Experimental Single Sign On server, OAuth2, Openid Connect, multiple factor authentication with, HOTP/TOTP, FIDO2, TLS Certificates, etc. extensible via plugins
user_backend_api_run_enabled
, user_middleware_backend_api_run_enabled
, client_backend_api_run_enabled
, scheme_api_run_enabled
to list authorized backend or schemes for a Glewlwyd instanceoriginating_ip_header
to specify the header value containg the originating IP address, if anyresponse_body_limit
and max_header
to limit download sizes when relevant-Wconversion
This release contains a security fix in the library rhonabwy. If you allow encrypted tokens using RSA-OAEP algorithms, please upgrade your Glewlwyd version.
login_api_enabled
to enable/disable authentication APIsplugin_api_run_enabled
to list authorized plugins for a Glewlwyd instanceresponse_allowed_compression
to enable/disable API response compressionadmin_session_authentication
to enable/disable admin API authentication methods, API key is disabled by defaultprofile_session_authentication
to enable/disable user profile API authentication methodsallow_multiple_user_per_session
to enable/disable multiple users per sessioncookie_same_site
and max_post_size
glewlwyd_resource.c
bug with token verificationThe "Third dose Release"
issued_for
recordsusername
as claim in the access tokenThis is a security release, if you use the webauthn scheme, please upgrade your Glewlwyd version.
This is a security release, please upgrade your Glewlwyd version.
plugin_user_revoke
in pluginsadd_x_frame_option_header_deny
to allow removing header X-Frame-Options: deny
The "Green Zone Release"