View Source

We are pleased to announce Kantega SSO Enterprise 6.0.

note

Read the update notes for important information about this release, and see the full changelog below.

Compatible applications

In general, the latest version of Kantega SSO Enterprise is compatible with the oldest version that has not been ended of life. See Atlassian’s End-of-life (EOL) policy to get an overview of versions and EOL dates.

Application	Compatible from Server version	Compatible from Data Center version
Bamboo	7.2.1	8.0.0
Bitbucket	7.6.0	7.6.0
Confluence	7.8.0	7.8.0
Jira	8.12.0	8.12.0

Changelog

Kantega SSO is getting a new large improvement under the hood, laying the foundation for future functionality and steps to support newer version of Java runtimes that is coming in future Data Center releases.

Changes in 6.0.1

18 Oct 2022 13:30

Security update to patch CVE-2022-42889

Security patches

Update apache sommons-text to 1.10.0 to patch vulnerability in CVE-2022-42889:https://nvd.nist.gov/vuln/detail/CVE-2022-42889

Changes in 6.0.0

04 Oct 2022 15:00 - 05 Oct 2022 11:30

Under-the-hood changes, Teams SSO, JSM signup, name attibutes and dependencies

Features

Microsoft Teams SSO. When an Atlassian product is embedded as an iframe app in Teams, Kantega SSO supports relaying the identity from the Identity Provider.
Email domain allowlist for signup of user in Jira Service Management (JSM).
Map separate firstName / lastName claims to the Name attribute for Just-in-time user provisioning

Improvements

Under-the hood update of the OSGI plugin version. This has lead us to change annotations and maven scopes for certain dependencies. This will hopefully offer more stability and lay the foundation for future development.
Allow more special characters in group names during SCIM sync

Bug fixes

Stabilize the newly introduced redirect rules for JSM, fix that Jira Instant redirect mode overruled JSM redirect rules.

Dependency updates

Diff from org.kantega.atlaskerb, higlighting the most relevant changes:

--- a/pom.xml
+++ b/pom.xml
@@ -118,12 +118,12 @@
       <plugin>
         <groupId>com.github.spotbugs</groupId>
         <artifactId>spotbugs-maven-plugin</artifactId>
-        <version>4.5.0.0</version>
+        <version>4.7.2.0</version>
         <dependencies>
           <dependency>
             <groupId>com.github.spotbugs</groupId>
             <artifactId>spotbugs</artifactId>
-            <version>4.5.2</version>
+            <version>4.7.2</version>
           </dependency>
         </dependencies>
         <configuration>
@@ -151,7 +151,7 @@
       <plugin>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-maven</artifactId>
-        <version>6.5.1</version>
+        <version>7.2.1</version>
@@ -797,13 +797,13 @@
     <dependency>
       <groupId>org.assertj</groupId>
       <artifactId>assertj-core</artifactId>
-      <version>3.10.0</version>
+      <version>3.23.1</version>
       <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>junit</groupId>
       <artifactId>junit</artifactId>
-      <version>4.12</version>
+      <version>4.13.2</version>
       <scope>test</scope>
     </dependency>
@@ -839,7 +839,7 @@
     <dependency>
       <groupId>org.json</groupId>
       <artifactId>json</artifactId>
-      <version>20210307</version>
+      <version>20220320</version>
     </dependency>
@@ -1031,7 +1031,7 @@
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk15to18</artifactId>
-      <version>1.70</version>
+      <version>1.71</version>
     </dependency>
@@ -1114,7 +1114,7 @@
     <dependency>
       <groupId>com.google.guava</groupId>
       <artifactId>guava</artifactId>
-      <version>31.0.1-jre</version>
+      <version>31.1-jre</version>
       <scope>provided</scope>
     </dependency>
     <dependency>
      <groupId>com.atlassian.sal</groupId>
      <artifactId>sal-api</artifactId>
-     <version>3.1.2</version>
+     <version>4.2.0</version>
      <scope>provided</scope>
    </dependency>
     <dependency>
-    <fasterxml.jackson.version>2.13.3</fasterxml.jackson.version>
+    <fasterxml.jackson.version>2.13.4</fasterxml.jackson.version>
-    <activeobjects.version>3.0.0</activeobjects.version>
+    <activeobjects.version>3.2.4</activeobjects.version>
-    <amps.version>8.0.0</amps.version>
+    <amps.version>8.2.3</amps.version>