release: / 20

Github source: 9acdaedf or master branch

This release includes UAA 3.8.0

IMPORTANT: Backward Incompatible Changes

With this release UAA defaults to enforcing signature validation on Incoming SAML Assertions. Please make sure any SAML Identity configured for UAA is sending only signed SAML assertions

description: "Global property to request that external IDPs sign their SAML assertion before sending them to the UAA"
default: true

Other Spec Changes

description: "IDP Discovery should be set to true if you have configured more than one identity provider for UAA. The discovery relies on email domain being set for each additional provider. This property will also enable a list of selectable accounts that have signed in via the browser."
default: false

Support for memberOf
description: "Search start point for a user group membership search, and sequential nested searches.. You can set this value to 'memberOf' when using Active Directory and skip group search but use the calculated memberOf field on the user records. No nested search will be performed."
default: ""
description: "If using StartTLS, what mode to enable. Default is none, not enabled. Possible values are none, simple"
default: none

Upload this release version to the Director:

$ bosh upload-release --sha1 3d7d72229d660b566444bd09548cc7727a18480d

Modify deployment manifest to use this release in addition to any other used releases:

- name: uaa
  version: "20"

Finally add needed deployment jobs and specify values for required properties.

Optionally download sha1: 3d7d72229d660b566444bd09548cc7727a18480d release tarball locally:

# ...or download it directly using curl
$ curl -L -J -O

# or with wget...
$ wget --content-disposition