- Support of an SAML attribute containing groups to assign the user to jAcl2 groups automatically
- new configuration parameter to change the default page to redirect to after login
- Improve html with ids and div to ease CSS styling
- Fix configuration : fix some PHP notices when some configuration parameters were missing
- Fix: there was a php error when
certs_encryption_fileswas empty
- SAML admin: improve the appearance of content of certificates and keys.
- Update authentication plugin for Jelix 1.8.3+
- Admin: hide the content of the dialog about certificate generation, that was always visible on the SP config page.
- Improve the presentation of the main configuration page.
- Show ACS and SLS adresses on the configuration panel
- Fix: the metadata content is now available, even if the IDP properties are not set yet.
- admin: Display the URL of endpoint even if configuration is not done
- admin, accounts: show authentication type in users details page
- Configuration option to redirect directly to the SAML authentication page
- Try to fix configuration cache issue
- Fix some PHP warnings about
jApp::configPath()
- add an uninstaller script, which remove the SAML configuration and restore previous authentication configuration.
- Fix upgrade with Jelix 1.7/1.8
- new installers for Jelix 1.7 and 1.8
- compatibility with Jelix 1.8
- Upgrade PHP-SAML to 4.0.1
- Compatiblity with PHP 7.4 minimum
- Fix: removing accounts having upper case letter in their login name, did not work.
- Fix: installers for Jelix 1.7+ were missing
It allows now to choice the authentication method : by the classical login/password (provided by the jauth or the jcommunity module), or by SAML. It means that instead of redirecting the user to the identity provider web site when authentication is required, it shows the classical login/password form with an additional button to authenticate with Saml.
It fixes the logout initiated by the identity provider: PHP session linked to closed SAML session are now destroyed.
It provides a new module, samladmin, which allows to configure SAML within an administration web interface, with a generator of private key/certificate, with an automatic fill of idp parameters by retrieving a given metadata url of the idp.
For developers:
- the jauth module is now required, except if you are using the jcommunity module
- no more specific configuration for the jcommunity module
- configuration changes:
- no more
after_loginandafter_logoutin thesaml:spsection - a
jcache:samlprofile can be setup to store correspondance between PHP session id and SAML session id. - new
labelparameter into[saml:idp]for the login button
- no more
- API changes:
Jelix\Saml\Configurationdoes not required anymore ajRequestobject for its constructor.
- Composer: add autoconfiguration for the Lizmap application
- Fix SP metadata : some data, like the sp certificate, were missing from metadata.
- Upgrade PHP-Saml to 3.6.1
- Fix: installer should add the admin user into the admins group
- Fix: kill full session when logout
- Fix: do not cache the logout response into the browser
Initial release.