This software patch resolves a number of security defects and customer reported bugs in Red Hat Single Single On 7.1. RH-SSO will deliver patches on a repeating schedule to resolve security defects and customer reported bugs. Fixes for RH-SSO 7.1 will continue until RH-SSO 7.2 is released, and at that time maintenance will be delivered on RH-SSO 7.2.

Updated client adapters are released as needed to resolve customer reported issues or security fixes. The adapters are released as needed so often a given cumulative patch version will not have an associated client adapter for all products.

For more information on which client adapters are tested and supported with Red Hat Single Sign-On versions see: Red Hat Single Sign-On adapter and server compatability

This update includes all fixes and changes from JBoss EAP 7.1 Update 03.

This update includes the following bug fixes or changes:

ID Component Summary
RHSSO-1162 Bouncycastle version updated
KEYCLOAK-5848 Server Possibility to configure different attribute for GET_GROUPS_FROM_USER_MEMBEROF_STRATEGY instead of memberof
KEYCLOAK-5698 Server Sync update of cached user doesn't invalidate user
KEYCLOAK-5183 Adapters Support for AssertionConsumerServiceUrl in Saml Adapter subsystem
KEYCLOAK-5767 Adapters IE9 sometimes using HTTP status code 1223 instead of 204

Installation

For instructions on applying Red Hat Single Sign-On cumulative patch (also referred to as a Micro Release) see Micro Upgrades in Red Hat Single Sign-On 7.1 Patching And Upgrading Guide.

The adapters are distributed as a full release which is intended to replace the existing adapter. Full details are available in Upgrading Red Hat Single Sign-On Adapters.

Deprecated

IBM DB2 is deprecated as a tested integration and will no longer be tested with releases after and including Red Hat Single Sign-On 7.3.