a745022f06
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
71 lines
3 KiB
Markdown
71 lines
3 KiB
Markdown
---
|
|
title: Release 2021.7
|
|
slug: "2021.7"
|
|
---
|
|
|
|
## Headline Changes
|
|
|
|
- SSL Support for LDAP Providers
|
|
|
|
You can now configure certificates for your LDAP Providers, meaning that all communication will be done encrypted.
|
|
|
|
Currently, only SSL on port 636 is supported, not StartTLS.
|
|
|
|
- Add bundeled docs
|
|
|
|
You can now browse the authentik docs for your version by browsing to `/help`. This means you don't have to rely on an
|
|
internet connection to check the docs, and you also have the correct docs for your currently running version.
|
|
|
|
## Minor changes
|
|
|
|
- api: Tunnel Sentry requests through authentik to prevent them being blocked by ad-blockers
|
|
- core: fix error when setting icon/background to url longer than 100 chars
|
|
- events: fix error when slack notification request failed without a response
|
|
- flows: allow variable substitution in flow titles
|
|
- outposts/ldap: Fix LDAP outpost missing a `member` field on groups with all member DNs
|
|
- outposts/ldap: Fix LDAP outpost not parsing arrays from user and group attributes correctly
|
|
- providers/oauth2: allow blank redirect_uris to allow any redirect_uri
|
|
- providers/saml: fix parsing of POST bindings
|
|
- root: add PROXY protocol support for http, https, ldap and ldaps servers
|
|
- root: Allow configuration of Redis port
|
|
- root: set samesite to None for SAML POST flows
|
|
- root: subclass SessionMiddleware to set Secure and SameSite flag depending on context
|
|
- web: fix error when showing error message of request
|
|
|
|
## Fixed in 2021.7.1-rc2
|
|
|
|
- core: add email filter for user
|
|
- core: add group filter by member username and pk
|
|
- core: broaden error catching for propertymappings
|
|
- lib: fix outpost fake-ip not working, add tests
|
|
- outpost: fix 100% CPU Usage when not connected to websocket
|
|
- outposts: ensure outpost SAs always have permissions to fake IP
|
|
- outposts: fix git hash not being set in outposts
|
|
- outposts: save certificate fingerprint and check before re-fetching to cleanup logs
|
|
- outposts/ldap: add tracing for LDAP bind and search
|
|
- outposts/ldap: improve parsing of LDAP filters
|
|
- outposts/ldap: optimise backend Search API requests
|
|
- outposts/proxy: add X-Auth-Groups header to pass groups
|
|
- providers/oauth2: handler PropertyMapping exceptions and create event
|
|
- providers/saml: improve error handling for property mappings
|
|
- sources/ldap: improve error handling for property mappings
|
|
- web: fix icon flashing in header, fix notification header icon in dark mode
|
|
- web: separate websocket connection from messages
|
|
- web/admin: fix missing dark theme for notifications
|
|
- web/admin: fix negative count for policies when more cached than total policies
|
|
- web/admin: improve UI for notification toggle
|
|
- website/docs: clear up outpost uuids
|
|
- website/docs: remove duplicate proxy docs
|
|
|
|
## Upgrading
|
|
|
|
This release does not introduce any new requirements.
|
|
|
|
### docker-compose
|
|
|
|
Download the docker-compose file for 2021.7 from [here](https://raw.githubusercontent.com/goauthentik/authentik/version-2021.7/docker-compose.yml). Afterwards, simply run `docker-compose up -d`.
|
|
|
|
### Kubernetes
|
|
|
|
Upgrade to the latest chart version to get the new images.
|