mirror of https://github.com/apache/nifi.git
dcc4fb00a5
- Add dependency on spring-security-saml2-core - Updated AccessResource with new SAML end-points - Updated Login/Logout filters to handle SAML scenario - Updated logout process to track a logout request using a cookie - Added database storage for cached SAML credential and user groups - Updated proxied requests when clustered to send IDP groups in a header - Updated X509 filter to process the IDP groups from the header if present - Updated admin guide - Fixed logout action on error page - Updated UserGroupProvider with a default method for getGroupByName - Updated StandardManagedAuthorizer to combine groups from request with groups from lookup - Updated UserGroupProvider implementations with more efficient impl of getGroupByName - Added/updated unit tests - Ensure signing algorithm is applied to all signatures and not just metadata signatures - Added property to specify signature digest algorithm - Added option to specify whether JDK truststore or NiFi's truststore should be used when connecting to IDP over https - Added properties to configure connect and read timeouts for http client - Added URL encoding of issuer when generating JWT to prevent potential issue with the frontend performing base64 decoding - Made atomic replace methods for storing groups and saml credential in database - Added properties to control AuthnRequestsSigned and WantAssertionsSigned in the generated service provider metadata - Dynamically determine the private key alias from the keystore and remove the property for specifying the signing key alias - Fixed unit test - Added property to specify an optional identity attribute which would be used instead of NameID - Cleaned up logging - Fallback to keystore password when key password is blank - Make signature and digest default to SHA-256 when no value provided in nifi.properties This closes #4614 |
||
|---|---|---|
| .. | ||
| src | ||
| pom.xml | ||