Gluu Server Roadmap

An open source, enterprise IAM platform you can depend upon long-term. See the roadmap below to determine which version is right for your project.

Pick the Gluu Product:

Gluu Server Roadmap

Version 4.1

Latest Stable Release

Highlights

  • OIDC client creation improvements
  • Shibboleth IDP cache support
  • Casa and oxd moved to installation script

Install Gluu 4.1

 

Version 4.2

ETA: May 2020

Highlights

  • OpenID Connect FAPI conformance 
  • Consolidation of FIDO U2F and FIDO 2 security keys
  • Support for OpenID Connect Client Initiated Backchannel Authentication Flow (CIBA)
  • New interception scripts: Front Channel logout, Post-Authn Authorize
  • OpenID Back channel logout
  • New tests to insure conformance with OpenID logout self-certification
  • Improved support for localization
  • Spontaneous scope support for UMA
  • Swagger documentation of oxAuth API’s
  • Support OpenID prompt=select and prompt=consent parameters
  • Support for FIDO 2 password authentication
  • Implement OpenID Connect offline access

Version 4.3

ETA: August 2020

Highlights

  • Redesigned oxTrust UI
  • More oxTrust auditing and reporting features

Version 4.1 Issues

GluuFederation/oxAuth

  • #1258 oxAuth composes wrong header for id_token when certain state of its keyset is reached
  • #1251 Extra Client Metadata in Registration Request throwing NPE
  • #1246 Gluu 4.1 QA - Super Gluu sending push notification to different device for an admin user
  • #1237 Overlap in QR code scanning for super gluu authentication
  • #1233 Don't insert ou=pairwiseIdentifiers tree node into DB which not supports tree model
  • #1232 Support localel with - instead of _ in the name
  • #1231 Cluster: CM rotates keys but oxauth is not aware of it. Keystore is loaded only at start up.
  • #1229 After some time oxauth running keys idToken can't be issued due to keys problem
  • #1223 u2f enrollment & authn failing in latest firefox
  • #1221 During MTLS authentication session user is not re-configured which leads to infinite loop between authorization action and endpoint
  • #1218 Store extra parameters after final authnetication step
  • #1217 Front-channel logout breaks when cache type is set to redis or memcached.
  • #1214 Fix oidc session change detection
  • #1210 JWT signature fails when using algorithms other than RSA
  • #1209 Support domain cookie option in session cookies
  • #1208 Fix native cache random errors which led to 3% AuthZ flow failures
  • #1207 Failed to render updates in oxAuthRP
  • #1201 Allow to change cleaner interval without restarting oxAuth
  • #1200 "sub" claim is absent from id_token and userinfo response when certain attributes are used as source for it
  • #1199 Registered clients disappear one day after created regardless of client expiration value ?
  • #1189 Issued session_id claim in RO grant type
  • #1188 Add new method to ROPC scritp to allow modify token response
  • #1147 Use new delete method with filter in clean up jobs
  • #1078 Check expiration of JWT encoded profile used in passport flows
  • #720 Add support for DELETE request to OIDC Dynamic Registration endpoint

GluuFederation/oxTrust

  • #1921 Gluu 4.1 QA - Software Statement field under OIDC client is disabled by default
  • #1918 Unable to add user on first attempt
  • #1917 Gluu 4.1 QA - Registered devices are not appearing under user profile
  • #1916 Gluu 4.1 QA - No validation error message for Attribute creation with hybrid backend
  • #1912 Remove 2nd 'password and confirm password' message
  • #1911 OTP enrollment is listed twice in users profile page
  • #1909 Add a notification to UI when new version is available
  • #1906 Remove code related to IMAP and photo from the user profile
  • #1905 Allow to specify inum in API calls
  • #1904 Few Fido2 JSON parameter are missing in GUI
  • #1901 Use empty value for date instead of 'null' if blank in OpenID client form
  • #1900 Unable to modify attribute - schema error
  • #1899 Gluu 4.1 QA - Cache Refresh throwing exception with hybrid backend
  • #1898 Gluu 4.1 QA - Unable to update log debug level for oxtrust from UI with couchbase backend
  • #1897 Keeping client's 'change secret' blank removing existing clientSecret
  • #1896 redis password is not mandatory
  • #1895 Remove sentinelMasterGroupName in redisConfiguration
  • #1894 Multi value attribute's second value not showing in 'Profile' page
  • #1893 Name change: "Custom Attributes" to something else
  • #1892 Enforce https scheme for redirect_uri in web UI
  • #1888 Hide "Manage Saml Acrs" menu if SAML is not installed
  • #1885 Make username field readonly while editing person
  • #1884 Make inum field readonly while editing person
  • #1882 Inaccurate description of scim field in attribute form
  • #1880 Enable/Disable OpenDJ mail uniqueness
  • #1878 Unable to create unexpired client
  • #1877 Wrong time in client form
  • #1876 Test Cache Provider
  • #1875 Show warning when gluuCustomperson attributes list is empty on User Form
  • #1874 Store server stats in separate entry
  • #1872 Fix defaultScope checkbox in scope form
  • #1871 Client Attributes can't be persisted from web UI
  • #1728 Implement SCIM change log and expose API to get changes from certain date

Gluu Gateway Roadmap

Version 4.1

Latest Stable Release

Highlights

  • Kong upgraded to 2.0
  • Access token improvements
  • Enhanced Graphana metrics

Version 4.2

ETA: May 2020

Highlights

  • Add ability to cluster Gluu Gateway
  • Support spontaneous scopes
  • Implement Kong log rotation

Version 4.3

ETA: August 2020

Highlights

  • Support Swagger configuration
  • Add support for ES algorithms for JWT verification
  • Improved control over cache size
  • Move user sessions to server-side storage

Gluu Casa Roadmap

Version 4.1

Latest Stable Release

Highlights

  • Application is now suitable to be supported in a manually clustered environment
  • Added support for SMPP for delivery of OTP codes via SMS
  • Fix UI overlaps in 2FA authentication pages
  • Added support for memcached if underlying Gluu server uses it as cache provider
  • Remove potential file descriptors leak

Version 4.2

ETA: May 2020

Highlights

  • Container and cluster improvements for full HA
  • Add support for browser certificate authentication
  • Unify U2F and FIDO2 strategies
  • App configuration enhancements
  • UX improvements in the authentication flow

Version 4.3

ETA: August 2020

Highlights

  • Create Developer Portal Plugin
  • Add support for DUO credentials
  • Support role-based access

Cluster Manager Roadmap

Version 4.1

Latest Stable Release

Highlights

  • Added support for clustering oxd nodes
  • Removed hard-coded license enforcement

Version 4.2

ETA: May 2020

Highlights

  • Add support for clustered Casa nodes
  • Implement Redis Cluster, rather than single-node

Version 4.3

ETA: August 2020

Highlights

  • Refactor and streamline Cluster Manager code
  • Migrate to Python 3

oxd Roadmap

Version 4.1

Latest Stable Release

Highlights

  • Added validation steps for spec conformance

Version 4.2

ETA: May 2020

Highlights

  • Support proxy configuration
  • Upgrade Swagger documentation version
  • Add Windows setup file
  • Upgrade dependencies

Version 4.3

ETA: August 2020

Highlights

  • FAPI RP conformance
  • OpenID certification conformance