Connect2id server 7.11.1
This is a maintenance release of the Connect2id server (for Java 11).
Deployments with a DynamoDB backend are advised to upgrade, especially if consent during the authorisation session is handled automatically (implicitly), without involving the end-user.
Deployments which process plain OAuth 2.0 authorisation requests where clients don't specify a scope explicitly should also upgrade.
Check out the release notes below for more information.
Download
To download a ZIP package of Connect2id server 7.11.1:
https://connect2id.com/assets/products/server/download/7.11.1/Connect2id-server.zip
SHA-256: c8a3b4c80d73609cf8617fbccccfefcc79d3120c836724f7cc87c30de191a8bb
As WAR package only:
https://connect2id.com/assets/products/server/download/7.11.1/c2id.war
SHA-256: d9be57eebb9e934b4c4cbb8a36e9d618dcdbde8d2ad0681247cc0c2f2e407e5f
Questions?
Contact Connect2id support.
Release notes
7.11.1 (2019-04-27)
Configuration
/WEB-INF/infinispan-*-dynamodb.xml
- Upgrades the DynamoDB connector to 3.4.1 and the schema to v1.5 to add support for enabling strongly consistent DynamoDB reads.
/WEB-INF/infinispan-stateless-dynamodb.xml
- Enables strongly consistent DynamoDB reads for "op.consentSessionMap" to prevent possible false 404 errors during authorisation sessions (/authz-sessions/rest/v3/) when consent is handled automatically (without any user interaction) and too quickly for eventual consistency.
Resolved issues
Fixes an NPE during the authorisation session when an undefined scope is submitted for an OAuth 2.0 authorisation request (issue server/445).
Fixes a non-critical NPE for a null UserInfo returned from the claims source for claims to be fed into the ID token (issue server/444).
Switches to strongly consistent DynamoDB reads for "op.consentSessionMap" to prevent possible false 404 errors during authorisation sessions (/authz-sessions/rest/v3/) when consent is handled automatically (without any user interaction) and too quickly for eventual consistency (issue server/442).
Dependency changes
- Upgrades to com.nimbusds:infinispan-cachestore-dynamodb:3.4.1