kube-ldap v2.0.1

Fixed

• For every authentication or token review request a new ldap connection is used, instead using a single connection for all requests. This resolves problems where the single connection went unresponsive (#27).

kube-ldap v2.0.0

Added

• Prometheus exporter on route "/metrics" (basic auth protected)

Changed

• BREAKING: Extra-Attributes and groups are now no longer included in the JWT issued after user authentication. Extra-Attributes and group memberships are now resolved during the token review and are included in the token review response
• Internal: Use ldapts instead of ldapjs as ldap library

Fixed

• Fix membership resolution for ldap objects without any membership

Removed

• BREAKING: LDAP StartTLS is no longer supported
• BREAKING: LDAP reconnect logic (now there's a new connection for every request)

kube-ldap v1.3.0

Changed

• Failed authentication sends a WWW-Authenticate header in the HTTP response
• Default loglevel is now info (was debug)
• Update node to latest 8.x LTS in docker image

Added

• LDAP related logging
• Configuration parameter whether to use StartTLS for LDAP or not (enabled by default).

Fixed

• Single group memberships are returned as a string (instead of an array) by LDAP in some cases and broke the membership resolution. This is now handled correctly.
• Fixed units in README for LDAP reconnect config parameters.

kube-ldap v1.2.1

CHANGELOG

• added ldap reconnect logic (with configurable parameters)

kube-ldap v1.2.0

CHANGELOG

• added configurable timeout for ldap connections and operations (#2)
• implemented configurable mapping between ldap and kubernetes attributes (#7)

kube-ldap v1.1.0

CHANGELOG

• added TLS (https) support (#1)
  • enabled by default

kube-ldap v1.0.0

initial release