Release Notes - PicketLink - Version PLINK_2.5.0.beta4 - HTML format

Bug

  • [PLINK-143] - SAML2 Attribute Value should support nested elements
  • [PLINK-144] - PicketLink STS should not choke on WS-Policy 1.5 Tags
  • [PLINK-145] - SAML2Handler also puts assertion from incoming request in the response
  • [PLINK-147] - The PicketLink IDP behaves strangely if the index.jsp is changed to an index.html
  • [PLINK-149] - JPA identity store schema class annotated with @Relationship not found during configuration
  • [PLINK-150] - AuthnRequest Protocol Binding
  • [PLINK-156] - Add picketlink-common library to distribution
  • [PLINK-157] - CORS preflight request should not be blocked by Basic or Digest auth
  • [PLINK-160] - Picketlink forwards to /hosted for resources without auth-constraints
  • [PLINK-163] - SAML20TokenProvider:KeyIdentifier generated using '#' which fails against SAP Server
  • [PLINK-166] - SAML2LogoutHandler throws NPE in the absence of Success status code at SP
  • [PLINK-172] - IdmAuthenticator is failing for credentials that don't required the userId
  • [PLINK-173] - IdmAuthenticator is not supporting custom credentials
  • [PLINK-174] - Configuration Builder for Identity Stores is not reading the credential handlers
  • [PLINK-177] - The IdentityManagerFactory must be serializable to allow @SessionScoped injection points
  • [PLINK-183] - Digest authentication can be bypassed

Enhancement

  • [PLINK-161] - PicketLink STS should use the picketlink.xml file to load the configurations.
  • [PLINK-162] - WSTrust parsing should consider RequestedUnattachedReference
  • [PLINK-169] - Change the parameter name used to configure the realm name in the AuthenticationFilter to realmName
  • [PLINK-182] - IdmAuthenticator is not supporting partitions

Feature Request

  • [PLINK-115] - SP SAML Handler to put IDP Assertion Into Http Session
  • [PLINK-148] - Support SessionIndex when issuing assertions and logout requests
  • [PLINK-151] - Example fails with picketlink-schema only
  • [PLINK-152] - JAXP Factories may need to use the CL of the class in TCCL
  • [PLINK-159] - SAML2AuthenticationHandler should be able to create multivalued attibute statement
  • [PLINK-164] - Facebook Authenticator
  • [PLINK-170] - Twitter Authenticator
  • [PLINK-175] - Support two factor authentication with Time-based One-Time Passwords
  • [PLINK-176] - HTTP digest authentication returning 401 with valid users
  • [PLINK-179] - FORM Authentication Mechanism
  • [PLINK-185] - Application bootstrap failing during IdentityStore creation

Task

  • [PLINK-134] - Reintroduce permission resolver API into base module
  • [PLINK-141] - Custom Identity Stores configuration and examples
  • [PLINK-153] - Rename SCIM module to REST

Edit/Copy Release Notes

The text area below allows the project release notes to be edited and copied to another document.