Releases
v3.5.2
Bug
[CAS-1199 ] - log4j-over-slf4j.jar AND slf4j-log4j12.jar in CAS server webapp
[CAS-1231 ] - Set content type to plain text for /accessToken in OAuth server mode
[CAS-1244 ] - AuthenticationManagerImpl continues to try auth handlers after exception
[CAS-1253 ] - multiple versions of joda-time when including ldap support
[CAS-1259 ] - HealthCheckMonitor Needs Additional Error Checking
Improvement
[CAS-1169 ] - excessive logging when tickets expire
[CAS-1181 ] - LDAP Authentication Failures Produce Excessively Verbose Log Output
[CAS-1201 ] - Ehcache-core dependency is missing from the pom
[CAS-1202 ] - Allow the maven build to report back missing language keys from other bundles
[CAS-1207 ] - Reslet Integration and cglib-all
[CAS-1208 ] - Support state parameter in OAuth server
[CAS-1220 ] - Set content type to JSON for profile in OAuth server mode
[CAS-1222 ] - Upgrade scribe-up to 1.2.0
[CAS-1248 ] - CentralAuthenticationServiceImpl ignore metadata attributes on registered service that ignore attributes
New Feature
[CAS-598 ] - Account Management System
Security Bug
[CAS-1209 ] - Default ClearPass Configuration Allows Circumventing Allowed Proxy Chains
[CAS-1251 ] - Possible Cross-Site Scripting on /login using execution parameter
You can’t perform that action at this time.