Red Hat

PicketLink 2.6.0.CR1 is out!

The PicketLink team is pleased to announce the release of v2.6.0.CR1. This release also marks the unveiling of the new look and feel for the PicketLink website: built on Awestruct and Bootstrap.

Notable Changes

  • PicketLink SAML SSO For WildFly8

    • WildFly Bindings for Federation

  • Improved Documentation (We still need to do a better job at documentation. :-) )

  • Additional PicketLink Quickstarts

  • PicketLink Permission API

  • PicketLink Subsystem for WildFly

  • EAP Module Upgrade (containing all 2.6+ libraries)

  • PL Extension for both EAP and WildFly

  • SAML2 IDP Initiated SSO

  • Service Provider Dynamic Account Chooser Functionality

The quickstarts are listed below:


Authorization and Permissions:

Federation (SAML,WS-Trust etc):

documentation NOTE

There are some additional quickstarts that have not been fully migrated over to JBoss Developer Quickstarts.

Release Notes

The following section lists out the release notes for the versions leading up to v2.6.0.CR1

  • Bug

    • [PLINK-378] - SAML2LogoutHandler should create logout request with nameid format

    • [PLINK-379] - HTTP Redirect Binding is not restoring original request when accessing a SP for the first time

    • [PLINK-380] - IDPFilter is not populating roles in assertion when using SAML v1.1

    • [PLINK-381] - IDPFilter is stopping the filter chain and not providing application resources

    • [PLINK-382] - WildFly Binding is not supporting SAML v1.1 usecases

    • [PLINK-383] - WildFly SP Binding is is raising IllegalStateException messages.

  • Bug

    • [PLINK-356] - Reloading configuration in IDP doesn’t work

    • [PLINK-367] - Custom partition types are not properly configured when specifying the custom type instead of the base Partition type

    • [PLINK-372] - boolean config values should default to boolean.FALSE if not explicitly declared in configs

  • Enhancement

    • [PLINK-313] - IDP should be configurable to sign assertions

    • [PLINK-375] - Support SAMLConfigProvider and AuditHelper from WildFly IdP and SP bindings

  • Feature Request

    • [PLINK-327] - PasswordCredentialTypeEntity could not be loaded with TomEE

    • [PLINK-344] - Service Provider Dynamic Account Chooser Functionality

    • [PLINK-363] - Combined Service Provider Authenticator

    • [PLINK-364] - SAML2 IDP Initiated SSO

    • [PLINK-368] - Role Generator for JBossAS/JBossWeb Combination

  • Task

    • [PLINK-284] - PicketLink IDP and SPNego

    • [PLINK-319] - WildFly PicketLink Extension and IDM Subsystem

    • [PLINK-370] - Lower log level from INFO to TRACE for Canonicalization

    • [PLINK-373] - Ensure Boolean variables are initialized and handle null autoboxing issues

    • [PLINK-374] - Enable WildFly distribution in PicketLink Bindings

    • [PLINK-376] - Port JSON Security from PicketBox Core

  • Bug

    • [PLINK-361] - Wrong validation when configuring credentials using multiple stores for a single identity configuration

  • Feature Request

    • [PLINK-268] - Implement Permission Management

    • [PLINK-359] - Regular Expression User Name Login Module

  • Bug

    • [PLINK-199] - Error granting role with EclipseLink

    • [PLINK-210] - Regression: use of In.value() for collections

    • [PLINK-332] - PicketLink fails to bootstrap due to TransactionRequiredException on TomEE and GlassFish

  • Feature Request

    • [PLINK-146] - XMLSignatureUtil should allow KeyInfo to use X509 if desired

    • [PLINK-303] - Improve logging and messages

    • [PLINK-323] - Social Login Quickstarts

    • [PLINK-341] - SAML Service Provider Workflow abstraction

    • [PLINK-342] - IDPFilter for web applications

    • [PLINK-343] - Jetty Bindings for SAML SSO

  • Task

    • [PLINK-350] - Validate XMLSignatureUtil→KeyInfo/X509Certificate Usage

  • Bug

    • [PLINK-209] - Debug/Error inconsistency in exception logging

    • [PLINK-257] - PicketLink does not work properly when using JBoss Modules

    • [PLINK-259] - ShanesBigSanityCheckTestCase.testScenario1 is failing sometimes

    • [PLINK-278] - TransactionRequiredException thrown by IDM when no @Startup bean performs initialization

    • [PLINK-285] - RelationshipManager allows null group to be added to identity. NullPointerException results upon subsequent access to user’s groups

    • [PLINK-286] - BasicModel.isMember() throws NullPointerException when group does not exist

    • [PLINK-298] - LDAPIdentityStore is not handling property MSAD’s objectGUID for identifiers

    • [PLINK-300] - AbstractIDPValve throws NPE when using metadata and AuthnRequestsSigned is null.

    • [PLINK-302] - Annotate date fields in the simple schema with @Temporal

    • [PLINK-309] - AttributeParameter needs equals() and hashcode()

    • [PLINK-312] - StackOverflowError in identity query with attribute parameter

    • [PLINK-314] - Annotations are not always recognized when defined in a field only

    • [PLINK-326] - Twitter Authenticator can throw no token available error

    • [PLINK-330] - DefaultPicketLinkLogger can not use parametrized methods from jboss logging

    • [PLINK-340] - AS submodule: IdentityConfigurationBuilder error messages are missing real reasons

  • Enhancement

    • [PLINK-282] - Support for Multiple Custom Identity Stores in the IdentityConfigurationBuilder Fluent API

    • [PLINK-301] - Small changes to the exception hierarchy

    • [PLINK-305] - Authenticating custom account types without providing a custom credential handler

    • [PLINK-306] - Support different stores configuration with different identity types

    • [PLINK-310] - Set default partition to types when the underlying store does not support partitions

    • [PLINK-315] - Use the LDAP mapping configuration to discover the supported types

    • [PLINK-331] - Support EclipseLink when running the IDM tests

    • [PLINK-334] - Add a method to retrieve all configuration used to build a PartitionManager

    • [PLINK-335] - Fire event right after the PartitionManager is built to allow customs initialization logic

    • [PLINK-336] - Remove wrong debug logging message for the default logger implementation

  • Feature Request

    • [PLINK-190] - JDBC Identity Store Implementation

    • [PLINK-287] - Need a method of determining if a User email address is already used

    • [PLINK-295] - GenericHeaderAuthenticator

    • [PLINK-296] - SSLValve from JBossWeb Sandbox

    • [PLINK-311] - Provide to the LDAP store a configuration that allows to specify the hierarchy search depth

  • Task

    • [PLINK-167] - Ensure Logger for exception messages

    • [PLINK-280] - Clean up wildcard imports

    • [PLINK-289] - Create PicketLink BOM Module

    • [PLINK-290] - Update documentation and site with the quickstarts changes

    • [PLINK-291] - Update quickstarts with the PicketLink BOM

    • [PLINK-293] - Enable and fix checkstyle validation for all modules

    • [PLINK-307] - Transfer PicketLink Quickstarts to JDF

    • [PLINK-308] - Support mapping between types and their corresponding objectClasses.

    • [PLINK-320] - Enable CDI on PicketLink IDM.

  • Sub-task

    • [PLINK-324] - Social Login Quickstart: Login With Facebook

    • [PLINK-325] - Social Login Quickstart: Login With Twitter

Latest News

back to top