Skip to content

Releases: apereo/cas

v3.5.0

20 Dec 23:28
@mmoayyed mmoayyed
v3.5.0
3b9d619
Compare
Choose a tag to compare
v3.5.0

Sub-task

  • [CAS-948] - Further productize contributed LDAP-backed password policy CAS extension

Bug

  • [CAS-1065] - Mark response complete if Negotiate-Header has been sent in SpnegoNegociateCredentialsAction
  • [CAS-1068] - QueryDatabaseAuthenticationHandler is final when all other AuthenticationHandlers are not final
  • [CAS-1071] - Generic rules for authorized services in applicationContext.xml could be by-passed
  • [CAS-1074] - management.services.service.warn message missing for French message bundle
  • [CAS-1077] - AbstractThrottledSubmissionHandlerInterceptorAdapter not updating counter on unsuccessful login attempt
  • [CAS-1081] - display-name in web.xml has the wrong version number
  • [CAS-1085] - BindLdapAuthenticationHandler doesn't use the parent password encoder
  • [CAS-1088] - Severe Exception StringIndexOutOfBoundsException on unexpected query parameter to CAS server
  • [CAS-1098] - Build of module cas-server-integration-jboss fails due to Access Denied to JBoss Repository
  • [CAS-1102] - Add ClearPass to ship in CAS 3.5, turned off by default
  • [CAS-1103] - screen.welcome.label.netid.accesskey is 'n', should be 'u'
  • [CAS-1107] - In-memory throttle not working
  • [CAS-1109] - CAS openid support bugs
  • [CAS-1122] - Encoding problems on localized properties files in CAS views
  • [CAS-1123] - Allow Configuration of Perf4j Authentication Statistics
  • [CAS-1135] - ClassCastException with JpaTicketRegistry and ServiceMonitor
  • [CAS-1139] - New Monitor framework does not play nice with EhCacheTicketRegistry

Improvement

  • [CAS-1019] - Proxy Tickets still vended after Service Management config to disallow (add unit test)
  • [CAS-1023] - Unchecking "Participate in SSO" checkbox in service registration causes service to not participate in SSO, effectively setting renew=true for it
  • [CAS-1032] - Make TicketGrantingTicketExpirationPolicy the default configuration in ticketExpirationPolicy.xml
  • [CAS-1054] - Upgrade OpenSAML dependency from 1.1 to 2.x
  • [CAS-1056] - Make it easier to create new RegisteredService implementations
  • [CAS-1066] - Add traditional chinese for Internationalization support
  • [CAS-1072] - Improve ServicesManager.save() API to return the merged RegisteredService rather than returning void
  • [CAS-1079] - Simplify TicketGrantingTicketExpirationPolicy configuration
  • [CAS-1082] - Move Log4J initialization into Spring bean config so that cas.properties can be applied
  • [CAS-1086] - Add support for Farsi & Arabic languages
  • [CAS-1091] - Upgrade to Spring 3.1 and check all dependent libraries for current versions
  • [CAS-1104] - Update Service Ticket expiration config options to be consistent with new TGT Policy config
  • [CAS-1115] - OpenId : fix/refactor dumb mode - implement smart mode
  • [CAS-1116] - Improve MemCacheTicketRegistry for Configurability and Performance

New Feature

  • [CAS-1041] - Add support for OAuth protocol
  • [CAS-1076] - ehcache based TicketRegistry for CAS3.x
  • [CAS-1099] - Monitoring and Management Framework
  • [CAS-1101] - Address Licensing Issues

Task

  • [CAS-1069] - Track Developers in POM Files
  • [CAS-1112] - Remove Berkeley DB Integration Module
  • [CAS-1119] - FastBindLdapAuthenticationHandler should not be declared final
Assets 3

v3.5.0-RC2

20 Dec 23:22
@mmoayyed mmoayyed
v3.5.0-RC2
1609e18
Compare
Choose a tag to compare
v3.5.0-RC2 Pre-release
Pre-release 
[maven-release-plugin]  copy for tag v3.5.0-RC2
Assets 2

v3.5.0-RC1

20 Dec 23:22
@mmoayyed mmoayyed
v3.5.0-RC1
39d6881
Compare
Choose a tag to compare
v3.5.0-RC1 Pre-release
Pre-release 
[maven-release-plugin]  copy for tag v3.5.0-RC1
Assets 2

v3.4.12

20 Dec 23:41
@mmoayyed mmoayyed
v3.4.12
8926b28
Compare
Choose a tag to compare
v3.4.12

Bug

  • [CAS-1065] - Mark response complete if Negotiate-Header has been sent in SpnegoNegociateCredentialsAction
  • [CAS-1068] - QueryDatabaseAuthenticationHandler is final when all other AuthenticationHandlers are not final
  • [CAS-1071] - Generic rules for authorized services in applicationContext.xml could be by-passed
  • [CAS-1074] - management.services.service.warn message missing for French message bundle
  • [CAS-1077] - AbstractThrottledSubmissionHandlerInterceptorAdapter not updating counter on unsuccessful login attempt
  • [CAS-1081] - display-name in web.xml has the wrong version number
  • [CAS-1085] - BindLdapAuthenticationHandler doesn't use the parent password encoder
  • [CAS-1098] - Build of module cas-server-integration-jboss fails due to Access Denied to JBoss Repository
  • [CAS-1103] - screen.welcome.label.netid.accesskey is 'n', should be 'u'

Improvement

  • [CAS-1056] - Make it easier to create new RegisteredService implementations
  • [CAS-1066] - Add traditional chinese for Internationalization support
  • [CAS-1086] - Add support for Farsi & Arabic languages
Assets 3

v3.4.12-RC1

20 Dec 23:23
@mmoayyed mmoayyed
v3.4.12-RC1
66a1812
Compare
Choose a tag to compare
v3.4.12-RC1 Pre-release
Pre-release 
[maven-release-plugin]  copy for tag v3.4.12-RC1
Assets 2

v3.4.11

20 Dec 23:42
@mmoayyed mmoayyed
v3.4.11
799fcc4
Compare
Choose a tag to compare
v3.4.11

Bug

  • [CAS-1029] - Spanish translation lost all accented characters
  • [CAS-1040] - miss i18n key in messages_zh_CN.properties
  • [CAS-1051] - JpaTicketRegistry Deadlocks Periodically
  • [CAS-1052] - CAS server doesn't shutdown correctly when Inspektr audit log is configured to store data into DB over JdbcAuditTrailManager
  • [CAS-1055] - LdapUtils was not correctly encoding values embedded into a filter

Improvement

  • [CAS-654] - Make ServiceValidateController non-final
  • [CAS-930] - JpaLocking Strategy
  • [CAS-1007] - Set default matching order for http://* and https://* services
  • [CAS-1012] - Add Support for Configuring Name of RememberMe Attribute in SAML Response
  • [CAS-1017] - Update spring-configuration files to have consistent schemaLocation
  • [CAS-1035] - Use id "msg" rather than "status" for UI messages, and add header to non-secure connection notice.
  • [CAS-1036] - Move IE6 styles to IE stylesheet
  • [CAS-1042] - Refactor TicketGrantingTicket expiration policy to remove superfluous code block
  • [CAS-1043] - Consistent Translation of Username throughout all languages (some are Net-ID etc.)
  • [CAS-1046] - add getter for httpClient to class AbstractWebApplicationService
  • [CAS-1047] - Provide Capability to Log NamingExceptions Thrown on Bind Failures

New Feature

  • [CAS-994] - AuthenticationHandler health monitoring in cas-server?

Security Bug

  • [CAS-1064] - CAS Service Parameter is Susceptible to CRLF Attacks
Assets 3

3.4.11-RC1

20 Dec 23:23
@mmoayyed mmoayyed
3.4.11-RC1
30ed10a
Compare
Choose a tag to compare
3.4.11-RC1 Pre-release
Pre-release 
[maven-release-plugin]  copy for tag 3.4.11-RC1
Assets 2

v3.4.10

20 Dec 23:43
@mmoayyed mmoayyed
v3.4.10
09ead33
Compare
Choose a tag to compare
v3.4.10

Bug

  • [CAS-1030] - FastBindLdapAuthenticationHandler spring config fails without ldapTemplate which is required, but isn't used

Improvement

  • [CAS-1003] - Provide a TicketGrantingTicket expiration policy that incorporates both a hard timeout and sliding window idle timeout
  • [CAS-1028] - Russian translation
  • [CAS-1031] - Make searchContext source optional on BindLdapAuthenticationHandler
  • [CAS-1034] - Update vt-crypt to 2.1.4 for Fixes Related to X.509 DN Parsing

Task

  • [CAS-1027] - Update aspectj-maven-plugin in the core pom from 1.3 to 1.3.1
Assets 3

v3.3.3-RC3: NOJIRA

20 Dec 23:27
@mmoayyed mmoayyed
v3.3.3-RC3
9265a2a
Compare
Choose a tag to compare
v3.3.3-RC3: NOJIRA Pre-release
Pre-release 
3.3 RC3 release
Assets 2

v3.3.2-RC2: NOJIRA

20 Dec 23:27
@mmoayyed mmoayyed
v3.3.2-RC2
da2227e
Compare
Choose a tag to compare
v3.3.2-RC2: NOJIRA Pre-release
Pre-release 
should have been a 3.3-RC2 release
Assets 2