Skip to content

1.11.0 Release Notes

Charles Hasegawa edited this page Aug 1, 2022 · 4 revisions

WARNING when upgrading to v1.11.x

Due to Open SAML library changes, min and max refresh values can no longer be "empty"/null by default in the database and must also be legal in conjunction with each other (ie min < max). The simplest upgrade path was therefore determined to be to reset these values for all entries in the database to match the default values the OpenSAML library uses of MIN = 1 minute, MAX = 4 hours.

BEFORE upgrading, please be sure to revisit your saved values and then reset as needed after your upgrade. The Shib IDP UI now requires that both fields have a valid, non-zero value.

SHIBUI-2257

Adding/Correcting display names to the enumNames Fixed attribute release display name

SHIBUI-2262

Adding addition support for SQL Server Updated database driver libraries, and backend database libraries Updated the security settings to work with the newer version of springboot which uses a different library for path pattern matching. Setup of liquidbase to run database updates for the various database types Fixed css issues Fixed styles in config heading Fixed styles in forms Fixed routes

SHIBUI-2274

Updated SWAGGER documentation to using springdoc-openapi-ui (v3). When ShibUI is running, swagger api documentation is now generated for all(most) of the public apis of the controllers. This documentation is available from the actuator url on port 9090 (default set in the properties file). By default: http://localhost:9090/actuator/swagger-ui Fixed upload page Unit test updates Fixed radio button on attribute creation form Fixed validation message

SHIBUI-2264

Updating the database code to not fail under Postgres Update backend to match Shib 4.x current libraries Updating the libraries used in the project. Major updates:

  • pac4j security: 7.0.3
  • pac4J: 5.4.3
  • spring 5.3.18 and (5.5.5) [mostly as a related to updating spring boot]
  • boot: 2.5.12
  • shib: 4.2.1
  • opensaml 4.2.0

Additional library updates to current releases to reduce security issues and compatibility issues Closed vulnerability from common-collections v3.x by upgrading to v4.3

Fixed issue with typing multiple characters for Selenium testing Using deprecated class - updated to allow for proper future updates Update to gradle builds to centralize the versions into the properties file so that the various builds are using the same versions and to ease future updates Removing bootwar task from sub project parts Correcting settings for selenium tests Fixed issue with inconsistent boolean representation

SHIBUI-2289

Various fixes to support ui updates Previously commented-out tests fixed so that they can be run properly. Removed now-unnecessary comments.

SHIBUI-2273

Corrections for MySQL Updated min/max refresh for providers Database "Resetting" the min and max refresh values to match the open saml code Overriding calls that were getting made by OpenSAML that broke things after upgrades. Those methods don't need to be used by the shibui functionality Updated driver types and database dialects that should be used with current libraries

SHIBUI-2269

Added ExternalMetadataResolver to resolver types to allow creation of external filter Added properties to configure export of external filter Created validation for unique source names Unit test to check that the service builds the proper XML for the "external provider" Fixed issue with List type CEA Added external schema