Connect2id server 12.11
This is a mini update to give Connect2id server deployments simple and precise control over the splash / landing page that is displayed when the configured issuer URL is opened in a browser. A new op.splashPage configuration property lets deployments choose between the current default splash page, a blank page, a redirection to the OpenID provider metadata, or to some other URL.
Example configuration to redirect HTTP requests to the issuer URL to the OpenID provider metadata:
op.splashPage=urn:c2id:splash_page:op_metadata
To redirect to some other URL:
op.splashPage=https://example.com
To show a blank page:
op.splashPage=urn:c2id:splash_page:blank
This release also fixes two issues. You can find more information in the release notes below.
Download 12.11
For the signature validation: Public GPG key
Standard Connect2id server edition
Apache Tomcat package with Connect2id server 12.11: Connect2id-server.zip
GPG signature: Connect2id-server.zip.asc
SHA-256: b3bd5cc5011c0cc31fe3465cbc6137da0e113a9185b88bff0acfa0b83f1d90f6
Connect2id server 12.11 WAR package: c2id.war
GPG signature: c2id.war.asc
SHA-256: ac0537550ead4e4b6e409d34b95e98b10b84ff1a1f0fb2d47548e5d09378172b
Multi-tenant edition
Apache Tomcat package with Connect2id server 12.11: Connect2id-server-mt.zip
GPG signature: Connect2id-server-mt.zip.asc
SHA-256: 4aa967b1d02b7e748d57570922a119e8da23985ec8c447bb84e97f20cb439a07
Connect2id server 12.11 WAR package: c2id-multi-tenant.war
GPG signature: c2id-multi-tenant.war.asc
SHA-256: 6cbab334668f3a6ac863ec177b7be8bdd7f5171e496748a9e91cdaef5ee42b90
Questions?
If you have technical questions about this new release contact Connect2id support. To purchase a production license for the Connect2id server, renew or upgrade your support and updates subscription, email our sales.
Release notes
12.11 (2022-05-22)
Configuration
/WEB-INF/oidcProvider.properties
op.splashPage -- New configuration property for the splash page to display at the Connect2id server issuer URL (
op.issuer).Supported values:
- urn:c2id:splash_page:default -- The default splash page, an HTML page showing the Connect2id server version, a list of the available endpoints and links to public online documentation.
- urn:c2id:splash_page:blank -- A blank page.
- urn:c2id:splash_page:op_metadata -- Redirects (HTTP 301) to the
OpenID provider metadata at
/.well-known/openid-configuration - https or http URL -- Redirects (HTTP 301) to the specified HTTPS or HTTP URL.
Resolved issues
Fixes a bug that affected the correct handling of the subject session "auth_life" property (for values > 0) in the authorisation session web API, used to determine when the authentication lifetime (in minutes) of a session expires and the subject (end-user) must be re-authenticated in the same session (issue server/756).
Adds custom static error pages for 404, 405 and other HTTP status codes handled by the Servlet container to hide the Servlet container version and other potentially sensitive information (issue server/745).