Bug

• [FC-102] - [fortress-web] fix problems with group page
• [FC-213] - [fortress-web] selenium tests fail on admin role range lookups
• [FC-226] - ehcache masking security exceptions
• [FC-227] - Exclude xml-apis from LDAP api
• [FC-228] - [fortress-rest] CVE-2017-12624: Apache CXF web services that process attachments are vulnerable to Denial of Service (DoS) attacks
• [FC-229] - don't ever write service account pws, even to debug log
• [FC-236] - getMessage() on LDAPExceptions returns empty

New Feature

• [FC-108] - Add support for RFC2307 BIS

Improvement

• [FC-177] - [ fortress-web ] remove kendo UI datatable control
• [FC-178] - [ fortress-web ] Upgrade to Apacke Wicket 7.4.0
• [FC-215] - User Add entry already exists exception
• [FC-216] - Improve jmeter tests
• [FC-217] - Option to disable role occupants
• [FC-223] - [fortress-web] upgrade to latest wicket 7.8
• [FC-224] - [fortress-web] reenable group and openldap audit tests
• [FC-225] - [fortress-web] make nav panel configurable
• [FC-231] - DAO's should be package private
• [FC-232] - [fortress-web] to Spring 5 and Wicket 7.9
• [FC-233] - [FORTRESS-REST] Upgrade to Spring 5 and latest CXF
• [FC-234] - Close the connection in http get
• [FC-235] - Add support for runtime constraints to be placed on activated roles

Edit/Copy Release Notes

The text area below allows the project release notes to be edited and copied to another document.