The Shibboleth development team has announced the release of version 2.2 of the IdP. The upgrade is available at http://shibboleth.internet2.edu/downloads/shibboleth/idp
This release corrects a number of bugs and introduces several new features:
Metadata Provider improvements:
- Reloading metadata in a background thread now prevents the most common cause of the occasional "pause" users see when they log in.
- Use of conditional HTTP GETS when pulling metadata from HTTP sites. This can greatly reduce the amount of data pulled and processed over time.
- Support for HTTP compression, generally reducing network traffic by a factor of 10.
- Support for HTTP proxies.
LDAP improvements:
- LDAP result caching can now be enabled, potentially reducing the number of times the IdP needs to go out to the LDAP for attributes.
- Improved failover capabilities when using multiple LDAP replicas
- Option to lowercase attribute IDs that come from LDAP (fixes case-sensitivity issues that some sites encountered)
There is also expanded documentation on customizing the login.jsp page, including how to detect and inform users on errors caused by directly accessing this page.
If you upgrade, be sure to follow the upgrade documentation at https://spaces.at.internet2.edu/display/SHIB2/IdP22Upgrade.
This will be the last major release in the 2.X line. The next major release will be 3.0. The Shibboleth team plans to produce scripts that will upgrade 2.X configurations to 3.X configurations. These upgrade scripts will assume 2.2 configuration files with all deprecated configuration items and notations removed (you'll see warnings in your log when you start up IdP 2.2 that tells you what has been deprecated).