Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-3012

Release WildFly Elytron 2.2.16.Final

XMLWordPrintable

    • Icon: Release Release
    • Resolution: Done
    • Icon: Major Major
    • 2.2.16.CR1
    • None
    • None
    • None

      https://github.com/wildfly-security/wildfly-elytron/compare/2.2.15.Final...2.2.16.Final

      commit cb0cf82e785aae99fac6fd5de24d2d19437bfed6
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Thu Feb 12 14:02:27 2026 +0000

    [maven-release-plugin] prepare release 2.2.16.Final

commit 5f8e8b6bb53f335ba4bcae72740d73c874b47aaf
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Thu Feb 12 12:53:19 2026 +0000

    [ELY-3010] Update JAPICMP Plugin to 1.15.28.final

commit d0a4c2698c4a650c4442a679728c043e68a8ba83
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Thu Feb 12 12:45:37 2026 +0000

    [maven-release-plugin] prepare for next development iteration

commit 7a0abb6c7950c45a7a6c43031b7de1ca4abf8bd4
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Thu Feb 12 12:45:36 2026 +0000

    [maven-release-plugin] prepare release 1.15.28.Final

commit bab58b8557e828857afef80d3f3ce084ec434b39
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Thu Feb 12 10:45:23 2026 +0000

    [ELY-3011] Update WildFly Elytron to publish directly to Maven Central.

commit 1ab32f1677a9a89d2ab30e24113f30727be5303b
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Tue Feb 10 10:19:30 2026 +0000

    [ELY-3007] When generating HA1 errors interacting with the CBH are bypassing the mechanisms own error handling.

commit 89cbcc15a7f98e2e70ce0bdf4eac4abc372cdc22
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Fri Feb 6 20:50:32 2026 +0000

    [ELY-3005] We need to handle the first call as a special case.
    
    We don't know if System.nanoTime() is returning negative values to begin
    with.

commit 4ec0ecccd855995304ff662ee8115fe4e326ceef
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Fri Feb 6 11:14:17 2026 +0000

    [ELY-3003] Follow up work to the LRU handling.
    
     - Increase the maximum size to 25,000
     - Include the realm name in log messages and enable this to be passed
       in.
     - If eviction from the cache occurs due to size log a WARN, restrict
       this to maximum of once every 15 minutes per realm.

commit 37731383c5115b589b5df2e78496ca60fba57a31
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Thu Feb 5 19:52:51 2026 +0000

    [ELY-3003] Switch to a LRU cache of sessions so we can control memory utilisation.

commit f124996a0aff41567f3ee7fb6a9c106ec4ebfe8e
Author: Diana Krepinska <diavilko@gmail.com>
Date:   Thu Jan 29 19:12:52 2026 +0100

    [ELY-2991] Update API check to 2.2.15.Final

commit 8931ce6c02ddcef0017fa76d9af9572294cf8e74
Author: Diana Krepinska <diavilko@gmail.com>
Date:   Thu Jan 29 17:26:27 2026 +0100

    [maven-release-plugin] prepare for next development iteration

commit ba215b03b243a6a42043d7974a7c94098af4f981
Author: Diana Krepinska <diavilko@gmail.com>
Date:   Thu Jan 29 15:37:47 2026 +0100

    [ELY-2990] Update API check to 1.15.27.Final

commit f4493ed2c3a8cb69c80d8b1a9d034dda065ad708
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Thu Jan 29 13:37:16 2026 +0000

    [ELY-2891] Specify type of ThreadLocal.

commit 54eac76d1bd79973fd48149e34a6b4d17c0fe692
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Thu Jan 29 12:58:49 2026 +0000

    [ELY-2891] Update the default brute force values,
    
    Lock after 10 failed attempts.
    Lock for 15 minutes.
    Keep the tracker session alive for 30 minutes.

commit 0a2461413f7dcc508783bd1e4eb971940d74cd89
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Thu Jan 22 17:19:00 2026 +0000

    [ELY-2891] Add some TRACE logging so we can see the events intercepted by the brute force wrapper.

commit 60e1c2382a145e8363147155d4f76a1a76377120
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Thu Jan 22 13:31:53 2026 +0000

    [ELY-2891] Add a mechanism so that if brute force protection is applied
    multiple times the first wrapper is the only one to process
    authentication events.

commit 0621637f4df732f72da405ea36ae135acae53566
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Tue Jan 20 18:34:56 2026 +0000

    [ELY-2891] Unwrap any Exception from the proxied call.

commit 4123f65292fee9ccec4387cca64dc6fa847d35d7
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Tue Jan 20 15:31:55 2026 +0000

    [ELY-2891] Add additional TRACE logging to help with diagnostics.

commit 1c24532687c5a5e64eb2abc0bdb0c468491009da
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Fri Jan 9 13:28:42 2026 +0000

    [ELY-2891] Additional updates following review feedback.

commit 8f5c34458f5e48254fbacea00d6ca45528dc6012
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Wed Jan 7 17:37:39 2026 +0000

    [ELY-1891] Remove trailing spaces.

commit 1c51497ead87d3eb5f65c011f1d8923473971b95
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Wed Jan 7 17:02:22 2026 +0000

    [ELY-2891] Add a unit test for the BruteForceTealmWrapper.

commit 1aea89dc7e8a95f55dde5241eceaba66292a4618
Author: Darran Lofthouse <darran.lofthouse@jboss.com>
Date:   Wed Apr 23 18:51:18 2025 +0100

    [ELY-2891] Add a SecurityRealm wrapper to add mitigations for password brute forcing.

              darran.lofthouse@redhat.com Darran Lofthouse
              darran.lofthouse@redhat.com Darran Lofthouse
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: