Multitenant backend server for building web and mobile apps rapidly. The backend for busy developers. (self-hosted or hosted)
09bf831c removed unused import in LDAPAuthenticator
c6a66e33 Merge pull request #266 from mljohns89/ldap-authenticated-read-access
979446a4 use afterPropertiesSet to initialize authenticationSource
46e87da1 updated dependencies 0eef6246 Merge pull request #259 from mljohns89/ldap-authenticated-read-access 1b132940 support for ldap servers requiring authentication for read access
31d8aed4 [maven-release-plugin] prepare for next development iteration cf1e59d4 [maven-release-plugin] prepare release v1.49.3 fc9e622b updated dependencies f3884a32 updated JWT library feaf6b0f added better error message if local file is missing 08cee4bc added option to send host_url as an index appended to appid in the state parameter of an auth request 64c4a81e [maven-release-plugin] prepare for next development iteration
01d55119 added support for different host_url parameters in redirect URLs back to client app, after signin succes/failure a8ad7b53 updated dependencies 34a0e5e9 added support for sending attachments along with emails in the Emailer class e5c647dd Merge pull request #248 from BulkSecurityGeneratorProjectV2/fix/JLL/use_https_to_resolve_dependencies_maven b7aa5dec vuln-fix: Use HTTPS instead of HTTP to resolve deps CVE-2021-26291
428604b6 updated dependencies bfc16a46 fixed bug where new config values don't get saved to application.conf file when set through System.setProperty(), closes Erudika/scoold#423 e579d7cc fixed exceptions on startup when configuration file is missing, and also fixed bug where Para would not save/update secret in config file fb62068e added password length check to user password validation method 386aa9d1 added option for not sending scope parameter in OAuth2 token requests when using the GenericOAuth2Filter
440f9d1c Merge pull request #223 from Erudika/dependabot/maven/para-server/org.springframework.security-spring-security-config-5.8.5
e91017f1 Bump spring-security-config from 5.8.3 to 5.8.5 in /para-server
d894cc28 updated H2 migration script
32c32e3b fixed annotation data in ParaConfig
93b807fb allow dots and commas in user names
b0bee32b updated dependencies
7accd8b4 fixed user names should be allowed to contain dashes and apostrophes
d401a474 fixed user name should not contain special symbols
ae657b8d update Jackson
3a64cbcb updated dependencies
b32be057 fixed global tables not deleted in AWSDynamoUtils due to missing global table exception
18774400 fixed PasswordlessAuthFilter exception and allowed it to return the auth JWT directly with a new request parameter
7e96d399 updated Spring Boot
09ac0a83 Merge pull request #215 from Erudika/snyk-fix-c1035ab963e379f00bc30bb916e58064
30a018d4 fix: para-server/pom.xml to reduce vulnerabilities
f546f4ed updated maven plugins 83c2b598 updated dependencies 3b353bc8 updated dependencies fd5fd862 updated dependencies 5569bb18 updated dependencies a2eb43a7 updated dependencies 0848eb40 updated SnakeYaml
b69d0a3d updated dependencies cfd5116c fixed SAML Metadata filter not being registered after Spring Boot update 5dbb875d fixed access log not disabled when scoold.file_logger_level=OFF 2228a935 fixed minor logback configuration issue
5a3d5b74 added new utility methods to ParaClient for reading and updating all objects using search-after pagination logic
7c9eb1bd fixed exception when working with the new http-client API
e7e62e31 fixed deprecations
f66ddc57 fixed bug where auth requests would fail when Para is deployed under a context path
42b7cac8 fixed custom identifier prefix should not be added to all identifiers
1439e5fa added user identifier validation and error message, custom: identifier prefix now mandatory for passwordless auth
faa0e7f2 added option to disable logging to file para.file_logger_level = 'OFF'
37862b52 fixed verbose logging message when user account is locked out
bb872055 fixed appid parameter used by Oauth2 filter should have precedence over state parameter
44656f5d fixed LDAP auth filter group assignment from LDAP attributes not working with memberOf authorities/groups, fixes Erudika/scoold#351 bb032c9f fixed error caused by using ?appid={appid} params in OAuth2 requests, as alternative to ?state={appid} e3d92dbc updated Jose JWT d5c3b310 Merge pull request #180 from Erudika/snyk-fix-5509f06781021ec78eef6ffec512a65f e06847bc fix: para-server/pom.xml to reduce vulnerabilities a48f3dfc fixed bug preventing admin/mod groups auto assignment for LDAP requests 1e6bb6b4 added plugin profiles to para-jar/pom.xml ed2a1c7c fixed crash on startup when JavaMail implementation is selected