708ff300a3
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
132 lines
5.4 KiB
Markdown
132 lines
5.4 KiB
Markdown
---
|
|
title: Release 2021.2
|
|
slug: "2021.2"
|
|
---
|
|
|
|
## Headline Changes
|
|
|
|
- Managed objects
|
|
|
|
Objects like property mappings can now be marked as managed, which means that they will be created, updated and deleted by authentik.
|
|
|
|
Currently, this is used to update default property mappings, and mark tokens and users generated by outposts.
|
|
|
|
- Improved support for different LDAP Servers
|
|
|
|
The LDAP source has improved support for non-Active Directory LDAP setups. This includes the following changes:
|
|
|
|
- Switch to sync membership from groups to users rather than user to group
|
|
- Fix users, which were removed from a group in LDAP not being removed from said group
|
|
- Add support for LDAP servers which have core fields declared as lists
|
|
- Add property-mappings for groups, to map attributes like `name` or `is_superuser`
|
|
|
|
- Add test view to debug property-mappings.
|
|
|
|
## Fixes
|
|
|
|
- admin: add test view for property mappings
|
|
- core: Fix application cache not being cleared correctly (and not being ignored for searches)
|
|
- events: add send_once flag to send webhooks only once
|
|
- events: allow searching by event id
|
|
- events: don't log successful system tasks
|
|
- events: improve information sent in notification emails
|
|
- providers/oauth2: pass application to configuration error event
|
|
- providers/saml: fix imported provider not saving properties correctly
|
|
- root: use filtering_bound_logger for speed improvements
|
|
- stages/consent: fix wrong widget for expire
|
|
- web: migrate Provider List to SPA
|
|
|
|
## Fixed in 2021.2.1-rc2
|
|
|
|
- admin: add Certificate-Keypair generation
|
|
- admin: fix property-mapping views redirecting to invalid URL
|
|
- admin: improve layout for policy testing
|
|
- admin: remove old provider list view
|
|
- outpost: cap reconnect backoff at 60 seconds, reset backoff on successful connection
|
|
- policies: add debug flag to PolicyRequest to prevent alerts from testing policies
|
|
- providers/saml: force-set friendly_name to empty string for managed mappings
|
|
- root: add dedicated live and readiness healthcheck views
|
|
- web: fix link to provider list on overview page
|
|
- web: fix outpost item in sidebar being active on service connection views
|
|
|
|
## Fixed in 2021.2.1-stable
|
|
|
|
- admin: fix link in source list
|
|
- web: rebuild Outposts list in SPA
|
|
- outposts: Fix reconnect not working reliably
|
|
- providers/oauth2: add authorized scopes to AUTHORIZE_APPLICATION event
|
|
- providers/oauth2: add unofficial groups attribute to default profile claim
|
|
- web: fix sidebar being active when stage prompts is selected
|
|
|
|
## Fixed in 2021.2.2-stable
|
|
|
|
- crypto: move certificate and key data to separate api calls to create events
|
|
- events: rename context.token to context.secret
|
|
- events: rename token_view to secret_view
|
|
- lib: fix stacktrace for general expressions
|
|
- outposts: fix ProxyProvider update not triggering outpost update
|
|
- policies: skip cache on debug request
|
|
- providers/proxy: fix certificates without key being selectable
|
|
- root: log runtime in milliseconds
|
|
- sources/*: switch API to use slug in URL
|
|
- sources/ldap: add API for sync status
|
|
- sources/oauth: add callback URL to api
|
|
- web: fix ModalButton working in global scope, causing issues on 2nd use
|
|
|
|
## Fixed in 2021.2.3-stable
|
|
|
|
- core: fix tokens using wrong lookup
|
|
- web: fix missing source create button
|
|
|
|
## Fixed in 2021.2.4-stable
|
|
|
|
- admin: fix missing success_urls causing errors on create/update forms
|
|
- core: fix typo in user settings causing sources to not show
|
|
|
|
## Fixed in 2021.2.5-stable
|
|
|
|
- admin: fix policy list not having a refresh button
|
|
- events: pass Event's user to Notification policy engine when present
|
|
- helm: add initial wait for healthcheck
|
|
- outpost: improve logging output, ensure fields match api server
|
|
- root: fix request_id not being logged for actual asgi requests
|
|
- sources/oauth: fix buttons not being ak-root-link
|
|
- web: fix library not being full height, again
|
|
- web: fix outpost edit/delete buttons
|
|
- web: fix SiteShell breaking links when handlers are updated twice
|
|
|
|
## Fixed in 2021.2.6-stable
|
|
|
|
- admin: fix missing success_url for Cache clean views
|
|
- events: fix error when event can't be loaded in rule task
|
|
- flows: handle error when app cannot be found during flow import
|
|
- policies: sort groups in GroupMembershipPolicy policy and binding
|
|
- providers/oauth2: fix error when no login event could be found
|
|
- sources/ldap: fix API error when source has not synced yet
|
|
- sources/ldap: fix password setter on users which are not LDAP
|
|
- web: add sentry CaptureConsole
|
|
- web: fix colourstyles not being included in common_styles
|
|
|
|
## Upgrading
|
|
|
|
This release does not introduce any new requirements.
|
|
|
|
Due to the switch to managed objects, some default property mappings are changing. This affects only the SAML Provider.
|
|
|
|
The change affects the "SAML Name" property, which has been changed from an oid to a Schema URI to aid readability.
|
|
|
|
The integrations affected are:
|
|
- [Ansible Tower/AWX](/integrations/services/awx-tower/)
|
|
- [GitLab](/integrations/services/gitlab/)
|
|
- [NextCloud](/integrations/services/nextcloud/)
|
|
- [Rancher](/integrations/services/rancher/)
|
|
- [Sentry](/integrations/services/sentry/)
|
|
|
|
### docker-compose
|
|
|
|
Download the docker-compose file for 2021.2 from [here](https://goauthentik.io/version/2021.2/docker-compose.yml). Afterwards, simply run `docker-compose up -d` and then the standard upgrade command of `docker-compose run --rm server migrate`.
|
|
|
|
### Kubernetes
|
|
|
|
Run `helm repo update` and then upgrade your release with `helm upgrade authentik authentik/authentik --devel -f values.yaml`.
|