Skip to content

Release Notes#

Notice#

This document, also known as the Gluu Release Note, relates to the Gluu Release versioned 3.0.1. The work is licensed under “The MIT License” allowing the use, copy, modify, merge, publish, distribute, sub-license and sale without limitation and liability. This document extends only to the aforementioned release version in the heading.

UNLESS IT HAS BEEN EXPRESSLY AGREED UPON BY ANY WRITTEN AGREEMENT BEFOREHAND, THE WORK/RELEASE IS PROVIDED “AS IS”, WITHOUT ANY WARRANTY OR GUARANTEE OF ANY KIND EXPRESS OR IMPLIED. UNDER NO CIRCUMSTANCE, THE AUTHOR, OR GLUU SHALL BE LIABLE FOR ANY CLAIMS OR DAMAGES CAUSED DIRECTLY OR INDIRECTLY TO ANY PROPERTY OR LIFE WHILE INSTALLING OR USING THE RELEASE.

Overview#

Lifecycle#

Status: EOL

Released Community EOL Enterprise EOL
July 2016 December 2018 December 2019

Purpose#

The document is released with the Version 3.0.1 of the Gluu Software. The purpose of this document is to provide the changes made/new features included in this release of the Gluu Software. The list is not exhaustive and there might be some omission of negligible issues, but the noteworthy features, enhancements and fixes are covered.

Background#

The Gluu Server is a free open source identity and access management (IAM) platform. The Gluu Server is a container distribution composed of software written by Gluu and incorporated from other open source projects.

The most common use cases for the Gluu Server include single sign-on (SSO), mobile authentication, API access management, two-factor authentication, customer identity and access management (CIAM) and identity federation.

Documentation#

Please visit Gluu Documentation Page for the complete documentation and administrative guide.

Components included in Gluu Server CE 3.0.1#

  • oxAuth, oxTrust,oxCore v3.0.1
  • OpenLDAP v2.4.44-5
  • Shibboleth v3.2.1
  • Asimba forked from v1.3.0 + v1.3.1 snapshot changes (v1.3.1 was never released)
  • Passport v0.3.2
  • Java v1.8.0_112
  • Node.js v6.9.1
  • Jetty-distribution-9.3.15.v20161220
  • Jython v2.7.0

What's new in version 3.0.1#

There are some major changes in Gluu Server Community Edition 3.0.1 from replacing tomcat with jetty to dropping opendj for openldap. The changes are available in the documentation hosted at https://gluu.org/docs/operation/intro. Please see the specific component release pages for details.

New Features#

oxAuth#
  • Escape parameter values to prevent XSS attack #459
  • EndSession endpoint accepts id_token or session_state to end session #439
  • Support JSON Property for HTTPOnly #412
  • JSON property to control writing last update time to LDAP #410
  • log4j: 2.x from log4j 1.x $416
  • Login page #414
  • Jquery library updated to 1.12.4 #411
oxTrust#
  • Toggle persist authorization to false when pre-authorization = true #444
  • Logging updated to log4j 2.x #434
  • JQuery Library updated to 1.12.4 #421
  • OpenID Scope search uses ldap name for attribute #419
  • oxTrust UMA properties renamed #407
  • Creation and update stamp for users in LDAP #406
  • Display Name used to identify users in oxTrust #398
Community Edition Setup#
  • o=site uses different filesystem folder #261
  • Jetty - Basic Hardening #251
  • oxAuth default configuration #246

Deprecated Features#

oxTrust#
  • White Pages tab and option #423
  • Password from TR attribute list #466
  • SAML 1 and ShibbolethSSO #465

Fixes#

oxAuth#
  • NPE in 3.0.0 #347
  • UMA AM validation for oxauth behind proxy #472
  • oxLastLoginTime fail : print also exception
  • High load performance fixed #461 #463 #438 #408 #400 #399 #384
  • Failed to register client with custom attribute "oxAuthTrustedClient" #476
  • U2F Authentication #455
  • hostname required to match in request to token_endpoint #451
  • Login page footer message #449
  • metricService doesn't persist statistics to LDAP #448
  • DUO script fail #444
  • Persist authorizations throws NPE #442
  • Setting Pre-Auth true should not allow anything writter under ou=clientAuthorizations #441
  • Persist Authorization not functioning #440
  • Any primaryKey except UID does not function #436
  • Token Introspection fixes #433 #432
  • Pairwise identifier shows inum in id_token and Userinfo #430
  • Replaced activemq-all jar with required libraries #425
  • SCIM-Client fails to authenticate with UMA #402
  • Attribute values stored as UTF-8 string #387
  • default_acr_value is not used in authentication process #383
  • Authenticator should not add default message if count of messages >0 #379
  • Show error page with timestamp on oxauth error #377
  • SCIM with certain values causes Server Error 500 #372
  • auth_level_mapping discovery has double array #366

oxTrust#

  • Duplicate message for menu update #375
  • SAML submenu not appearing #391
  • Cache Refresh not functioning #396
  • OpenID Manual Client Registration validation update #410
  • Unable to delete Trust Relationship #418 #416
  • Login redirect URI broken #422
  • Aesthetic updates in oxTrust UI #425 #417
  • Unable to add users via oxTrust UI #427
  • Unable to create Trust Relationship with metadata file #428 #416 #19
  • Long value of Username causes interface to break #430
  • Email format validation in user update tab #432
  • Passport from strategy not mandatory #433
  • Configure Relying Party not functioning #436 #405
  • Failed to update default authentication mechanism #437
  • Passport authentication appearing in default authentication tab #438
  • OpenIDC client removal non-functional #439
  • OpenIDC client secret disappears when response_type is added #440
  • Passport from broken #441
  • Changes in Configure Relying Party not saved #446
  • Error adding group in oxTurst #448
  • Attribute from missing from SAML URI values #452
  • Cache Refresh page errors #453 #413
  • applianceStatus Page throws error #454
  • SP Metadata File link non-functional #455 #429
  • Certificate mis-named #456
  • Trust Relationship search in oxTrust UI non-functional #457
  • Failed to update user via oxTrust UI #459
  • Cache Refresh link not functional #460
  • Exception handling on passport authentication field #462
  • Created User password does not work #468
  • User Registration page redirects to home #471
  • Don't display list of claims in OpenID dynamic scope creation #472
  • User Registration throws error #478
  • Removed Add Resource button from UMA #480
  • Federation SP list not loading #488
Community Edition Setup#
  • LDAP running as root #262
  • Setup script in CentOS 6.x #260
  • OpenDJ schema #259
  • Incorrect syntax of DN attributes #258
  • Update dynamic scope scripts to conform new references to script #257
  • Restart command not working in Ubuntu 14.04 #256
  • CAS service fails to start in Ubuntu 14.04 #253
  • Hide CAS installation by default #252
  • baseDN o=gluu not readable #243
  • Uninstall in Ubuntu 14.04 #237
  • Gluu OpenLDAP schema #234
  • OpenLDAP should listen on localhost only #236
  • Remove unnecessary dependency of /etc/hostname from setup.py #281
  • Rendering idp3 templates under some python builds #269
  • Warning at lastest CE install #235
  • Include Twilio SMS script into CE #223