Connect2id server 11.1

The multi-tenant edition of the Connect2id server can now be deployed with the AWS DynamoDB database-as-a-service, to benefit from useful features such as seamless replication between two or more AWS regions. If you need to serve identities globally, at low latency, while remaining available in the rare case of a total region outage, the cross-region replication is ideal for you. The Connect2id server data model allows for eventual consistency, and the replication can be tuned to minimise your AWS bills.

Prior to Connect2id server 11.1 the multi-tenant edition could be deployed with an SQL RDBMS only.

The new release also considerably reduces the web application footprint.

For details check the release notes below.

Important: Get the updated 11.1.1 release, the DynamoDB connector received a fix for a major bug introduced in 11.1.

Download

Standard Connect2id server edition

Apache Tomcat package with Connect2id server 11.1: Connect2id-server.zip

SHA-256: 5943726404dc03b582a99c4dee9770d1b6a3ddd596f960ca62a74b6ad22e40e1

Connect2id server 11.1 WAR package: c2id.war

SHA-256: 86ec5405396762d3a6254df767dfbf9aa66c37a003c5980da33f1c5390a43d0f

Multi-tenant edition

Apache Tomcat package with Connect2id server 11.1: Connect2id-server-mt.zip

SHA-256: 249167c61a296c28373d98f0ddaa12cb882954a8ab1b45d1ad680fb0ebc90ebb

Connect2id server 11.1 WAR package: c2id-multi-tenant.war

SHA-256: 85abee7a967ba055d1ccf1a555689903cf91a79962c812e41aacb3cd96def2c6

Questions?

Contact Connect2id support.


Release notes

11.1 (2021-02-17)

Summary

  • Support for AWS DynamoDB in the multi-tenant edition of the Connect2id server. Persisted tenant specific objects are isolated in their DynamoDB tables by means of a range (sort) key named "tid".

  • Reduces the footprint of AWS related dependencies by switching from the AWS Java SDK bundle to smaller service specific dependencies. The size of the final WAR file is reduced from 244 megabytes to 68 megabytes. If an SPI implementation (custom plugin) requires an AWS dependency previously available through the AWS Java SDK bundle it now needs to be explicitly included as a dependency.

Configuration

  • /WEB-INF/infinispan-multitenant-stateless-dynamodb.xml -- New Infinispan configuration file for the multi-tenant edition of the Connect2id server with an AWS DynamoDB backend. The standard DynamoDB configuration properties from the regular Connect2id server edition apply, save for the "dynamodb.applyRangeKey" and "dynamodb.rangeKeyValue" properties that have no effect.

Resolved issues

  • Fixes typo in the "invalid_client" error description (issue server/634).

Dependency changes

  • Updates to com.nimbusds:oauth2-authz-store:16.5

  • Updates to com.nimbusds:oidc-session-store:14.3

  • Updates to com.nimbusds:tenant-registry:5.3

  • Upgrades to com.nimbusds:infinispan-cachestore-dynamodb:4.1.1

  • Updates to com.nimbusds:jgroups-dynamodb-ping:1.2.5

  • Replaces com.amazonaws:aws-java-sdk-bundle with the narrower aws-java-sdk-dynamodb and aws-java-sdk-s3:1.11.955

  • Updates to com.nimbusds:software-statement-verifier:2.1.1