Release Notes

Release Notes

1.17.3

Release date: 2023-04-12

SHIBUI-2550: Encryption of the SAML Assertion is Not Working

A bug was fixed where assertion unmarshalling used the KeyInfo methods from the ShibUI class instead of the OpenSAML class, and the ShibUI class was returning an empty list instead of EncryptedKey entries.

In Pac4j configuration for SSO, the SP credentials can be read from either a JKS or a PKCS12 keystore. The SP metadata consumed by the IDP needs to include the public key from this certificate.

Note that if the property shibui.pac4j.keystorePath references a file that doesn't exist, it will create it and store it in the Java JKS keystore, along with associated *.crt, *.key, and *.pem files. This public key in the PEM file can be added to the encryption key in the SP metadata. For reference, see the docker-compose setup in the project's testbed/authentication directory.

1.17.2

Release date: 2023-04-01

This release fixes issues that occurred when the app was running under a non-root servlet context (such as when property server.servlet.context-path was set to a URI path to the application).

SHIBUI-2552: Some api calls not working in non-root context

When setting server.servlet.context-path=/subdir, the application only partially worked, as it was not always constructing the URLs for internal api calls correctly. This has been resolved, so that all api calls should be utilizing the same servlet context for its URLs.

SHIBUI-2527: Metadata sources uploaded via API are not visible in the UI

This was caused by SHIBUI-2552 above. It was not directly related to a second host, and metadata sources and providers created on the same host would also fail to appear.

1.17.1

Release date: 2023-03-15

Released: Mar 15 01:20:53 2023

SHIBUI-2547: SHIBUI won't startup with existing External Metadata Resolver

If there was an ExternalMetadataResolver provider, the UI would not restart. The error message was "java.lang.RuntimeException: Unsupported metadata resolver type!". This version fixes the error, so that the UI can be restarted.

1.17.0

Release date: 2023-03-09

SHIBUI-2334: Scheduler continually tries to overwrite unchanged metadata

Installs with large numbers of metadata files have experienced problems with performance, as all the metadata would get written to the filesystem continuously. Improvements have been made to reduce needless writing:

• Configuration property shibui.entityDescriptor.writeOnStartup (default true) can be set to false, which will avoid writing files on startup if it already exists
• Regardless of the writeOnStartup value, don't write a file that has already been written, unless it is modified and saved.

Files that are missing in the filesystem will always be written on startup, and extraneous files will be deleted.

SHIBUI-2443: Filter sorting doesn't work after deleting a filter

• Fixed issue with sorting filters

1.16.0

Release date: 2022-12-09

WARNING when upgrading to v1.16.x from versions 1.10.x and earlier...

Due to Open SAML library changes, min and max refresh values can no longer be "empty"/null by default in the database and must also be legal in conjunction with each other (ie min < max). The simplest upgrade path was therefore determined to be to reset these values for all entries in the database to match the default values the OpenSAML library uses of MIN = 1 minute, MAX = 4 hours.

BEFORE upgrading, please be sure to revisit your saved values and then reset as needed after your upgrade. The Shib-IDP-UI now requires that both fields have a valid, non-zero value. Please update any:

• Filesystem Metadata Resolver
• File Backed Http Metadata Resolver
• Resource Backed Metadata Resolver

by using the SHIB-IDP-UI tool itself to ensure the settings are accepted and proper.

SHIBUI-2393: Support OIDC Dynamic Registration, add capabilities to interrogate the storage and report on it

New Feature Integrate Dynamic Registration feature for Shibboleth

When Shibboleth has been configured with the OIDC plugin and configured for unverified use, users have the option to define and enable a Dynamic Registration through the SHIBUI.

Dynamic Registrations can be created/edited (and go through the approval process) similarly to Metadata Sources, but when "enabled", the detail is sent to / registered with the OIDC plugin's endpoint in Shibboleth. Further manipulation of the dynamic registration through the SHIBUI is then not allowed.

See - https://shibboleth.atlassian.net/wiki/spaces/IDPPLUGINS/pages/1376879077/OPDynamicClientRegistration for further information.

For fields that can contain multiple values,

To enable the Dynamic Registration feature in SHIBUI, the following property needs to be added correctly:

shibui.shib-idp-server: [[server path to the Shibboleth IDP ala - https://idp.unicon.local/idp]]

Examples:

In application.yml:

shibui:

shib-idp-server: https://idp.unicon.local/idp

As a command line option

--shibui.shib-idp-server=https://idp.unicon.local/idp

1.15.2

Release date: 2022-11-16

WARNING when upgrading to v1.15.x from versions 1.10.x and earlier... Due to Open SAML library changes, min and max refresh values can no longer be "empty"/null by default in the database and must also be legal in conjunction with each other (ie min < max). The simplest upgrade path was therefore determined to be to reset these values for all entries in the database to match the default values the OpenSAML library uses of MIN = 1 minute, MAX = 4 hours.

BEFORE upgrading, please be sure to revisit your saved values and then reset as needed after your upgrade. The Shib-IDP-UI now requires that both fields have a valid, non-zero value. Please update any:

• Filesystem Metadata Resolver
• File Backed Http Metadata Resolver
• Resource Backed Metadata Resolver

By using the SHIB-IDP-UI tool itself to ensure the settings are accepted and proper.

SHIBUI-2394: Allow an additional level of approval for metadata sources

New Feature Allow an additional level of approval for metadata sources

Admin users can now define groups which can approve for other groups. As an admin, enter the Group administration screen and edit a group that will require approvals. Add the groups that can approve for the group being edited and save the changes.

All non-enabled metadata sources belonging to a group that requires approvals will now have to be approved before they can be enabled (with the exception of: ADMIN users can enable a source that has not been approved yet).

Users belonging to a group that approves for other groups with now have "Needs Action" items on their dashboard when a metadata source needs to be approved. Approvers can then view and edit the un-approved metadata source before approving (if needed). Once approved, the existing process for enabling the metadata source would resume.

Bug Fixes

Bug Fix Correctly allows access to the MDQ endpoint (previously the URL was requiring authentication to access the endpoint).

Bug Fix Fixed an issue with the version not properly being displayed in the footer

Bug Fix 1.15.2 Fixed a database issue updating from previous versions

1.15.1 2022-11-15 1.15.0 2022-11-15

1.14.0

Release date: 2022-10-31

WARNING when upgrading to v1.14.x from versions 1.10.x and earlier... Due to Open SAML library changes, min and max refresh values can no longer be "empty"/null by default in the database and must also be legal in conjunction with each other (ie min < max). The simplest upgrade path was therefore determined to be to reset these values for all entries in the database to match the default values the OpenSAML library uses of MIN = 1 minute, MAX = 4 hours.

BEFORE upgrading, please be sure to revisit your saved values and then reset as needed after your upgrade. The Shib-IDP-UI now requires that both fields have a valid, non-zero value. Please update any:

• Filesystem Metadata Resolver
• File Backed Http Metadata Resolver
• Resource Backed Metadata Resolver

By using the SHIB-IDP-UI tool itself to ensure the settings are accepted and proper.

SHIBUI-2380: Add support for creating and maintaining OIDC Metadata

New Feature Add support for creating and maintaining OIDC Metadata (see: https://shibboleth.atlassian.net/wiki/spaces/IDPPLUGINS/pages/1376879133/OPMetadataClientRegistration )

• Manual creation of ODIC type metadata source through new UI screens. Determine source creation type when creating new Metadata Source.
• Import Metadata Source from XML or from URL also support OIDC defined SPs
• OIDC Specific Relying Party Overrides

1.13.3

Release date: 2022-09-27

WARNING when upgrading to v1.13.x from versions 1.10.x and earlier...

Due to Open SAML library changes, min and max refresh values can no longer be "empty"/null by default in the database and must also be legal in conjunction with each other (ie min < max). The simplest upgrade path was therefore determined to be to reset these values for all entries in the database to match the default values the OpenSAML library uses of MIN = 1 minute, MAX = 4 hours.

BEFORE upgrading, please be sure to revisit your saved values and then reset as needed after your upgrade. The Shib-IDP-UI now requires that both fields have a valid, non-zero value. Please update any:

• Filesystem Metadata Resolver
• File Backed Http Metadata Resolver
• Resource Backed Metadata Resolver

By using the SHIB-IDP-UI tool itself to ensure the settings are accepted and proper.

SHIBUI-2404: race condition between changelog and ShibPropertiesBootstrap

Correcting an issue with Description field and Postgres, which set the field type incorrectly

1.13.2

Release date: 2022-09-20

WARNING when upgrading to v1.13.x from versions 1.10.x and earlier...

Due to Open SAML library changes, min and max refresh values can no longer be "empty"/null by default in the database and must also be legal in conjunction with each other (ie min < max). The simplest upgrade path was therefore determined to be to reset these values for all entries in the database to match the default values the OpenSAML library uses of MIN = 1 minute, MAX = 4 hours.

BEFORE upgrading, please be sure to revisit your saved values and then reset as needed after your upgrade. The Shib-IDP-UI now requires that both fields have a valid, non-zero value. Please update any:

• Filesystem Metadata Resolver
• File Backed Http Metadata Resolver
• Resource Backed Metadata Resolver

By using the SHIB-IDP-UI tool itself to ensure the settings are accepted and proper.

SHIBUI-2397: Shib config table description column too small

Increase column size for descriptions of Shib Properties

1.13.1

Release date: 2022-09-19

WARNING when upgrading to v1.13.x from versions 1.10.x and earlier...

Due to Open SAML library changes, min and max refresh values can no longer be "empty"/null by default in the database and must also be legal in conjunction with each other (ie min < max). The simplest upgrade path was therefore determined to be to reset these values for all entries in the database to match the default values the OpenSAML library uses of MIN = 1 minute, MAX = 4 hours.

BEFORE upgrading, please be sure to revisit your saved values and then reset as needed after your upgrade. The Shib-IDP-UI now requires that both fields have a valid, non-zero value. Please update any:

• Filesystem Metadata Resolver
• File Backed Http Metadata Resolver
• Resource Backed Metadata Resolver

By using the SHIB-IDP-UI tool itself to ensure the settings are accepted and proper.

SHIBUI-2395: changelog.sql has incorrect alter table syntax

Correcting Upgrade SQL for MySQL db flavor

1.13.0

Release date: 2022-09-13

WARNING when upgrading to v1.13.x from versions 1.10.x and earlier...

Due to Open SAML library changes, min and max refresh values can no longer be "empty"/null by default in the database and must also be legal in conjunction with each other (ie min < max). The simplest upgrade path was therefore determined to be to reset these values for all entries in the database to match the default values the OpenSAML library uses of MIN = 1 minute, MAX = 4 hours.

BEFORE upgrading, please be sure to revisit your saved values and then reset as needed after your upgrade. The Shib-IDP-UI now requires that both fields have a valid, non-zero value. Please update any:

• Filesystem Metadata Resolver
• File Backed Http Metadata Resolver
• Resource Backed Metadata Resolver

By using the SHIB-IDP-UI tool itself to ensure the settings are accepted and proper.

SHIBUI-2270: Build a Registry of All Properties Supported

New Feature - Shibboleth 4.x properties are now available in the Shib-IDP-UI for configuration and export. Properties may be exported to a single override file, or to the separate files (separate files are the ones the properties originated from). Descriptions and notes included in the UI to help users configure new installations of Shibboleth

SHIBUI-2341: Bulk Upload

• New Feature - Added scripting ability to import large amounts of SP Metadata Descriptors from files.
• Fixed minor issues with importing XML data around minor fields not supported in the UI
• Performance enhancement for the dashboard when a significant number of Metadata Descriptors live in Shib-IDP-UI

SHIBUI-2330: Work on Testbed Environment - Used for Release Testing

Additional configuration setups for testing have been created

SHIBUI-2333: Logout URL setting not honored by PAC4J settings

IDP Logout now correctly supported. shibui.pac4j.postLogoutURL is now the correct property to use when configuring this feature

SHIBUI-1699: Dates from endpoints are formatted inconsistently

Version dates are now consistent in the display

1.12.0

Release date: 2022-08-26

WARNING when upgrading to v1.12.x from versions 1.10.x and earlier...

Due to Open SAML library changes, min and max refresh values can no longer be "empty"/null by default in the database and must also be legal in conjunction with each other (ie min < max). The simplest upgrade path was therefore determined to be to reset these values for all entries in the database to match the default values the OpenSAML library uses of MIN = 1 minute, MAX = 4 hours.

BEFORE upgrading, please be sure to revisit your saved values and then reset as needed after your upgrade. The Shib IDP UI now requires that both fields have a valid, non-zero value. Please update any:

• Filesystem Metadata Resolver
• File Backed Http Metadata Resolver
• Resource Backed Metadata Resolver

By using the SHIB-IDP-UI tool itself to ensure the settings are accepted and proper.

SHIBUI-2268: Add Support for the AlgorithmFilter Metadata Filter

Adding Algorithm filter as a filter option

SHIBUI-2267: Add Support for New Relying Party Override

Added Ignore Request Signatures to Relying Party Overrides

UI-Improvements

• Added spinner to dashboard pages
• Added spinner to history pages
• Updated tooltips for FileBacked Provider
• Updated tooltips for DynamicHttp Provider
• Updated tooltips for Metadata Sources and filters
• Updated tooltips for Groups and Roles
• Updated ignore auth method tooltip
• Fixed issue with scrollbar on dashboard
• Fixing display issue for external metadata filter from the provider display

1.11.1

Release date: 2022-08-01

WARNING when upgrading to v1.11.x

Due to Open SAML library changes, min and max refresh values can no longer be "empty"/null by default in the database and must also be legal in conjunction with each other (ie min < max). The simplest upgrade path was therefore determined to be to reset these values for all entries in the database to match the default values the OpenSAML library uses of MIN = 1 minute, MAX = 4 hours.

BEFORE upgrading, please be sure to revisit your saved values and then reset as needed after your upgrade. The Shib IDP UI now requires that both fields have a valid, non-zero value. Please update any:

• Filesystem Metadata Resolver
• File Backed Http Metadata Resolver
• Resource Backed Metadata Resolver

By using the SHIB-IDP-UI tool itself to ensure the settings are accepted and proper.

SHIBUI-2327: Null Pointer Exception in Pac4j

Added missing libraries and correcting configuration to work properly when using the pac4j setup to authenticate through Shib IDP

SHIBUI-2188: Add a link to scroll down to filters on the provider comparison view (for providers that support filters)

Added filter scroll link to comparison view

1.11.0

Release date: 2022-07-26

WARNING when upgrading to v1.11.x

Due to Open SAML library changes, min and max refresh values can no longer be "empty"/null by default in the database and must also be legal in conjunction with each other (ie min < max). The simplest upgrade path was therefore determined to be to reset these values for all entries in the database to match the default values the OpenSAML library uses of MIN = 1 minute, MAX = 4 hours.

BEFORE upgrading, please be sure to revisit your saved values and then reset as needed after your upgrade. The Shib IDP UI now requires that both fields have a valid, non-zero value. Please update any:

• Filesystem Metadata Resolver
• File Backed Http Metadata Resolver
• Resource Backed Metadata Resolver

By using the SHIB-IDP-UI tool itself to ensure the settings are accepted and proper.

SHIBUI-2257: Attribute release properties customization non-default attributes bug

• Adding/Correcting display names to the enumNames
• Fixed attribute release display name

SHIBUI-2262: Add support (driver) for MS Sql Server

• Adding addition support for SQL Server
• Updated database driver libraries, and backend database libraries
• Updated the security settings to work with the newer version of springboot which uses a different library for path pattern matching.
• Setup of liquidbase to run database updates for the various database types
• Fixed css issues
• Fixed styles in config heading
• Fixed styles in forms
• Fixed routes

SHIBUI-2274: Add MDQ Server Entity to Swagger Document and Notes to Deployment Instructions

• Updated SWAGGER documentation to using springdoc-openapi-ui (v3).
• When ShibUI is running, swagger api documentation is now generated for all(most) of the public apis of the controllers.
• This documentation is available from the actuator url on port 9090 (default set in the properties file). By default: http://localhost:9090/actuator/swagger-ui
• Fixed upload page
• Unit test updates
• Fixed radio button on attribute creation form
• Fixed validation message

SHIBUI-2264: Updated SAML v4 Libraries

• Updating the database code to not fail under Postgres
• Update backend to match Shib 4.x current libraries
• Updating the libraries used in the project. Major updates:
  • pac4j security: 7.0.3
  • pac4J: 5.4.3
  • spring 5.3.18 and (5.5.5) [mostly as a related to updating spring boot]
  • boot: 2.5.12
  • shib: 4.2.1
  • opensaml 4.2.0
• Additional library updates to current releases to reduce security issues and compatibility issues
• Closed vulnerability from common-collections v3.x by upgrading to v4.3
• Fixed issue with typing multiple characters for Selenium testing
• Using deprecated class - updated to allow for proper future updates
• Update to gradle builds to centralize the versions into the properties file so that the various builds are using the same versions and to ease future updates
• Removing bootwar task from sub project parts
• Correcting settings for selenium tests
• Fixed issue with inconsistent boolean representation

SHIBUI-2289: Write out Metadata Filters Into Their Own Separate File

• Various fixes to support ui updates
• Previously commented-out tests fixed so that they can be run properly.
• Removed now-unnecessary comments.

SHIBUI-2273: Integrate Support for SQLServer, including DB updates for All Supported Databases

• Corrections for MySQL
• Updated min/max refresh for providers
• Database "Resetting" the min and max refresh values to match the open saml code
• Overriding calls that were getting made by OpenSAML that broke things after upgrades. Those methods don't need to be used by the shibui functionality
• Updated driver types and database dialects that should be used with current libraries

SHIBUI-2269: Write out Metadata Filters Into Their Own Separate File

• Added ExternalMetadataResolver to resolver types to allow creation of external filter
• Added properties to configure export of external filter
• Created validation for unique source names
• Unit test to check that the service builds the proper XML for the "external provider"
• Fixed issue with List type CEA
• Added external schema

1.10.3

Release date: 2021-12-17

1.10.2

Release date: 2021-12-10

1.10.1

Release date: 2021-11-05

Issues fixed

• SHIBUI-2251: Contention fix introduced a HTTP metadata provider editing & saving issue
• SHIBUI-2250: Custom Entity Attribute List-type produces duplicate select option IDs
• SHIBUI-2249: Datetime precision above 6 is not supported in Mysql 5.6+
• SHIBUI-2217: Disabled Filters appearing in the XML generated
• SHIBUI-2201: Accessibility issues
• SHIBUI-2197: Moving a source to a group with a defined regex fails without a UI error
• SHIBUI-2196: If the user is placed in a group other than one of the default groups populated at startup, the logout/group dropdown shows that group's UUID
• SHIBUI-2193: The contention dialog's "Use Their Changes" option behaves like a cancel button
• SHIBUI-2190: Clicking the Filter List link in the provider edit view can result in a blank page
• SHIBUI-2189: Restoring a DynamicHTTPMetadataResolver doesn't restore the regex match field
• SHIBUI-2185: Text at top of Metadata Source Comparison page states "Compare Metadata Provider Configuration"
• SHIBUI-2184: Enabling / disabling a source or provider causes a new version each time but is not displayed when comparing versions
• SHIBUI-2183: The "Don't Sign Response" warning will not be displayed if there is another problem already with an EntityAttributes filter
• SHIBUI-2182: Regex "Match" field is missing from DynamicHttpMetadataResolver save, summary, and comparison views
• SHIBUI-2181: Filters section is displayed in version comparison for providers that do not allow filters
• SHIBUI-2180: User session timeout = "undefined: undefined" toast
• SHIBUI-2179: Provider Names: On initial creation, no red warning text appears if the name is not unique or empty
• SHIBUI-2178: Various text elements display placeholder values instead of appropriate messaging
• SHIBUI-2177: Copying a metadata source: Supplying an entity id that already exists doesn't show toast error, just quietly 409's
• SHIBUI-2176: Safari: The metadata source creation buttons are hard to read

1.10.0

Release date: 2021-10-21

Issues fixed

• SHIBUI-2173: Ensure default NameIDFormat attribute on Attributes and Attribute release
• SHIBUI-2169: Default empty list for DynamicHttpMetadataResolver#supportedContentTypes
• SHIBUI-2165: Jj! has some local test failures that are probably specific to his environment
• SHIBUI-2164: Incorrect order for MetadataProvider child elements for dhmp
• SHIBUI-2163: Error loading metadata resolver from database
• SHIBUI-2110: DIsplay names not being used for Attribute Release
• SHIBUI-1936: React: Security settings do not consistently persist when editing a saved metadata source

Enhancements

• SHIBUI-2052: Add verbiage: Who is logged in?
• SHIBUI-1751: Metadata providers file (metadata-providers.xml)
• SHIBUI-1747: Support integration with the SSO system
• SHIBUI-1744: Enhance the ability to bundle attributes
• SHIBUI-1743: EntityID or ACS domain validation by user or group

1.9.2

Release date: 2021-09-13

1.9.1

Release date: 2021-09-10

Issues fixed

• SHIBUI-2081: Pac4J Hotfix issue(s)

1.9.0

Release date: 2021-09-03

Issues fixed

• SHIBUI-1601: Editing a File Backed HTTP Metadata Provider and clearing the Max Validity Interval results in a long error

Enhancements

• SHIBUI-2015: Create Groups from PAC4J and CSV
• SHIBUI-1746: Allow the deployer to set the "default username", instead of that automatically being "root"
• SHIBUI-1742: Provide an ability to define multiple types of admins

1.8.1

Release date: 2021-08-13

Issues fixed

• SHIBUI-1754: Investigation: Metadata not recognized in UI
• SHIBUI-1756: Correct Capitalization for Dynamic HTTP Metadata Provider Type
• SHIBUI-1804: Filter subheading on provider detail page displays "FiltersFIlters"
• SHIBUI-1805: DynamicHttpMetadataProvider's Regex "Metadata Request URL Construction Type" "Match" field
• SHIBUI-1807: ACS Indexes are being swallowed
• SHIBUI-1902: Custom Entity Attribute Definition missing type

Enhancements

• SHIBUI-1970: Enhance the Release Process to Include Docker Image Creation
• SHIBUI-1926: React Unit Testing
• SHIBUI-1798: Ensure delete of custom attribute definition removes references
• SHIBUI-1760: Custom Entity Attribute- Attach to Filters
• SHIBUI-1750: ShibUI to become an MDQ Server
• SHIBUI-1748: Use Shib SP for authentication instead of PAC4J
• SHIBUI-1744: Enhance the ability to bundle attributes
• SHIBUI-1740: Expand Delegated Administration Capabilities
• SHIBUI-1734: Create Custom Entity Attributes
• SHIBUI-1724: Upgrade to Java v11, Spring Boot to v2.4 and perform the UI updates
• SHIBUI-1317: Support Java versions newer than 8

1.7.0

Release date: 2020-09-09

Issues fixed

• SHIBUI-1694: Metadata Filter Plugins for Metadata Provider not Displaying in Comparison View
• SHIBUI-1693: Refresh Delay Factor Does Not Allow Valid Entry of Data
• SHIBUI-1665: A11y: min refresh > max error message ignored by screen reader
• SHIBUI-1663: A11y: Screen reader reads dropdown options one behind the one that is selected
• SHIBUI-1662: A11y: Adding a new Metadata Provider causes screen reader to announce new Metadata Source
• SHIBUI-1649: Application fails to start when reloadFilters call fails with invalid persisted script
• SHIBUI-1639: NPE is thrown in MetadataConfiguration during app start up with existing Metadata Resolver in DB
• SHIBUI-1625: Application fails to start when restarting with existing metadata resolver in database
• SHIBUI-1616: Metadata Source Copy Not Working on Edge
• SHIBUI-1594: Protocol Support Enumeration Must Be Selected When NameID Format is Supplied
• SHIBUI-1589: Metadata Provider contention message does not display
• SHIBUI-1582: Metadata Sources: Assertion Consumer Service Endpoints: Location and Location Binding appear to be required but are not
• SHIBUI-1576: Resuming editing a metadata source is not possible; incomplete sources are not displayed
• SHIBUI-1559: Adding a new Metadata Source then clicking the Upload/URL button causes the Save your information? dialog to be displayed
• SHIBUI-1550: UI: Add Provider button displayed for delegated admin
• SHIBUI-1549: Entering really long text values can cause the browser to become unresponsive
• SHIBUI-1522: When generating entity descriptor XML unwanted extra attributes are added
• SHIBUI-1521: Metadata source "Entity ID" validation can be circumvented
• SHIBUI-1501: DEV: Filter attributes not populated in provider version endpoint
• SHIBUI-1500: DEV: When adding a new filter to a provider, the modifiedDate does not update when the new version is created.
• SHIBUI-1499: DEV: Provider version endpoint returns error after adding NameID Filter
• SHIBUI-1498: 'signature validation filter' - add hint to UI to let user know what it's expecting
• SHIBUI-1392: Bug: "Search By: Script" doesn't always trigger form validation when text is entered into the Script text box
• SHIBUI-1387: Bug, display: Two-column summary view has elements that can display outside of the page width
• SHIBUI-1386: Bug: Provider Version API errors after adding a filter
• SHIBUI-1378: UX: Override angular ids
• SHIBUI-1352: UI: Regression - LocalDynamic and FileSystem Providers are unselectable
• SHIBUI-1249: Entity Attributes Filter: Invalid script produces 400, subsequent saves produce original error message
• SHIBUI-1224: Regression Bug: Organization Required Fields Behaving Badly
• SHIBUI-1208: Updating a resolver/provider by first adding then removing an EntityRoleWhitelistFilter retained role appears to only add filters to the filter list
• SHIBUI-772: UI: Add buttons should all contain '+'

Enhancements

• SHIBUI-1716: Unified WAR deployment unit
• SHIBUI-1707: Java Beacon Module
• SHIBUI-1702: Lessen amount of Java heap memory given to ShibUI app in QA server
• SHIBUI-1684: Make sure supported RDBMSes work (H2, MySQL, Postgres, MariaDB)
• SHIBUI-1673: A11y: Add support for notifying screen readers that the contents of the page have changed
• SHIBUI-1672: Allow 'mail:to' Included in Contact Email Addresses
• SHIBUI-1661: Include Pac4j in main distribution
• SHIBUI-1640: Dynamic HTTP Metadata Provider - Dynamic Attributes Returns Values not Entered on Update
• SHIBUI-1604: Add Additional Options to Metadata Sources Single Logout and update assertion consumer bindings
• SHIBUI-1602: Add regex validation to the "Match" field of the Regex type on Dynamic HTTP Metadata Provider's Common Attributes
• SHIBUI-1595: Field Names Need to be Standardized on Metadata Source URL/Upload and Create
• SHIBUI-1543: Options/XML view buttons on source configuration should announce as view option toggle
• SHIBUI-1536: UI: Resolve conflict with ngrx 8.x
• SHIBUI-1528: UI: Update wizard code to utilize functions from configuration/comparison
• SHIBUI-1527: UI: Update Angular and supporting libraries
• SHIBUI-1526: Don't Allow for a Metadata Source to Turn Off All Signing
• SHIBUI-1517: Add a route from filter editing back to the owning provider
• SHIBUI-1503: Updated Delegated Admin to New Layout
• SHIBUI-1497: QA: Add Selenium delays to all attempts to use custom dropdown elements in UI
• SHIBUI-1478: Make sure JSON payload for metadata resolvers and filters is validated against currently defined JSON schema
• SHIBUI-1472: Dashboard: Provider/Source Indicators
• SHIBUI-1471: Application: All Type-ahead/Dropdown Form Fields
• SHIBUI-1470: Application: All form fields with error text
• SHIBUI-1469: QA: Clean up or remove old Selenium scripts
• SHIBUI-1467: Metadata Source Wizard: 6. Security Information (radio buttons)
• SHIBUI-1466: Metadata Source Wizard: 1. Name and Entity ID
• SHIBUI-1461: Update Selenium tests, replacing "verify" with "assert"
• SHIBUI-1458: Edit Metadata Resolver: SP SSO Descriptor Information tab - Autocomplete (all instances)
• SHIBUI-1444: Provider Edit: XML View
• SHIBUI-1443: Dashboard: Admin Tab - Role dropdowns
• SHIBUI-1440: Convert Final Page for the Metadata Provider Adds to Use New Data View
• SHIBUI-1437: Convert Final Page for the Metadata Source Adds to Use New Data View
• SHIBUI-1408: Select to Show Only Rows that have Modified Data in the Comparison View
• SHIBUI-1407: Highlight Modifications in the Comparison View
• SHIBUI-1391: Enhancement: Add JS RegEx validation to the form fields that accept a RegEx
• SHIBUI-1385: Implement Version Restore
• SHIBUI-1382: Implement Restore Selection
• SHIBUI-1365: UX: Define Filter Comparison Options
• SHIBUI-1364: Implement Metadata Providers Comparison
• SHIBUI-1361: Implement Comparison Selection
• SHIBUI-1337: Ensure the updated and created dates for metadata sources and providers match expectations
• SHIBUI-1335: Implement Metadata Providers Configuration
• SHIBUI-1334: Implement Versions Display/Processing
• SHIBUI-1333: Implement Metadata Sources Configuration
• SHIBUI-1332: Implement the Filter Component
• SHIBUI-1311: Integration - Implement Metadata Providers Dashboard Component
• SHIBUI-1281: Integration - Implement Metadata Sources Dashboard
• SHIBUI-1270: Implement the Comparison Component
• SHIBUI-1269: Implement XML Configuration Component
• SHIBUI-1268: Implement Metadata Header Component
• SHIBUI-1267: Implement Metadata Configuration Component
• SHIBUI-1263: Back End - Implement the Metadata Providers Version Web Service
• SHIBUI-1262: Implement the Metadata Sources Version Web Service
• SHIBUI-1058: Implement Delegated Admin Dashboard and Metadata Source Generation
• SHIBUI-950: Support digest method in imported metadata files

1.5.3

Release date: 2019-06-10

Issues fixed

• SHIBUI-999: Cannot Save Metadata Source
• SHIBUI-997: Changing the Metadata URL during edit does not seem to affect back end
• SHIBUI-996: Cannot Save Script Filter with selected Name ID Format/Auth Method selected
• SHIBUI-990: Page 4. SP SSO Descriptor page missing items
• SHIBUI-986: Modal Displays When it should not
• SHIBUI-971: Modal Blocks Creation of Metadata Source
• SHIBUI-970: Client-Side Error Needed: SP SSO Descriptor Information page for duplicate NameID Format
• SHIBUI-960: Conditionally add entity role whitelist filter
• SHIBUI-955: Change Signature Validation Filter - Certificate File to a text line
• SHIBUI-954: UI: Info Icon Fields Shape Causes Cut Off
• SHIBUI-953: UI: Required Fields Indicators Missing
• SHIBUI-947: Error Modal Missing
• SHIBUI-938: Add name format to generated entity attributes in metadata-providers.xml file
• SHIBUI-937: Allow for Refresh Delay Factor without initial 0. in Reloading Attributes
• SHIBUI-935: no placeholder service available on startup
• SHIBUI-932: Retained Roles should include prefix
• SHIBUI-931: Default Use Default Predicat Registry info text incorrect
• SHIBUI-930: Sane values for Max Validity Interval
• SHIBUI-926: Version Conflict When Resaving Metadada Provider with Corrected URL/Backing File
• SHIBUI-925: No Client-Facing Error when Uploading invalid XML
• SHIBUI-921: UI IE-11: Add New menu displays incorrectly
• SHIBUI-918: UI: Safari - Multi-select pre-selection prevents access from page 2
• SHIBUI-908: UI: Check all / Unselect All attributes not working in EntityAttributesFilter
• SHIBUI-907: UI: Required Fields need i18n and correct verbiage
• SHIBUI-888: A11y: Metadata Provider - Form elements must have labels
• SHIBUI-887: Metadata Provider: Info Icon Text Incorrect
• SHIBUI-876: A11y 200% View: Email doesn't wrap
• SHIBUI-874: A11y Screenreader: No Error Given for Invalid Entry: Logo Size Fields
• SHIBUI-838: Need Client Facing Error Message: Min/Max Refresh Delay
• SHIBUI-828: 404 Error when attempting to view Entity ID
• SHIBUI-806: 400 Errors Upon Creating Metadata Providers when space included (or otherwise invalid URL) for Metadata URL
• SHIBUI-794: Jenkins Issue
• SHIBUI-792: User Cannot Select from Minimized Navigation Modal
• SHIBUI-785: UI: Previously Viewed Filter List Displays When It Should Not
• SHIBUI-770: UI: System Allows Selection of Duplicate Enitity ID
• SHIBUI-760: UI: Enable Provider Checkbox Missing in Edit Flow
• SHIBUI-751: UI: Newly Created Filters are Associated with Previously Created Providers
• SHIBUI-742: UI: Change Active Filters Button to say 'Manage Filters'
• SHIBUI-739: UI: Unable to update & save a provider after adding Entity Attributes Filter
• SHIBUI-737: Typographical Error: Satisy vs Satisfy
• SHIBUI-736: Metadata Source Appears to Save but does not Display on Dashboard
• SHIBUI-716: CLONE - ID Field on Common Attributes must be Unique
• SHIBUI-706: Metadata Provider: Metadata Provider Type Dropdown Should Not Be Editable
• SHIBUI-689: Edit Flow: Advanced Settings - Max fields allow negative numbers
• SHIBUI-688: UI Alignment Issues
• SHIBUI-686: Certificate Not Required if Require Signed Root is Unselected
• SHIBUI-685: ID Field on Common Attributes must be Unique
• SHIBUI-684: Provider Edit Flow: Error Misfire - Metadata Filter Plugins & Advanced Settings
• SHIBUI-681: Common Attributes page: Backup File Init Next Refresh Delay field should be required
• SHIBUI-677: UI Items missed for Common Attributes page in Edit Flow
• SHIBUI-668: Summary Page Indicator Inconsistent between Provider and Source
• SHIBUI-655: Reloading Attributes page: Refresh Delay Factor number selector
• SHIBUI-646: Login Should Default to Dashboard Page
• SHIBUI-570: Research Reason Saving Filter takes so long
• SHIBUI-553: Metadata Filter/Source version number changing without changes to entities
• SHIBUI-464: Search Entity ID Field persists after saving Filter
• SHIBUI-458: Accordion should open single item
• SHIBUI-457: Filter Page: Button Resize is off
• SHIBUI-443: Backend Issue: User receives error when refreshing page
• SHIBUI-425: Organization Information page: Pre-Selected Contact Type Prevents Page Save
• SHIBUI-419: Choose File button element is Missing
• SHIBUI-381: Edit Flow - Relying Party Overrides: Functionality Issue
• SHIBUI-379: Accordions need individual collapse
• SHIBUI-378: Cannot Manually Change 'Mark As Default' on Assertion Consumer Service page
• SHIBUI-376: User Unable to View/Download Provider xml file
• SHIBUI-354: A11y: Info buttons are not read
• SHIBUI-1237: Two Checkboxes on Relying Party Overrides Show Dashes Instead of Checks
• SHIBUI-1233: Regression: Saves on Edit Flow for Metadata Source Do Not Persist when Switching Pages
• SHIBUI-1227: Issue when Canceling Edit and trying to add new Metadata Source
• SHIBUI-1220: 404 Error: Metadata Source Not Saving
• SHIBUI-1171: Non-required field acting as if it is required
• SHIBUI-1141: Modal Impairs Creation of Metadata Source
• SHIBUI-1080: Refresh Delay Factor
• SHIBUI-1079: LocalDynamicMetadataProvider - Dynamic Attributes - Time Selection
• SHIBUI-1047: FireFox_Reloading Attributes page: Refresh Delay Factor number selector
• SHIBUI-1015: A11y: Form elements must have labels
• SHIBUI-1014: Save Info Modal Should Not Display
• SHIBUI-1013: Filter Disappears when user makes changes on Metadata Filter Plugins
• SHIBUI-1005: Bugs related to SHIBUI-703: LocalDynamicMetadataProvider - For Reference Only
• SHIBUI-1002: Bugs related to SHIBUI-701: FilesystemMetadataProvider - For Reference Only
• SHIBUI-1001: Metadata Provider for FilesystemMetadataResolver Multiple Edits won't save

Enhancements

• SHIBUI-1265: Implement a Version History Component
• SHIBUI-1261: Define Versions APIs (Metadata Sources, Metadata Providers, Filters)
• SHIBUI-1253: Only write out metadata files and the metadata-providers.xml file if something has changed
• SHIBUI-1063: Implement Action Required - Metadata Sources Review
• SHIBUI-1062: Implement Action Required - User Access Request
• SHIBUI-1059: Narrow target of protected namespace filter
• SHIBUI-1058: Implement Delegated Admin Dashboard and Metadata Source Generation
• SHIBUI-1044: Generate a User's Bootstrap File for Use by SHIBUI
• SHIBUI-1031: Implement Admin Tab for User Maintenance
• SHIBUI-1030: Implement Email Notification to SA for Access Review
• SHIBUI-1029: Implement Initial User Request for Access to SHIBUI
• SHIBUI-985: ?
• SHIBUI-984: Implement Protected Entity Attribute Namespaces
• SHIBUI-975: Initial implementation of Spring Security for Delegated Admin
• SHIBUI-943: BE: Auditing: Implement Spring Data's AuditorAware SPI
• SHIBUI-941: integrate gradle release plugin
• SHIBUI-928: Add Unicon, Internet2 logos to application footer, along with the text "In partnership with"
• SHIBUI-922: Automated Testing
• SHIBUI-920: Write metadata-providers.xml to disk
• SHIBUI-906: Allow Adding More Overrides than the Core Set We Deal With
• SHIBUI-905: Upgrade Metadata Sources to Use JSON Model for UI
• SHIBUI-899: Resolve the "negative refresh delay" unit test issue
• SHIBUI-873: A11y: ARIA Attributes Must Conform to Valid Values - Relying Party Overrides page
• SHIBUI-855: Add Force AuthN to Relying Party Overrides
• SHIBUI-839: Strip Superfluous Spaces from Metadata URL Field
• SHIBUI-836: Support use of %{idp.home} in configuration
• SHIBUI-834: Make scheduled beans in EntityDescriptorFilesScheduledTasks conditional on a property setting
• SHIBUI-816: Remove Validation on Entity ID Search for a Filter
• SHIBUI-814: Internationalization - UI implementation and integration with backend
• SHIBUI-813: Internationalization - Document how one could modify the language the text is shown in
• SHIBUI-812: Allow alternate/additional attribute ids to the attributes that controls release through the UI
• SHIBUI-811: Customize Color Scheme and Branding
• SHIBUI-808: Implement PAC4J Spring Security Module
• SHIBUI-799: Implement NameIDFormatFilter
• SHIBUI-797: Modify Backup File Processing
• SHIBUI-784: A11y: To Fix according to aXe tool on new Filter Page
• SHIBUI-781: UI: Need Delete Warning Modal Safety Net for Filter
• SHIBUI-779: UI: Update entity id search to include resourceId
• SHIBUI-744: UI: Manage Filter/Edit - Add 'eye' icon to individual filters
• SHIBUI-730: Implement ability to delete Filter from providers on Provider -> Filter List
• SHIBUI-729: Implement ability to re-order filters on Provider -> Filter List
• SHIBUI-723: When creating new MetadataResolvers create equivalent open SAML resolvers types and add them to ChainingMetadataResolver at runtime
• SHIBUI-707: Implement ability to re-order metadata providers
• SHIBUI-704: Implement the DynamicHTTPMetadataProvider
• SHIBUI-703: Implement the LocalDynamicMetadataProvider
• SHIBUI-701: Implement the FilesystemMetadataProvider
• SHIBUI-693: Backend: Implement mechanism to make SignatureValidationFilter filter optional during XML metadata generation
• SHIBUI-692: Backend: Implement mechanism to make RequiredValidUntil filter optional during XML metadata generation
• SHIBUI-682: Backend: remove unused repository classes for filters and resolvers
• SHIBUI-670: Backend: Implement enabled flag for MetadataResolvers
• SHIBUI-669: Backend: Remove all individuals provider controllers and their unit tests
• SHIBUI-666: Backend: Move XML endpoint from MetadataProvidersController to MetadataResolversController
• SHIBUI-661: Backend: Handle CONDITION_SCRIPT filter target type in JPAMetadataResolverServiceImpl
• SHIBUI-660: Backend: When adding metadata resolvers add them to Lucene index
• SHIBUI-635: Dynamic Internationalization
• SHIBUI-629: Multi-Entity ID Select
• SHIBUI-628: Add JaCoCo to the build
• SHIBUI-627: Advanced Settings Form
• SHIBUI-625: Metadata Provider Update
• SHIBUI-624: Filter List
• SHIBUI-621: Introduce xmlId field for MetadataResolvers and MetadataFilters
• SHIBUI-615: Fix build failures
• SHIBUI-599: Finish-Summary page needs Loading symbol on Save button
• SHIBUI-581: FileBackedHTTPMetadataProvider - Reloading Attributes Form
• SHIBUI-580: FileBackedHTTPMetadataProvider - Finish Summary
• SHIBUI-579: FileBackedHTTPMetadataProvider - Metadata Filters Plugin Form
• SHIBUI-578: FileBackedHTTPMetadataProvider - Common Attributes Add Form
• SHIBUI-576: FileBackedHTTPMetadataProvider - Metadata Provider Wizard
• SHIBUI-574: Dashboard - Metadata Providers
• SHIBUI-573: Dashboard - Metadata Sources
• SHIBUI-572: Dashboard - Select Add Metadata Source/Provider
• SHIBUI-559: Modify Copy to Allow for Section Selection
• SHIBUI-526: Create RequiredValidUntilFilter and Attach to Metadata Provider - Back End
• SHIBUI-525: Create SignatureValidationFilter and Attach to Metadata Provider - Back End
• SHIBUI-522: Create EntityRoleWhiteListFilter and Attach to Metadata Provider - Back End
• SHIBUI-521: Create and Configure ResourceBackedMetadataProvider - Back End
• SHIBUI-520: Create and Configure FilesystemMetadatarProvider - Back End
• SHIBUI-519: Create and Configure DynamicHTTPMetadataProvider - Back End
• SHIBUI-518: Create and Configure LocalDynamicMetadataProvider - Back End
• SHIBUI-517: Create and Configure FileBackedHTTPMetadataProvider - Back End
• SHIBUI-503: Version Conflict Resolution
• SHIBUI-481: UI: Update Angular to version 6.0
• SHIBUI-479: Display Service Provider
• SHIBUI-475: Service Provider Copy
• SHIBUI-474: Convert Text Buttons for Saving to 'SAVE'
• SHIBUI-473: Change Metadata Provider Verbiage to Metadata Source
• SHIBUI-468: Review backend test coverage
• SHIBUI-467: Developer Documentation
• SHIBUI-372: Implement Version in the UI
• SHIBUI-331: Decision Modal Missing in Edit Provider Flow
• SHIBUI-321: Implement Edit Filter Display
• SHIBUI-306: Implement Save for a New Filter
• SHIBUI-304: Implement Filter in Dashboard Display
• SHIBUI-297: Implement Modal Search Results
• SHIBUI-293: Implement Entity ID Search
• SHIBUI-285: Implement Display New Filter
• SHIBUI-284: Implement Display New Filter - Search
• SHIBUI-283: A11y aXe Fix Required: "Metadata Source List" page
• SHIBUI-280: Implement Initiation of InCommon Metadata Aggregate Update
• SHIBUI-278: As an administrator, I want to easily integrate Shibui metadata providers into my Shibboleth IdP
• SHIBUI-259: A11y aXe Fix Required: Dashboard (and other pages) Form elements must have labels
• SHIBUI-257: ?
• SHIBUI-256: A11y aXe Fix Required: Dashboard (and other pages) Color Contrast
• SHIBUI-254: A11y aXe Fix Required: Dashboard (and other pages) add Lang Attribute
• SHIBUI-230: Need Errors for Edit pages (Bug)