Connect2id server 7.12.1
This is a maintenance release of the Connect2id server. Fixes a bug in request object error reporting and a bug in the session store which affected the correct keeping of max idle time. Also updates the session store and the DynamoDB connector for better memory efficiency when purging large numbers of expired sessions.
Check the release notes for more information.
To download a ZIP package of Connect2id server 7.12.1:
As WAR package only:
Contact Connect2id support.
Upgrades the DynamoDB store configuration schema to v1.6 which introduces a new optional "purge-limit" attribute. It limits the number of expired entries to purge during a run of the expired entry reaper task. The default value is -1 (no limit).
Adds new dymamodb.purgeLimit.sessionStore.sessionMap Java system property to set the purge limit for subject sessions persisted to DynamoDB. The default value is -1 (no limit).
A JAR request for a client not registered for JAR should produce an invalid_request_object error with "The client isn't registered for request objects" message (issue server/461).
Fixes a session store bug which caused the last access timestamp for subject sessions to not update and the session to expire prematurely if max idle is set. The bug affected Connect2id server deployments in stateless cluster mode (DynamoDB and Redis) (issue session store/78).
Updates the session store task for purging orphaned subject keys (subject index entries) to conserve memory (issue session store/79).
Updates the expired entry purge task of the DynamoDB store to conserve memory (issue dynamodb/13).
Updates to com.nimbusds:oidc-session-store:11.2
Updates to Infinispan 9.4.14.Final.
Upgrades to com.nimbusds:infinispan-cachestore-dynamodb:3.5
Updates to com.unboundid:unboundid-ldapsdk:4.0.11