LemonLDAP::NG 2.0.7 is out!

This new release fixes more than 60 issues. Here are some of bugfixes and improvements of this release:

• Security:
  • [Security: medium, CVE-2019-19791] Apache access rules and SOAP/REST endpoints
  • [Security:medium] Redirection in OpenID Connect is granted by default if no URI defined in oidcRPMetaDataOptionsRedirectUris
  • [Security:low] afterData plugins (grantSession) cannot prevent session establishment when 2FA is in use
• Bugs:
  • Issuer urldc is lost after error in 2F flow or notification flow
  • Outgoing emails are missing a Date: field
  • Zimbra preauth not working
  • REST config service not working
  • Server Error with OpenID Connect register endpoint
  • Manager version comparator does not work with minified JS
  • Reset expired password doesn't trigger when using Combination
  • Kerberos not working with session upgrade
  • After temporary ldap failure, ldap connections stop working forever
  • Authenticating with external OpenID Connect Provider fails because of special chars in user name
• Improvements:
  • Possibility to configure new plugins in Manager
  • Append overScheme for persistent sessions
  • Allow differents type of managerDN
  • Append a requiredAuthenticationLevel option for each uri
  • Add an option to force claims in ID token
  • Possibility to set attributes and extra claims in OIDC registration endpoints
  • Specific message and error code for 2F failure
• New features:
  • Add per-service macros
  • New script to convert sessions between backends
  • Renew Captcha button
  • Provide refresh tokens in OpenID Connect
  • Certificate reset by mail
  • Possibility to view/close other sessions opened for the same user
  • Create a web service for "refresh my rights"

The full changelog can be seen here: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/milestones/69

Upgrade notes: https://lemonldap-ng.org/documentation/latest/upgrade#section207

Download: https://lemonldap-ng.org/download

They made this release:

• Core team: Maxime Besson, Xavier Guimard, Christophe Maudoux and Clément Oudot
• Organizations : Gendarmerie Nationale, Worteks, CNAMTS, Orange, CSTB, Urgences Santé Québec, FER Genève, Linagora, SITIV, Métropole Européenne de Lille
• Community (issues opening, tests, patches, pull requests) :  David Coutadeur, Andreas Deschka,  Daniel Berteaud, Grégory Roy, Antoine Rosier, Mickael Bride, Vincent Filali-Ansary, Dave Conroy, Julien Ledoux, Louis Chemineau, Vincent Mazenod, Xavier Bachelot

If you use LemonLDAP::NG and enjoy it, please let us know:

• https://lemonldap-ng.org/references
• https://www.openhub.net/p/lemonldap-ng
• http://alternativeto.net/software/lemonldap-ng/
• https://comptoir-du-libre.org/softwares/view/101
• https://framalibre.org/content/lemonldapng
• http://twitter.com/lemonldapng
• https://www.facebook.com/lemonldapng/