Changelog
Features
-
Use JDBC connection pooling
By default the pool has a size of 10 and a timeout of 30s to acquire a connection.
These settings can be changed with the following configuration properties:org.osiam.resource-server.db.maximum-pool-size
org.osiam.resource-server.db.connection-timeout-ms
-
Populate the
type
field of aGroup
's membersMembers of a
Group
have theirtype
field set to eitherUser
orGroup
. -
Make number of parallel connections to the auth-server configurable
The default is 40 and can be changed with the following configuration property:
org.osiam.auth-server.connector.max-connections
-
Make timeouts of connections to auth-server configurable
By default the read timeout is set to 10000ms and the connect timeout to 5000ms.
These settings can be changed with the following configuration properties:org.osiam.auth-server.connector.read-timeout-ms
org.osiam.auth-server.connector.connect-timeout-ms
Changes
-
Increase default timeouts for connections to auth-server
By default the read timeout is set to 10000ms and the connect timeout to 5000ms.
-
Increase default maximum number of parallel connections to auth-server
The default is 40.
-
Switch to Spring Boot
-
Refactor database schema
Note: Some fields in table
scim_extension_field
have been renamed:extension_internal_id
becomesextension
;is_required
becomesrequired
;
Update your SQL scripts, if you add SCIM 2 extensions via direct database
manipulation. -
Produce a meaningful log message and respond with
503 TEMPORARILY UNAVAILABLE
instead of409 CONFLICT
if the auth-server cannot be reached to validate or
revoke an access token. -
All invalid search queries now respond with a
400 BAD REQUEST
instead of
409 CONFLICT
status code. -
Respond with
401 UNAUTHORIZED
when revoking or validating an access token
fails because of invalid access token. -
Remove configuration property
org.osiam.resource-server.db.dialect
-
Remove self written profiling solution since we now use the Metrics
framework. This removes the configuration propertyorg.osiam.resource-server.profiling
-
Make the generated errors SCIM compliant
Error responses look like this according to Scim 2:
{ "schemas": ["urn:ietf:params:scim:api:messages:2.0:Error"], "detail": "Resource 2819c223-7f76-453a-919d-413861904646 not found", "status": "404" }
Fixes
-
Only set
UserEntity#active
if value is not nullPrevents a NPE when storing users that have no value for the
active
field. -
Use correct schema for Scim resources
Affected resources and the changes are:
User
:urn:scim:schemas:core:2.0:User
becomesurn:ietf:params:scim:schemas:core:2.0:User
Group
:urn:scim:schemas:core:2.0:Group
becomesurn:ietf:params:scim:schemas:core:2.0:Group
ListResponse
:urn:scim:schemas:core:2.0:User
/urn:scim:schemas:core:2.0:Group
becomesurn:ietf:params:scim:api:messages:2.0:ListResponse
ServiceProviderConfig
:urn:scim:schemas:core:2.0:ServiceProviderConfig
becomesurn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig
Updates
- OSIAM connector4java 1.8
- MySQL JDBC driver 5.1.37
- PostgreSQL JDBC driver 9.4-1205
- AspectJ 1.8.7
- Metrics Spring Integration 3.1.2