@mashroom/mashroom-security-provider-ldap
Advanced tools
Changelog
1.9.1 (November 8, 2021)
- Portal: Fixed loading multiple instances of an App on the same page (was broken due to a caching issue, see issue #89)
- LDAP Security Provider: Fixed searching for groups if the distinguished name contains special characters (as defined in RFC 2253)
Changelog
1.9.0 (October 18, 2021)
- Portal: BREAKING CHANGE: Removed portalBasePath from the page render model because it doesn't make sense in combination with the vhost path mapper. Only use siteBasePath.
- Portal: Client log messages contain now the path of the page where they were generated
- K8S Remote App Registry: Added the possibility to filter services by label selectors
Example:
"k8sNamespacesLabelSelector": "environment=development,tier=frontend", "k8sNamespaces": null, "k8sServiceLabelSelector": "microfrontend=true,channel!=alpha" - K8S Remote App Registry: Added the possibility to scan in namespaces identified by a labelSelector.
Example: Scan all services in namespaces with label environment=development and microfrontend in the name:
"k8sNamespacesLabelSelector": "environment=development", "k8sNamespaces": null, "serviceNameFilter": "(microfrontend-)", - Portal: BREAKING CHANGE: Removed MashroomRestService from client services because it is only intended for internal use. Portal Apps should use fetch directly.
- Default Theme: Added an SPA mode where the theme will try to operate like an SPA and loads new page content via AJAX and replaces the DOM. This only works until the user does not navigate on a page with a different theme or different page enhancements, in that case a full page load is triggered.
- Portal: Added an API endpoint to just fetch the page content without header, navigation, page enhancements and so on.
This can be used for themes that work like an SPA.
Example:
http://localhost:5050/portal/web/___/api/pages/test2/content?currentPageId=subpage1Means: Give me the content (and scripts to launch/hydrate the Apps) for page test2, and I'm currently on page subpage1, tell me if I need a full page load because the theme or something else outside the content area is different. - Portal: Initial pages are now completely rendered on the server side (including the App wrapper). To make it more clear that not only the layout is rendered anymore, the property portalLayout in the render model has been deprecated and the new property pageContent should be used instead.
- Portal: It is now possible to define how to render an App and errors during App loading are rendered in the theme.
You just need to add the new views appWrapper and appError. The content of appWrapper could look like this
(when using Handlebars):
BREAKING CHANGE: Previously it was possible to customize the App wrapper and error message using the client side functions MashroomPortalCreateAppWrapperFunc and MashroomPortalCreateLoadingErrorFunc - those are ignored now.<div id="portal-app-{{appId}}" class="mashroom-portal-app-wrapper portal-app-{{safePluginName}}"> <div class="mashroom-portal-app-header"> <div class="mashroom-portal-app-header-title" data-replace-content="title">{{title}}</div> </div> <div class="mashroom-portal-app-host" data-replace-content="app"> {{#if appSSRHtml}} {{{appSSRHtml}}} {{else}} <div class="mashroom-portal-app-loading"><span/></div> {{/if}} </div> </div> - Default Theme: Added a flag (showPortalAppHeaders) to the config to be able to hide the App headers
- Admin App: Show/Hide App Control is now persisted during page navigation
- Added a demo Composite App: Demonstrates the possibility to use existing Apps as building blocks within other Apps. Basically it uses the MashroomPortalAppService to tell the Portal where it should place an App with a given name and a custom appConfig. Additional it demonstrates how such a Composite App can have a "private" message bus.
- Portal: BREAKING CHANGE: Removed sendUserHeaders and addHeaders from the proxy config of Portal Apps because both should be done via HTTP Proxy Interceptor now. If you were using sendUserHeaders just add mashroom-http-proxy-add-user-headers to your plugins.
- Added a plugin to add the ID/JWT token to backend requests if OpenID connect is used (mashroom-http-proxy-add-id-token)
- Added a plugin to add user data as headers to backend requests (mashroom-http-proxy-add-user-headers)
- HTTP Proxy: The HTTP interceptor can now also process WebSocket upgrade requests (added optional method interceptWsRequest())
- MongoDB client upgraded to v4 BREAKING CHANGE: If you use mashroom-session-provider-mongodb or mashroom-storage-provider-mongodb please check your connection options since they have changed. E.g. poolSize and useUnifiedTopology no longer exist. Check out https://mongodb.github.io/node-mongodb-native/4.1/classes/MongoClient.html#options
- Admin App: Bundle size cut in halve, loads now faster
- Sandbox App: It is possible now to search for Apps (autocomplete)
- Portal: Fixed the problem that pages with special characters (like Umlaute) in their path didn't work
Changelog
1.8.3 (September 11, 2021)
- HTTP Proxy: The default implementation forwards now query parameters correctly if the base path already contains query parameters - fixes #85
- Sandbox App: Shows only Apps which are available for the authenticated user now (previously it also showed Apps that could not be loaded by the user)
- Admin App: Fixed broken autocomplete of roles
- Sandbox App: Apps are sorted by their name now
Changelog
1.8.2 (September 6, 2021)
- Legacy Browser Support: Added a polyfill for document.currentScript to support lazy loading via webpack 5 automatic public path
- Portal: Improved client side error handling; console errors are also logged to the server now and errors are serialized properly
- HTTP Proxy: Added additional metrics such as the served requests, connection errors and timeouts
- HTTP Proxy: Fixed the error handling in the node-http-proxy based (default) proxy implementation; this fixes #77
- WebSocket Demo Portal App: Switched to a working WebSocket echo server
- Portal: Fixed caching problem in IE11 that confused the auth expiration check
Changelog
1.8.1 (August 23, 2021)
- Portal: Allow proxies to cache shared resources such as Theme assets and shared page enhancement assets (by setting "public" in the Cache-Control header)
- Portal IFrame App: Waiting until the iframe content is available works now in Chrome also (prevents an empty iframe from being shown)
Changelog
1.8.0 (August 9, 2021)
- Portal: Fixed login failures due to "ENOENT: no such file or directory" errors when using mashroom-session-provider-filestore under Windows
- Portal: Reduced the number of session expiration checks to the server
- OpenID Connect Security Provider: Allowed multiple parallel auth requests. This fixes the problem that the login failed if multiple browser tabs were open and triggered the login at the same time.
- OpenID Connect Security Provider: Reduced the number of token refreshes
- Added a demo App for WebSocket proxy usage (@mashroom/mashroom-portal-demo-websocket-proxy-app)
- Portal: The App proxy supports now WebSocket. This means, that Apps (Microfrontends) can open WebSocket connections to servers "behind" the Portal. The usual (optional) Security headers going to be sent with the initial upgrade/handshake request. Proxy interceptors are ignored for WebSocket connections.
- HTTP Proxy: Added WebSocket support
- HTTP Proxy: Fixed rewriting the host header, so forwarding works even if the target server uses virtual hosting
- HTTP Proxy: The node-http-proxy based implementation is now default
- Added HTTP/2 support for HTTPS - this currently uses the node-spdy
modules which has a known problem with compressed data.
So, don't use this if your API server compresses responses. Also, don't use this if you rely on WebSocket or SSE.
To enable it add this to you your server config:
{ "enableHttp2": true } - Added TLS support (HTTPS). Can be enabled like this in the server config:
The tlsOptions are passed to https://nodejs.org/api/tls.html#tls_tls_createserver_options_secureconnectionlistener{ "httpsPort": 5443, "tlsOptions": { "key": "./certs/key.pem", "cert": "./certs/cert.pem" } } - Remote App Registry and Remote App Registry Kubernetes: Added support external plugin definitions. The need to be in JSON format and also expose on / by the server.
- Core: Mashroom supports now "external" plugin definition files, so the "mashroom" node in package.json can be in a separate
file, by default mashroom.json or mashroom.js. E.g.:
The possible file name can be changed in the server config via the externalPluginConfigFileNames config property.{ "$schema": "https://www.mashroom-server.com/schemas/mashroom-plugins.json", "devModeBuildScript": "build", "plugins": [ { "name": "Mashroom Portal Demo React App", "type": "portal-app", "bootstrap": "startReactDemoApp", "resources": { "js": [ "bundle.js" ], "css": [] }, "defaultConfig": { "resourcesRoot": "./dist" } } ] } - Introduced JSON Schemas for all config files:
- package.json: schemas/mashroom-packagejson-extension.json
- mashroom.json (Server config): schemas/mashroom-server-config.json
- acl.json: schemas/mashroom-security-acl.json
- groupToRoleMapping.json: schemas/mashroom-security-ldap-provider-group-to-role-mapping.json
- userToRoleMapping.json: schemas/mashroom-security-ldap-provider-user-to-role-mapping.json
- users.json: schemas/mashroom-security-simple-provider-users.json
- topicACL.json: schemas/mashroom-security-topic-acl.json
- remotePortalApps.json: schemas/mashroom-portal-remote-apps.json The schema can be applied by adding @mashroom/mashroom-json-schemas to your dependencies:
or by using the remote location:{ "$schema": "./node_modules/@mashroom/mashroom-json-schemas/schemas/mashroom-packagejson-extension.json", "name": "my-package" }{ "$schema": "https://www.mashroom-server.com/schemas/mashroom-packagejson-extension.json", "name": "my-package" } - BREAKING CHANGE: All default config file names are now in camel case. The following config files had been renamed:
- remote-portal-apps.json -> remotePortalApps.json
- topic_acl.json -> topicACL.json
- Tabify App: Added the possibility to have fixed titles for the tabs (appConfig.fixedTabTitles)
- Portal: Added metaInfo and screenshots to MashroomPortalAppService.getAvailableApps() response. This allows an App to launch another App based on metadata and could be used to show a preview image.
- OpenID Connect Security Provider: Allow mapping arbitrary claims to user.extraData
- OpenID Connect Security Provider: Allow configuring HTTP timeout and number of retries when contacting the Authorization Server
Changelog
1.7.9 (June 19, 2021)
- Core: Added a new property devModeNpmExecutionTimeoutSec to the server config to increase the npm execution timeout in dev mode on slow computers (default is 180)
- Sandbox App: The sandbox now uses the "real" message bus and therefore supports Apps that use the message bus interceptor, and can also simulate communication with other Apps on the same page. Also, the Sandbox can now load itself properly ;-)
- Portal: MashroomPortalRemoteLogger improved:
- Added an info() method
- Fixed client side error serialisation
- Virtual host path mapper: Make sure the reverse mapped location header is never empty (fixes #79)
Changelog
1.7.8 (May 31, 2021)
- 3rd party libraries with know vulnerabilities upgraded
- Angular Demo App: Remove zone.js because it pollutes the public space and possibly influences other Apps
- Portal: Added the possibility to prefetch Portal App resources (MashroomPortalAppService.prefetchResources) which is useful if you know which apps you will have to load in the future and want to minimize the loading time.
- Portal: Fixed loading shared CSS resources
- Portal: Allow messages with empty data (null or undefined)
- Portal: Take existing appConfig for Portal Apps from server config file even if the App itself has no appConfig defined