Table of Contents | ||||
---|---|---|---|---|
|
SSO header change for RESTful services
In Apache Syncope 2.0.3, SSO support was added (
Jira | ||||||
---|---|---|---|---|---|---|
|
curl -H "X-Syncope-Token: eyJ0e..." http://localhost:8080/syncope/rest/users/self
From Syncope 2.0.4 onwards (
Jira | ||||||
---|---|---|---|---|---|---|
|
curl -H "Authorization: Bearer eyJ0e..." http://localhost:8080/syncope/rest/users/self
JWS signing key reference
In Apache Syncope 2.0.3, the default signing JWS key was referenced in securityContext.xml as follows: "${jwsKey}.bytes". However, this was incorrect and results in the key value with ".bytes" appended to it. In Syncope 2.0.4, the following value should be used instead "#{jwsKey.getBytes()}".
Default key and password checking
In Apache Syncope 2.0.4, a warning is logged if the default JWS key is used to either create/update an access token, or is used to invoke on a RESTful service. A similar warning is logged if the default anonymous key is used to invoke on a RESTful service.
...
Before starting
Due to the changes occurred in JWT management, execute the SQL query below on your internal storage:
Code Block | ||
---|---|---|
| ||
DELETE FROM AccessToken; |
Please beware that the statement above will invalidate any existing session.
Source changes
POM
In the root pom.xml
:
change
parent/version
from2.0.3
to2.0.4
change
properties/syncope.version
from2.0.3
to2.0.4
Other
Replace the following files with their 2.0.4 counterparts (re-apply any customization previously made):
- core/src/main/resources/indexes.xml
- core/src/main/resources/log4j2.xml
- core/src/main/resources/persistence.properties
- core/src/main/resources/provisioning.properties
- core/src/main/resources/security.properties
- core/src/main/resources/views.xml
- core/src/main/resources/domains/Master.properties
- core/src/main/resources/domains/MasterContent.xml
- core/src/test/resources/domains/Master.properties
- core/src/test/resources/domains/MasterContent.xml
- core/src/test/resources/domains/Two.properties
- core/src/test/resources/domains/TwoContent.xml
- console/src/main/resources/console.properties
- all files under enduser/src/main/webapp/app/