Skip to content

v2.0.0
Compare
Choose a tag to compare
@madmatt madmatt released this 20 May 23:58
2.0.0
5d1ea13
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

This release adds support for using Azure AD as an identity provider (IdP).

It also resolves medium and minor severity security issues with v1.0, and is a recommended upgrade.

This update makes one small backwards-incompatible change: instead of relying on YML configuration to determine whether or not to keep users logged in (via auto-login cookies), it will never keep users logged in, as this should be transparent when using the middleware, and is not secure if not using it (as we can't guarantee whether the user is still allowed access or not, as only the IdP knows that). This should not affect most sites using the module.

Assets 2
Loading