LATEST VERSION: 1.3 - CHANGELOG
Single Sign-On v1.3

Release Notes

1.3.2

Release date: 10 April 2017

  • This releases addresses the upgrade issues introduced in version 1.3.1 of the Single Sign-On Service tile.

1.3.1

Release date: 29 March 2017

Critical: Pivotal Single Sign-On Service upgrade from 1.3.0 to 1.3.1 fails and causes failure of any further “Apply Changes” from Pivotal Operations Manager.

This notification applies only to customers who have installed Pivotal Single Sign-On Service 1.3.0 and are planning to upgrade to Pivotal Single Sign-On Service 1.3.1. Pivotal Single Sign-On Service 1.3.1 introduces a breaking change which affects customers trying to upgrade from 1.3.0 to 1.3.1 version of the tile. It also has the side effect of stopping any further “Apply Changes” in Pivotal Operations Manager with an error “Error 30014: release ‘identity_service_broker/65’ has already been uploaded with commit_hash as '6d038495’ and uncommitted_changes as 'true’”. Please contact Pivotal Support immediately to get assistance with a mitigation for this issue. We will be releasing Pivotal Single Sign-On Service 1.3.2 which contains a fix for this issue in the next few days.

Please refrain from uploading Pivotal Single Sign-On Service Tile 1.3.1 to Pivotal Operations Manager until version 1.3.2 is available for download. Please note that a simple upload of the 1.3.1 tile to Ops Manager can trigger the issue with Apply Changes.

What’s New

  • The Single Sign-On service tile now supports network with multiple subnets at installation time.

1.3.0

Release date: 20 December 2016

What’s New

  • Default system service plan secures developer apps and automates access to the Cloud Foundry API and pipelines. See the Using the System Plan topic for more information.

  • Identity Provider Discovery streamlines the end user experience when multiple identity providers are enabled for a single app. See the Identity Provider Discovery topic for more information.

  • You can set access and refresh token lifetimes at the app level.

1.2.3

Release date: 9 January 2017

  • Fixed an issue with display of scopes for Plan Administrators related to Admin Clients feature

1.2.2

Release date: 14 October 2016

  • PCF updated stemcell to 3263.7. This release bumps the Ubuntu stemcell for USN-3099-2: Linux kernel (Xenial HWE) vulnerabilities.

1.2.1

Release date: 20 September 2016

  • PCF updated stemcell to 3263. This is a security upgrade to patch CVE.

1.2.0

Release date: 16 September 2016

What’s New

Note: The Single Sign-On service tile works with the current and future versions of Pivotal Elastic Runtime.

  • The SSO v1.2.x tiles are compatible with PCF v1.8.x or greater.
  • Single Sign-On (SSO) for Pivotal Cloud Foundry® (PCF) provides the ability to create admin clients. Admin Clients can be used to:

    • Create, modify and delete identity providers
    • Create, modify and delete clients
    • Create, modify and delete users
    • Create, modify and delete groups/resources
  • SSO provides the ability for administrators to disable internal authentication.

  • SSO provides the ability for administrators to prevent users from creating new accounts and resetting their passwords.

  • SSO provides the ability for administrators to specify zone token expiry.

  • SSO provides the ability for developers to configure Application Settings including App Launch URL, App Icon and Show on homepage.

  • SSO provides the ability for developers to select identity providers when binding an application.

  • SSO introduces whitelabeling support for the following properties set in Operations Manager:

    • Logo
    • Header accent color
    • Footer text
    • Footer links

1.1.3

Release date: 9 January 2017

  • PCF updated stemcell to 3263 series

1.1.2

Release date: 14 October 2016

  • PCF updated stemcell to 3233.2. This release bumps the Ubuntu stemcell for USN-3099-2: Linux kernel (Xenial HWE) vulnerabilities.

1.1.1

Release date: 5 May 2016

  • Single Sign-On (SSO) for Pivotal Cloud Foundry (PCF) now defaults the access token and refresh token validity time to UAA defaults, 12 hours and 30 days, respectively. For any plans created in SSO 1.1.0, please resolve this bug in one of the following ways:

    • Option 1: Recreate the plan(s) created in SSO 1.1.0.
    • Option 2: Edit the identity zone within UAA and set your desired token validity time.
  • PCF updated stemcell to 3232.2. This is a security upgrade that resolves the following:

  • [Updated 18 May 2016] PCF updated stemcell to 3232.4. This is a security upgrade that resolves the following:

  • [Updated 10 June 2016] PCF updated stemcell to 3232.6. This is a security upgrade that resolves the following:

  • [Updated 14 June 2016] PCF updated stemcell to 3232.8. This is a security upgrade that resolves the following:

  • [Updated 30 June 2016] PCF updated stemcell to 3232.12. This is a security upgrade that resolves the following:

Additional information can be found at https://pivotal.io/security.

1.1.0

Release date: 29 April 2016

What’s New

Note: The Single Sign-On service tile operates in lockstep with Pivotal Elastic Runtime.

  • The SSO v1.0.x tiles are compatible with PCF v1.6.x.
  • The SSO v1.1.x tiles are compatible with PCF v1.7.x.
If you are a customer upgrading from PCF 1.6 to PCF 1.7 and you are using SSO v1.0.x, you must update to the SSO v1.1.0 service tile before proceeding with the upgrade.
  • Single Sign-On (SSO) for Pivotal Cloud Foundry (PCF) provides the ability for PCF Administrators to delete plans.

  • SSO provides the ability for administrators to delete identity providers.

  • SSO now supports SAML NameID other than email address.

  • SSO provides the ability for administrators to manage SAML assertion signing configurations.

  • SSO provides support for propagation of user attributes and group memberships from external identity providers in OpenID Connect tokens.

  • SSO provides the ability for administrators to assign API permissions to users through External Group Mappings with external identity providers.

  • SSO provides the ability to Group Whitelist groups so that they will be sent in the ID token.

  • SSO provides the ability for administrators to set password and lockout policy for internal users.

  • SSO provides the ability for developers to create resources and permissions for clients.

  • SSO now supports SAML single logout flow which ends UAA and external identity provider sessions.

1.0.26

Release date: 28 April 2017

1.0.25

Release date: 4 April 2017

1.0.24

Release date: 10 March 2017

1.0.23

Release date: 28 February 2017

1.0.22

Release date: 30 January 2017

1.0.21

Release date: 15 December 2016

  • PCF updated stemcell to 3233.8. This release bumps the Ubuntu stemcells for USN-3156-1: APT vulnerability

1.0.20

Release date: 8 December 2016

  • PCF updated stemcell to 3233.6. This release bumps the Ubuntu stemcell for USN-3151-2: Linux kernel (Xenial HWE) vulnerability.

1.0.19

Release date: 24 October 2016

  • PCF updated stemcell to 3233.3. This release bumps the Ubuntu stemcell for USN-3106-2: Linux kernel (Xenial HWE) vulnerability.

1.0.18

Release date: 14 October 2016

  • PCF updated stemcell to 3233.2. This release bumps the Ubuntu stemcell for USN-3099-2: Linux kernel (Xenial HWE) vulnerabilities.

1.0.17

Release date: 28 September 2016 * PCF updated stemcell to 3232.21. Bump Ubuntu stemcell for USN-3087-2: OpenSSL regression.

1.0.16

Release date: 23 August 2016

  • PCF updated stemcell to 3232.17. This is a security upgrade that resolves the following:

Additional information can be found at https://pivotal.io/security.

1.0.15

Release date: 30 June 2016

  • PCF updated stemcell to 3232.12. This is a security upgrade that resolves the following:

Additional information can be found at https://pivotal.io/security.

1.0.14

Release date: 14 June 2016

  • PCF updated stemcell to 3232.8. This is a security upgrade that resolves the following:

Additional information can be found at https://pivotal.io/security.

1.0.13

Release date: 10 June 2016

Additional information can be found at https://pivotal.io/security.

1.0.12

Release date: 18 May 2016

  • PCF updated stemcell to 3232.4. This is a security upgrade that resolves the following:

Additional information can be found at https://pivotal.io/security.

1.0.11

Release date: 5 May 2016

Additional information can be found at https://pivotal.io/security.

1.0.10

Release date: 16 March 2016

  • PCF updated stemcell to 3146.10. This is a security upgrade that resolves the following:

Additional information can be found at https://pivotal.io/security.

1.0.9

Release date: 24 February 2016

  • PCF updated stemcell to 3146.9. This is a security upgrade that resolves the following:

Additional information can be found at https://pivotal.io/security.

1.0.8

Release date: 19 February 2016

  • PCF updated stemcell to 3146.8. This is a security upgrade that resolves the following:

Additional information can be found at https://pivotal.io/security.

1.0.7

Release date: 2 February 2016

Additional information can be found at https://pivotal.io/security.

1.0.6

Release date: 22 January 2016

  • PCF updated stemcell to 3146.5. This is a security upgrade that resolves the following:

Additional information can be found at https://pivotal.io/security.

1.0.5

Release date: 18 January 2016

  • PCF updated stemcell to 3146.3. This is a security upgrade that resolves the following:

Additional information can be found at https://pivotal.io/security.

1.0.4

Release date: 07 January 2016

Additional information can be found at https://pivotal.io/security.

1.0.3

Release date: 03 December 2015

  • PCF updated stemcell to 3146. This is a security upgrade that resolves the following Ubuntu Security Notices:

Additional information can be found at https://pivotal.io/security.

1.0.2

Release date: 14 November 2015

  • PCF updated stemcell to 3130. This is a security upgrade that resolves the following Ubuntu Security Notices:

Additional information can be found at https://pivotal.io/security.

1.0.1

Release date: 02 November 2015

  • PCF updated stemcell to 3112. This is a security upgrade that resolves the following Ubuntu Security Notices:

Additional information can be found at https://pivotal.io/security.

1.0.0

Release date: 2 November 2015

What’s New

  • Single Sign-On (SSO) for Pivotal Cloud Foundry (PCF) introduces an easy-to-use self-service user interface for tenant management and identity provider on-boarding.

  • SSO introduces an interface for registering applications and associating identity providers for applications.

  • SSO allows developers to integrate applications with SAML 2.0 based enterprise identity providers.

  • SSO secure all types of applications (web, mobile, and native), as well as the API’s hosted on and off of the PCF platform.

  • SSO secures Java applications with a single click via the SSO Service Connector.

  • SSO supports multi-tenancy to allow for segregation of applications and identities based on the unique needs of the organization.

  • SSO supports role-based access controls for Plan Administrators and Space Developers.

  • SSO includes an OAuth 2.0 Authorization Server with support for all four OAuth 2.0 grant types.

  • SSO is certified with industry-leading federated identity providers including CA Single Sign-On, Ping Identity, OpenAM, VMware Identity Management, Okta and more.

Create a pull request or raise an issue on the source for this page in GitHub