v4.0.4

• #1037 Upgrade CAS 4.0.x to Pac4j 1.7.x (@leleuj)
• #1081 Exclude Restlet endpoints from Security Filter Mapping (@mmoayyed)
• #1079 SAML attributes should be fetched off of primary authN (@mmoayyed)
• c4f347d Removed extra linebreak to allow openid4java parsing (@mmoayyed)
• #1067 Backported memcached+kryo update (@mmoayyed)
• #1049 Fix serialization bug with EhcacheTicketRegistry (@mmoayyed)
• #1057 Updated Spring to version 3.2.9 due to SPR-11719 (@philippberger)

v4.0.3

• 481a32b Ported over security filter changes v2.0.3 (@mmoayyed)
• dd28134 Moved UTF-8 character encoding filter to top (@mmoayyed)
• 7501389 Fixed LPPE warning flag for warnings (@mmoayyed)
• 6d981b3 Check for gateway mode on invalid TGT (@mmoayyed)
• f537fdc Updated ldaptive to version 1.0.6 (@mmoayyed)
• 4926c28 Updated Polish translations (@mmoayyed)

v4.0.2

• 23cab07 added warnings param to result (@mmoayyed)
• 8e1650c negate the initial svc id (@mmoayyed)
• b0ea279 Properly encode urls & parameters (@leleuj)
• afad3c9 Use full locale name when locating bundle (@mmoayyed)
• 0f2c6f4 marked missing login ticket msg as error (@mmoayyed)
• 7eadf9d cas-882: Update OpenID support (@leleuj)
• 602f5ec Fixed LPPE class name (@mmoayyed)

v3.6.0

• fd75d2a fixed issue with error messages from authn (@mmoayyed)
• #953 Properly encode urls & parameters (@leleuj)
• #933 Fix scope of allowedToProxy flag. (@serac)
• b2b2c02 modified features of sax builder (@mmoayyed)
• #883 CAS-882: Update OpenID support (@leleuj)

v3.5.3

• #411 CAS-1429 Escape inputs into LDAP filter expressions. (@serac)
• #768 Fix for #763: fetch ticket and do proxy check before callback. (@serac)
• #408 CAS-1431: Build is broken because of the last Twitter change to SSL (@leleuj)
• #319 CAS-1355: Set allowedToProxy to false by default (SEC_3) (@leleuj)
• #321 CAS-1166/1168 (3.5.x) login form is not shown on error of Spnego/login form is not shown on error of Spnego (@Unicon)
• #325 CAS-1347: Missing language keys prevents access should not cause a crash (@leleuj)
• 21a0f23 CAS-1352: Usename attribute should not be required in the list of allowed attributes (@mmoayyed)
• d0adc14 Update Ehcache version to 2.7.2. Adjusted gitignore to exlucde bin/ directory. (@mmoayyed)
• #300 CAS-1343 Fix LDAP resource leak in ContextSourceMonitor (@serac)
• #294 Don't hard-code the name of a Logger to be the name of a particular subclass (@laszlovandenhoek)
• #201 CAS-1261 Align HTML views with previously existing views. (@fjollberg)

v4.0.1

• f18dabf update NOTICEs (@leleuj)
• fa9f0f0 Issue-782: Update the security filter to version 2.0.0 (@leleuj)
• 09b3340 Issue #670: Client authentication from pac4j should always return 'typed' identifier (@leleuj)
• d608dd9 updated script to generate docs for 4.0.0 (@mmoayyed)
• 4f26b84 #612 for 4.0.x: Attributes other than String and element iterable in foreach are not supported (@leleuj)

v4.0.0

Release Notes - CAS Server - Version 4.0

Sub-task

• [CAS-1006] - Update CAS theme documentation
• [CAS-1008] - Update Services Management UI
• [CAS-1173] - LPPE: Incorrect handling of "password never expires" active directory flag
• [CAS-1198] - LPPE: pwdReset attribute not preventing login/directing user to change password
• [CAS-1214] - Disallow falling back to system locale when resolving message bundles

Bug

• [CAS-890] - Logon with Invalid TGT and no service= goes to Success page
• [CAS-1096] - NPE in DefaultTicketRegistryCleaner due to Null-Objects in Ticket-Collection
• [CAS-1168] - After fix in CAS-1065, login form is not shown on error of Spnego
• [CAS-1175] - Username field currently has attribute "autocomplete=false"
• [CAS-1192] - Typo in X509CertificateCredentialsToSubjectPrinciplalResolver class name
• [CAS-1195] - LPPE: account expired is very different from password expired
• [CAS-1197] - LPPE breaking on the (ldap) domaint that don't have password policy
• [CAS-1199] - log4j-over-slf4j.jar AND slf4j-log4j12.jar in CAS server webapp
• [CAS-1213] - Disallow falling back to system locale when resolving message bundles
• [CAS-1231] - Set content type to plain text for /accessToken in OAuth server mode
• [CAS-1233] - cas.properties breaks clearpass config
• [CAS-1234] - language resources in messages_fr.properties are invalid in download link but ok in git
• [CAS-1241] - Changing Service URL from Ant-style Pattern to Regular Expression does not update db entry to correct discriminator value
• [CAS-1253] - multiple versions of joda-time when including ldap support
• [CAS-1259] - HealthCheckMonitor Needs Additional Error Checking
• [CAS-1261] - Align HTML views with previously existing views.
• [CAS-1275] - Upgrade to Spring 3.2.2
• [CAS-1277] - Javascript error
• [CAS-1278] - fluid reordering javascript throws js exception on add/edit service page
• [CAS-1279] - 2 copies of jquery are loaded in the services manager
• [CAS-1280] - Services management webapp doesn't work in French
• [CAS-1293] - X509 module Unit Tests try to load SimpleTestUsernamePasswordAuthenticationHandler from main classpath
• [CAS-1303] - Redirection from the password warning page should not consume the service parameter
• [CAS-1310] - Complex attributes are not properly returned by the OAuth /profile url
• [CAS-1311] - Add missing headers in protocol HTML specs
• [CAS-1315] - wrong response content-type for /serviceValidate
• [CAS-1318] - CAS Login Does not Overwrite expired/invalid Ticket Granting Cookie
• [CAS-1320] - CAS server webapp fails to instantiate a EAPTTLSAuthenticator for each authentication request
• [CAS-1333] - always throw FailedLoginException in cas-server-support-ldap
• [CAS-1339] - Cannot build "CAS ClearPass Extension"
• [CAS-1344] - restlet depends on org.springframework:spring-asm:jar:3.0.1.RELEASE
• [CAS-1347] - Missing language keys prevents access; app should not cause a crash
• [CAS-1348] - Proxy chain missing on proxy validate
• [CAS-1352] - Usename attribute should not be required in the list of allowed attributes
• [CAS-1371] - top.jsp session=true
• [CAS-1380] - Module "cas-server-webapp-support" pulls in stale Spring dependencies that crash CAS
• [CAS-1382] - D&D functionality of mgmt app is broken; Javascript version conflicts
• [CAS-1383] - multiple versions of libraries in classpath
• [CAS-1384] - AccountNotFoundException error bubbling up on the login form
• [CAS-1385] - LPPE fails with lppe.dateAttribute = null
• [CAS-1386] - Fix IV handling for ClearPass in clustered environments
• [CAS-1393] - Memcached serialization fails when creating a proxy ticket
• [CAS-1394] - pgtInit returns null pgtIou due to pgtUrl readTimeout (less t...

v4.0.0-RC4

[maven-release-plugin]  copy for tag v4.0.0-RC4

v4.0.0-RC3

[maven-release-plugin]  copy for tag v4.0.0-RC3

v4.0.0-RC2

[maven-release-plugin]  copy for tag v4.0.0-RC2