New Version of Shibboleth IdP (v 2.2) Released

Posted on Thursday, 30 September 2010

Version 2.2 of the Shibboleth IdP software has been released.

It is available for download from

An email describing the release has been posted on the mailing list. The following is a summary.

Because this release introduces a number of significant functional improvements, you should consider upgrading to it. If you decide to do so, please follow the upgrade documentation:

Metadata Provider Improvements

  • Reloading metadata in a background thread now prevents the most common cause of the occasional "pause" which users see when they log in.
  • Use of conditional HTTP GETs when pulling metadata from HTTP sites. This can greatly reduce the amount of data pulled and processed over time.
  • Support for HTTP compression, which can greatly reduce network traffic.

LDAP Improvements

  • LDAP result caching can now be enabled, potentially reducing the number of times the IdP needs to go out to the LDAP for attributes.
  • Improved failover capabilities when using multiple LDAP replicas.
  • Option to lowercase attribute IDs that come from LDAP (this fixes case-sensitivity issues that some sites have encountered).

Customizing the login.jsp Page

There is expanded documentation on customizing the login.jsp page, including how to detect (and inform users about) errors caused by accessing this page directly.

Future Releases

2.2 is the last major release in the 2.X line; the next major release will be 3.0. Scripts upgrading 2.X configurations to 3.X configurations will be provided. These upgrade scripts will assume 2.2 configuration files with all deprecated configuration items and notations removed; you'll see warnings in your log when you start up IdP 2.2 telling you what has been deprecated.

Edited by JohnMurison on 30 September 2010, at 12:49 PM (Permalink)