Skip to content

Releases: boylesoftware/tomcat-oidcauth

v2.5.0

Choose a tag to compare

@levahim levahim released this 01 Dec 22:47
41fbaa9

Support for optional OPs. Granular HTTP timeouts configurations per-OP. Renamed configurationDocumentUrl option to shorter configUrl.

v2.4.0

Choose a tag to compare

@levahim levahim released this 13 Oct 21:44

Introduced "validateIssPattern" config attribute.
Reduced cached documents expiration gap to 5 seconds (was 60).

v2.3.2

Choose a tag to compare

@levahim levahim released this 11 Sep 16:55

Inner classes used in overridable methods made public.

v2.3.1

Choose a tag to compare

@levahim levahim released this 01 Aug 13:54

This release includes the following changes:

  • The authentication object stored in the HTTP session under org.bsworks.oidc.authorization is now serializable.
  • RSA keys in JWK sets without "use" attribute can now be used for JWT signature verifications (just as if the "use" attribute is "sig").
  • RSA keys in JWK sets without "kid" attribute can now be used as default keys when the JWT header does not include the "kid".

v2.3.0: Merge pull request #26 from boylesoftware/issue-25

Choose a tag to compare

@levahim levahim released this 02 Feb 20:09
8091a0c

This release includes support for newer generate of Tomcat versions 9.0 and 8.5 and addresses internal tomcat API and protocols changes. This version of the authenticator works with Tomcat 9.0 versions 9.0.30 and higher and Tomcat 8.5 versions 8.5.50 and higher. Also, support for Tomcat 8.0 has been removed.

v2.2.4

Choose a tag to compare

@levahim levahim released this 04 Jul 15:29
Added support for application/jwk-set+json when requesting key sets f…