-
Notifications
You must be signed in to change notification settings - Fork 14
/
RELNOTES.txt
214 lines (147 loc) · 8.12 KB
/
RELNOTES.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
Release Notes for
Helix Authentication Extension
Version 2024.2
Introduction
The Helix Authentication Extension is a Helix Core Server extension that
integrates with the Helix Authentication Service to facilitate the
integration of identity providers supporting either the OpenID Connect or
SAML 2.0 authentication protocols.
Perforce numbers releases YYYY.R/CCCCC, for example 2002.2/30547. YYYY is
the year; R is the release of that year; CCCCC is the bug fix change level.
Each bug fix in these release notes is marked by its change number. Any
build includes (1) all bug fixes for all previous releases and (2) all bug
fixes for the current release up to the bug fix change level.
Important Notes
Logging out of a Helix Core or Helix ALM client does not invoke a logout
with the identity provider (IdP). Depending on the IdP, subsequently
starting a Helix Core or Helix ALM client might result with the user being
logged in again without the user being prompted to provide credentials.
Supported Platforms
Linux (x86_64)
RHEL 7, 8, 9
CentOS 7, 8.0
Ubuntu 20.04, 22.04, 24.04
The above platforms are tested and subject to regression testing on a
frequent basis. Errors or bugs discovered in these platforms are prioritized
for correction. Any platform not listed above is not actively tested by
Perforce.
Requirements
Helix Core Server 2019.1 or higher
Documentation
The Helix Authentication Extension Administrator's Guide is publicly
available on GitHub at the URL below:
https://github.com/perforce/helix-authentication-extension
The guide details the steps for installation, upgrade, and configuration of
the server extension.
Known Limitations
Perforce cannot guarantee and has not exhaustively tested the compatibility
of 3rd Party Plugins with the Helix Authentication Service. It is up to each
3rd party plugin owner to make his/her plugin compatible.
Users authenticating with the Helix Server will likely need to use one of
the supported clients to authenticate. Once a valid P4 ticket has been
acquired, then clients other than those listed above should function
normally. In particular, the clients need to handle the `invokeURL` feature
added in the 2019.1 P4API. This includes the P4API-derived clients
(P4Python, P4Ruby, etc) which at this time do not yet support this feature.
P4Eclipse
When using P4Eclipse, you must authenticate using one of the clients
listed above under the **Requirements** section. Then, when setting up
the initial P4 connection in P4Eclipse, you are prompted for a user and
password. Only put in the username and leave the password field blank.
The client will then use the existing connection.
P4SL
When using P4SL, you must authenticate using one of the clients listed
above under the **Requirements** section. Then, when setting up the
initial P4 connection in P4SL, you are prompted for a user and password.
Only put in the username and leave the password field blank. The client
will then use the existing connection.
IntelliJ (3rd Party Plugin)
When logging in to Perforce using IntelliJ, it will prompt for a
password but also open the browser to the identity provider. Once you
have authenticated with the IdP and acquired a P4 ticket, IntelliJ will
still be waiting for a password. Submit that login request and let it
fail, after which IntelliJ will operate normally.
Changes in every release: Bugs Fixed, New Functionality
----------------------------------------------------------------------
New functionality in 2024.2 (2024.2/2634404) (2024/08/05)
No new features in this release.
----------------------------------------------------------------------
Bugs fixed in 2024.1 (2024.1/2571580) (2024/03/13)
HAS-491 (Change #2485848)
Perforce user with 'ldap+2fa' was mistakenly given a login URL.
HAS-496 (Change #2497947)
Extension could not connect to the service in certain circumstances that
involves a complex network setup. Added Resolve-Host setting to provide
a work-around in those scenarios.
----------------------------------------------------------------------
Bugs fixed in 2023.2 (2023.2/2479541) (2023/08/24)
HAS-452 (Change #2295793)
Configure script now captures all existing settings when upgrading
an existing extension installation.
----------------------------------------------------------------------
New functionality in 2023.1 (2023.1/2422401) (2023/03/24)
HAS-332
Add configurable Service-Down-URL to which the extension will direct
the user in the event that the authentication service is failing.
----------------------------------------------------------------------
Bugs fixed in 2022.2 (2022.2/2350030) (2022/11/14)
HAS-333 (Change #2295793)
Configure script will build extension before removing existing
extension, avoiding issue with older p4 client failing to build
the extension.
----------------------------------------------------------------------
Bugs fixed in 2022.1 (2022.1/2295205) (2022/06/09)
HAS-173 (Change #2204616, 2206760, 2206866, 2207007)
A cryptographically signed build of the extension will be provided
via GitHub, avoiding the need to allow unsigned extensions.
HAS-267 (Change #2221386)
If the extension setting Service-URL is missing from the global
configuration, the extension will fail in a manner that still
permits database-password accounts to authenticate.
----------------------------------------------------------------------
New functionality in 2021.2 (2021.2/2186511) (2021/09/23)
HAS-48 (Change #2143954)
Allow changing the TLS certificate file paths.
----------------------------------------------------------------------
Bugs fixed in 2021.1 (2021.1/2130312) (2021/05/27)
HAS-188 (Change #2084514)
Configure script now reads extension configuration correctly.
HAS-189 (Change #2084411)
Extension correctly distinquishes P4V from P4VS during login.
----------------------------------------------------------------------
Other changes in 2021.1 (2021.1/2130312) (2021/05/27)
HAS-139 (Change #2090744)
Extension automatically treats non-standard users as not using SSO
mechanism for authentication (i.e. operators and service users).
----------------------------------------------------------------------
Bugs fixed in 2020.2 (2020.2/2065870) (2021/01/28)
HAS-78 (Change #2049963, 2050005)
Add options "sso-users" and "sso-groups" to define Perforce users
and groups that must use the SSO authentication mechanism.
----------------------------------------------------------------------
Bugs fixed in 2020.1 (2020.1/2016391) (2020/09/24)
HAS-43
URL not sent to user logging in to edge server.
Caused by P4-19549 in Helix Core Server, fixed in 2019.1.11,
2019.2.8, 2020.1.1, and 2020.2 releases.
----------------------------------------------------------------------
New functionality in 2019.1.1.000002
HAS-83 (Change #1983564)
Bypass SSL usage for plain HTTP service URL.
HAS-123 (Change #1995552)
Linux-based configuration script for login extension.
----------------------------------------------------------------------
Bugs fixed in 2019.1.1.000002
HAS-105 (Change #1999883)
Error 408 during login when the auth-protocol setting is empty.
----------------------------------------------------------------------
New functionality in 2019.1.1.000001
HAS-37 (Change #1911767)
Treat users whose AuthMethod is LDAP as non-SSO users.
----------------------------------------------------------------------
Bugs fixed in 2019.1.1.000001
HAS-47 (Change #1952506)
User identifiers should be compared in a case-insensitive fashion.
----------------------------------------------------------------------
2019.1
Initial release