Note that as of release 2.4.11 running mod_auth_openidc behind a reverse proxy that sets X-Forwarded-* headers needs explicit configuration of OIDCXForwardedHeaders for mod_auth_openidc to interpret those headers, thus this may break existing configurations if unmodified for the former.
Features
- add support for Apache expressions in
OIDCPathAuthRequestParamsandOIDCPathScope; see #594
Bugfixes
- add
Cache-Controlheaders to logout response; see #846; thanks @blackwhiser1
Other
- don't strip the header from encrypted JWTs as future versions of cjose may use compact
encoding for JWEs; this slightly increases state cookie size, by-value session cookies
and encrypted cache contents again at the benefit of forward cjose compatibility
Commercial
- binary packages for various other platforms such as Microsoft Windows 64bit/32bit, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7/8 on Power PC (ppc64, ppc64le), Oracle Linux 6/7, older Ubuntu and Debian distro's, Oracle HTTP Server 11.1/12.1/12.2, IBM HTTP Server 8/9, Solaris 11.4 and Mac OS X are available under a commercial agreement via sales@zmartzone.eu
- support for Redis over TLS, Redis (TLS) Sentinel, and Redis (TLS) Cluster is available under a commercial license via sales@zmartzone.eu