Bugfixes
- avoid logged-out sessions remaining (valid) in the session cache: remove session from cache before clearing it; see #542
Features
- add maximum session lifetime (
exp
), inactivity timeout (timeout
) andremote_user
toOIDCInfoHook
; closes #541
Security
- add opt-out on
sub
check in userinfo endpoint response using the (undocumented)OIDC_NO_USERINFO_SUB
environment variable, for backwards (but insecure) compatibility, see #544
Dependencies
libcjose >= 0.5.1
if your distribution does not providelibcjose
in its package repository, recent packages for a number of platforms are available from the "Assets" section in release 2.4.0
Other
- binary packages for various other platforms such as Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7 Power PC (ppc64, ppc64le), Oracle Linux 6/7, older Ubuntu and Debian distro's, Oracle HTTP Server 11.1/12.2, IBM HTTP Server 8/9, Mac OS X and Microsoft Windows 64bit/32bit are available under a commercial agreement via sales@zmartzone.eu
- support for Redis (TLS) Cluster and Redis over TLS is available under a commercial license via sales@zmartzone.eu