This document, also known as the Gluu Release Note, relates to the Gluu Server Release versioned 3.1.7. The work is licensed under “The MIT License” allowing the use, copy, modify, merge, publish, distribute, sub-license and sale without limitation and liability. This document extends only to the aforementioned release version in the heading.
UNLESS IT HAS BEEN EXPRESSLY AGREED UPON BY ANY WRITTEN AGREEMENT BEFOREHAND, THE WORK/RELEASE IS PROVIDED “AS IS”, WITHOUT ANY WARRANTY OR GUARANTEE OF ANY KIND EXPRESS OR IMPLIED. UNDER NO CIRCUMSTANCE, THE AUTHOR, OR GLUU SHALL BE LIABLE FOR ANY CLAIMS OR DAMAGES CAUSED DIRECTLY OR INDIRECTLY TO ANY PROPERTY OR LIFE WHILE INSTALLING OR USING THE RELEASE.
Status: Active Release
|Released||Community EOL||Enterprise EOL|
|November 2019||October 2020||April 2021|
The document is released with the Version 3.1.7 of the Gluu Software. The purpose of this document is to provide the changes made/new features included in this release of the Gluu Software. The list is not exhaustive and there might be some omission of negligible issues, but the noteworthy features, enhancements and fixes are covered.
The Gluu Server is a free open source identity and access management (IAM) platform. The Gluu Server is a container distribution composed of software written by Gluu and incorporated from other open source projects.
The most common use cases for the Gluu Server include single sign-on (SSO), mobile authentication, API access management, two-factor authentication, customer identity and access management (CIAM) and identity federation.
Please visit the Gluu Documentation Page for the complete documentation and administrative guide.
Available components in Gluu Server 3.1.7#
- oxAuth, oxTrust, oxCore v3.1.7
- Gluu OpenLDAP v2.4.44-5
- Gluu OpenDJ v3.0
- Shibboleth v3.2.1
- Asimba forked from v1.3.0 + v1.3.1 snapshot changes (v1.3.1 was never released)
- Passport v0.3.2
- Java v1.8.0_112
- Node.js v6.9.1
- Jython v2.7.0
- Weld 3.0.0
- FluentD 3.5
#1184 Added proper validation of access token on /clientinfo endpoint
#1177 Backport session script changes
#1153 allowPostLogoutRedirectWithoutValidation oxAuth feature doesn't work
#1109 oxauth does not take care requested scopes while creating client dynamically
#1088 id_token contains wrong hash of access_token for RS512 (and possibly other algorithms)
invalidateSessionCookiesAfterAuthorizationFlow=trueleads to authorization failure
#1063 Add a config value to allow to share the same subject identifier between two Clients with the same sector identifier
#1078 Check expiration of JWT encoded profile used in passport flows
#1052 Resource Owner Password Credential Grant Interception Script Buggy Logic
#1003 Allow to refresh 'ID Token' with grant_type refresh_token
Update jackson-databind library
Backported ROPC flow update from CE 4.0
Added secure flag to
Disabled request host redirect to authorization page
Set unauthenticated session state when applicaiton session script returns false
#1646 Add a config value to allow to share the same subject identifier between two Clients with the same sector identifier
#1061 Add search box to attribute inventory
Update jackson-databind library
Fixed metadata validation
- Update Shibboleth from 3.3.3 to 3.4.4
#534 Add a config value to allow to share the same subject identifier between two Clients with the same sector identifier
Migrate to amazon-corretto
Update keystore creation for latest Shibboleth