Connect2id server 14.6
This Connect2id server release received a sweeping update
of the Redis connector.
It fixes a bug that affected the max_idle
expiration of
sessions,
addressed concurrency issues on scan operations and purges max_idle
expired
sessions eagerly to conserve Redis server memory. 14.x Connect2id servers
deployed with a Redis for caching and storing sessions are strongly recommended
to upgrade to 14.6.
The session store received a minor configuration change, increasing the maximum concurrent session quota per user from 10 to 25.
Additional information about the new releaese can be found in the release notes below.
Download 14.6
For the signature validation: Public GPG key
Standard Connect2id server edition
Apache Tomcat package with Connect2id server 14.6: Connect2id-server.zip
GPG signature: Connect2id-server.zip.asc
SHA-256: 6ca441cccd264296bbaabcbeeeabf0fd609146004d431ce4cbeb7c1e30d0b2e0
Connect2id server 14.6 WAR package: c2id.war
GPG signature: c2id.war.asc
SHA-256: 8ac75fb6fa7f0c6ebb9ab54aa70b481081bb6ea85540aceef736cb83239d3e1c
Multi-tenant edition
Apache Tomcat package with Connect2id server 14.6: Connect2id-server-mt.zip
GPG signature: Connect2id-server-mt.zip.asc
SHA-256: a8a06c6b8482d714e39ead566635273a0e18b32fba862b7c43d76db006c2ce7d
Connect2id server 14.6 WAR package: c2id-mt.war
GPG signature: c2id-mt.war.asc
SHA-256: 72417e06dd9b21fe167ee9ca8566e84bee0c674f7d4e85a42b2c58298428fa9f
Questions?
If you have technical questions about this new release contact Connect2id support. To purchase a production license for the Connect2id server, renew or upgrade your support and updates subscription, email our sales.
Release notes
14.6 (2023-09-28)
-
/WEB-INF/sessionStore.properties
- sessionStore.quotaPerSubject – The maximum configurable session quota per subject (end-user) is increased from 10 to 25 sessions.
Resolved issues
-
Enhances and refactors the Redis store debug and trace level logging (issue redis-store/7).
-
Prune max_idle expired entries on Redis store retrieval or iteration (scan) instead of waiting for the final max_lifetime expiration in the Redis store (issue/redis-store/10).
-
Adds an entry expiration check on Redis store retrieval based on the stored Infinispan entry metadata to prevent situations where a max_idle expired entry is assumed as not expired by Infinispan (since v14.x) (issue server/899, issue redis-store/8).
-
Makes Redis store iteration (scan) safe with concurrent key deletion or expiration (issue redis-store/11).
Dependency changes
-
Upgrades to com.nimbusds:oauth2-oidc-sdk:11.0
-
Updates to com.nimbusds:oidc-session-store:16.5
-
Updates to com.nimbusds:nimbus-jose-jwt:9.35
-
Upgrades to Infinispan to 14.0.17.Final
-
Updates to com.nimbusds:infinispan-cachestore-sql:7.0.5
-
Updates to com.microsoft.sqlserver:mssql-jdbc:12.2.0.jre11
-
Updates to com.oracle.database.jdbc:ojdbc11:21.9.0.0
-
Updates to com.nimbusds:infinispan-cachestore-redis:10.1.1
-
Updates to com.nimbusds:infinispan-cachestore-dynamodb:5.0.2
-
Updates to com.unboundid:unboundid-ldapsdk:6.0.10
-
Updates to commons-io:commons-io:2.11.0