Skip to content
Connect2id
Connect2id server

Connect2id server 5.0.1 maintenance release

Connect2id server users of the previous 5.0 release who still rely on the old version 2 of the authorisation session API (for binding an IdP login page and auth factors) are strongly advised to upgrade to this 5.0.1 maintenance release.

As you may recall, with Connect2id server 5.0 we updated the authorisation session API in order to support the OAuth 2.0 form_post response mode, and also to free integrators to implement custom and experimental response modes, such as Nat Sakimura’s response mode based on window.postMessage.

This was a breaking change, which required a new API version - 3.

The old version 2 API is still supported, by means of a special filter that rewrites the API messages from version 3. This maintenance release fixes a rewrite bug that prevented correct reporting of HTTP 4xx status codes as well as output from a GET /authz-session/v2/{sid} request.

The new version 3 API is unaffected.

Download

To download a ZIP package of Connect2id server 5.0.1:

https://c2id-downloads.s3.eu-central-1.amazonaws.com/server/5.0.1/Connect2id-server.zip

As WAR package only:

https://c2id-downloads.s3.eu-central-1.amazonaws.com/server/5.0.1/c2id.war

Questions?

Get in touch Connect2id support, we’ll be delighted to help out.


Release notes

5.0.1 (2016-05-23)

Configuration

  • No changes

Web API

  • No changes

Bug fixes

  • Fixes the servlet filter that provides a version 2 compatible view of the Authorisation Session API at /authz-session/v2. The fixed bugs prevented the correct output of 4xx HTTP responses from the API as well as GET /authz-session/v2/{authz-session-id} responses (issue #213). Users of the /authz-session/v2 API are strongly encouraged to upgrade. Users of the newer /authz-session/v3 API are not affected.

Dependencies

  • No changes