- SAML Single Sign-On 6.10.0 comes with the User Sync 2.13.0 release, see 2.13.x release notes.
- Now displays the last metadata reload date next to the option to reload metadata every day for better visibility and management.
- Ensured SAML authentication cannot proceed if the certificate is no longer valid, closing a security loophole.
- Eliminated an open redirect vulnerability associated with whitespace and control characters in the redirection path.
- Addressed an issue where "SaveIdPSelection" parameter in the IdP selection template did not behave as intended across different Tomcat versions.
- ... and more. See the release notes page for full details.
Version history
6.10.0Bamboo 8.0.0 - 9.6.12024-04-02Improved metadata reload and several improvements and bugfixes Version 6.10.0 • Released 2024-04-02 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial6.10.0Bamboo Server 6.10.2 - 9.6.12024-04-02Improved metadata reload and several improvements and bugfixes Version 6.10.0 • Released 2024-04-02 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.10.0 comes with the User Sync 2.13.0 release, see 2.13.x release notes.
- Now displays the last metadata reload date next to the option to reload metadata every day for better visibility and management.
- Ensured SAML authentication cannot proceed if the certificate is no longer valid, closing a security loophole.
- Eliminated an open redirect vulnerability associated with whitespace and control characters in the redirection path.
- Addressed an issue where "SaveIdPSelection" parameter in the IdP selection template did not behave as intended across different Tomcat versions.
- ... and more. See the release notes page for full details.
6.9.0Bamboo 8.0.0 - 9.6.12023-12-14Improved login form and IdP button customization, pass email login hint to IdP Version 6.9.0 • Released 2023-12-14 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.9.0 comes with the User Sync 2.12.0 release, see 2.12.x release notes.
- It's now possible to hide the login form when using the IdP selection button, see documentation for more details.
- The looks of the IdP selection buttons are customizable via template, see documentation for more details.
- Implemented a feature to pass the email address from the "IdP Selection by Email" field directly to the IdP to improve the login experience, see documentation for more details.
6.9.0Bamboo Server 6.10.2 - 9.6.12023-12-14Improved login form and IdP button customization, pass email login hint to IdP Version 6.9.0 • Released 2023-12-14 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.9.0 comes with the User Sync 2.12.0 release, see 2.12.x release notes.
- It's now possible to hide the login form when using the IdP selection button, see documentation for more details.
- The looks of the IdP selection buttons are customizable via template, see documentation for more details.
- Implemented a feature to pass the email address from the "IdP Selection by Email" field directly to the IdP to improve the login experience, see documentation for more details.
6.8.4Bamboo 8.0.0 - 9.4.42023-11-15Bugfix release Version 6.8.4 • Released 2023-11-15 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- Fixed issue where filtered LDAP users might be reactivated during login when "Update Users from Remote Directories" is enabled.
6.8.4Bamboo Server 6.10.2 - 9.4.42023-11-15Bugfix release Version 6.8.4 • Released 2023-11-15 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- Fixed issue where filtered LDAP users might be reactivated during login when "Update Users from Remote Directories" is enabled.
6.8.3Bamboo 8.0.0 - 9.4.42023-10-26Bugfix release Version 6.8.3 • Released 2023-10-26 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.8.3 comes with the User Sync 2.11.3 release, see 2.11.x release notes.
6.8.3Bamboo Server 6.10.2 - 9.4.42023-10-26Bugfix release Version 6.8.3 • Released 2023-10-26 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.8.3 comes with the User Sync 2.11.3 release, see 2.11.x release notes.
6.8.2Bamboo 8.0.0 - 9.3.62023-10-19Bugfix release Version 6.8.2 • Released 2023-10-19 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.8.2 comes with the User Sync 2.11.2 release, see 2.11.x release notes.
- Fixed an issue in the AtlasUserResult where the isSuccess() method was missing. The absence of this method could disrupt Groovy Transformations and result in unexpected outcomes.
6.8.2Bamboo Server 6.10.2 - 9.3.62023-10-19Bugfix release Version 6.8.2 • Released 2023-10-19 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.8.2 comes with the User Sync 2.11.2 release, see 2.11.x release notes.
- Fixed an issue in the AtlasUserResult where the isSuccess() method was missing. The absence of this method could disrupt Groovy Transformations and result in unexpected outcomes.
6.8.1Bamboo 8.0.0 - 9.3.62023-10-10Improvements and bugfixes in SAML, new User Sync features Version 6.8.1 • Released 2023-10-10 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.8.1 comes with the User Sync 2.11.1 release, see 2.11.x release notes.
- Improved error messages in trackers to make them more human-readable.
- Fixed: Resolved an issue where the multi-IdP metadata reload status was not updated in the configuration if a reload failed.
6.8.1Bamboo Server 6.10.2 - 9.3.62023-10-10Improvements and bugfixes in SAML, new User Sync features Version 6.8.1 • Released 2023-10-10 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.8.1 comes with the User Sync 2.11.1 release, see 2.11.x release notes.
- Improved error messages in trackers to make them more human-readable.
- Fixed: Resolved an issue where the multi-IdP metadata reload status was not updated in the configuration if a reload failed.
6.7.1Bamboo 8.0.0 - 9.3.62023-08-08Bugfix release Version 6.7.1 • Released 2023-08-08 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.7.1 comes with the User Sync 2.10.1 release, see 2.10.x release notes. This update resolves high CPU and memory usage during synchronization.
6.7.1Bamboo Server 6.10.2 - 9.3.62023-08-08Bugfix release Version 6.7.1 • Released 2023-08-08 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.7.1 comes with the User Sync 2.10.1 release, see 2.10.x release notes. This update resolves high CPU and memory usage during synchronization.
6.7.0Bamboo 8.0.0 - 9.3.62023-08-02New User Sync release Version 6.7.0 • Released 2023-08-02 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.7.0 comes with the User Sync 2.10.0 release, see 2.10.x release notes.
6.7.0Bamboo Server 6.10.2 - 9.3.62023-08-02New User Sync release Version 6.7.0 • Released 2023-08-02 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.7.0 comes with the User Sync 2.10.0 release, see 2.10.x release notes.
6.6.0Bamboo 8.0.0 - 9.3.62023-06-19WebSudo for OIDC Version 6.6.0 • Released 2023-06-19 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.6.0 comes with the User Sync 2.9.0 release, see 2.9.x release notes.
- Added WebSudo support for OIDC.
- WebSudo: forceAuthentication can now be deactivated.
- Fixed: the Linchpin endpoints are no longer accessed from the frontend when not running on Confluence.
6.6.0Bamboo Server 6.10.2 - 9.3.62023-06-19WebSudo for OIDC Version 6.6.0 • Released 2023-06-19 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.6.0 comes with the User Sync 2.9.0 release, see 2.9.x release notes.
- Added WebSudo support for OIDC.
- WebSudo: forceAuthentication can now be deactivated.
- Fixed: the Linchpin endpoints are no longer accessed from the frontend when not running on Confluence.
6.5.1Bamboo 8.0.0 - 9.3.62023-05-22Bugfix release Version 6.5.1 • Released 2023-05-22 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- This version includes a bugfix in User Sync 2.8.1, see 2.8.x release notes.
6.5.1Bamboo Server 6.10.2 - 9.3.62023-05-22Bugfix release Version 6.5.1 • Released 2023-05-22 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- This version includes a bugfix in User Sync 2.8.1, see 2.8.x release notes.
6.5.0Bamboo 8.0.0 - 9.2.132023-03-28Relying Party Initiated Single Logout for OIDC, IdP selection buttons, and more Version 6.5.0 • Released 2023-03-28 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.5.0 comes with the User Sync 2.8.0 release, see 2.8.x release notes.
- Added Relying Party Initiated Single Logout for OIDC: Logout from your identity provider and other connected services when logging out from your Atlassian product.
- Added optional IdP selection buttons on login page: Click a button to login via SSO as an alternative to using the redirection.
- Added "auth_fallback" as an additional nosso parameter.
- Added option to sign Single Logout responses.
6.5.0Bamboo Server 6.10.2 - 9.2.132023-03-28Relying Party Initiated Single Logout for OIDC, IdP selection buttons, and more Version 6.5.0 • Released 2023-03-28 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.5.0 comes with the User Sync 2.8.0 release, see 2.8.x release notes.
- Added Relying Party Initiated Single Logout for OIDC: Logout from your identity provider and other connected services when logging out from your Atlassian product.
- Added optional IdP selection buttons on login page: Click a button to login via SSO as an alternative to using the redirection.
- Added "auth_fallback" as an additional nosso parameter.
- Added option to sign Single Logout responses.
6.4.0Bamboo Server 6.10.2 - 9.2.132023-02-06Several minor improvements and bug fixes Version 6.4.0 • Released 2023-02-06 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.4.0 comes with the User Sync 2.7.1 release, see 2.7.x release notes.
- Added preset for OIDC with Ping One.
- Fixed logout issues when using OIDC.
- Fixed flickering authentication tracker UI for OIDC logins.
- Allow sending SAML authentication requests to a different URLs.
- Added metadata file import to the IdP page.
6.4.0Bamboo 8.0.0 - 9.2.132023-02-06Several minor improvements and bug fixes Version 6.4.0 • Released 2023-02-06 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- SAML Single Sign-On 6.4.0 comes with the User Sync 2.7.1 release, see 2.7.x release notes.
- Added preset for OIDC with Ping One.
- Fixed logout issues when using OIDC.
- Fixed flickering authentication tracker UI for OIDC logins.
- Allow sending SAML authentication requests to a different URLs.
- Added metadata file import to the IdP page.
6.3.0Bamboo Server 6.10.2 - 9.1.32023-01-12OAuth2 authentication, IdP specific metadata, security fix Version 6.3.0 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- Allow OAuth2 authentication with Atlassian, LinkedIn, GitHub, Twitter or Facebook
- Specific SP metadata can be provided per IdP
- Fix a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed .
- Please check our release notes for more details.
6.3.0Bamboo 8.0.0 - 9.1.32023-01-12OAuth2 authentication, IdP specific metadata, security fix Version 6.3.0 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • Commercial- Allow OAuth2 authentication with Atlassian, LinkedIn, GitHub, Twitter or Facebook
- Specific SP metadata can be provided per IdP
- Fix a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed .
- Please check our release notes for more details.
6.2.5Bamboo Server 6.10.2 - 9.1.32023-01-12Security update Version 6.2.5 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
6.2.5Bamboo 8.0.0 - 9.1.32023-01-12Security update Version 6.2.5 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
4.0.15Bamboo Server 6.8.0 - 7.2.102023-01-12Security update Version 4.0.15 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
2.5.11Bamboo Server 5.12.0.2 - 6.10.62023-01-12Security update Version 2.5.11 • Released 2023-01-12 • Supported By resolution Reichert Network Solutions GmbH • Paid via Atlassian • CommercialFixed a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.