Insights and release announcements
Blog
-
Json2Ldap 3.1
Json2Ldap 3.1
The Json2Ldap web service for working with LDAP directories received several updates under the hood. Most notably, logging was upgraded to Log4j 2. This means that logging can now be reconfigured on the fly, with zero service downtime,...
Json2LdapRead article -
Aggregated and distributed OpenID claims support in Connect2id server 6.11
Aggregated and distributed OpenID claims support in Connect2id server 6.11
Including OpenID claims from upstream providers The primary purpose of an OpenID Connect provider is to authenticate...
Connect2id serverRead article -
Connect2id server 6.10 optimises API support for stateless login front-ends
Connect2id server 6.10 optimises API support for stateless login front-ends
This week’s release of the OpenID Connect server focuses on optimising support for stateless front-ends. Easier...
Connect2id serverRead article -
Connect2id server 6.9.1 updates the SQL backend connector
Connect2id server 6.9.1 updates the SQL backend connector
This is a small update to the Connect2id server which adds a new configuration setting for disabling automatic...
Connect2id serverRead article -
Check session iframe support now in Connect2id server 6.9
Check session iframe support now in Connect2id server 6.9
A client application which has signed in a user with OpenID Connect may need to periodically check if the user...
Connect2id serverRead article -
Connect2id server 6.8 adds logout endpoint support
Connect2id server 6.8 adds logout endpoint support
The long anticipated web API for binding a sign out page to the Connect2id server is now here. A user who has ended...
Connect2id serverRead article -
Connect2id server 6.7.2
Connect2id server 6.7.2
6.7.2 is a maintenance release of the Connect2id server. It has fixes for three discovered bugs, enhances token...
Connect2id serverRead article -
Connect2id server 6.7.1
Connect2id server 6.7.1
Execute custom logic during prompt=none processing The latest 6.7 release of the Connect2id server makes it easier to...
Connect2id serverRead article -
Connect2id server 6.6.2 strengthens defences against timing attacks
Connect2id server 6.6.2 strengthens defences against timing attacks
The OpenID Connect server has now stronger defences in place against timing attacks on OAuth 2.0 client secrets (used...
Connect2id serverRead article -
Multi-level defence against invalid curve attacks
Multi-level defence against invalid curve attacks
Reliable defences work on multiple levels. The latest release of the Nimbus JOSE + JWT library adds an extra...
JOSERead article -
Connect2id server 6.6.1 maintenance release
Connect2id server 6.6.1 maintenance release
This is a small maintenance release of the Connect2id server. Summary: Fixes client_secret provisioning...
Connect2id serverRead article -
Nimbus JOSE+JWT 4.35 deprecates use of SHA-1 and RSA encryption with PKCS1v1.5 padding
Nimbus JOSE+JWT 4.35 deprecates use of SHA-1 and RSA encryption with PKCS1v1.5 padding
Deprecates use of SHA-1 CWI and Google’s announcement of a practical technique for producing SHA-1 collisions served...
JOSERead article -
New OAuth spec for TLS client authentication with X.509 certificate
New OAuth spec for TLS client authentication with X.509 certificate
Brian Campbell and other members of the OAuth WG published a new spec for letting clients authenticate with TLS and a...
Connect2id serverRead article