Bot releases are hidden (Show)
Published by sreetummidi over 7 years ago
This is a security release addressing the following issues
Published by sreetummidi over 7 years ago
This is a security release addressing the following issues
Published by sreetummidi over 7 years ago
This is a security release addressing the following issues
Published by sreetummidi over 7 years ago
This release fixes a database migration issue that was introduced in UAA 3.13.0 & addresses a critical issue with UAADB increased CPU utilization
Published by sreetummidi over 7 years ago
DO NOT USE
Please use 3.14.0 Instead
Published by sreetummidi over 7 years ago
This release addresses a critical issue with UAADB increased CPU utilization
Published by sreetummidi over 7 years ago
This release addresses an issue with setting of session cookie with external SAML and OIDC authenitication
Published by sreetummidi over 7 years ago
This release addresses an issue with setting of session cookie with external SAML and OIDC authenitication
Published by sreetummidi over 7 years ago
This release re-introduces the JWT based Refresh Tokens. Refresh tokens are no longer opaque and revocable by default. This has been done to take care of the revocable_tokens table filling up with large deployments of UAA.
The format of the refresh token can now be set at an Identity Zone level via the API and can be boot strapped from the UAA.yml file for the default zone.
# refresh:
# unique: false ("If true, uaa will only issue one refresh token per client_id/user_id combination")
# format: jwt
Published by sreetummidi over 7 years ago
With this release we have redacted the SAML Service Provider Key and OAuth Token Signing Keys from the Identity Zone GET API Response. The POST and PUT API's functionality stays intact in terms of allowing Zone Administrators to create and update SAML and OAuth Token Keys as part of the Identity Zone configuration. Please refer to the API docs for more details.
*
translates to all groups*pattern*
Contains Patternpattern*
Starts with Pattern*pattern
Ends with PatternPublished by sreetummidi over 7 years ago
With this release we have redacted the SAML Service Provider Key and OAuth Token Signing Keys from the Identity Zone GET API Response. The POST and PUT API's functionality stays intact in terms of allowing Zone Administrators to create and update SAML and OAuth Token Keys as part of the Identity Zone configuration. Please refer to the API docs for more details.
*
translates to all groups*pattern*
Contains Patternpattern*
Starts with Pattern*pattern
Ends with PatternPublished by bsekar over 7 years ago
This is a security release which addresses
This release also re-introduces the JWT based Refresh Tokens. Refresh tokens are no longer opaque and revocable by default. This has been done to take care of the revocable_tokens table filling up with large deployments of UAA.
The format of the refresh token can now be set at an Identity Zone level via the API and can be boot strapped from the UAA.yml file for the default zone.
# refresh:
# unique: false ("If true, uaa will only issue one refresh token per client_id/user_id combination")
# format: jwt
Published by bsekar over 7 years ago
This is a security release which addresses
Published by hchung over 7 years ago
Published by hchung over 7 years ago
Published by fhanik over 7 years ago
This feature enables User Attributes (including custom attributes) and Group Memberships from LDAP, SAML and OpenID Connect providers to be exposed via the UserInfo endpoint of UAA in addition to propagating them via OpenID Connect id_token. This is an optional feature per external identity provider and is turned on by setting the config.storeCustomAttributes
flag in the Identity Provider json. The token must contain user_attributes
and/or roles
scopes for retrieving the custom attributes and roles from the /userinfo endpoint.
This feature allows the administrator to force all users to change their password at next login time. This can be enforced on an individual user basis. This feature is multi-tenant and can be enabled per Identity Zone.
This feature enables SAML assertions to be exchanged for access tokens. This feature has been contributed by SAP. The documentation can be found here.
In addition to PostGres and MySQL , UAA now supports SQL Server as a backend. This feature has been contributed by Microsoft.
With this release we have redacted the SAML Service Provider Key and OAuth Token Signing Keys from the Identity Zone GET API Response. The POST and PUT API's functionality stays intact in terms of allowing Zone Administrators to create and update SAML and OAuth Token Keys as part of the Identity Zone configuration. Please refer to the API docs for more details.
Published by sreetummidi almost 8 years ago
This is a security release which addresses
Published by sreetummidi almost 8 years ago
This is a security release which addresses
Published by sreetummidi almost 8 years ago
This is a security release which addresses