Changes in Release 2.1.0
=============================================
-
[SIDP-20] - Cannot deploy on Windows. Spring and DOS device names?
[SIDP-164] - Option to make session cookie secure
[SIDP-165] - Support for SessionNotOnOrAfter
[SIDP-197] - Misleading error message for ValidationInfo element in relying-party.xml
[SIDP-199] - loss of login context when deploying the IdP to tomcat's ROOT context
[SIDP-201] - IdP sends SAML 1 authentication responses without audience conditions
+[SIDP-202] - Saml2LoginContext unable to deserialize serialized AuthnRequest
[SIDP-203] - Insufficient information logged to track down errant users
[SIDP-206] - SessionManagerEntry's back reference to the SessionManager object interferes with clustering
[SIDP-209] - Enforce SAML 2 metadata SPSSODescriptor/@AuthnRequestsSigned
[SIDP-225] - Credential theft vulnerability in login.jsp
[SIDP-226] - Cross site scripting vulnerability
[SIDP-227] - Default relying-party.xml has SAML2-specific security policy rules included in SAML 1 security policies
-[SIDP-228] - Improve error reporting in SAML 2 profile handlers when no encryption key is resolveable for the peer entity ID
\ No newline at end of file
+[SIDP-228] - Improve error reporting in SAML 2 profile handlers when no encryption key is resolveable for the peer entity ID
+[SIDP-229] - IdP Metadata changes to KeyDescriptor not fully flushed from IdP cache
+[SIDP-230] - sanity check provided credentials
+[SIDP-233] - Typo on operation name - public void setAuthenticationDurection(long duration)
+[SIDP-237] - Re-run of install.sh does not create war again
+[SIDP-242] - Cleanup StorageService entry classes
\ No newline at end of file
projects / java-idp.git / blobdiff