authentik/website/docs/releases/v2021.7.md

3.0 KiB

title slug
Release 2021.7 2021.7

Headline Changes

  • SSL Support for LDAP Providers

    You can now configure certificates for your LDAP Providers, meaning that all communication will be done encrypted.

    Currently, only SSL on port 636 is supported, not StartTLS.

  • Add bundeled docs

    You can now browse the authentik docs for your version by browsing to /help. This means you don't have to rely on an internet connection to check the docs, and you also have the correct docs for your currently running version.

Minor changes

  • api: Tunnel Sentry requests through authentik to prevent them being blocked by ad-blockers
  • core: fix error when setting icon/background to url longer than 100 chars
  • events: fix error when slack notification request failed without a response
  • flows: allow variable substitution in flow titles
  • outposts/ldap: Fix LDAP outpost missing a member field on groups with all member DNs
  • outposts/ldap: Fix LDAP outpost not parsing arrays from user and group attributes correctly
  • providers/oauth2: allow blank redirect_uris to allow any redirect_uri
  • providers/saml: fix parsing of POST bindings
  • root: add PROXY protocol support for http, https, ldap and ldaps servers
  • root: Allow configuration of Redis port
  • root: set samesite to None for SAML POST flows
  • root: subclass SessionMiddleware to set Secure and SameSite flag depending on context
  • web: fix error when showing error message of request

Fixed in 2021.7.1-rc2

  • core: add email filter for user
  • core: add group filter by member username and pk
  • core: broaden error catching for propertymappings
  • lib: fix outpost fake-ip not working, add tests
  • outpost: fix 100% CPU Usage when not connected to websocket
  • outposts: ensure outpost SAs always have permissions to fake IP
  • outposts: fix git hash not being set in outposts
  • outposts: save certificate fingerprint and check before re-fetching to cleanup logs
  • outposts/ldap: add tracing for LDAP bind and search
  • outposts/ldap: improve parsing of LDAP filters
  • outposts/ldap: optimise backend Search API requests
  • outposts/proxy: add X-Auth-Groups header to pass groups
  • providers/oauth2: handler PropertyMapping exceptions and create event
  • providers/saml: improve error handling for property mappings
  • sources/ldap: improve error handling for property mappings
  • web: fix icon flashing in header, fix notification header icon in dark mode
  • web: separate websocket connection from messages
  • web/admin: fix missing dark theme for notifications
  • web/admin: fix negative count for policies when more cached than total policies
  • web/admin: improve UI for notification toggle
  • website/docs: clear up outpost uuids
  • website/docs: remove duplicate proxy docs

Upgrading

This release does not introduce any new requirements.

docker-compose

Download the docker-compose file for 2021.7 from here. Afterwards, simply run docker-compose up -d.

Kubernetes

Upgrade to the latest chart version to get the new images.