Skip to content

v2.0.0

Choose a tag to compare

View all tags
@moabu moabu released this 22 Apr 06:54
· 138 commits to main since this release
v2.0.0
6d2a701
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

2.0.0 (2026-04-22)

Features

  • add download cert functionality to plugin (#13200) (c681a63)
  • add separate httproute for each service (#13583) (50504cb)
  • charts: make Gateway ports configurable and support Gateway in janssen helm chart (#12995) (583b64c)
  • charts: support gateway api in janssen-aio (#12907) (f5077ae)
  • client certificate authentication casa plugin (#12927) (6d80354)
  • cloud-native: add subchart for Gateway API conformant implementation (#13415) (8be2875)
  • cloud-native: add support for gRPC bridge (#13094) (2cbc23b)
  • cloud-native: enable TLSv1.3 in java.security file (#13166) (f41f3d3)
  • cloud-native: manage disableExternalLoggerConfiguration config key in persistence (#13191) (353e815)
  • cloud-native: quickstart for compose-based janssen all-in-one deployment (#13750) (790df76)
  • cloud-native: support for additional schema files (#13011) (ac78d8b)
  • cloud-native: upgrade jetty to v12.1.8 (#13805) (24cc50e)
  • cloud-native: upgrade jmx prometheus agent library (#13809) (ade6b0f)
  • cloud-native: use admin-ui policy store from cjar file (#13604) (9278b2d)
  • condition gateway resource creation and customized section names (23b990d)
  • conditional gateway resource creation and customized section names (#13551) (23b990d)
  • config-api: client operation for clientSecret and removed unused dependency (#13572) (5c8ed0d)
  • core: fix deps2 (#12965) (19ad682)
  • correct the jans_assets scopes names (#13025) (02409e4)
  • customizable log target and level for root logger (#13671) (859de27)
  • fix release tag (5323032)
  • introduce roundTripMaxTime config property (#13009) (e5ab6dc)
  • jans-auth-server: Added configurable rate limiting for authentication endpoints to prevent brute-force attacks #12664 (#12868) (7a5f846)
  • jans-auth-server: added support for X-Forwarded-Tls-Client-Cert for Traefik proxy #13467 (#13678) (a34d4d9)
  • jans-auth-server: harden allowed schemes for redirects #13423 (#13429) (e5e1bf9)
  • jans-auth-server: log failed authentication in jans-auth INFO logging #13248 (#13404) (9e2b94f)
  • jans-auth-server: sanitized log in AuthenticationService #12958 (#12959) (ba21b2f)
  • jans-auth-server: Support OAuth Client ID Metadata Document (CMID) #13220 (#13519) (06bdcd3)
  • jans-auth-server: support X-Forwarded-Client-Cert header #13444 (#13446) (3a717da)
  • jans-auth-server: upgradeв implementation to latest AuthZEN (Jan 2026) #12363 (#13077) (ff72ecb)
  • jans-auth: add HttpServletRequest producer to produce bridge (#13103) (a015fc9)
  • jans-auth: servletLoggingFilter should support filter async (#13102) (5810ed7)
  • jans-cedarling: add C bindings support (#13542) (a871e1c)
  • jans-cedarling: add custom linter for inefficient string concatenation (#13164) (46d7b50)
  • jans-cedarling: add policy metadata introspection API (#13588) (93d1737)
  • jans-cedarling: add python bindings policy metadata introspection API (#13634) (e32009a)
  • jans-cedarling: Add TrustedIssuerLoadingInfo methods to the bindings (#13565) (5a42659)
  • jans-cedarling: align UniFFI and Java authorize_unsigned with optional RequestUnsigned.principal (#13840) (c0ae216)
  • jans-cedarling: Implement disabling file checksum validation using configuration (#13424) (e5a992a)
  • jans-cedarling: implement using Lock server with gRPC protocol (#13237) (781d5cf)
  • jans-cedarling: New interface to Push Data (#13231) (cb286ea)
  • jans-cedarling: Remove authorization method based on user principals (#13538) (a744d68)
  • jans-cedarling: Support Initializing Cedarling with .cjar Bytes in UniFFI Bindings (#13548) (e14944d)
  • jans-cedarling: update Cedar policy parsing to support multi-policy files (#13748) (973e9d9)
  • jans-cedarling: upgrade the sample android and ios apps to use multi-issuer aut… (#13549) (0710555)
  • jans-cedarling: use multi-issuer-authz on sidecar (#13463) (4f692aa)
  • jans-cedarling: use partial-eval in Cedarling (#13807) (3fb2ad2)
  • jans-cli-tui: add arguments --auth-url, --config-url, --scim-url (#13414) (dce3552)
  • jans-cli-tui: Update Lock Configuration Screen (#13114) (b511d61)
  • jans-config-api: change in process of accessing config-api endpoints in Admin UI (#12983) (7b984ee)
  • jans-config-api: downgrade the java compiler version to 11.x for admin-ui plugin (#13586) (766b4bd)
  • jans-config-api: FIDO2 metrics endpoints (#13448) (4c95300)
  • jans-config-api: modify cedarling endpoints in admin-ui plugin to support multi-issuer authz and new policy-store format (#13514) (8245644)
  • jans-config-api: resolved audit api fix (#13230) (664e713)
  • jans-config-api: review and apply concise logging (#13625) (f77010d)
  • jans-config-api: updating Admin UI Session Expiry to Enforce Idle-Based Logout (#13172) (1669d98)
  • jans-core: remove tika-core from jackrabbit-core deps (#12960) (75fa989)
  • jans-core: removed FILE script type (48b8080)
  • jans-core: removed FILE script type #12997 (#12998) (48b8080)
  • jans-fido2: add controllers for metrics and resolve staging issues (#12934) (c898187)
  • jans-fido2: add dropOffRate and completionRate to metrics error… (#13360) (f041fa0)
  • jans-fido2: remove SuperGluu attestation processor and related d… (#13692) (6b1aee5)
  • jans-fido2: remove SuperGluu attestation processor and related dead code (6b1aee5)
  • jans-fido2: resolved aggregation cluster issue (#13229) (7126d88)
  • jans-fido2: resolved java docs-alignment issue (#13108) (db9e0f1)
  • jans-linux-setup: activate proxy_http2 for jans-lock (#13167) (b768186)
  • jans-linux-setup: add rocky linux support (#13800) (0329b14)
  • jans-linux-setup: extract grpc dependencies to jans-auth custom libs directors (#13090) (ecf8358)
  • jans-linux-setup: flex update requirements (#12985) (a9eb502)
  • jans-linux-setup: introduce Mako templating engine (#13054) (1b904a9)
  • jans-linux-setup: lock plugins in dependencies archive (9a9a449)
  • jans-linux-setup: move flex schema to flex setup (#13088) (9987586)
  • jans-linux-setup: remove old linux distros (#13245) (b96992c)
  • jans-linux-setup: shibboleth IDP as prereleased feature (#13171) (38456c0)
  • jans-lock: configure gRPC bridge on by default (#13106) (a8b5321)
  • jans-lock: prepare zip with deps for jnas-auth (#13089) (bb315ff)
  • jans-orm: merged gluu4 orm updates (#13786) (561793b)
  • jans-pycloudlib: add backoff retries when authenticating to vault (#13739) (0a2b079)
  • jans-tarp: fix vulnerable dependencies of jans-tarp (#13675) (e903b91)
  • jans-tarp: improve UI and add tooltips to the fields in OpenID registration form and the fields in the other forms (#13609) (984e65d)
  • jans-tarp: support multi-token authz (#13365) (20aa874)
  • lock gprc enpoints thought grpc bridge (#12949) (bdd08e6)
  • lock: use GrpcRequestWrapper only for GRPC requests (#13292) (227b434)
  • multi-issuer authz feature should be able to pull token from au… (#13497) (f491835)
  • send 403 - Forbidden error code in response if Admin UI requests Config API with expired session. This will indicate to Admin UI to logout. (#13022) (a2701ae)
  • setup: update jerrt version (dd4839b)
  • setup: updated jetty version (#13796) (dd4839b)
  • update the Readme and help guide with latest features (#13639) (ea33086)

Bug Fixes

  • a new cedarling config is created on editing the existing configuration (43d2f07)
  • add op logout and github widgets for stars and watches (#13466) (85ee313)
  • address vulns (#13080) (1a97074)
  • AdminUICookieFilter should not be called in Jans installation (#13041) (2f2675f)
  • allow calling a static method passing a class instance (#13223) (8733bd2)
  • allow calling a static method passing a class instance #13119 (8733bd2)
  • automation/requirements.txt to reduce vulnerabilities (7550f82)
  • cedarling_wasm: init fails when JWT signature and status validation are enabled (#13853) (12dc3de)
  • ci: add Reo script for tracking (#13118) (47659ee)
  • cloud-native: add uma scopes in role-scope-mappings (#13824) (8eb64c4)
  • cloud-native: always render jans-sql.properties (#13735) (98b227a)
  • cloud-native: remove admin-ui plugin from charts (#13096) (e62a4ff)
  • cloud-native: resolve non-prefixed URIs (#13664) (39a7443)
  • cloud-native: revert jans-auth-server contextPath (#13614) (e9f7d20)
  • cloud-native: validate jansMessageConf provider type (#13368) (395da32)
  • config-api: client secret getting encrypted (#12930) (7b73e80)
  • config-api: custom script search by pattern is not working and allow search by INUM in pattern search (#13782) (cedd270)
  • docker-jans-all-in-one: resolve path to healthcheck endpoint when running monitor script (#13385) (bccfbee)
  • docker-jans-cloudtools: add type validation for --limit parameter (#12946) (4fdd2dd)
  • docs: add PostgreSQL-related commands to Docker install quick start (#13032) (ad0147d)
  • docs: broken links in Authorization Endpoint (#12243) (#12745) (42225c6)
  • docs: formatting on the Cedarling docs (#13657) (04f43f0)
  • docs: remove empty line breaking table in setup page (#13295) (a43b36a), closes #13284
  • docs: Set CEDARLING_JWT_SIG_VALIDATION to "disabled" (#12917) (c4665b4)
  • docs: SSA change enabledFeatureFlags to featureFlags (#13659) (58fb042)
  • docs: update contribution guide, jans README, and Docker Compose… (#12990) (4887ac7)
  • EOL documentation (#13830) (961a94e)
  • featureFlags enumerated in uppercase in swagger spec breaking TUI (#13665) (dab4490)
  • fix build error (#13040) (97d5cf0)
  • fix error in signing firefox extension for self distribution (#13053) (22ec96f)
  • fix the tarp build error (#13849) (51e34fb)
  • gama file title (#13777) (a1756bc)
  • jans-auth-server: don't fail with NPE if there is no token exchange custom script or it failed to load (#13116) (417819c)
  • jans-auth-server: don't fail with NPE if there is no token exchange custom script or it failed to load #13113 (417819c)
  • jans-auth-server: fix build after dependencies upgrade (tika) #12971 (#12972) (43acf6a)
  • jans-auth-server: harden jwe nested jwt verification #13437 (#13438) (0cdd214)
  • jans-auth-server: prefix /restv1 is missed in swagger (#13668) (b5bc44f)
  • jans-auth: use default web application servlet for non GRPC (9e16f9b)
  • jans-auth: use default web application servlet for non GRPC requests (#13594) (9e16f9b)
  • jans-aut: replace HttpServletRequestProducer with GrpcBridgeExclusionExtension (#13297) (ba24513)
  • jans-aut: replace HttpServletRequestProducer woth (ba24513)
  • jans-cedarling: add cedarling log to lock log mapping (#13554) (6c26082)
  • jans-cedarling: bump binding version (#13581) (dbfb3b9)
  • jans-cedarling: cedarling adapter should provide API with generic data types (#13629) (018ae62)
  • jans-cedarling: fix benchmarks to actually work (#12923) (4518da7)
  • jans-cedarling: Fix cedarling to handle domains in different cases (upper and lower) (3e61fb1)
  • jans-cedarling: Fix cedarling to handle iss in different cases (#12982) (3e61fb1)
  • jans-cedarling: Fix deprecated method usage (#13286) (8560877)
  • jans-cedarling: fix entities mapping for not required entities (#13024) (f9caf73)
  • jans-cedarling: remove nested field parsing in trusted_issuer parser (#13005) (bedac4d)
  • jans-cedarling: update cedar-policy and cedar-policy-core to latest versions(4.9.0) (#13219) (9f6566a)
  • jans-cli-tui: catch exceptions while getting smtp configuration (#13439) (7409571)
  • jans-cli-tui: check if log exists before iteration (#13003) (293b13e)
  • jans-cli-tui: check if ssa flag is enabled in auth server upon SSA creation (#13661) (dd1faa7)
  • jans-cli-tui: Device Code grant type (#13846) (f0647c2)
  • jans-cli-tui: support only db location for custom scripts (#12987) (6d88aa1)
  • jans-cli-tui: user claim country should be two characters (#13679) (7b51e9a)
  • jans-config-api: move AdminUICookieFilter to Admin UI plugin (#13050) (40f41f5)
  • jans-config-api: shib plugin build issue #13246 (#13247) (54d96ab)
  • jans-config-api: the requests made to Admin UI Licensing components use TLS-1.3 or TLS-1.2 without some not-recommended cipher suites (#13121) (e05de11)
  • jans-config-api: the session check should be excluded for certai… (#13031) (c7f6cda)
  • jans-config-api: usageType field is not saving for /api/v1/attributes (#13579) (934291d)
  • jans-keycloak-integration: bump libraries with cve vulns #12992 (#12993) (4317fdf)
  • jans-link: build fails for jans-link after deprecated methods removal (#13641) (f6474dd)
  • jans-link: build fails for jans-link after deprecated methods removal #13640 (f6474dd)
  • jans-linux-setup: add uma scopes in role-to-scope mapping used i… (#13822) (478714b)
  • jans-linux-setup: add uma scopes in role-to-scope mapping used in admin-ui access control (478714b)
  • jans-linux-setup: install epel relase fro url for rhel9-10 (#13747) (67a478f)
  • jans-linux-setup: set lock protection mode to oauth (#13111) (69e5364)
  • jans-linux-setup: typo (#13047) (03d4655)
  • jans-lock: temporary disable cedarling due to API changes (#13596) (89b13ff)
  • jans-lock: temporary disable cedarling due to API changes#13596 (#13607) (fc0d959)
  • jans-tarp: a new cedarling config is created on editing the existing config… (#13741) (43d2f07)
  • packaging failure due to different name of generated package (#13067) (ba792ba)
  • refactor DN parsing (#12935) (67adb65)
  • remove extra end in route.yaml (#13628) (56bec0a)
  • reported vulns (#13079) (4a25ee4)
  • shib docker build (#13602) (c1ae772)
  • sync tf provider (#13083) (9339b6f)
  • terraform-jans-provider: missing grant types in terraform oidc client resource (#12999) (610ab26)
  • the DELETE /session API should not throw error if session entry … (#13063) (051440c)
  • the DELETE /session API should not throw error if session entry is not found (Admin UI) (051440c)
  • vulns and docs bullet points (#12940) (c807bdb)
Assets 61
Loading