The next release – 2.7.3 – is out. It includes numerous small to medium improvements and one important bugfix.
The most significant changes are:
- Registration form can be configured now to automatically login a user who submitted a registration request and the request was auto-accepted. (Won’t work if user has to confirm her email first).
- Couple of password related improvements were added:
- Password reset is not required anymore after changing password storage/hashing parameters. Instead a password is rehashed on the fly when user is being signed in for the first time after configuration change.
- Identities grid in AdminUI allows now for showing a detailed information on all credential statuses.
- When editing password quality settings, admin can verify with one click whether the setting is secure and how it will affect sign in time.
- Forgotten password reset UI was refactored not to use popup dialogs. This the last step of aligning UX of the authN screen: all sign in, registration, outdated password and forgotten password UIs are using the same full screen, clean approach, which is simpler to use and easier to brand.
- Session expiration handling was improved. The older method was not perfect, e.g. session inactivity timeouts were enforced with +/- 20s tolerance. Current implementation should be precise and more solid.
- A bug which was causing some of the dynamic attributes not to be returned was fixed. This affected a single REST API resource (resolving of complete group contents) and custom attribute columns in Admin UI Identities grid.
Please check the Downloads for a complete list of changes.