privacyIDEA 2.18 is about to be released.
45 views
Skip to first unread message
Cornelius Kölbel
Feb 28, 2017, 3:27:35 AM2/28/17
to privacyidea
Dear all,
I just uploaded privacyIDEA 2.18dev3.
This is the feature complete release candidate for the 2.18 release.
So if you would like to test it, you can download it from pypi like
this:
pip install privacyidea==2.18dev3
otherwise you will install the latest stable version 2.17.
You can also install it from the launchpad devel repositories for
Ubuntu 16.04 and 14.04.
Add the devel repository like this:
add-apt-repository ppa:privacyidea/privacyidea-dev
Kind regards
Cornelius
Changelog
=========
Features:
* Allow to disable the WebUI (#605)
* The WebUI will lock the screen after a timeout instead of
logging out the user. This allows to easily continue
configuration work. (#621)
* Improve the creation and handling of local CAs (#630, #632, #633)
Allow certificate template for certificates with different runtime
and x509v3 extensions.
Enhancements
Enhancements in Policies:
* Allow regular expressions in usernames in policies. (#581)
* Improve Policy creation with pi-manage from JSON formatted file.
* WebUI: Add action grouping in policies.
* WebUI: Add action filter in policy view.
* Allow token specific PIN policies: The SPASS token can now
have dedicated PIN policies.
* Add PIN policies for administrators during enrollment and
during assignment.
* Add WebUI policy: only search on enter being pressed (#617)
Enhancements in Event Handlers:
* Add token_validity_period condition to event handlers. (#618)
* Add additional options in token handler when creating
SMS, Email or mOTP tokens.
* Allow tokenhandler to set tokeninfo field.
* Allow tokenhandler to set syncwindow.
* Add event handler condition for count_auth_success and
cound_auth_fail
* Add event handler condition for last_auth.
* Improve Audit Log for Event Handler. Each triggered action
will now also create an audit entry. (#609)
* Allow the use of {current_time} in tokenevent handler. (#628)
Enhancements in LDAP Resolver:
* Upgrade dependency to ldap3 version >=2.1.1 to improve LDAP
performance in regards to redundancy and security
* LDAP Resolver: Use get_info in bind requests to avoid querying
of subschema. (#585)
* LDAP Resolver: Support StartTLS over Port 389.
* Simplify LDAP Resolver: Remove username from Attribute Mapping.
* Simplefy LDAP Resolver: Remove reverse filter.
Misc Enhancements:
* Automatically add user's mobile number if tokentype is SMS.
* Add example configuration for GTX messaging SMS gateway.
* Add a script "privacyidea-get-unused-tokens" to find
unused tokens
* WebUI: Add a busy indicator spinner.
* Improve the pi-manage script in regards to backup and restore.
Let you choose whether to backup encryption key or not.
Better handling for individual pathes. (#626, #623)
Fixes:
* LDAP Resolver: Verify SSL Certificate (Security)
* LDAP Resolver: Allow special characters in NTLM password
* LDAP Resolver: Allow searching for users with German umlaut
* Remove the "unsafe" notation in the QR-Code link, so that
a smartphone may import the key during HOTP/TOTP token enrollment
by clicking the link. (#620)
* Use defusexml to avoid XML bombs on token import (Security)
* Replace eval with ast.literal_evel (Security)
* Add missing attributes for U2F tokens in
validate/triggerchallenge API
* Let /validate/triggerchallenge write to audit log.
* Fix mangle policy for users and realms
* Avoid logging of password in check_user_pass in debug level
(level=10)
* Set encrypted PIN on enrollment for certificate tokens (#625)
* Remove unused policy action "motp_webprovision"
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
I just uploaded privacyIDEA 2.18dev3.
This is the feature complete release candidate for the 2.18 release.
So if you would like to test it, you can download it from pypi like
this:
pip install privacyidea==2.18dev3
otherwise you will install the latest stable version 2.17.
You can also install it from the launchpad devel repositories for
Ubuntu 16.04 and 14.04.
Add the devel repository like this:
add-apt-repository ppa:privacyidea/privacyidea-dev
Kind regards
Cornelius
Changelog
=========
Features:
* Allow to disable the WebUI (#605)
* The WebUI will lock the screen after a timeout instead of
logging out the user. This allows to easily continue
configuration work. (#621)
* Improve the creation and handling of local CAs (#630, #632, #633)
Allow certificate template for certificates with different runtime
and x509v3 extensions.
Enhancements
Enhancements in Policies:
* Allow regular expressions in usernames in policies. (#581)
* Improve Policy creation with pi-manage from JSON formatted file.
* WebUI: Add action grouping in policies.
* WebUI: Add action filter in policy view.
* Allow token specific PIN policies: The SPASS token can now
have dedicated PIN policies.
* Add PIN policies for administrators during enrollment and
during assignment.
* Add WebUI policy: only search on enter being pressed (#617)
Enhancements in Event Handlers:
* Add token_validity_period condition to event handlers. (#618)
* Add additional options in token handler when creating
SMS, Email or mOTP tokens.
* Allow tokenhandler to set tokeninfo field.
* Allow tokenhandler to set syncwindow.
* Add event handler condition for count_auth_success and
cound_auth_fail
* Add event handler condition for last_auth.
* Improve Audit Log for Event Handler. Each triggered action
will now also create an audit entry. (#609)
* Allow the use of {current_time} in tokenevent handler. (#628)
Enhancements in LDAP Resolver:
* Upgrade dependency to ldap3 version >=2.1.1 to improve LDAP
performance in regards to redundancy and security
* LDAP Resolver: Use get_info in bind requests to avoid querying
of subschema. (#585)
* LDAP Resolver: Support StartTLS over Port 389.
* Simplify LDAP Resolver: Remove username from Attribute Mapping.
* Simplefy LDAP Resolver: Remove reverse filter.
Misc Enhancements:
* Automatically add user's mobile number if tokentype is SMS.
* Add example configuration for GTX messaging SMS gateway.
* Add a script "privacyidea-get-unused-tokens" to find
unused tokens
* WebUI: Add a busy indicator spinner.
* Improve the pi-manage script in regards to backup and restore.
Let you choose whether to backup encryption key or not.
Better handling for individual pathes. (#626, #623)
Fixes:
* LDAP Resolver: Verify SSL Certificate (Security)
* LDAP Resolver: Allow special characters in NTLM password
* LDAP Resolver: Allow searching for users with German umlaut
* Remove the "unsafe" notation in the QR-Code link, so that
a smartphone may import the key during HOTP/TOTP token enrollment
by clicking the link. (#620)
* Use defusexml to avoid XML bombs on token import (Security)
* Replace eval with ast.literal_evel (Security)
* Add missing attributes for U2F tokens in
validate/triggerchallenge API
* Let /validate/triggerchallenge write to audit log.
* Fix mangle policy for users and realms
* Avoid logging of password in check_user_pass in debug level
(level=10)
* Set encrypted PIN on enrollment for certificate tokens (#625)
* Remove unused policy action "motp_webprovision"
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Michael Muenz
Mar 2, 2017, 5:58:52 AM3/2/17
to privacyidea
Hi,
I've just upgraded my test env and I'm totally in love with the circle showing the progress. :)
Now diving into the CA changes.
Thank you!
Michael
Cornelius Kölbel
Mar 3, 2017, 5:33:17 AM3/3/17
to privacyidea
Indeed. Thanks for the feedback.
This is a pull request from Quoc!
...and thanks for the PR!
Reply all
Reply to author
Forward
0 new messages