- Fixed bug in OAuth2/Social Login wizard for configuring a new IdP.
- Updated dependencies (Bouncy Castle).
Version history
6.10.1Bitbucket Data Center 6.4.0 - 8.19.22024-04-23Bugfix release Version 6.10.1 • Released 2024-04-23 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial6.10.1Bitbucket Server 6.4.0 - 8.19.22024-04-23Bugfix release Version 6.10.1 • Released 2024-04-23 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- Fixed bug in OAuth2/Social Login wizard for configuring a new IdP.
- Updated dependencies (Bouncy Castle).
6.10.0Bitbucket Data Center 6.4.0 - 8.19.22024-04-02Improved metadata reload and several improvements and bugfixes Version 6.10.0 • Released 2024-04-02 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.10.0 comes with the User Sync 2.13.0 release, see 2.13.x release notes.
- Now displays the last metadata reload date next to the option to reload metadata every day for better visibility and management.
- Ensured SAML authentication cannot proceed if the certificate is no longer valid, closing a security loophole.
- Eliminated an open redirect vulnerability associated with whitespace and control characters in the redirection path.
- Addressed an issue where "SaveIdPSelection" parameter in the IdP selection template did not behave as intended across different Tomcat versions.
- ... and more. See the release notes page for full details.
6.10.0Bitbucket Server 6.4.0 - 8.19.22024-04-02Improved metadata reload and several improvements and bugfixes Version 6.10.0 • Released 2024-04-02 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.10.0 comes with the User Sync 2.13.0 release, see 2.13.x release notes.
- Now displays the last metadata reload date next to the option to reload metadata every day for better visibility and management.
- Ensured SAML authentication cannot proceed if the certificate is no longer valid, closing a security loophole.
- Eliminated an open redirect vulnerability associated with whitespace and control characters in the redirection path.
- Addressed an issue where "SaveIdPSelection" parameter in the IdP selection template did not behave as intended across different Tomcat versions.
- ... and more. See the release notes page for full details.
6.9.0Bitbucket Data Center 6.4.0 - 8.19.22023-12-14Improved login form and IdP button customization, pass email login hint to IdP Version 6.9.0 • Released 2023-12-14 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.9.0 comes with the User Sync 2.12.0 release, see 2.12.x release notes.
- It's now possible to hide the login form when using the IdP selection button, see documentation for more details.
- The looks of the IdP selection buttons are customizable via template, see documentation for more details.
- Implemented a feature to pass the email address from the "IdP Selection by Email" field directly to the IdP to improve the login experience, see documentation for more details.
6.9.0Bitbucket Server 6.4.0 - 8.19.22023-12-14Improved login form and IdP button customization, pass email login hint to IdP Version 6.9.0 • Released 2023-12-14 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.9.0 comes with the User Sync 2.12.0 release, see 2.12.x release notes.
- It's now possible to hide the login form when using the IdP selection button, see documentation for more details.
- The looks of the IdP selection buttons are customizable via template, see documentation for more details.
- Implemented a feature to pass the email address from the "IdP Selection by Email" field directly to the IdP to improve the login experience, see documentation for more details.
6.8.4Bitbucket Data Center 6.4.0 - 8.19.22023-11-15Bugfix release Version 6.8.4 • Released 2023-11-15 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- Fixed issue where filtered LDAP users might be reactivated during login when "Update Users from Remote Directories" is enabled.
6.8.4Bitbucket Server 6.4.0 - 8.19.22023-11-15Bugfix release Version 6.8.4 • Released 2023-11-15 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- Fixed issue where filtered LDAP users might be reactivated during login when "Update Users from Remote Directories" is enabled.
6.8.3Bitbucket Data Center 6.4.0 - 8.19.22023-10-26Bugfix release Version 6.8.3 • Released 2023-10-26 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.8.3 comes with the User Sync 2.11.3 release, see 2.11.x release notes.
6.8.3Bitbucket Server 6.4.0 - 8.19.22023-10-26Bugfix release Version 6.8.3 • Released 2023-10-26 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.8.3 comes with the User Sync 2.11.3 release, see 2.11.x release notes.
6.8.2Bitbucket Data Center 6.4.0 - 8.19.22023-10-19Bugfix release Version 6.8.2 • Released 2023-10-19 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.8.2 comes with the User Sync 2.11.2 release, see 2.11.x release notes.
- Fixed an issue in the AtlasUserResult where the isSuccess() method was missing. The absence of this method could disrupt Groovy Transformations and result in unexpected outcomes.
6.8.2Bitbucket Server 6.4.0 - 8.19.22023-10-19Bugfix release Version 6.8.2 • Released 2023-10-19 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.8.2 comes with the User Sync 2.11.2 release, see 2.11.x release notes.
- Fixed an issue in the AtlasUserResult where the isSuccess() method was missing. The absence of this method could disrupt Groovy Transformations and result in unexpected outcomes.
6.8.1Bitbucket Data Center 6.4.0 - 8.19.22023-10-10Improvements and bugfixes in SAML, new User Sync features Version 6.8.1 • Released 2023-10-10 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.8.1 comes with the User Sync 2.11.1 release, see 2.11.x release notes.
- Improved error messages in trackers to make them more human-readable.
- Fixed: Resolved an issue where the multi-IdP metadata reload status was not updated in the configuration if a reload failed.
6.8.1Bitbucket Server 6.4.0 - 8.19.22023-10-10Improvements and bugfixes in SAML, new User Sync features Version 6.8.1 • Released 2023-10-10 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.8.1 comes with the User Sync 2.11.1 release, see 2.11.x release notes.
- Improved error messages in trackers to make them more human-readable.
- Fixed: Resolved an issue where the multi-IdP metadata reload status was not updated in the configuration if a reload failed.
6.7.1Bitbucket Data Center 6.4.0 - 8.19.22023-08-08Bugfix release Version 6.7.1 • Released 2023-08-08 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.7.1 comes with the User Sync 2.10.1 release, see 2.10.x release notes. This update resolves high CPU and memory usage during synchronization.
6.7.1Bitbucket Server 6.4.0 - 8.19.22023-08-08Bugfix release Version 6.7.1 • Released 2023-08-08 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.7.1 comes with the User Sync 2.10.1 release, see 2.10.x release notes. This update resolves high CPU and memory usage during synchronization.
6.7.0Bitbucket Data Center 6.4.0 - 8.19.22023-08-02New User Sync release Version 6.7.0 • Released 2023-08-02 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.7.0 comes with the User Sync 2.10.0 release, see 2.10.x release notes.
6.7.0Bitbucket Server 6.4.0 - 8.19.22023-08-02New User Sync release Version 6.7.0 • Released 2023-08-02 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.7.0 comes with the User Sync 2.10.0 release, see 2.10.x release notes.
6.6.0Bitbucket Data Center 6.4.0 - 8.19.22023-06-19WebSudo for OIDC Version 6.6.0 • Released 2023-06-19 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.6.0 comes with the User Sync 2.9.0 release, see 2.9.x release notes.
- Added WebSudo support for OIDC.
- WebSudo: forceAuthentication can now be deactivated.
- Fixed: the Linchpin endpoints are no longer accessed from the frontend when not running on Confluence.
6.6.0Bitbucket Server 6.4.0 - 8.19.22023-06-19WebSudo for OIDC Version 6.6.0 • Released 2023-06-19 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.6.0 comes with the User Sync 2.9.0 release, see 2.9.x release notes.
- Added WebSudo support for OIDC.
- WebSudo: forceAuthentication can now be deactivated.
- Fixed: the Linchpin endpoints are no longer accessed from the frontend when not running on Confluence.
6.5.1Bitbucket Data Center 6.4.0 - 8.19.22023-05-22Bugfix release Version 6.5.1 • Released 2023-05-22 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- This version includes a bugfix in User Sync 2.8.1, see 2.8.x release notes.
6.5.1Bitbucket Server 6.4.0 - 8.19.22023-05-22Bugfix release Version 6.5.1 • Released 2023-05-22 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- This version includes a bugfix in User Sync 2.8.1, see 2.8.x release notes.
6.5.0Bitbucket Data Center 6.4.0 - 8.19.22023-03-28Relying Party Initiated Single Logout for OIDC, IdP selection buttons, and more Version 6.5.0 • Released 2023-03-28 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.5.0 comes with the User Sync 2.8.0 release, see 2.8.x release notes.
- Added Relying Party Initiated Single Logout for OIDC: Logout from your identity provider and other connected services when logging out from your Atlassian product.
- Added optional IdP selection buttons on login page: Click a button to login via SSO as an alternative to using the redirection.
- Added "auth_fallback" as an additional nosso parameter.
- Added option to sign Single Logout responses.
6.5.0Bitbucket Server 6.4.0 - 8.19.22023-03-28Relying Party Initiated Single Logout for OIDC, IdP selection buttons, and more Version 6.5.0 • Released 2023-03-28 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.5.0 comes with the User Sync 2.8.0 release, see 2.8.x release notes.
- Added Relying Party Initiated Single Logout for OIDC: Logout from your identity provider and other connected services when logging out from your Atlassian product.
- Added optional IdP selection buttons on login page: Click a button to login via SSO as an alternative to using the redirection.
- Added "auth_fallback" as an additional nosso parameter.
- Added option to sign Single Logout responses.
6.4.0Bitbucket Server 6.4.0 - 8.19.22023-02-06Several minor improvements and bug fixes Version 6.4.0 • Released 2023-02-06 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.4.0 comes with the User Sync 2.7.1 release, see 2.7.x release notes.
- Added preset for OIDC with Ping One.
- Fixed logout issues when using OIDC.
- Fixed flickering authentication tracker UI for OIDC logins.
- Allow sending SAML authentication requests to a different URLs.
- Added metadata file import to the IdP page.
6.4.0Bitbucket Data Center 6.4.0 - 8.19.22023-02-06Several minor improvements and bug fixes Version 6.4.0 • Released 2023-02-06 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.4.0 comes with the User Sync 2.7.1 release, see 2.7.x release notes.
- Added preset for OIDC with Ping One.
- Fixed logout issues when using OIDC.
- Fixed flickering authentication tracker UI for OIDC logins.
- Allow sending SAML authentication requests to a different URLs.
- Added metadata file import to the IdP page.
6.3.0Bitbucket Server 6.4.0 - 8.19.22023-01-12OAuth2 authentication, IdP specific metadata, security fix Version 6.3.0 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- Allow OAuth2 authentication with Atlassian, LinkedIn, GitHub, Twitter or Facebook
- Specific SP metadata can be provided per IdP
- Fix a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed .
- Please check our release notes for more details.
6.3.0Bitbucket Data Center 6.4.0 - 8.19.22023-01-12OAuth2 authentication, IdP specific metadata, security fix Version 6.3.0 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- Allow OAuth2 authentication with Atlassian, LinkedIn, GitHub, Twitter or Facebook
- Specific SP metadata can be provided per IdP
- Fix a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed .
- Please check our release notes for more details.
6.2.5Bitbucket Server 6.4.0 - 8.19.22023-01-12Security update Version 6.2.5 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
6.2.5Bitbucket Data Center 6.4.0 - 8.19.22023-01-12Security update Version 6.2.5 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
4.0.15Bitbucket Server 6.0.0 - 7.17.62023-01-12Security update Version 4.0.15 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
4.0.15Bitbucket Data Center 6.0.0 - 7.17.62023-01-12Security update Version 4.0.15 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
3.6.8Bitbucket Server 5.12.4 - 7.16.02023-01-12Security update Version 3.6.8 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
3.6.8Bitbucket Data Center 5.12.4 - 7.16.02023-01-12Security update Version 3.6.8 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
3.5.0.3Bitbucket Server 5.6.0 - 6.10.172023-01-12Security update Version 3.5.0.3 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
3.5.0.3Bitbucket Data Center 5.6.0 - 6.10.172023-01-12Security update Version 3.5.0.3 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
2.5.11Bitbucket Server 5.5.0 - 6.10.52023-01-12Security update Version 2.5.11 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
2.5.11Bitbucket Data Center 5.5.0 - 6.10.52023-01-12Security update Version 2.5.11 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.