Back to Search Back to Search Results

Version 4.5.1

November 10, 2022

Improvements

  • Added a deployment option to force re-authentication on secure portals after a session timeout. This option affects SAML-authenticated portals only. It can reduce opportunities for unauthorized access to secure portals, but will eliminate a primary benefit of single-sign-on by forcing users to re-enter credentials more frequently. See Secure Portal Session Timeout for details.

Changes

  • The SAML authentication process in Titania Delivery has been improved for greater security. Sites that use SAML authentication may need to modify their IdP (Identity Provider) configuration to work with TD's enhanced security provisions. In particular, it is recommended that all SAML documents/messages and assertions be signed by the IdP. Consult your IdP documentation for instructions on how to do this. Note also that some IdPs may require the relying party (TD) to sign authorization requests. In this case, make sure to check the "Sign Authorization Requests" box when setting up the IdP configuration in Titania Delivery.

Limitations

  • If an HTTP session expires while displaying a SAML or OpenID login page as opposed to a Titania Delivery portal page, the user cannot reliably return to the original portal page and Titania Delivery will report an “401 Unauthorized” error after authentication. The user must navigate to the desired portal page URL and re-authenticate to resume.

Deprecated Features

These platform features are deprecated and will be removed at the next major release.

  • /resources/scripts/libs javascript files.

    The Titania Delivery platform includes the following javascript files that are available to themes using a url like [td-host]/resources/scripts/libs/[filename]. The preferred way to include front-end javascript resources is to put them in the static/scripts theme directory. Refer to Managing Static Files for a Portal

    • bootstrap.js (version 3.0.3)
    • bootstrap.min.js (version 3.0.3)
    • jquery-1.11.0.js
    • jquery-1.11.0.min.js
    • moment.min.js (version 2.9.0)

  • The default (built-in) portal login page will be removed at the next major release. This page is automatically supplied by the platform if the portal theme did not include a pages/login.ftl template. All themes provided by Oberon Technologies for the last several years have included this file. But it is possible that very old themes do not include pages/login.ftl. To avoid problems when upgrading to the next major release, Titania administrators should verify that their portal themes include this file (if using portal authentication). Refer to the Titania Delivery Developer's Guide for additional information.
Parent topic: Release History