LemonLDAP::NG 2.18 is out!
This is a new release for 2.0 major version including fixes improvements and new features.
⚠ Please follow upgrade notes if you upgrade from a previous version!
🔐 Security
A small security issue has been fixed: we now enforce Safe Jail in lemonldap-ng.ini to disable the possibility for someone having only access to Manager to disable it. See #2980
🌟 Improvements and new features
OpenID Connect
A lot of improvements of this release are linked to OpenID Connect protocol:
- JWT encryption (JWE)
- New supported algorithms: EC* and PS*
- Parameter acr_values can now be used to require a specific authentication level
- Add client_secret_jwt and private_key_jwt authentication mechanisms
Second Factors (2FA)
First, we improved the user experience (UX):
- User is now redirected to 2FA Manager after registering its device
- User can remember its 2FA with Trusted Browser plugin
A big evolution has also been done in WebAuthn (FIDO2) to manage attestation validation
Password management
Some improvements for password management:
- Password strength indicator relying on zxcvbn
- Possibility to trigger password reset through CLI
- Encryption of password if password is stored in session
📃 Changelog
The full changelog can be found here.
⬇ Download
Use the official repositories (Debian/RPM), our Docker image or get the archives.
👏 Credits
A lot of people and organizations have contributed to this version, thanks to them!
- Core team: Maxime Besson, David Coutadeur, Xavier Guimard, Christophe Maudoux and Clément Oudot
- Organizations : Gendarmerie Nationale, Worteks, Linagora, Orange, INRAE, CNAM, Université de Limoges, Université Lyon 2, Ministère de l'Agriculture, Fiducial, Métropole de Lyon
- Community (issues opening, tests, patches, pull requests) : Xavier Bachelot, Mickael Bride, Bruno MATEU, Emmanuel Decoux, Jérôme Lagrue, Antoine Gallavardin, Hadrien Pelissier, Dave Conroy, Raphaël Odienne, Marek Wójtowicz
If you use LemonLDAP::NG and enjoy it, please let us know:
- https://lemonldap-ng.org/references.html
- https://www.openhub.net/p/lemonldap-ng
- http://alternativeto.net/software/lemonldap-ng/
- https://comptoir-du-libre.org/softwares/view/101
- https://framalibre.org/content/lemonldapng
- https://fosstodon.org/@lemonldapng
- http://twitter.com/lemonldapng
- https://www.facebook.com/lemonldapng/