- New Feature: SAML encrypted assertions
- New Feature: SAML test mode for easier troubleshooting configuration
- New Feature: Download button for Service Provider certificate
- Bugfix: Prevent NPE when Service Provider certificate required. When selecting Signed or Encrypt Assertions, SAML will now automatically generate a certificate if one does not exist.
Version history
4.10.0Fisheye/Crucible 4.1.2 - 4.8.152024-04-16SAML Encrypted assertions and Test mode Version 4.10.0 • Released 2024-04-16 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial4.9.21Fisheye/Crucible 4.1.2 - 4.8.152024-04-01Security fix for EasySSO configuration screens Version 4.9.21 • Released 2024-04-01 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Make EasySSO configuration read only for Administrators without the System Administrator global permission
4.9.20Fisheye/Crucible 4.1.2 - 4.8.152024-03-17Bug fix for reflected XSS attack Version 4.9.20 • Released 2024-03-17 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Bug fix for reflected XSS attack
4.9.15.2Fisheye/Crucible 4.1.2 - 4.8.152024-01-23Bugfix for secure introspection in velocity templates Version 4.9.15.2 • Released 2024-01-23 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Bugfix for secure introspection in velocity templates
4.9.15.1Fisheye/Crucible 4.1.2 - 4.8.152023-11-30Changes to handling kerberos updates, Remove SAML admin Test SSO button Version 4.9.15.1 • Released 2023-11-30 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • CommercialRelease notes
- Add warning for NTLM when using incorrect Java 11, Java 17 runtime configuration
- Reload kerberos config after properties have changed
- Update dependencies
- Remove Test SSO button from SAML admin page
4.9.11Fisheye/Crucible 4.1.2 - 4.8.152023-09-12Add warning for incorrect Java 11, Java 17 runtime configuration Version 4.9.11 • Released 2023-09-12 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Add warning for Kerberos when using incorrect Java 11, Java 17 runtime configuration
4.9.10Fisheye/Crucible 4.1.2 - 4.8.152023-08-29Signed Requests for SAML Redirect binding and support for SessionNotOnOrAfter Version 4.9.10 • Released 2023-08-29 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Add SAML support for SessionNotOnOrAfter attribute
- Add SAML request signing on login for redirect binding
- Add SAML request signing on logout for redirect binding
- Add SAML support for redirect binding Single Log Out (SLO)
4.9.5Fisheye/Crucible 4.1.2 - 4.8.152023-07-10Signed Requests for SAML POST - Single Log Out Version 4.9.5 • Released 2023-07-10 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Add logging for session info not sent on logout
- Fix metadata for SLO based on admin binding type
- Fix mismatched SPNameQualifier on login and logout
- Fix jespa upload problem with debug enabled
4.8.13Fisheye/Crucible 4.1.2 - 4.8.152023-03-13Update dependencies and improve error messages Version 4.8.13 • Released 2023-03-13 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Update outdated dependencies
- Improve error messages for SAML Signature validation
4.8.9Fisheye/Crucible 4.1.2 - 4.8.152023-03-07Jespa IOPLEX v2 compatibility improvements and bug fixes Version 4.8.9 • Released 2023-03-07 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Improved error handling
- Improved Jespa IOPLEX v2 compatibility
4.8.2Fisheye/Crucible 4.1.2 - 4.8.152022-12-29Small improvements Version 4.8.2 • Released 2022-12-29 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- UI changes for "blocklist" and "allowlist"
- IOPLEX Jespa library version displayed in EasySSO/NTLM/About dialog (if re-uploaded)
4.7.3Fisheye/Crucible 4.1.2 - 4.8.152022-11-21Improve error messages for NTLM configuration Version 4.7.3 • Released 2022-11-21 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Improve error messages for NTLM configuration
- Update dependencies
4.5.14Fisheye/Crucible 4.1.2 - 4.8.152022-05-12Compatibility with Jespa 1.2.11 Version 4.5.14 • Released 2022-05-12 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • CommercialIOPLEX Jespa library 1.2.11 introduced some incompatible changes. This fix addresses this incompatibility and makes EasySSO support both old and new versions of Jespa.
4.5.11Fisheye/Crucible 4.1.2 - 4.8.152021-12-29Make metadata reachable, small bug fixes Version 4.5.11 • Released 2021-12-29 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Removed session check from metadata URL
- Added a message in UI to indicate that the SAML metadata is only available to IP addresses not filtered out by the IP filtering
- Updated the license warning message
4.5.10Fisheye/Crucible 4.1.2 - 4.8.152021-11-25SAML authenticator Single Log Out bug fixes Version 4.5.10 • Released 2021-11-25 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Added support for NameID formats(transient, persistent … ) when performing Single Log Out (SLO)
- Fixed a bug in how logout binding types and URLs were identified from the UI settings (Redirect vs. POST)
4.5.9Fisheye/Crucible 4.1.2 - 4.8.152021-08-05Bugfix Release Version 4.5.9 • Released 2021-08-05 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Fix a bug where incorrect SAML binding type is selected on logout
4.5.5Fisheye/Crucible 4.1.2 - 4.8.152021-04-28Accessibility Improvements Version 4.5.5 • Released 2021-04-28 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Improved screen reader support on NTLM/Kerberos, SAML, X509 & Headers configuration pages
- Success and error message now announced to screen reader when displayed
- All configuration links now accessible by keyboard navigation
- Improved description and help messages
Bugfixes:
- Added a log warning when a non-admin user attempts to update groups for system-admin groups.
4.4.14Fisheye/Crucible 4.1.2 - 4.8.152021-03-22Bugfix: SAML SLO and Kerberos Computer Account name Version 4.4.14 • Released 2021-03-22 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Fix for bug where SAML SLO will not complete with certain configurations
- Fix for bug where incorrectly cased computer account name used for Kerberos - causing Message Stream Modified errors
4.4.10Fisheye/Crucible 4.1.2 - 4.8.152021-02-09SAML, X.509 and HTTP Headers authenticators Version 4.4.10 • Released 2021-02-09 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • CommercialMajor update to bring up to date with all other EasySSO products:
- SAML Authenticator support, including groups and JIT user provisioning
- Support for headers and X.509 based authenticators
- Compatibility with Java 11
- Footer for easy access to support and documentation
3.1.10Fisheye/Crucible 4.0.0 - 4.8.152020-07-16Bug fixes in NTLM/Kerberos authenticator Version 3.1.10 • Released 2020-07-16 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- fixed issue preventing IOPLEX Jespa library upload
3.1.9Fisheye/Crucible 4.0.0 - 4.8.152020-04-13Security fix. Version 3.1.9 • Released 2020-04-13 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial3.1.8Fisheye/Crucible 4.0.0 - 4.7.32019-10-14Bug fixes Version 3.1.8 • Released 2019-10-14 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- improved security in HTTP Headers authenticator.
- increased maximum waiting time for a response to a SAML request
- fix for possible infinite loop on logout with SAML authenticator
- changes to some internal UI elements
3.1.7Fisheye/Crucible 4.0.0 - 4.7.32019-09-16Bugfix for Application Links Version 3.1.7 • Released 2019-09-16 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Application Links to/from Jira, Confluence and Bamboo stopped working after upgrade from 4.5.x to 4.7.x due to Fecru starting to use chunked encoding. Fixed.
3.1.2.1Fisheye/Crucible 4.0.0 - 4.7.32018-04-24Change logos and banners Version 3.1.2.1 • Released 2018-04-24 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • CommercialNo release notes.3.1.2Fisheye/Crucible 4.0.0 - 4.5.42017-04-20Fixed a bug with Jepsa license state Version 3.1.2 • Released 2017-04-20 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Fixed a bug where uploading a new Jespa trial license on top of an existing expired could be result in EasySSO still reporting that the license was expired.
3.1.1Fisheye/Crucible 4.0.0 - 4.3.32017-04-10Minor bug fixes Version 3.1.1 • Released 2017-04-10 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Fixed a bug where IP filtering would not properly work when a specific port of an IP address was specified in the request header.
3.1.0Fisheye/Crucible 4.0.0 - 4.3.32017-04-01Compatibility with Jespa 1.2.x Version 3.1.0 • Released 2017-04-01 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • CommercialIOPLEX Jespa library 1.2.x introduced some incompatible changes to code and encryption of licenses. This fix addresses this incompatibility and makes EasySSO support both old and new versions of Jespa
3.0.3Fisheye/Crucible 4.0.0 - 4.3.32016-12-18Internal changes Version 3.0.3 • Released 2016-12-18 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • CommercialThis release contains no new features, but it includes some core changes to request filtering.
3.0.2Fisheye/Crucible 4.0.0 - 4.2.32016-12-07Fixed some bugs Version 3.0.2 • Released 2016-12-07 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- We've fixed a problem that could cause the add-on to fail to enable if the jespa.log location was set incorrectly.
- Made some changes to the IP address filter to properly support several fringe use-cases.
3.0.1Fisheye/Crucible 4.0.0 - 4.2.32016-11-12Multiple SSO integrations Version 3.0.1 • Released 2016-11-12 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Native support for X.509 client certificate authentication
- Support for external authentication (e.g. in front-facing reverse proxies) via header-based integration
- Support for custom authenticator add-ons via attribute-based integration
2.6.0.3Fisheye/Crucible 4.0.0 - 4.2.32016-10-20Major UI update - making SSO truly easy Version 2.6.0.3 • Released 2016-10-20 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- EasySSO Configuration UI has been completely redesigned to be less busy: the main screen now contains the minimum required fields, a progress tracker has been introduced, any values that could have reasonable defaults have them now
- Parameter values validation has been added - less chances to make mistakes
- Additional configuration parameters, IP Filtering, User-Agent Filtering and Advanced Filtering have been moved under "Advanced" button
- "Test Connection" button has been added to enable testing the connection to the domain controller
- SetComputerPassword.vbs script is now available for download directly from the UI
- “Troubleshooting” button allows you to download the logs and inspect them to check if anything has gone wrong
- “About” button opens a dialog that allows you to review the status of your licenses, including the IOPLEX Jespa one, as well as the mode in which EasySSO is operating
- Offline installation instructions have been added - for installing without no internet connection
2.5.0Fisheye/Crucible 4.0.0 - 4.1.32016-09-18Compatibility with 4.0.x and 4.1.x Version 2.5.0 • Released 2016-09-18 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- User-Agent Filtering: config screen now supports parsing arbitrary UA strings on demand
- UserAgentUtils library has been updated to version 1.20
- Cookie Opt-Out: Admins can enable SSO opt-out via cookie in Advanced Filtering tab, users can opt-out in their User Profile settings, anonymous users can opt-out if enabled (to support regular non-domain users)
- new IP Filtering tab in EasySSO config
- ability to specify client IP addresses whitelist and blacklist as single IP, IP ranges, in CIDR, and host-based notation
- ability to specify regex-based whitelist and blacklist for client IP addresses
- the old "Included IP Addresses" regex client IP address filter configuration will be migrated to the new "IP Regex Whitelist" automatically
- Support for reverse proxies, local, remote, and multiple chained reverse proxies
- Reduced log chattiness when EasySSO trial license or evaluation license has expired
- Fix for uploading fresh ioplex.zip over already expired trial one
- bug fixes and improvement
2.4.3Fisheye/Crucible 3.6.2 - 3.10.42016-09-17New features - backport to Fecru 3.x Version 2.4.3 • Released 2016-09-17 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- User-Agent Filtering: config screen now supports parsing arbitrary UA strings on demand
- UserAgentUtils library has been updated to version 1.20
- Cookie Opt-Out: Admins can enable SSO opt-out via cookie in Advanced Filtering tab, users can opt-out in their User Profile settings, anonymous users can opt-out if enabled (to support regular non-domain users)
- new IP Filtering tab in EasySSO config
- ability to specify client IP addresses whitelist and blacklist as single IP, IP ranges, in CIDR, and host-based notation
- ability to specify regex-based whitelist and blacklist for client IP addresses
- the old "Included IP Addresses" regex client IP address filter configuration will be migrated to the new "IP Regex Whitelist" automatically
- Support for reverse proxies, local, remote, and multiple chained reverse proxies
- Reduced log chattiness when EasySSO trial license or evaluation license has expired
- Fix for uploading fresh ioplex.zip over already expired trial one
- bug fixes and improvement
2.2.1Fisheye/Crucible 3.6.2 - 3.10.42016-02-20Bugfixes and Stability Improvements Version 2.2.1 • Released 2016-02-20 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- debug logging for Kerberos
- NPE on Kerberos server credentials expiry
- fixes in KDC DNS discovery
- additional escaping for values in the config screen
- TechTime Plugins section in Add-Ons admin screen
2.2.0Fisheye/Crucible 3.6.2 - 3.10.32015-11-17Improvements and bugfixes Version 2.2.0 • Released 2015-11-17 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- fixed issue with excessive Jespa library re-initialisation on startup when big number of other add-ons is present
- fixed issue with Kerberos pre-auth and timing out of credentials
2.1.1Fisheye/Crucible 3.6.2 - 3.10.32015-11-06Kerberos authentication support Version 2.1.1 • Released 2015-11-06 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • Commercial- Support for Kerberos authentication has been added
- now works on Mac OS X and Linux (if joined to a domain)
- as always works on Windows - but better than ever!
1.0.25Fisheye/Crucible 3.6.2 - 3.9.22015-10-21Initial release Version 1.0.25 • Released 2015-10-21 • Supported By TechTime Initiative Group Limited • Paid via Atlassian • CommercialThis is the initial port of EasySSO for Jira and Confluence to Fisheye/Crucible