We are pleased to announce Kantega SSO Enterprise 7.37.0.

Compatible applications

In general, the latest version of Kantega SSO Enterprise is compatible with the oldest version that has not reached end of life. For this release however, there is a gap in Atlassian’s major architecture rewrite in what they call Platform 7. Its lower compatibility is with versions that have implemented platform 7. This means the following major versions and later are compatible:

Note that 7.37.x is a functional copy of 6.37.x and should only contain minor differences caused by platform 7.

Changelog

Changes in 6.37.17

Release summary: Fixed bug with websudo button showing up without websudo being enabled

Bug fixes

  • Allow whitespace to hide specific texts on login pages like

  • Better handling of internal URLs for Force login

  • Fix default redirect rules override for JSM

  • Fix ability to disable IdP icons

Changes in 7.37.16

Release summary: Fixed bug on scim user and group sync

Bug fixes

  • Fixed bug on scim user and group sync occurring on newest Atlassian platforms

Changes in 7.37.15

Release summary: Fixed bug with websudo button showing up without websudo being enabled

Bug fixes

  • Fixed issue where the “Reauthenticate with SSO” button for websudo was shown without Jira prompting the user for reauthentication.

Changes in 7.37.14

Release summary: Bug fixes

Bug fixes

  • Newly introduced Bitbucket & Bamboo websudo (secure admin session) did not isolate to the given host product and gave failure on Jira

  • An additional closing bracket ')' snuck into the DOM of the SAML/OIDC login page

Changes in 7.37.13

Release summary: Google Workspace API connector bug fix

Improvements

  • Added a utility page under dark-features for viewing and editing groups in specific user directories on the URI /plugins/servlet/no.kantega.kerberosauth.kerberosauth-plugin/showGroupsInDirectories

Bug fixes

  • Google Workspace API connector sync failed after incorrect JSON object key for isArchived and isSuspended on the fix in 7.37.10

Changes in 7.37.12

Release summary: Bug fixes

Bug fixes

  • Fixed the Continue-button on the login screen not working when trying to log in with username/password.

  • Config upgrade logic introduced in 7.37.4 incorrectly checks for breaking changes comparing incorrect versions.

Changes in 7.37.11

Release summary: Bug fix of config upgrade logic and dependency update

Improvements

  • Update bouncy castle dependency from 1.78 to 1.80 to patch CVE-2024-29857, CVE-2024-30171, CVE-2024-30172.

Bug fixes

  • Config upgrade logic introduced in 7.37.4 incorrectly checks for breaking changes comparing incorrect versions.

Changes in 7.37.10

Release summary: Improvements, bug fixes and dependency updates

Improvements

  • Websudo SSO is now available for Bitbucket and Bamboo

  • Update dependencies

Bug fixes

  • Google Workspace API connector did not update archived users as “not active” during sync

  • Make manual redirect more available on login page when users enter username

Changes in 7.37.9

Release summary: Bug fix for prevent traditional login

Bug fixes

  • Fixed a bug with prevent traditional login introduced with 7.37.8

Changes in 7.37.8

This release has been made private due to a discovered bug with prevent traditional login. Please use 7.37.9 instead.

Changes in 7.37.8

Release summary: Fixes in JSM and in Jira handling root page “/” better on Jira 10+

Bug fixes

  • Make Kerberos work in all cases for JSM portal login page

  • Handle SSO login for root page

  • Better handling prevent traditional login (with username / password) for unlicensed users

Changes in 7.37.7

Release summary: Added support for Confluence 9.3

Improvements

  • The cloud user provisioning overview now shows if a connected user directory is disabled

  • Added support for Confluence 9.3

Bug fixes

  • Fixed bug where some group selectors were unable to load groups

  • Fixed assigning groups on traditional login

Changes in 7.37.6

Release summary: Bug fixes for API tokens

Bug fixes

  • Fixed bug where non-admin users could not create tokens if maximum token lifetime was set to forever

  • Fixed unnecessarily noisy logging in some scenarios

  • Fixed Kerberos logging in users trying to log out on Jira 10

Changes in 7.37.5

Release summary: Fixed SAML/OIDC bug with target after redirect containing the entire URL

Bug fixes

  • Fixed SAML/OIDC bug with target after redirect containing the entire URL.

Changes in 7.37.4

This release removes the login logic from Jira dashboards since the login widget does not exist with the new login interface. This means that Kerberos will no longer trigger when visiting the dashboard unless Force Login is enabled and configured to use /* as a force path.

Force login

Release summary: Bug fixes. Improved UX on disable Kerberos.

Improvements

  • Reworked “Disable Kerberos” to improve UX and make the feature easier to understand.

Bug fixes

  • Fixed issue with Single Logout in Jira.

  • Fixed issue with IdP button not being clickable with certain configurations.

  • Fixed bug where using SAML/OIDC would remove the title of Jira dashboards.

Changes in 7.37.3

Release summary: Bug fixes for prevent traditional login and initial SAML signing certificate

Bug fixes

  • Fixed prevent traditional login not working well with manual redirect for users permitted to log in with username/password

  • Fixed problem when setup of first identity provider where SAML signing certificate was created

Changes in 7.37.2

Release summary: Added support for generating 4096 bit certificate for SAML Request Signing

Improvements

  • Added option to generate certificate for SAML Request Signing with size of 4096 bits

Bug fixes

  • Fixed problem with reactivating users who are both deactivated and missing license group

Changes in 7.37.1

Release summary: Various bug fixes and improvements

Improvements

  • Improved error handling for LDAP test

  • Changed default behaviour to include username/password link

  • Updated UI for SCIM setup wizard

  • Added lozenge for showing local groups in group list

  • Added the option to copy groups and memberships to read-only directories

  • Added an overview to make discovering duplicate groups easier at /showGroupsInDirectories

Bug fixes

  • Fixed instant redirect trigger on JSM despite being disabled

  • Fixed redirecting user to the page they attempted to visit before being sent to IdP for Bitbucket

  • Fixed issue with viewing groups containing &

  • Fixed SSO for Bamboo and JSM

Changes in 7.37.0

Release summary: Added support for custom API token authorization header

Improvements

  • Added support for custom API token authorization header

Bug fixes

  • Entra ID API connector will no longer crash during synchronization when user or group filtering is enabled and a nested group matching the filter contains a group not matched by the filter.