What's new in Gluu Server 3.1.x#
We've made some significant updates to Gluu Sever 3.1 to improve performance and functionality.
OpenID Conect Provider Re-certification#
Gluu Server 3.1.1 is certified for all five OpenID Connect Provider flows (Basic OP, Implicit OP, Hybrid OP, Config OP, Dynamic OP).
Gluu is the first commercially supported IAM server to implement the UMA 2.0 specification. UMA now aligns completely with OAuth 2.0. It also re-defines the claims gathering flow, enabling developers to implement multi-step consent, user-interactions, and stepped-up authentication flows.
Super Gluu out-of-the-box#
The Gluu Server 3.1.x supports push notifications for our free and secure two-factor authentication (2FA) mobile app, Super Gluu, out-of-the-box. Simply follow the docs to enable Super Gluu authentication.
To improve performance, the Gluu Server now caches short-lived objects, like the code in the authorization code flow. This reduces the number of writes to the LDAP database, increasing the performance of your underlying directory services.
From Seam to Weld#
The Jboss Seam J2EE framework was EOL. We updated to the Weld framework, which resulted in some of the URL's changing (now shorter and more clear). Clients that use the discovery endpoint (i.e.
https://<hostname>/.well-known/openid-configuration) should be ok. But watch out for any clients that may have hard coded endpoints.
The Gluu Server 3.1.x includes language packs. To learn more, or to contribute translations back to the project, check the localization docs.