CAS logging arguments (@frett)
v4.1.2
- 62d6612 Reset the status endpoint's access security rule (@mmoayyed)
- 588dd1e Service username shall pass through attribute release policy (@mmoayyed)
- 4617f12 updated spring lib version (@mmoayyed)
- #1277 Ensure the logger is declared as transient (@mmoayyed)
- 71bfaef fix redirect loop on password expiration warning (@tduehr)
- 1a31315 remove service deletion during edit process (@tduehr)
- #1267 HttpOnly / Secure not set when "removing" CAS cookies (@mmoayyed)
- #1268 Provide a skewAllowance for SAML2 google apps (@mmoayyed)
- f2e33ed #1239 Wrong state type for logoutView in logout-webflow (@RaphC)
- 369e962 Fix bug in form validation for proxy service regex. (@fjollberg)
v4.0.7
- #1283 Updated spring lib version (@mmoayyed)
- 492e76c Fix redirect loop on password expiration warning (@tduehr)
- a6be1c8 HttpOnly / Secure not set when "removing" CAS cookies (@mmoayyed)
- #1251 #1239 Wrong state type for logoutView in logout-webflow (@RaphC)
- 5808a7b Fixed memcached serialization issue with no-arg constructors (@mmoayyed)
v4.1.1
- dc58696 ac526a3 fixed memcached serialization issue with no-arg constructors (@mmoayyed)
- 766b305 fixed issue with attribute repository serialization. (@mmoayyed)
- #1210 Removed NotNull annotation from
PrincipalAttributeRepository
(@mmoayyed) - df36c69 fixed issue with inflation of saml authN request for google apps (@mmoayyed)
- #1189 Clean out all STs immediately when TGT is destroyed (@mduszyk)
- #1196 Upgrade ldaptive to 1.0.7 (@mmoayyed)
- 6f614c2 migrate vt-crypt dependency to cryptacular (@mmoayyed)
- 7d270eb removed service ticket registry from central auth service (@mduszyk)
- 4eff107 Enable returning of null principal per config, when no attributes are found (@mmoayyed)
- a75af8e removed transactional (@mmoayyed)
v4.0.6
v4.1.0
- #1153 Upgrade Java CAS Client to v3.4.1 (@battags)
- #1102 Documentation: Update Package Name for SAML. (@loren138)
- #1093 Support openid.identity=http://specs.openid.net/auth/2.0/identifier_select (@leleuj)
- #1095 Determine management app context path dynamically (@mmoayyed)
- #1083 Management webapp redesign (@mmoayyed, @doodelicious, @rkorn86)
- #1071 Mongo support module (@mmoayyed)
- #1069 BugFix: registered services equality mismatch (@mmoayyed)
- #1072 Removed extra linebreak to allow openid4java parsing (@mmoayyed)
- #1073 Update the OpenID documentation for v2 support (@leleuj)
- #1068 fixed kryo issue with unmodifiable cols. backport from master (@mmoayyed)
- #1055 #1049 - Fix serialization bug with EhcacheTicketRegistry (@AmmarBelakhel)
- #1064 Json file naming convention (@mmoayyed)
- #1054 Hazelcast Ticket Registry implementation. (@dima767)
- #1045 Move creation of HandlerResult up the chain (@mmoayyed)
- #992 CRL checking to optionally try all URLs (@mmoayyed)
- #993 Allow CAS to parse/display SAML MDUI (@mmoayyed)
- #1041 Missing French translations (@leleuj)
- #1039 Issues-1038 added the close method on abstract pool to free the resource on undeploy (@NicolasMarcotte)
- #1032 Fix OpenSAML initialization error (@mmoayyed)
- #1001 Moved CAS core APIs into separate API module (@mmoayyed)
- #1031 Upgrade to Apereo parent v40. (@mmoayyed)
- #1005 Allow JsonSvcReg to auto-detect changes (@mmoayyed)
- #1010 Moved encoding filter to the top (@mmoayyed)
- #1023 Move request security filter to filters.xml (@mmoayyed)
- #1021 Clean up how null errors/warnings are handled by LPPE (@mmoayyed)
- #1020 Login flow Transcoding config (@mmoayyed)
- #1029 Update pac4j to version 1.7.1 (@leleuj)
- #1000 Added Jetty plugin config (@mmoayyed)
- #1011 Updated maven plugins to latest patch releases (@mmoayyed)
- #1024 CAS-1227: Ukranian language bundle (@mmoayyed)
- #1019 cas-server-integration-memcached pulls on two version of kryo (@NicolasMarcotte)
- #1015 Updated metrics, time and reflections libs. (@mmoayyed)
- #1013 Updated AspectJ version (@mmoayyed)
- #1014 Updated hibernate version (@mmoayyed)
- #1017 Log4j update (@mmoayyed)
- #1012 Updated spring security version (@mmoayyed)
- #1009 Check for gateway mode on invalid TGT (@frett)
- #999 Updated Polish translations for version 4.1.x; issue #994 (@gerbil14)
- #834 Issue-825: Always add the TGT in request AND flow scope (@leleuj)
- #833 Updated copyright year to 2015 (@mmoayyed)
- #822 Context listener to report on CAS environment info. (@mmoayyed)
- #829 Drop cas-server-protocol module (@mmoayyed)
- #818 SSO-disabled service can never be granted ST (@mmoayyed)
- #821 Issue-820: 'ticketId cannot be null' for a Facebook authentication (@leleuj)
- #824 Added Implementation-Date to JAR Manifests (@mmoayyed)
- #436 CAS-1179: TGT Expiration Policy Evaluators (@mmoayyed)
- #811 Issue-758: Revise and update Kryo serialization mechanism (@leleuj)
- #814 JSON Service Registry now made default (@mmoayyed)
- #676 Issue 468: Support for dynamic/caching principal attributes (@mmoayyed)
- #788 Issue-782: Update the security filter to version 2.0.0 (@leleuj)
- #772 Issue-740: Limit the queue size in the default ThreadPool in the SimpleHttpClient (@leleuj)
- #741 JSON serialization of RegisteredService into LDAP (@mmoayyed)
- #743 GoogleService: SAML response refactoring (@mmoayyed)
- #777 Allow TGT expiration policy control via CAS properties (@mmoayyed)
- #747 Support for displaying RegisteredService information on login form (@mmoayyed)
- #773 Update OpenID4Java; Removes dependency on missing guice:2.0 (@mmoayyed)
- #750 Add warning to InMemory Service Registry (@mmoayyed)
- #730 Allow CAS to return ticket objects rather than mere identifers (@mmoayyed)
- #345 CAS-1367: Move spring webflow conversaional state onto the client (@mmoayyed)
- #727 Attributes in SAML View Filtered by Attribute Policy (@mmoayyed)
- #729 Upgrading Ehcache to 2.9 (@mmoayyed)
- #721 Update OAuth20ProfileController: bearer tokens in the authorization header (@mikeroda)
- #674 Access principal in success view (@mmoayyed)
- #694 Configuration of host.name in multi-node deployments (@mmoayyed)
- #707 Issue 609: CAS OAuth Support 3.5.2 - 'service' query parameter is not being restored correctly (@leleuj)
- #711 OpenIdArgumentExtractor parent should be AbstractArgumentExtractor (@mmoayyed)
- #703 Use default theme, if no theme is found for the service (@mmoayyed)
- #696 do not focus username field, if another field is already selected (@sdorra)
- #700 OAuth approval prompt via a new configurable property (@mmoayyed, @steve-gregory, @edwins, @dennisroberts71)
- #701 Improved configuration of cas.properties location (@manamana88)
- #692 Issue #552 Avoid usage count in SSO opt-out check. (@serac)
- #697 Deprecated JBoss cache and uber-webapp modules (@mmoayyed)
- #665 JDBC QueryAndEncodeDatabaseAuthenticationHandler (@mmoayyed)
- #682 FileTrustStoreSslSocketFactory must support JVM truststore (@mmoayyed)
- #688 cas-687: SEC_1: remove default non-secure support in the services registry (@leleuj)
- #683 Issue 610: Non-configurable 'CasProfile#' username prefix in serviceResponse (@leleuj)
- #1 added attribute support to the CAS 2 authentication success response (@dennisroberts71)
- #446 CAS-1475: Refactoring of GoogleApps altUsername config (@mmoayyed)
- #444 CAS-1425: aligned view names to match the jsp filename (@mmoayyed, @jtgasper3)
- #647 Issue #460: TGT id to not be disclosed in logs (@mmoayyed)
- #671 Issue #670: Client authentication from pac4j should always return typed identifier (@leleuj)
- #677 Upgrade to JDK7 (@mmoayyed)
- #673 Issue #658: SAML validation now forcing service match (@mmoayyed)
- #640 SAML principal attribute release must pass through the policy (@mmoayyed)
- #650 Turn on/off slo per service, by having a new logout type for ... (@mmoayyed)
- #664 cas-663: Both log4j-over-slf4j.jar and slf4j-log4j12.jar in the management webapp (@leleuj)
- #662 return logout request to be application/x-www-form-urlencoded (@skibaa)
- #659 Ability to include multiple config files for the DispatcherServlet child application context (@dima767)
- #601 CAS-1466: Local truststore for proxy authentication (@mmoayyed)
- #642 Allow for time skewing ...
v4.0.5
v4.1.0-RC2
[maven-release-plugin] copy for tag v4.1.0-RC2