Skip to content

Release notes old versions

2.5.4

Bug fixes

  • Fixed an encoding issue: URL parameters where in some cases encoded invalid if they contained special characters.

2.5.3

Improvements

  • Allow to configure the max body size for multipart file uploads.

2.5.2

Improvements

  • Added support to set a custom host header in the resource gateway calls.

2.5.1

Improvements

  • Cleaned up documentation.

2.5.0

Improvements

  • Support for disabling token validation per resource gateway.

2.4.0

Note: from this version we removed the leading zeros from our versioning scheme.

Features

  • Proxy support for CIM and UMA backends.

2.03.00

Features

  • Support for multiple resource servers based on host name.

2.02.01

Bug fixes

  • Make the call from the Token Validation service towards the Token Server direct.

2.02.00

Features

  • Add support for multiple resource gateways to be configured via the environment variables.

2.01.00

Features

  • Make X-Forwarded-Host and X-Forwarded-Port optional

Bug fixes

  • SSL offloading in external load balancer causes redirects to http instead of https

2.00.01

Bug fixes

  • HTTPS support for request mapper
  • Java components not properly booting
  • Usage of JAVA_OPTS setting in docker compose file ignored

2.00.00

Features

  • Embedded basic resource gateway functionality
    • Token validation service
    • Hook to map token validation result to resource server request

Bug fixes

  • Prevent duplicated security headers on Token Server endpoints
  • X-Forwarded-for-* headers not set on all proxied requests

1.03.03

Bug fixes

  • X-Forwarded-Host, X-Forwarded-Proto & X-Forwarded-Port can be disabled.

1.03.02

Bug fixes

  • Hide X-XSS-Protection, X-Content-Type-Options and X-Frame-Options headers from proxied upstreams because value are explicitly set by security proxy.

1.03.01

Bug fixes

  • Fix SSL cert/key parsing with confd

1.03.00

Improvements

  • Add provisioner for configuration settings.

1.02.02

Improvements

  • Add Strict Transport Security header on all successful responses via nginx

1.02.01

Bug fixes

  • Use the GCMParameterSpec to get the IV instead of the default IvParameterSpec

1.02.00

Features

  • Add message compression and decompression

1.01.00

Bug fixes

  • Fixed an issue where the app could get stuck due to invalid client credentials
  • Make it possible to configure a certificate chain on the SSL listener

Features

  • Removed binary encoding of encrypted messages
  • Add automated tests
  • Improved documentation

1.00.01

Bug fixes

  • Improve error handling

Bug fixes

1.00.00

Features

  • Full functionality of Security Proxy, including:
    • Handshake using JPAKE algorithm
    • Message encryption/decryption
    • Message padding
    • Message routing (with load balancer)
    • TLS/SSL support