We are pleased to announce Kantega SSO Enterprise 6.9.
Note that changes introduced in Kantega SSO Enterprise 6.3 will trigger an update of config warning in the Configuration status page upon install. It will convert your settings for Disable Traditional Login and Disable Basic Auth to a new format.
Read the update notes for important information about this release if you’re updating from major versions 5.x or 4.x, and see the full changelog below.
Compatible applications
In general, the latest version of Kantega SSO Enterprise is compatible with the oldest version that has not been ended of life. See Atlassian’s End-of-life (EOL) policy to get an overview of versions and EOL dates.
Changelog
Changes in 6.9.0
15:30 CEST
Confluence SSO sign-ins logged in audit log at FULL level. User Cleanup performance revamp.
Features
User cleanup performance revamp, the cleanup will now work in a background process also for test run, much faster performance.
User cleanup group selector will now support very large numbers of groups, above 500 groups will require the user to start typing to see top 500 search results. It’s possible to search for multiple words separated by space.
User cleanup will now use start of the day timestamp as base for comparing with last login date/user creation date.
User cleanup remove from group action will now search groups in read only directories and respect the directory exclusions. The users in read only directories are not modified but their group membership might be modified.
Confluence SSO sign-ins logged in audit log at FULL level. Event emitted on successful login.
Changes in 6.9.1
12:30 CEST
Dependency updates. SCIM additional characters. More git URL configure options
Security patches
Dependency updates
Features
SCIM Support for additional characters /
and +
in group names
BITBUCKET GIT Allow sysadmin to configure Kerberos git URL format with username@
or :@
to be compatible with different git clients.
Changes in 6.9.2
18:30 CEST
Bug fixes
Fixed 'max valid for' parameter validation when API tokens created by non System Administrator users
Api tokens page will no longer create tokens on page refresh after a token has been created
Increased http client connection and read timeout for OIDC requests
Features
MFA tab Request for Comments (RFC), please send us feedback on what you would like to see in Multi-factor authentication tab, supported standards, supported apps
Changes in 6.9.3
Same as 6.9.2, re-release for Atlassian Marketplace
Changes in 6.9.4
Improvements
LDAP Introduced optional disabling LDAP/AD query escaping for backwards compatibility. Feature switch found in /plugins/servlet/no.kantega.kerberosauth.kerberosauth-plugin/dark-features
BITBUCKET Avoid IllegalArgumentException
errors in log in certain situations during log
KERBEROS Introducing support for mutual authentication required in Python and other Kerberos clients.
Bug fixes
KERBEROS Fixed bug introduced in v. 6.6.2 that caused Python clients not be able to use Kerberos if mutual authentication was required or optional.