Connect2id server 7.10.1

2019-04-27

This maintenance release of the Connect2id server backports selected fixes from Connect2id server 7.11 and 7.11.1 (for Java 11+) to 7.10 (for Java 8).

Check out the release notes below for more information.

Download

To download a ZIP package of Connect2id server 7.10.1:

https://connect2id.com/assets/products/server/download/7.10.1/Connect2id-server.zip

SHA-256: efec16fd1137a2ac5143488790d0cc15060be25f628b0b23db02d1b607aef0a9

As WAR package only:

https://connect2id.com/assets/products/server/download/7.10.1/c2id.war

SHA-256: 42c487dc87f0abb378d8dff07fcac3205c851fb63fbe847b976128c8956b61a0

Questions?

Contact Connect2id support.


Release notes

7.10.1 (2019-04-27)

Configuration

  • /WEB-INF/infinispan-*-dynamodb.xml

    • Upgrades the DynamoDB connector to 3.4.1 and the schema to v1.5 to add support for enabling strongly consistent DynamoDB reads.
  • /WEB-INF/infinispan-stateless-dynamodb.xml

    • Enables strongly consistent DynamoDB reads for "op.consentSessionMap" to prevent possible false 404 errors during authorisation sessions (/authz-sessions/rest/v3/) when consent is handled automatically (without any user interaction) and too quickly for eventual consistency.

Resolved issues

  • Fixes a bug which prevented the UserInfo from returning the subject in pairwise encrypted form when the OpenID relying party is registered for subject_type=pairwise (issue server/441).

  • Fixes a non-critical NPE for a null UserInfo returned from the claims source for claims to be fed into the ID token (issue server/444).

  • Switches to strongly consistent DynamoDB reads for "op.consentSessionMap" to prevent possible false 404 errors during authorisation sessions (/authz-sessions/rest/v3/) when consent is handled automatically (without any user interaction) and too quickly for eventual consistency (issue server/442).

Dependency changes

  • Upgrades to com.nimbusds:infinispan-cachestore-dynamodb:3.4.1

Connect2id server 7.11.1

2019-04-27

This is a maintenance release of the Connect2id server (for Java 11).

Deployments with a DynamoDB backend are advised to upgrade, especially if consent during the authorisation session is handled automatically (implicitly), without involving the end-user.

Deployments which process plain OAuth 2.0 authorisation requests where clients don't specify a scope explicitly should also upgrade.

Check out the release notes below for more information.

Download

To download a ZIP package of Connect2id server 7.11.1:

https://connect2id.com/assets/products/server/download/7.11.1/Connect2id-server.zip

SHA-256: c8a3b4c80d73609cf8617fbccccfefcc79d3120c836724f7cc87c30de191a8bb

As WAR package only:

https://connect2id.com/assets/products/server/download/7.11.1/c2id.war

SHA-256: d9be57eebb9e934b4c4cbb8a36e9d618dcdbde8d2ad0681247cc0c2f2e407e5f

Questions?

Contact Connect2id support.


Release notes

7.11.1 (2019-04-27)

Configuration

  • /WEB-INF/infinispan-*-dynamodb.xml

    • Upgrades the DynamoDB connector to 3.4.1 and the schema to v1.5 to add support for enabling strongly consistent DynamoDB reads.
  • /WEB-INF/infinispan-stateless-dynamodb.xml

    • Enables strongly consistent DynamoDB reads for "op.consentSessionMap" to prevent possible false 404 errors during authorisation sessions (/authz-sessions/rest/v3/) when consent is handled automatically (without any user interaction) and too quickly for eventual consistency.

Resolved issues

  • Fixes an NPE during the authorisation session when an undefined scope is submitted for an OAuth 2.0 authorisation request (issue server/445).

  • Fixes a non-critical NPE for a null UserInfo returned from the claims source for claims to be fed into the ID token (issue server/444).

  • Switches to strongly consistent DynamoDB reads for "op.consentSessionMap" to prevent possible false 404 errors during authorisation sessions (/authz-sessions/rest/v3/) when consent is handled automatically (without any user interaction) and too quickly for eventual consistency (issue server/442).

Dependency changes

  • Upgrades to com.nimbusds:infinispan-cachestore-dynamodb:3.4.1

Connect2id server 7.11 switches to Java 11

2019-04-26

With Java 8 having reached its end of life we now have upgraded the Connect2id server for Java 11+.

This release also includes a fix for two issues. Check out the notes below for more information.

Download

To download a ZIP package of Connect2id server 7.11:

https://connect2id.com/assets/products/server/download/7.11/Connect2id-server.zip

SHA-256: 2c6b462fe8c3cb0ded4a22962e2e5c2c13a3b25eddbe43e28ff3cfe744d88ccc

As WAR package only:

https://connect2id.com/assets/products/server/download/7.11/c2id.war

SHA-256: 63f8cc0394fe89935401964e0e4f7d6c35590917c009b2eb3db86498034a9cb0

Questions?

Contact Connect2id support.


Release notes

7.11 (2019-04-26)

General

  • Upgrades to Java 11. The minimum required runtime is now Java 11 (previously Java 8).

  • Removes JHades reporting.

Resolved issues

  • Fixes a bug which prevented the UserInfo from returning the subject in pairwise encrypted form when the OpenID relying party is registered for subject_type=pairwise (issue server/441).

  • Robust boolean parsing for PUT /tenants/rest/v1/{tid}/enabled. Applies to the multi-tenant edition of the Connect2id server only.

Dependency changes

  • Upgrades to com.nimbusds:nimbus-jwkset-loader:4.0

  • Updates to com.nimbusds:tenant-registry:4.0

  • Removes dependency on org.asynchttpclient:async-http-client:2.5.2

  • Removes dependency on org.jhades:jhades:1.0.4