Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In general, the latest version of Kantega SSO Enterprise is compatible with the oldest version that has not been ended of life. See Atlassian’s End-of-life (EOL) policy to get an overview of versions and EOL dates.

Application

Compatible from Server version

Compatible from Data Center version

Bamboo

7.2.1

8.0.1

Bitbucket

7.6.0

7.6.0

Confluence

7.9.0

7.9.0

Jira

8.12.0

8.12.0

Changelog

Kantega SSO Enterprise takes steps toward being a more complete user management tool. User cleanup in combination with just-in-time user provisioning powers a smooth automatic user management in Jira.

Excerpt

Changes in 6.1.

0

3

20 Oct 11 14:00 CET

Cleanup inactive users, improvements and bug fixes

Features

Improvements

  • Status
    colourGreenYellow
    titleuser cleanup
    Found in the Common tab. Cleanup inactive users automatically. Combines well with Just-in-time user provisioning to automatically keep active accounts licensed, but disabling or de-licensing user that haven’t logged in for a while. Can also configure a schedule that checks in a configurable interval for users that have gone inactive. The user cleanup feature also offers a REST API that can be used if you’d like to perform automation with scrips.

Improvements

  • Status
    colourBlue
    titlekerberos
    Improve Kerberos test page with a check of inconsistent base URL that indicates incorrect proxy config.

Bug fixes

  • Status
    colourPurple
    titleSAML/OIDC
    IDP setup drafts were not deleted on Windows server due to an unreleased lock that came from an unclosed resource.

  • Status
    colourPurple
    titleSAML/OIDC
    Test result page had a weakness with default values of email and name attribute
    bamboo
    Added decryption of LDAP password in Bamboo to fix LDAP connection after encryption was introduced in 9.0.3.

Dependency updates

  • Updated a library with jackson-databind dependency that patches CVE-2022-42003

Changes in 6.1.2

19:30 CET

Fix: Changed log level from error to debug on user not found

Improvements

The debug level was error on user not found, which lead to too much noise in the logs.

Changes in 6.1.1

19:00 CET

Improvements, dependency updates and bug fixes

Improvements

  • Status
    colourPurple
    titlesaml
    Offer ACS URL validator in wizard for OneLogin, as this is a required field in the OneLogin SAML setup

  • Status
    colourPurple
    titlesaml
    Save target URL in HTTP session for IDPs that are unable to give the correct relayState back after redirect. Use proper UTF-8 encoding for sending relay state URLs to IDP.

  • Status
    colourYellow
    titlewebsudo
    More logging for websudo and minor improvement to SSO-websudo flow

  • Status
    colourBlue
    titlekerberos
    Improve Kerberos test page with more insights when DNS lookup fails

Bug fixes

  • Status
    colourGreen
    titleSCIM
    Backup / restore of SCIM was broken in 6.1.0 due to a deserialization and file-handling issue.

  • Status
    titlecommon
    The authentication menu item turned up twice in the Common tab for global settings

Dependency updates

  • Minor npm packages patched with npm audit. Due do incompatibilities with @emotion/utils in different @atlaskit packages, we had to add a temporary override to even build npm. This will hopefully be unneccessary soon.

  • New minor versions of maven packages

npm package.json diff

Code Block
languagediff
diff --git a/package.json b/package.json
--- a/package.json
+++ b/package.json
@@ -93,21 +93,25 @@
     "webpack-merge": "^5.7.3",
     "xhr-mock": "^2.5.1"
   },
+  "overrides": {
+    "@emotion/utils": "1.2.0"
+  },
   "dependencies": {
-    "@atlaskit/button": "^16.1.6",
-    "@atlaskit/css-reset": "6.3.6",
-    "@atlaskit/form": "^8.4.8",
-    "@atlaskit/icon": "21.10.2",
-    "@atlaskit/lozenge": "^11.1.6",
-    "@atlaskit/modal-dialog": "^12.2.2",
-    "@atlaskit/page": "12.1.0",
-    "@atlaskit/progress-tracker": "^8.1.0",
-    "@atlaskit/radio": "^5.3.6",
-    "@atlaskit/section-message": "^6.1.14",
-    "@atlaskit/select": "^15.2.7",
+    "@atlaskit/banner": "~12.0.0",
+    "@atlaskit/button": "~16.1.6",
+    "@atlaskit/css-reset": "~6.3.6",
+    "@atlaskit/form": "~8.4.8",
+    "@atlaskit/icon": "~21.10.2",
+    "@atlaskit/lozenge": "~11.1.6",
+    "@atlaskit/modal-dialog": "~12",
+    "@atlaskit/page": "~12.1.0",
+    "@atlaskit/progress-tracker": "~8.1.0",
+    "@atlaskit/radio": "~5.3.6",
+    "@atlaskit/section-message": "~6.1.14",
+    "@atlaskit/select": "~15.2.7",
     "@atlaskit/spinner": "15.1.6",
-    "@atlaskit/table-tree": "^9.1.9",
-    "@atlaskit/tabs": "^13.2.12",
+    "@atlaskit/table-tree": "~9",
+    "@atlaskit/tabs": "~13.2.12",
     "@atlaskit/textarea": "4.2.6",
     "@atlaskit/textfield": "5.1.6",
     "@hookform/resolvers": "^2.8.8",

pom.xml diff

Code Block
languagediff
diff --git a/pom.xml b/pom.xml
--- a/pom.xml
+++ b/pom.xml
@@ -748,12 +748,12 @@
     <dependency>
       <groupId>com.ksso</groupId>
       <artifactId>scim-lib</artifactId>
-      <version>1.20</version>
+      <version>1.21</version>
     </dependency>
     <dependency>
       <groupId>no.kantega.saml</groupId>
       <artifactId>saml-lib</artifactId>
-      <version>1.39</version>
+      <version>1.40</version>
     </dependency>
     <dependency>
       <groupId>com.microsoft.azure</groupId>
@@ -841,7 +841,7 @@
     <dependency>
       <groupId>org.apache.directory.api</groupId>
       <artifactId>api-ldap-client-api</artifactId>
-      <version>2.1.0</version>
+      <version>2.1.2</version>
     </dependency>
     <dependency>
       <groupId>commons-io</groupId>
@@ -872,7 +872,7 @@
     <dependency>
       <groupId>org.json</groupId>
       <artifactId>json</artifactId>
-      <version>20220320</version>
+      <version>20220924</version>
     </dependency>
     <dependency>
       <groupId>commons-net</groupId>
@@ -1064,7 +1064,7 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk15to18</artifactId>
-      <version>1.71</version>
+      <version>1.72</version>
     </dependency>
     <dependency>
       <groupId>com.atlassian.confluence</groupId>
@@ -1412,7 +1412,7 @@
     <httpPort>2990</httpPort>
     <useHttps>true</useHttps>
     <fasterxml.jackson.version>2.13.4</fasterxml.jackson.version>
-    <msal4j.version>1.13.1</msal4j.version>
+    <msal4j.version>1.13.2</msal4j.version>
     <!-- We are staying a bit behind on activeobjects so that we are staying compatible
     with the oldest host product versions we're supporting. Activeobjects has provided scope,
     but we need to stay somewhat on the same timeline -->
@@ -1437,7 +1437,6 @@
     <jax-rs.atlassian-rest.osgi.version>${javax.ws.rs.version}</jax-rs.atlassian-rest.osgi.version>
     <jersey.atlassian-rest.osgi.version>${jersey.version}</jersey.atlassian-rest.osgi.version>
     <atlassian.spring.scanner.version>2.2.4</atlassian.spring.scanner.version>
-
     <spring.version>4.3.18.RELEASE</spring.version>
     <serberuhs.version>1.21</serberuhs.version>
     <atlassian.plugin.key>${project.groupId}.${project.artifactId}
@@ -1449,7 +1448,7 @@
     <slf4j.version>1.7.32</slf4j.version>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <jetty.version>9.4.48.v20220622</jetty.version>
-    <prometheus.version>0.8.0</prometheus.version>
+    <prometheus.version>0.16.0</prometheus.version>
     <spotless.version>2.21.0</spotless.version>
     <ksso.build.nodeenv>production</ksso.build.nodeenv>
     <ksso.build.pipeline.id />

Changes in 6.1.2

19:30 CET

Fix: Changed log level from error to debug on user not found

Improvements

The debug level was error on user not found, which lead to too much noise in the logs.

Changes in 6.1.3

14:00 CET

Improvements

  • Status
    colourYellow
    titlebamboo
    Added decryption of LDAP password in Bamboo to fix LDAP connection after encryption was introduced in 9.0.3.

Dependency updates

Updated a library with jackson-databind dependency that patches CVE-2022-42003

Changes in 6.1.0

11:00 CET

Cleanup inactive users, improvements and bug fixes

Features

  • Status
    colourGreen
    titleuser cleanup
    Found in the Common tab. Cleanup inactive users automatically. Combines well with Just-in-time user provisioning to automatically keep active accounts licensed, but disabling or de-licensing user that haven’t logged in for a while. Can also configure a schedule that checks in a configurable interval for users that have gone inactive. The user cleanup feature also offers a REST API that can be used if you’d like to perform automation with scrips.

Improvements

  • Status
    colourBlue
    titlekerberos
    Improve Kerberos test page with a check of inconsistent base URL that indicates incorrect proxy config.

Bug fixes

  • Status
    colourPurple
    titleSAML/OIDC
    IDP setup drafts were not deleted on Windows server due to an unreleased lock that came from an unclosed resource.

  • Status
    colourPurple
    titleSAML/OIDC
    Test result page had a weakness with default values of email and name attribute