SAML

Category: Modules
Subcategory: Authentication

Overview

This module can be used as a replacement or extension of your supported authentication methods, and allows you to authenticate your user using SAML 2.0 or the Shibboleth protocol. See Documentation for component compatibility.

Documentation

Please see SAML in the Mendix documentation for details.

Please follow the below version compatibility guidance:
# v.1.16.5 version for Mx7 apps
# v.2.2.1 version for Mx8 apps
# v.3.2.0 version for Mx9 Upgrade track (Mx8 apps upgraded to Mx9)
# v.3.2.1 version for Mx9 New track (for apps newly built on Mx9)

Releases

Version: 3.2.1
Framework Version: 9.6.3
Release Notes: This version contains the following fixes/improvements: - Logging made consistent with Mx7 version (Ticket #131063, #138926) - Fixed missing “HttpOnly” flag on cookies set by SAML Module (Ticket #93834, #142569, #142642) - Removed library “ javax.xml.soap-api-1.4.0.jar” and upgraded “jakarta.xml.soap-api-1.4.1.jar” to version “2.0.1” - Fixed duplicate way of assigning Custom microflows (Ticket #143293) Recommendation: After upgrading to the latest version, there could be a potential issue due to conflicting Java libraries of the old and the new version. Hence it is recommended that you delete all Java libraries used by the old SAML module from the userlib folder of the project before upgrading to the latest version.
Version: 3.2.0
Framework Version: 9.6.3
Release Notes: This version contains the following fixes/improvements: - Logging made consistent with Mx7 version (Ticket #131063, #138926) - Fixed missing “HttpOnly” flag on cookies set by SAML Module (Ticket #93834, #142569, #142642) - Removed library “ javax.xml.soap-api-1.4.0.jar” and upgraded “jakarta.xml.soap-api-1.4.1.jar” to version “2.0.1” - Fixed duplicate way of assigning Custom microflows (Ticket #143293) Recommendation: After upgrading to the latest version, there could be a potential issue due to conflicting Java libraries of the old and the new version. Hence it is recommended that you delete all Java libraries used by the old SAML module from the userlib folder of the project before upgrading to the latest version.
Version: 3.1.9
Framework Version: 9.6.3
Release Notes: This version contains the following fixes/improvements: - Increased the Value attribute’s character limit in AssertionAttribute Entity (Ticket #127755) - Added AuthnRequestsSigned and WantAssertionsSigned attributes to SPSSODescriptor in the SPMetadata when encryption is enabled - Bug with Single logout if user already has no session while logout is being done is fixed - Custom provisioning and signing microflows are now configurable on the IDP level in the IDP Configuration
Version: 3.1.8
Framework Version: 9.6.3
Release Notes: This version contains the following fixes/improvements: - Increased the Value attribute’s character limit in AssertionAttribute Entity (Ticket #127755) - Added AuthnRequestsSigned and WantAssertionsSigned attributes to SPSSODescriptor in the SPMetadata when encryption is enabled - Bug with Single logout if user already has no session while logout is being done is fixed - Custom provisioning and signing microflows are now configurable on the IDP level in the IDP Configuration
Version: 3.1.7
Framework Version: 9.6.3
Release Notes: This version contains the following fixes/improvements: - New IDP configuration issue fixed (Ticket #130993, #130995, #133305 & #135139) - Library upgrade owasp-java-html-sanitizer-20200713.1 to version 20211018.2 (Ticket #134236) Recommendation: After upgrading to the latest version, there could be a potential issue due to conflicting Java libraries of the old and the new version. Hence it is recommended that you delete all Java libraries used by the old SAML module from the userlib folder of the project before upgrading to the latest version.