Releases: apereo/cas
Releases · apereo/cas
v4.0.0-RC1
[maven-release-plugin] copy for tag v4.0.0-RC1
v3.5.2
Bug
- [CAS-1199] - log4j-over-slf4j.jar AND slf4j-log4j12.jar in CAS server webapp
- [CAS-1231] - Set content type to plain text for /accessToken in OAuth server mode
- [CAS-1244] - AuthenticationManagerImpl continues to try auth handlers after exception
- [CAS-1253] - multiple versions of joda-time when including ldap support
- [CAS-1259] - HealthCheckMonitor Needs Additional Error Checking
Improvement
- [CAS-1169] - excessive logging when tickets expire
- [CAS-1181] - LDAP Authentication Failures Produce Excessively Verbose Log Output
- [CAS-1201] - Ehcache-core dependency is missing from the pom
- [CAS-1202] - Allow the maven build to report back missing language keys from other bundles
- [CAS-1207] - Reslet Integration and cglib-all
- [CAS-1208] - Support state parameter in OAuth server
- [CAS-1220] - Set content type to JSON for profile in OAuth server mode
- [CAS-1222] - Upgrade scribe-up to 1.2.0
- [CAS-1248] - CentralAuthenticationServiceImpl ignore metadata attributes on registered service that ignore attributes
New Feature
- [CAS-598] - Account Management System
Security Bug
v3.5.2-CAS-1181
Update version number in cas-server-documentation module.
v3.5.1
Bug
- [CAS-1059] - Svenskt should be Svenska on casLoginView.jsp
- [CAS-1060] - Portuguese not is the list of languages in casLoginView.jsp
- [CAS-1087] - requesting a proxy ticket for an unauthorized service generates an uncaught exception
- [CAS-1126] - LPPE: missing password policy messages from messages_en.properties (and other languages)
- [CAS-1142] - Submitting blank login form results in 'CAS is unavailable'
- [CAS-1144] - Multiple AuditResourceResolvers share the same key
- [CAS-1151] - ibernate cannot serialize org.scribe.up.profile.facebook.FacebookObject, ticket persistence on database fails
- [CAS-1156] - Clearpass is incompatiable with EhCache Ticket Registry
- [CAS-1160] - Providers' authorization urls are lost during login webflow
- [CAS-1162] - Service Registry UI: Add DnD support allowing automatic updates to the service evaluation order
- [CAS-1163] - Classcast error in OAuth20AccessTokenController
- [CAS-1174] - The cache manager of ClearPass conflicts with EhCache Ticket Registry
- [CAS-1177] - SPNEGO 401 Header Status sent along with CAS Login Page
- [CAS-1191] - Minor Typo in SamlMetaDataPopulator
Improvement
- [CAS-951] - Upgrade to OpenSAML 2.x for SAML Support
- [CAS-989] - Include tx namespace / schema by default in deployerConfigContext.xml
- [CAS-1061] - Improve CAS skinning
- [CAS-1138] - There are some dependencies on slf4j 1.5.8 API which is incompatible with newer versions
- [CAS-1140] - Develop Monitors for Vital System Components
- [CAS-1141] - Improve OAuth module
- [CAS-1143] - Externalize the followServiceRedirects property, default to false
- [CAS-1147] - Refactor service authorization check to the beginning of the login flow
- [CAS-1150] - Update to the latest jasig-parent pom (34)
- [CAS-1153] - Optimization : delete web sessions on redirect
- [CAS-1155] - Update the build to require JDK 1.6
- [CAS-1157] - Polish (Poland) translation
- [CAS-1159] - Service Registry UI: sort services by evaluation order, instead of name
- [CAS-1161] - OAuth : Request attributes lost going through oauth authentication
- [CAS-1172] - Expose Option on HttpClient to Ignore Redirects
- [CAS-1176] - Externalize the configuration of quartz scheduler that reloads services.
- [CAS-1180] - Add support for logging when CAS tries to determine the principal Id for a given service.
- [CAS-1184] - Generate source / javadoc for snapshot artefacts
- [CAS-1185] - Add Support for Moving Service Manager to Alternate URI Base
New Feature
- [CAS-999] - per-service selection of user attribute as username
Security Bug
- [CAS-1190] - Follow Redirects from LogoutController Should Honor Registered Services
Task
v3.5.1-RC1
[maven-release-plugin] copy for tag v3.5.1-RC1
v3.5.0
Sub-task
- [CAS-948] - Further productize contributed LDAP-backed password policy CAS extension
Bug
- [CAS-1065] - Mark response complete if Negotiate-Header has been sent in SpnegoNegociateCredentialsAction
- [CAS-1068] - QueryDatabaseAuthenticationHandler is final when all other AuthenticationHandlers are not final
- [CAS-1071] - Generic rules for authorized services in applicationContext.xml could be by-passed
- [CAS-1074] - management.services.service.warn message missing for French message bundle
- [CAS-1077] - AbstractThrottledSubmissionHandlerInterceptorAdapter not updating counter on unsuccessful login attempt
- [CAS-1081] - display-name in web.xml has the wrong version number
- [CAS-1085] - BindLdapAuthenticationHandler doesn't use the parent password encoder
- [CAS-1088] - Severe Exception StringIndexOutOfBoundsException on unexpected query parameter to CAS server
- [CAS-1098] - Build of module cas-server-integration-jboss fails due to Access Denied to JBoss Repository
- [CAS-1102] - Add ClearPass to ship in CAS 3.5, turned off by default
- [CAS-1103] - screen.welcome.label.netid.accesskey is 'n', should be 'u'
- [CAS-1107] - In-memory throttle not working
- [CAS-1109] - CAS openid support bugs
- [CAS-1122] - Encoding problems on localized properties files in CAS views
- [CAS-1123] - Allow Configuration of Perf4j Authentication Statistics
- [CAS-1135] - ClassCastException with JpaTicketRegistry and ServiceMonitor
- [CAS-1139] - New Monitor framework does not play nice with EhCacheTicketRegistry
Improvement
- [CAS-1019] - Proxy Tickets still vended after Service Management config to disallow (add unit test)
- [CAS-1023] - Unchecking "Participate in SSO" checkbox in service registration causes service to not participate in SSO, effectively setting renew=true for it
- [CAS-1032] - Make TicketGrantingTicketExpirationPolicy the default configuration in ticketExpirationPolicy.xml
- [CAS-1054] - Upgrade OpenSAML dependency from 1.1 to 2.x
- [CAS-1056] - Make it easier to create new RegisteredService implementations
- [CAS-1066] - Add traditional chinese for Internationalization support
- [CAS-1072] - Improve ServicesManager.save() API to return the merged RegisteredService rather than returning void
- [CAS-1079] - Simplify TicketGrantingTicketExpirationPolicy configuration
- [CAS-1082] - Move Log4J initialization into Spring bean config so that cas.properties can be applied
- [CAS-1086] - Add support for Farsi & Arabic languages
- [CAS-1091] - Upgrade to Spring 3.1 and check all dependent libraries for current versions
- [CAS-1104] - Update Service Ticket expiration config options to be consistent with new TGT Policy config
- [CAS-1115] - OpenId : fix/refactor dumb mode - implement smart mode
- [CAS-1116] - Improve MemCacheTicketRegistry for Configurability and Performance
New Feature
- [CAS-1041] - Add support for OAuth protocol
- [CAS-1076] - ehcache based TicketRegistry for CAS3.x
- [CAS-1099] - Monitoring and Management Framework
- [CAS-1101] - Address Licensing Issues
Task
v3.5.0-RC2
[maven-release-plugin] copy for tag v3.5.0-RC2
v3.5.0-RC1
[maven-release-plugin] copy for tag v3.5.0-RC1
v3.4.12
Bug
- [CAS-1065] - Mark response complete if Negotiate-Header has been sent in SpnegoNegociateCredentialsAction
- [CAS-1068] - QueryDatabaseAuthenticationHandler is final when all other AuthenticationHandlers are not final
- [CAS-1071] - Generic rules for authorized services in applicationContext.xml could be by-passed
- [CAS-1074] - management.services.service.warn message missing for French message bundle
- [CAS-1077] - AbstractThrottledSubmissionHandlerInterceptorAdapter not updating counter on unsuccessful login attempt
- [CAS-1081] - display-name in web.xml has the wrong version number
- [CAS-1085] - BindLdapAuthenticationHandler doesn't use the parent password encoder
- [CAS-1098] - Build of module cas-server-integration-jboss fails due to Access Denied to JBoss Repository
- [CAS-1103] - screen.welcome.label.netid.accesskey is 'n', should be 'u'
Improvement
v3.4.12-RC1
[maven-release-plugin] copy for tag v3.4.12-RC1