github OpenIDC/mod_auth_openidc v2.4.14.4
release 2.4.14.4
on GitHub

latest releases: v2.4.16.3, v2.4.16.2, v2.4.16.1...
11 months ago

Note that as of release 2.4.14 the use of OIDCHTMLErrorTemplate is deprecated and one should instead rely on standard Apache error handling capabilities, optionally customized through ErrorDocument. The environment variable strings REDIRECT_OIDC_ERROR and REDIRECT_OIDC_ERROR_DESC are available for display purposes.

Bugfixes

  • fix OIDCRefreshAccessTokenBeforeExpiry when using it with logout_on_error or authenticate_on_error; see #1111; thanks @brandonk10
  • improve behaviour when parallel refresh token grant requests occur on the same Apache server/host and rolling refresh tokens are issued; synchronize using a global refresh token lock and avoid corrupting the session by storing/overwriting an expired refresh token
  • fix memory leak in oidc_refresh_token_grant: free the parsed id_token if returned from the token endpoint
  • avoid potential process lifetime memory leak when mutex lock/unlock fails

Performance

  • store userinfo refresh interval in session to avoid parsing Provider JSON metadata on each request
  • fix performance issue with latin1 encoding when using OIDCPassClaimsAs <any> latin1 with large claim values
  • skip re-validating cached provider metadata
  • use process based locking for Redis caching instead of global locking

Features

  • add options for authentication to OIDCOutgoingProxy; thanks @drzraf; see #1107
  • add support for custom preserve/restore POST data templates with OIDCPreservePostTemplates to be used when OIDCPreservePost is set to On; the hard-coded internal templates are added to the test directory as an example; closes #195 (yeah...); thanks @kerrermanisNL and @spiazzi

Commercial

  • binary packages for various other platforms such as Microsoft Windows 64bit/32bit, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7/8 on Power PC (ppc64, ppc64le), older Ubuntu and Debian distro's, Oracle HTTP Server 11.1/12.1/12.2, IBM HTTP Server 8/9, Solaris 11.4 and IBM AIX 7.x are available under a commercial agreement via sales@openidc.com
  • support for Redis over TLS, Redis (TLS) Sentinel, and Redis (TLS) Cluster is available under a commercial license via sales@openidc.com
Check out latest releases or
releases around OpenIDC/mod_auth_openidc v2.4.14.4

Don't miss a new mod_auth_openidc release

NewReleases is sending notifications on new releases.

Get notifications