You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
With this release Couper brings even more value when it comes to connecting services and security. We made mTLS configurable for both sides, the server side and the backend one. Couper is normally used behind an ingress but is now able to serve secured content and forces clients to present a valid certificate if configured. For the backend blocks Couper acts as client and is able to present a client certificate to the origin. This feature also allows to additionally configure a CA certificate per backend, unlike the ca_file option which configures a certificate for all outgoing connections.
To configure a Single Page Application for different environments, believe it or not, things could get complicated. Couper comes with a simple but powerful spaattribute to inject a custom JSON object into the bootstrap file via a defined placeholder while serving this to the client.
spa block option to inject server-data to the applications bootstrap_file with bootstrap_data (#626)
OAuth2 client authentication methods (token_endpoint_auth_method values) "client_secret_jwt" and "private_key_jwt" including jwt_signing_profile block for oauth2, beta_oauth2 and oidc blocks (#599)
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
1.11.0
With this release Couper brings even more value when it comes to connecting services and security. We made mTLS configurable for both sides, the
server
side and thebackend
one. Couper is normally used behind an ingress but is now able to serve secured content and forces clients to present a valid certificate if configured. For thebackend
blocks Couper acts as client and is able to present a client certificate to theorigin
. This feature also allows to additionally configure a CA certificate per backend, unlike theca_file
option which configures a certificate for all outgoing connections.To configure a Single Page Application for different environments, believe it or not, things could get complicated. Couper comes with a simple but powerful
spa
attribute to inject a custom JSON object into the bootstrap file via a defined placeholder while serving this to the client.Added
server
andbackend
blocks (#615)spa
block option to inject server-data to the applicationsbootstrap_file
withbootstrap_data
(#626)token_endpoint_auth_method
values)"client_secret_jwt"
and"private_key_jwt"
includingjwt_signing_profile
block foroauth2
,beta_oauth2
andoidc
blocks (#599)trim()
function (#605)beta_roles_map_file
andbeta_permissions_map_file
attributes tojwt
block (#613)Changed
env
variables and functions is now possible for thedefaults
block (#630)Fixed
beta_oauth2
/oidc
redirect_uri
tosaml
sp_acs_url
(#589)beta_oauth2
/oidc
scope
(#593)typ
JWT header injwt_signing_profile
s (#616)request_id_format
option if switched touuid4
: replaced the underlying package github.com/google/uuid
(#611)This discussion was created from the release v1.11.0.
Beta Was this translation helpful? Give feedback.
All reactions