Table Of Contents

Previous topic

1. History of releases

Next topic

3. Introduction

2. Changelog

2.1. Changes in version 1.8.0

  • Introduce new AA plugin configuration option to ignore the suffix part of UPN usernames in RDP connections

2.2. Changes in version 1.7.0

2.3. Changes in version 1.6.1

  • Update pipfile package versions to match OS upgraded SPS versions

  • Change plugin-SDK python version to 3.8

  • Remove dn_check and dns_lookup from _create_trusted_ca

2.4. Changes in version 1.6.0

  • Add user-visible deny reasons to deny.

  • Use deny reasons in MFAClient. When authentication fails for well defined reasons MFAClient will send a deny reason to the end user

  • pluginv run-scenario task now handles the NEEDINFO verdict in authorization hook. The task’s selftest option includes NEEDINFO verdict in both authentication and authorization hooks.

  • Introduce authentication_username and authentication_password attributes in CredentialStorePlugin base class

  • Introduce EndpointExtractor utility class which can be used to make HTTP requests to an endpoint and then extract data from the responses.

  • Introduce asset and account generation customization options _generate_assets and _generate_accounts. The following options can be configured in the Common configuration options

    • asset generator methods

    • domain suffix for assets

    • domain asset mapping

    • account prefix and suffix

  • Follow up change in SPS REST API.

2.5. Changes in version 1.5.4

Fix an issue in pluginv where run-scenario task used outdated authentication parameters.

Introduce server-username parameter to reflect parameter name change.

Deprecate target-username parameter.

2.6. Changes in version 1.5.3

Fix an issue where an AA plugin would ask interactively for the one time password, even on non interactive protocol such as MS SQL.

2.7. Changes in version 1.5.2

Enhance error handling in MANIFEST file processing.

2.8. Changes in version 1.5.1

Fix calculation of legacy target_ip, target_host, target_server parameters.

2.9. Changes in version 1.5.0

Changes in plugin hook parameters available through self.connection. The parameters staring with target_ are deprecated, use server_ from now on. There are two new parameters client_hostname and server_hostname that contain the name of the client and server if DNS could resolve it from the ip address client_ip and server_ip otherwise None.

2.10. Changes in version 1.4.4

If an AA plugin is used as first factor in SPS, allow setting a gateway user to authenticate via the “gu” key value.

For example in RDP protocol when AA plugin is first factor, this allows setting gateway user by providing MYDOMAIN\gu~gwuser%Administrator.

2.11. Changes in version 1.4.3

The plugin ZIP handling is now emitting errors that are consistent with the SPS REST API.

2.12. Changes in version 1.4.2

Revise administrative information of Plugin SDK for public release on pypi.org.

2.13. Changes in version 1.4.1

Warn user when pluginv dist/release generates zipfile that exceeds 20MB.

Do not allow to package plugin with Plugin SDK as a runtime dependency.

2.14. Changes in version 1.4.0

LDAPService has new method get_user_string_attributes to fetch multiple LDAP attributes at the same time.

HTTPS proxy configuration can be overridden from plugin config, and password can be stored in a credential store. Also, the name of the section is changed to https-proxy (but https_proxy is also supported for backward compatibility).

Allow signing CA plugin type to be built, tested, etc with pluginv script.

Add MemoryCache service for using a local non-persistent Redis for cache.

Do not remove metadata from python libraries bundled with a plugin by pluginv, unless requested by the developer.

Fix pluginv run-recording-tests not printing interactive questions.

2.15. Changes in version 1.3.1

Fix issue with the pluginv packaging task where the generated default.cfg doesn’t get packaged

2.16. Changes in version 1.3.0

Fix issue with BoxConfiguration overhead vs. HTTPS proxy settings.

Add get_ca_certificates function to PluginConfiguration to have means to configure CA certificate chains.

Add RequestsTLS class, which can instantiate Session objects from the requests library, preconfigured with TLS settings.

If default.cfg of a plugin does not exist, let pluginv create it from default.cfg.plugin and plugin type defaults.

2.17. Changes in version 1.2.1

Fix issue in testing plugins outside SPS.

2.18. Changes in version 1.2.0

Make it possible to configure SSH private key directly in plugin configuration, instead of via credential store - strictly for testing purposes.

Add version-sdk and version-sps task to pluginv script to generate version information for plugin release.

Add CredentialStorePlugin base class for credential store plugins.

2.19. Changes in version 1.1.4

Fix plugin distribution build on systems where Python2 is the default.

2.20. Changes in version 1.1.3

Add pluginv script to the Plugin SDK for supporting design and build tasks.

2.21. Changes in version 1.1.2

Initial release.