Skip to end of metadata
Go to start of metadata

Changes

  • Updated the WAYF.  It now has a  new, cleaner layout and loading and searching should be much faster.
  • Disable the consent page for COmanage (we're looking into the best place to ask for consent and offer an AUP)
  • Correctly send the sn (surname) attribute to SAML and OIDC clients
  • Pass the correct attributes to SAML clients.  The"friendly name" attributes (e.g. givenName) are no longer available.  Instead use the "oid" format (e.g., urn:oid:2.5.4.42) or the "urn:mace" format (e.g., urn:mace:dir:attribute-def:givenName).
  • Initial support for SAML and OIDC SPs that are connected to multiple COs
  • Send a fixed set of attributes to each SAML SP, disregarding restrictions defined in the SP metadata
  • Add COmanage plugins to support enrolling guests from an external system (for UU/Yoda pilot)
  • Initial support for updating COperson attributes from changed SAML attributes when a user logs in
  • Support for provisioning COperson Role affiliations to ldap
  • Fix provisioning of renamed groups
  • Fix deprovisioning of COUs
  • Fix provisioning of email addresses
  • Rewrite and improve the "pam-websso" authentication method (see PAM Module)
  • Switch to more consistent ldap schemas
  • Improvements to the LSC configurations
  • Improve SAML metadata
  • Improve automatic deploy tests
  • No labels