Releases: apereo/cas
Releases · apereo/cas
v4.1.0-RC1
[maven-release-plugin] copy for tag v4.1.0-RC1
v4.0.4
- #1037 Upgrade CAS 4.0.x to Pac4j 1.7.x (@leleuj)
- #1081 Exclude Restlet endpoints from Security Filter Mapping (@mmoayyed)
- #1079 SAML attributes should be fetched off of primary authN (@mmoayyed)
- c4f347d Removed extra linebreak to allow
openid4java
parsing (@mmoayyed) - #1067 Backported memcached+kryo update (@mmoayyed)
- #1049 Fix serialization bug with
EhcacheTicketRegistry
(@mmoayyed) - #1057 Updated Spring to version 3.2.9 due to
SPR-11719
(@philippberger)
v4.0.3
- 481a32b Ported over security filter changes v2.0.3 (@mmoayyed)
- dd28134 Moved UTF-8 character encoding filter to top (@mmoayyed)
- 7501389 Fixed LPPE warning flag for warnings (@mmoayyed)
- 6d981b3 Check for gateway mode on invalid TGT (@mmoayyed)
- f537fdc Updated ldaptive to version 1.0.6 (@mmoayyed)
- 4926c28 Updated Polish translations (@mmoayyed)
v4.0.2
- 23cab07 added warnings param to result (@mmoayyed)
- 8e1650c negate the initial svc id (@mmoayyed)
- b0ea279 Properly encode urls & parameters (@leleuj)
- afad3c9 Use full locale name when locating bundle (@mmoayyed)
- 0f2c6f4 marked missing login ticket msg as error (@mmoayyed)
- 7eadf9d cas-882: Update OpenID support (@leleuj)
- 602f5ec Fixed LPPE class name (@mmoayyed)
v3.6.0
v3.5.3
- #411 CAS-1429 Escape inputs into LDAP filter expressions. (@serac)
- #768 Fix for #763: fetch ticket and do proxy check before callback. (@serac)
- #408 CAS-1431: Build is broken because of the last Twitter change to SSL (@leleuj)
- #319 CAS-1355: Set allowedToProxy to false by default (SEC_3) (@leleuj)
- #321 CAS-1166/1168 (3.5.x) login form is not shown on error of Spnego/login form is not shown on error of Spnego (@Unicon)
- #325 CAS-1347: Missing language keys prevents access should not cause a crash (@leleuj)
- 21a0f23 CAS-1352: Usename attribute should not be required in the list of allowed attributes (@mmoayyed)
- d0adc14 Update Ehcache version to 2.7.2. Adjusted gitignore to exlucde bin/ directory. (@mmoayyed)
- #300 CAS-1343 Fix LDAP resource leak in ContextSourceMonitor (@serac)
- #294 Don't hard-code the name of a Logger to be the name of a particular subclass (@laszlovandenhoek)
- #201 CAS-1261 Align HTML views with previously existing views. (@fjollberg)
v4.0.1
- f18dabf update NOTICEs (@leleuj)
- fa9f0f0 Issue-782: Update the security filter to version 2.0.0 (@leleuj)
- 09b3340 Issue #670: Client authentication from pac4j should always return 'typed' identifier (@leleuj)
- d608dd9 updated script to generate docs for 4.0.0 (@mmoayyed)
- 4f26b84 #612 for 4.0.x: Attributes other than String and element iterable in foreach are not supported (@leleuj)
v4.0.0
Release Notes - CAS Server - Version 4.0
Sub-task
- [CAS-1006] - Update CAS theme documentation
- [CAS-1008] - Update Services Management UI
- [CAS-1173] - LPPE: Incorrect handling of "password never expires" active directory flag
- [CAS-1198] - LPPE: pwdReset attribute not preventing login/directing user to change password
- [CAS-1214] - Disallow falling back to system locale when resolving message bundles
Bug
- [CAS-890] - Logon with Invalid TGT and no service= goes to Success page
- [CAS-1096] - NPE in DefaultTicketRegistryCleaner due to Null-Objects in Ticket-Collection
- [CAS-1168] - After fix in CAS-1065, login form is not shown on error of Spnego
- [CAS-1175] - Username field currently has attribute "autocomplete=false"
- [CAS-1192] - Typo in X509CertificateCredentialsToSubjectPrinciplalResolver class name
- [CAS-1195] - LPPE: account expired is very different from password expired
- [CAS-1197] - LPPE breaking on the (ldap) domaint that don't have password policy
- [CAS-1199] - log4j-over-slf4j.jar AND slf4j-log4j12.jar in CAS server webapp
- [CAS-1213] - Disallow falling back to system locale when resolving message bundles
- [CAS-1231] - Set content type to plain text for /accessToken in OAuth server mode
- [CAS-1233] - cas.properties breaks clearpass config
- [CAS-1234] - language resources in messages_fr.properties are invalid in download link but ok in git
- [CAS-1241] - Changing Service URL from Ant-style Pattern to Regular Expression does not update db entry to correct discriminator value
- [CAS-1253] - multiple versions of joda-time when including ldap support
- [CAS-1259] - HealthCheckMonitor Needs Additional Error Checking
- [CAS-1261] - Align HTML views with previously existing views.
- [CAS-1275] - Upgrade to Spring 3.2.2
- [CAS-1277] - Javascript error
- [CAS-1278] - fluid reordering javascript throws js exception on add/edit service page
- [CAS-1279] - 2 copies of jquery are loaded in the services manager
- [CAS-1280] - Services management webapp doesn't work in French
- [CAS-1293] - X509 module Unit Tests try to load SimpleTestUsernamePasswordAuthenticationHandler from main classpath
- [CAS-1303] - Redirection from the password warning page should not consume the service parameter
- [CAS-1310] - Complex attributes are not properly returned by the OAuth /profile url
- [CAS-1311] - Add missing headers in protocol HTML specs
- [CAS-1315] - wrong response content-type for /serviceValidate
- [CAS-1318] - CAS Login Does not Overwrite expired/invalid Ticket Granting Cookie
- [CAS-1320] - CAS server webapp fails to instantiate a EAPTTLSAuthenticator for each authentication request
- [CAS-1333] - always throw FailedLoginException in cas-server-support-ldap
- [CAS-1339] - Cannot build "CAS ClearPass Extension"
- [CAS-1344] - restlet depends on org.springframework:spring-asm:jar:3.0.1.RELEASE
- [CAS-1347] - Missing language keys prevents access; app should not cause a crash
- [CAS-1348] - Proxy chain missing on proxy validate
- [CAS-1352] - Usename attribute should not be required in the list of allowed attributes
- [CAS-1371] - top.jsp session=true
- [CAS-1380] - Module "cas-server-webapp-support" pulls in stale Spring dependencies that crash CAS
- [CAS-1382] - D&D functionality of mgmt app is broken; Javascript version conflicts
- [CAS-1383] - multiple versions of libraries in classpath
- [CAS-1384] - AccountNotFoundException error bubbling up on the login form
- [CAS-1385] - LPPE fails with lppe.dateAttribute = null
- [CAS-1386] - Fix IV handling for ClearPass in clustered environments
- [CAS-1393] - Memcached serialization fails when creating a proxy ticket
- [CAS-1394] - pgtInit returns null pgtIou due to pgtUrl readTimeout (less t...
v4.0.0-RC4
[maven-release-plugin] copy for tag v4.0.0-RC4
v4.0.0-RC3
[maven-release-plugin] copy for tag v4.0.0-RC3