[Shib-Users] Shibboleth IdP 2.1 Release

[Chad La Joie]

The Shibboleth Development Teams announces the release of Shibboleth
IdP, version 2.1.

BE SURE TO READ, AND FOLLOW, THE INSTRUCTIONS FOR UPGRADING FROM 2.0 TO 2.1
https://spaces.internet2.edu/display/SHIB2/IdP2021Upgrade

This release contains a number of new features, for example:
- The ability to store configuration files in Subversion or pull them
from HTTP locations. This should help deployers better manage and
distribute changes to configurations.
- The introduction of an explicit DenyValue rule in the attribute filter
policy. This rule allows policies to be written that forbid the release
of attribute values, regardless of what other policies are in effect.
- The addition of the beanshell, groovy, jruby, and jython scripting
engines. This allows deployments that already have these languages
installed to use those them in the Scriplet attribute definitions and
filter rules.

It also has fixed the following major bugs (as well as a slew of other
smaller bugs):
- Two memory leaks: one where session information was retained
indefinitely and another where metadata information was cached indefinitely
- Two regression bugs: one that prevented SAML 1 service providers to
work with 2.0 IdPs when using the artifact binding and one that caused
some SAML 1 assertions to be issued without audience restrictions
- The possibility of cross-site scripting attacks when using the
UsernamePassword login handler
- Lots of installer related bugs, especially when dealing with Windows
filesystem paths with drive letters and spaces in them

Note, caching for the LDAP and relational database connectors is
currently turned off by default. There is a known issue where the cache
is kept around after the cessation of user's session. This will be
re-enabled in 2.2 once the problematic code within the IdP is cleaned up.

This release has seen updates to all libraries used by the IdP and
developed by the Shibboleth team. Therefore a complete list of changes
can be found by looking at the change logs for the IdP as well as all
the lower level libraries.

Shib IdP 2.1
http://svn.middleware.georgetown.edu/view/java-idp/tags/2.1.0/doc/RELEASE-NOTES.txt?revision=2797&view=markup

Shib Common 1.1
http://svn.middleware.georgetown.edu/view/java-shib-common/tags/1.1.0/doc/RELEASE-NOTES.txt?revision=809&view=markup

OpenSAML 2.2
http://svn.middleware.georgetown.edu/view/java-opensaml2/tags/2.2.2/doc/RELEASE-NOTES.txt?revision=1370&view=markup

OpenWS 1.2
http://svn.middleware.georgetown.edu/view/java-openws/tags/1.2.1/doc/RELEASE-NOTES.txt?revision=288&view=markup

XMLTooling 1.1.1
http://svn.middleware.georgetown.edu/view/java-xmltooling/tags/1.1.1/doc/RELEASE-NOTES.txt?revision=600&view=markup

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
chad....@switch.ch, http://www.switch.ch