Skip to content

Releases: TremoloSecurity/OpenUnison

1.0.41-2024081501

15 Aug 20:44
Compare
Choose a tag to compare

bugs:

  • Omitting state parameter causes NullPointerException #900
  • AzureAD Target - Chunk exception if exception occurrs #918
  • AzureAD Target - Issues when there are more then 99 groups #917
  • Kube Token no longer auto retrieving certs for oidc integrated clusters #888
  • javascript task: No exception in logs #909
  • If Kube API doesn't exist, NPE #907
  • Okta groups not loading properly #906
  • Workflows continuing after waitfor, splitting paths #905

Tasks:

  • 1.0.41 build #891
  • Remove all U2F code #904
  • 1.0.40 build #845

enhancements:

  • Move login screens to Material UI #773
  • Enable a local scheduler #913
  • WaitFor - Better logging #914
  • enable HA AMQ #910
  • Add load secret to k8s utils #908
  • oidc auth - store id_token in session along with the access token #893

bugs:

  • Omitting state parameter causes NullPointerException #900
  • AzureAD Target - Chunk exception if exception occurrs #918
  • AzureAD Target - Issues when there are more then 99 groups #917
  • Kube Token no longer auto retrieving certs for oidc integrated clusters #888
  • javascript task: No exception in logs #909
  • If Kube API doesn't exist, NPE #907
  • Okta groups not loading properly #906
  • Workflows continuing after waitfor, splitting paths #905

Tasks:

  • 1.0.41 build #891
  • Remove all U2F code #904

enhancements:

  • Move login screens to Material UI #773
  • Enable a local scheduler #913
  • WaitFor - Better logging #914
  • enable HA AMQ #910
  • Add load secret to k8s utils #908
  • oidc auth - store id_token in session along with the access token #893

1.0.40-2024030801

11 Mar 13:04
Compare
Choose a tag to compare

Tasks:

  • 1.0.40 build #845
  • Bump Okta libraries from 9 --> 15 #850

enhancements:

  • k8s target - remove need for specific URL #794
  • k8s create object - support PUT when an object already exists #865
  • JMS - Manual DLQ logic #852
  • OpenID Connect IdP - Support filters on all URLs, not just completeFed #863
  • oidc auth - integrate login_hint support #855
  • Migrate to Hibernate 6.x #847
  • AzureAD OIDC - Cannot activate orchestra-login-azuread behind corporate proxy #853
  • LoginService - short circuit by session variable #856
  • List clusters - Add method to ignore clusters #851

bugs:

  • XForward filter doesn't work with wss scheme #861
  • old jldap jar imported #862
  • WebAuthn - Pre 1.0.39 fails to authenticate #846

1.0.39-2024010701

08 Jan 15:22
Compare
Choose a tag to compare

1.0.39-2024010701

enhancements:

  • New Kubernetes Project - make check for namespace configurable #839
  • generate log messages when generating new tokens #832
  • support for new scalejs interface #834
  • workflows are too big, causing size issues #836

Tasks:

bugs:

  • AzureAD - lookup user returns error code now #838
  • need better error message when the keystore can't get loaded #835
  • saml2 metadata - can't load from azuread in azure #833

1.0.38-2023113001

30 Nov 14:39
Compare
Choose a tag to compare

1.0.38-2023113001

Tasks:

bugs:

  • Approval.getLabel getting picked up by hibernate #826
  • SAML2 Auth - Metadata parser not working with base64 encoded certs that are broken by line #792
  • ScaleMain - If reason isn't required it's failing validation #822
  • ScaleJS Register - Load From LDAP doesn't load operational attributes #810
  • K8s Dynamic Config Load - issues with synchronization #808
  • pre-push cookies and headers for web services #795
  • ArgoCD Target - add support for parameters #804

enhancements:

  • OpenUnision integration with GitHub enterprise #779
  • OpenShift Target - load vcluster private key #807
  • Support better customization in ScaleJS #821
  • OpenShift/K8s Target - provision directly to RoleBindings and ClusterRoleBindings #815
  • Support Kubernetes RBAC for provisioning and authorization #820
  • Create JavaScript listener #811
  • Add Azure MyVD Insert #801
  • ScaleJS Register - Make js URLs configurable #809
  • Provisioning - Add NoOp Target #806
  • MyVD - Add DN Attribute #805
  • GitHub - task to delete deployment key #803
  • Create mechanism to disable healthchecks #789
  • K8s target - Disaster Recovery updates #793
  • Better IBM MQ support #790

1.0.31-2022070901

11 Jul 13:58
Compare
Choose a tag to compare

Tasks:

enhancements:

  • k8s watchers - make version aware #642
  • ScaleJS Register - make dynamic lists configurable between type list and pick list #646
  • ScaleJS register - make third column configurable #647
  • ScaleJS - Support submitting workflows for users that don't already exist #645
  • make db target "read only" flag #643

1.0.30-2022042801

02 May 14:17
Compare
Choose a tag to compare

1.0.30-2022042801

Tasks:

invalids:

  • k8s login - non alpha characters in username causes login failure #365

bugs:

  • Saml2 Metadata import - metadata from AzureAD failing to import #634
  • UTF-8 Characters being mangled in groups in the k8s portal #633

enhancements:

  • Message Bus - Make acknowledgement mode configurable #569
  • Saml2 util - gen idp metadata xml #632
  • Saml2 Metadata, load from disk #631

1.0.26-20220209

10 Feb 10:35
Compare
Choose a tag to compare

1.0.26-20220209

Tasks:

bugs:

  • Empty auth chain parameters treated as null #614

1.0.25-2022012901

07 Feb 15:41
Compare
Choose a tag to compare

Tasks:

enhancements:

  • scalejs register - add customization for parameters #613
  • update apacheds listeners #610
  • Create "include chain" auth chain #606
  • add k8s utility classes #611
  • oidc auth - make force-auth configurable #609
  • Support custom auth with js #607
  • one time password over email #608
  • remove facebook #601
  • Add webauthn, retire u2f #602
  • remove sharepoint 2017 support #603
  • ScaleJS Register - make easier to customize the ui #596

bugs:

  • scalejs main - startup exception #612
  • mattermost update user failing #605

1.0.24-2021110502

06 Nov 13:23
Compare
Choose a tag to compare

Tasks:

enhancements:

  • HttpFilter - JavaScript #590
  • ScaleJS Register - JavaScript custom validator #592
  • ScaleJS Register - JavaScript dynamic list #591
  • JavaScript Scheduled Tasks #589
  • ScaleJS Register - Okta groups dynamic lookup #588
  • Move custom tasks from k8s repo into main repo #587
  • Support single logout for kubectl oulogin plugin #584
  • scalejs register - make work better with mix between name and label #579
  • Support group mapping mechanism in k8s #577
  • Add javascript custom tasks for provisioning #77
  • Better GitOps support for secrets #582
  • Kubernetes patch - support json patch #581
  • make myvd cert loading easier #578
  • make changing logos easier #576
  • Add oauth2 token exchange #570
  • Create AMQ connection factory #568
  • Oidc auth - support config by issuer #565
  • Oidc Idp - Support URI different then name #564
  • Rewrite Location response header regardless of case #560
  • Pull github groups into groups attribute #559
  • Create insert to map URI roots #557
  • scalejs main - flag to detect if approvals and reports are enabled #555

bugs:

  • Exception when database group has no members #586
  • dynamic jobs not loading on startup #585
  • Java module overlap causing build issuers #567
  • k8s dashboard not generating correct issuer #563
  • GitLab provider - checking wrong attribute for user name #562
  • Unicode characters in request reason causing workflow to fail to write #561
  • Loading AuthMechs and Chains from K8s not updating configuration #558

1.0.23

01 Jun 13:15
Compare
Choose a tag to compare

bugs:

  • k8s watches - broken connections to the API server fails to recover #553
  • post auth redirects - X-FORWARDED-PROTO not honored #548
  • query parameters with no value crashes request #551
  • oidc idp - not honoring X-Forwarded-Proto in issuer #549
  • Saml2 AuthnRequest POST signature verification fails #547
  • CheckK8sProject - not backwards compatible #546
  • BasicDB - ManyToMany groups fails with MySQL 8 if groups table is named "groups" #529
  • OIDC IDP: make scopes configurable #543
  • Remove debug code from the github auth mech #533

enhancements:

  • k8s watchers - include params in all read objects #552
  • k8s/openshift target - support expiring "legacy" tokens #550
  • AzureAD invited users slower to provision #545
  • Dynamically load Authentication Mechanisms #539
  • Load queue configuration from CRD #544
  • Dynamically load Applications #541
  • Dynamically load Authentication Chains #540
  • Dynamically Load Custom Authorizations #538
  • Better support for Azure Service Bus #536
  • Load ResultGroups dynamically #535

Tasks: