Feature Request
- [PLINK-115] - SP SAML Handler to put IDP Assertion Into Http Session
- [PLINK-148] - Support SessionIndex when issuing assertions and logout requests
- [PLINK-151] - Example fails with picketlink-schema only
- [PLINK-152] - JAXP Factories may need to use the CL of the class in TCCL
- [PLINK-159] - SAML2AuthenticationHandler should be able to create multivalued attibute statement
- [PLINK-164] - Facebook Authenticator
- [PLINK-170] - Twitter Authenticator
- [PLINK-175] - Support two factor authentication with Time-based One-Time Passwords
- [PLINK-176] - HTTP digest authentication returning 401 with valid users
- [PLINK-179] - FORM Authentication Mechanism
- [PLINK-185] - Application bootstrap failing during IdentityStore creation
Bug
- [PLINK-143] - SAML2 Attribute Value should support nested elements
- [PLINK-144] - PicketLink STS should not choke on WS-Policy 1.5 Tags
- [PLINK-145] - SAML2Handler also puts assertion from incoming request in the response
- [PLINK-147] - The PicketLink IDP behaves strangely if the index.jsp is changed to an index.html
- [PLINK-149] - JPA identity store schema class annotated with @Relationship not found during configuration
- [PLINK-150] - AuthnRequest Protocol Binding
- [PLINK-156] - Add picketlink-common library to distribution
- [PLINK-157] - CORS preflight request should not be blocked by Basic or Digest auth
- [PLINK-160] - Picketlink forwards to /hosted for resources without auth-constraints
- [PLINK-163] - SAML20TokenProvider:KeyIdentifier generated using '#' which fails against SAP Server
- [PLINK-166] - SAML2LogoutHandler throws NPE in the absence of Success status code at SP
- [PLINK-172] - IdmAuthenticator is failing for credentials that don't required the userId
- [PLINK-173] - IdmAuthenticator is not supporting custom credentials
- [PLINK-174] - Configuration Builder for Identity Stores is not reading the credential handlers
- [PLINK-177] - The IdentityManagerFactory must be serializable to allow @SessionScoped injection points
- [PLINK-183] - Digest authentication can be bypassed
Task
- [PLINK-134] - Reintroduce permission resolver API into base module
- [PLINK-141] - Custom Identity Stores configuration and examples
- [PLINK-153] - Rename SCIM module to REST
Enhancement
- [PLINK-161] - PicketLink STS should use the picketlink.xml file to load the configurations.
- [PLINK-162] - WSTrust parsing should consider RequestedUnattachedReference
- [PLINK-169] - Change the parameter name used to configure the realm name in the AuthenticationFilter to realmName
- [PLINK-182] - IdmAuthenticator is not supporting partitions
Edit/Copy Release Notes
The text area below allows the project release notes to be edited and copied to another document.