OpenAthens SP software end of life is approaching.
Keystone, Wayfinder and the OpenAthens federation are unaffected.

Search

Skip to end of metadata
Go to start of metadata

Latest release

7 August 2019

Minor changes

  • [CSP-3542] - The accounts menu item and the signout button have moved: dashboard accounts are now accessed via the cog, and sign out is via the user's name. Both in the top right. 


Known issues



Previous releases

10 July 2019

Significant changes

  • [CSP-3592] - Certificate thumbprints are now also available as a SHA-256 hash
  • [CSP-3594] - Added a preset rule to output targeted ID in the format idpEntityId!spEntityId!targetedId to ease migration to Keystone from older technologies

14 March 2019

Significant changes


28 June 2018 - Updates to support the certificate store change happening on 21 September

OASP
Notes
Java2.1.2Maven: Change version number in POM and build

Apache: atacama-platform

2.1.5

sudo yum update openathens-sp

sudo service httpd restart

.NetNo change requiredUses windows certificate store
Publisher dashboard1.0.5
Released on21 September 2017

Significant changes

Publisher dashboard1.0.4
Released on22 June 2017

Significant changes

  • [CSP-1241] - SAML discovery service support has been added for OASP.
Publisher dashboard1.0.3
Released on28 March 2017

Significant changes

  • [CSP-775] - Healthcheck request was causing a nullpointer error
  • [CSP-776] - Unavailable IdP entities could cause the Additional IdP page to hang
  • [CSP-805] - Updated syntax check on the redirector's tokenised access URLs to not require http(s):// at the start.
  • [CSP-881] - Improved certificate checking to eliminate false positives from the error display
  • [CSP-878] - Saving updated redirector syntax could fail
  • [CSP-957] - Include the service desk's test domain in the OpenAthens SP config until it is made live
  • [CSP-970] - Provide audit information per application / connection
Publisher dashboard1.0
Released on22 November 2016

Major new features

FeatureAvailable toNotes
New publisher dashboardAll SPsDocumentation: OpenAthens Publisher Dashboard
Rewritten SP documentationAll SPsRationalised and simplified to work alongside the new publisher dashboard
Simplified OASP configuration including automatic configuration of OpenAthens federationOpenAthens SP users
Simplified OpenAthens federation configurationAll SPs
Faster updates to OpenAthens federation metadataAll federation usersRrather than waiting up to 24 hours, updates are now live within 15 minutes
Old federation dashboard no longer availableNo one
Old SP dashboard no longer availableNo one
OASP2.1.1 Java
Released on19 July 2016


New Features

  • OASP-235 - Cached metadata is no longer shared between web applications on the same server. Each web application now has its own metadata cache.
Issues Resolved
  • OASP-20 / OASP-48 - Java OASP no longer requires the variant and version to be specified when updating.
  • OASP-65 - Query strings now supported on Java OASP.

Known Issues

With the introduction of support for query strings (OASP-65) the memory footprint increases if multiple web applications are present on the same server. It is recommended that customers who support this configuration confirm that the server has adequate resources available.

Upgrade

Java upgrading from 2.0 to 2.1.x



Version

 OASP2.1
Released on20 January 2015
  • SP Dashboard

  • New Features

  • Control permissions for managing configurations

It is now possible for an administrator to control which other users in an organisation can edit or update a configuration. 

  • Support for multiple administrators from a single organisation

Administrators can now create additional users in their organisation, provided they are one level below the domain administrator

  • New advance options added to make SAML profiles configurable

There are now additional configuration options for SAML profiles, including ability to set SAML versions. Any new configurations that are created will not support SAML 1 & 2 Artifact by default.

  • OpenAthens federation added to list of available federations

Minor change to add the OpenAthens federation to the drop down list of federations when managing configurations

  • Status changes of configurations now dynamically updated

The status of a configuration (Published / Unpublished) is now updated dynamically when the status is changed, removing the need to manually refresh the page

  • Single Sign On from SP Dashboard to the OpenAthens Admin Area

When signed in to the SP dashboard, it is now possible to access the OpenAthens Admin Area (For example to change account details) without signing in again

Relevant help pages: Familiarisation with the OpenAthens SP dashboard, and Creating a configuration with the OpenAthens SP dashboard

  • Issues Resolved

  • Federation URLs corrected
    Updated the preconfigured list of federation URLs to correct outdated information
  • Fixed an issue with autocomplete when configuring a default IdP


  • Software



.NetApacheJava
  • New features




Removal of KeyAuthority

The UK access management federation updated their support for the PKI trust mechanism in June 2014.  Apache and .Net versions of OpenAthens SP V2.0 required the <KeyDescriptor> to be available.  As a result customers using these versions could not use the latest UKfed metadata.  OpenAthens SP V2.1 has been updated to address this issue and customers using the .Net and Apache versions no longer need to use the fall back metadata once upgraded

 YesYesn/a

Streamlined metadata management

OpenAthens SP will only load IdP entities when consuming the metadata to decrease loading times
 YesYesYes

Unified the namespace for scoped and non-scoped attributes to provide consistency across SAML 1.1 and SAML 2.0

For SAML 1 the scoped attribute that was in the namespace:

OA_OASCOPED_URN_MACE_DIR_ATTRIBUTE_DEF_EDUPERSONSCOPEDAFFILIATION

will now be in the namespace

OA_URN_MACE_DIR_ATTRIBUTE_DEF_EDUPERSONSCOPEDAFFILIATION

 YesYesYes

Option to use memcached for improved management of memory and caching

The option to use memcached is now available in the advance settings of the SP dashboard.  This provides more efficient performance by storing metadata in memory
 n/aYesNo

Centos 7 as an approved platform

n/aYesYes

Support for product installations from MAVEN

OpenAthens SP is now available as a MAVEN dependency to make upgrading and installing easier from within a Java project

n/an/aYes




  • Issues resolved




Downgraded libmemcache to the distro version to avoid conflicts with other packages

Installation of OpenAthens SP on Apache was showing conflicts with the version provided in version2.0.  These conflicts have been resolved by reverting to the distro version
 n/aYesn/a



OASP2.0.2 Apache
Released on20 August 2013

The specific issues fixed in this maintenance release are all related to the Apache version:

  • atacama-platform-2.0.2-19387.i386.rpm
  • Updated the sql modules (FreeTDS and MySQL).
  • Code changes made so that any values in the non-default group will be treated as input arguments. This is an intermediate fix to allow better control of input arguments. The underlying issue relates to the third party libraries for Free-TDS and MSSQL not working well together.
  • mod_openathens-2.2.2-19387.i386.rpm

Changes made to SELinux policies to:

  • Allow Httpd to access the '*.so' files in the modules directory.  This was previously being done incorrectly in the Atacama-platform rpm.
  • Allow the runtime to connect to the MSSQL and MYSQL daemon ports (1433 and 3006 respectively).


OASP2.0.2 Java
Released on4 September 2012

The specific issues fixed in this maintenance release are all related to the Java version:

  • Fixed bug so that content type header (text/html) is correctly added to the builtin pages (e.g /oa/debug, /oa/logout).
  • Allowed the behavior of the authReceiverURL dataSource to be
    controlled via the web.xml. See Controlling the Assertion Consumer Service URLs for further details.


OASP2.0.1 Java
Released on5 August 2011

The specific issues fixed in this maintenance release are all related to the Java version:

  • Fixed bug in signature checking logic when processing SAML2 responses
  • Changed session management behavior.
    Previously if a user logged in via Identity Provider X and then via Identity Provider Y without logging out, the session would contained a merged view of
    the attributes obtained from both Identity Providers.
    This has been changed so that attributes obtained from Identity Provider X will be purged, before attributes from Identity Provider Y are added.


OASP2.0
Released on12 January 2011

OpenAthens SP 2.0 introduces a number of features designed to make the installation, configuration and management of the software easier, more flexible and more intuitive.

  • What's new in OpenAthens SP 2.0?

Feature

Description

Benefit

Management Dashboard

Create new configurations for multiple different websites. Update contact details for your organisation.

Web-based interface for the creation and management of configurations. This allows the configurations for all your sites to be managed and stored in one place. It enables easy migration between versions of OpenAthens SP and your website.

Federation wizards

Add support for new federations via the configuration site.

When creating a new configuration a wizard will step you through the process of adding support for multiple identity federations. It is possible to add additional federations later with a few clicks in the dashboard.

Updated Apache module

The Apache module (mod_openathens) has been renamed and updated.

It brings more flexibility and support for the latest versions of Apache. It is the same full-featured, robust platform that is used for OpenAthens LA.

Software repositories

A yum software repository for RedHat/CentOS Linux.

When using the Apache module on RedHat/CentOS 5.x Linux servers, the yum software repository bring simple installation and ensures that software is kept up-to-date. New versions of OpenAthens SP can be installed or upgraded using the same process.

Java modules

Improved integration with Java environments.

Improved Servlet filter and integration with Java application servers. Improved support for various popular Java servers, including Glassfish.

.NET framework

An all-new .NET framework for integration on Windows platforms running .NET.

Easy integration with .NET applications via a native .NET API and HTTPModule. This brings deep integration with the .NET platform, making it simple to add support for your existing and new .NET applications.

  • No labels