2/16/2017 12:32:05 PM
session mappings
|
2/24/2017 8:11:41 AM
logging out via application (via ?GLO=true query parameter),
CatalineSamlSessionStore does not expire session, while it does that
in logging by SAML session index.
This causes distributed sessions being invalidated only on node hanling
the request, but remains active in other nodes of the cluster. Then the
session can be resurrected on next cache replication back even to the
node where the logout was performed. This behaviour is fixed here.
|
3/9/2017 9:09:02 PM
Add OneTimeUse condition to SAMLResponse
|
3/7/2017 12:13:50 PM
OneTimeUse Condition to SAMLResponse when configured in client settings
|
3/9/2017 9:00:13 PM
URL for FreeOTP
|
3/9/2017 12:20:28 PM
https://fedorahosted.org/freeotp/
Now pointing to: https://freeotp.github.io/
|
3/9/2017 11:49:55 AM
remove redundant dependency
|
|
|
3/9/2017 4:47:29 AM
Allow to return json arrays in Client and Realm Role Mappers
|
2/13/2017 4:16:45 PM
Role Mappers
Previously the ClientRoleMapper and RealmRoleMapper returned
roles as a comma delimited String in OIDC tokens which
needed to be parsed by client applications.
We now support to generate the role information as JSON
arrays by setting "multi valued" to "true" in the
client role mapper or realm role mappers respectively
which makes it easier for clients to consume.
The default setting for "multi valued" is "false" to
remain backwards compatible.
An example AccessToken that shows the two modes can be found here:
https://gist.github.com/thomasdarimont/dff0cd691cd6e0b5e33c2eb4c76ae5e8
|
