Release notes 4.1
System Requirements
- Core Engine Version 3.9.8 or later
- Authentication Base Version 4.0.2 or later
How to get these improvements
- Upgrade the 4App Authentication Provider SAML (
4allportal-authentication-provider-saml) to
version 4.1.x
New features and improvements
- Fix prefer data from http session for redirect and only as fallback data from relay state for
backward compatibility.
- Fix now works in cluster without sticky session. Requires current Core 3.9 version and persist
http session on in admin snap-in
General system configurations/System settings/Security. - Fix url
/saml/info now should work. Before it only worked if the entire url was copied into the
browser, because the browser automatically called saml/SSO and that broke the authentication.
Patch releases
Version 4.1.1
- Fix set cookie CESESSID with parameters from configuration instead of default ones
Version 4.1.2
- Fix remove invalid cookie CESESSID and use valid for login
Version 4.1.3
- Fix support idp initiated login
- Fix logout existing CESESSID before creating a new session to avoid error with idp initiated login
Version 4.1.4
- Update 4App manifest for app management
- Do not allow the
Entity url in configuration ends with / - Do not allow that
Host in configuration ends with / - Ensure that
Path in configuration always ends on / - Rename
Certificate key to Certificate alias' in configuration because error message in log from library usesalias` - Fix get metadata by metadata_url not work after upgrade libraries in 4app core
- Allow to skip the certificate check when accessing the metadata_url
Version 4.1.5
- Fix saml login not work after reload because providers not shown in frontend
Version 4.1.6
- Disable IDP Discovery Service with endpoint "/saml/discovery" (fix issue with the cycle references since 4allportal-core:3.10.28)
Version 4.1.7
- Add IBeforeMergeUser interface to support code injection before merging saml users in 4ALLPORTAL.
