Humio Server 1.6.10 Stable (2019-12-12)
|Version||Type||Release Date||End of Support||Upgrades From||Data Migration||Config. Changes|
Bug Fixes and LDAP improvements. There are some changes to the configuration that will be required. See the change log below.
Bug Fix: Query sessions were not properly cleaned up after becoming unused. This lead to a leak causing high amount of chatter between nodes.
Add LDAP_USERNAME_ATTRIBUTE and LDAP_GROUPNAME_ATTRIBUTE configuration settings to enable more control over names carried from LDAP into Humio.
LDAP: It is now possible to specify an attribute within the LDAP record to use for the username rather than the default (an email address). This is only the case when using
ldap-searchmethod by specifying the LDAP_USERNAME_ATTRIBUTE in the environment. Group names when using LDAP have historically been the distinguished name (DN) for that group, it is now possible to specify and attribute in the group record for the name by setting LDAP_GROUPNAME_ATTRIBUTE. These changes necessitated a breaking change in the
ldap-searchcode path in cases where users of Humio authenticate with a username (e.g.
user) rather than an email address (e.g. email@example.com). To elicit the same behavior as previous versions of Humio simply specify the LDAP_SEARCH_DOMAIN_NAME which in the past would default to the value of LDAP_DOMAIN_NAME but no longer does.
Username/email is treated case-insensitive in Humio. This is more expected behavior of usernames as emails addresses are often used. In some rare occasions duplicate accounts might have been created with difference in casing and this change can trigger the otherwise dormant account to be chosen when logging in the next time. If this happens, use the administrations page to delete the unwanted user account and let the user log in again.
Require setting LDAP_SEARCH_DOMAIN_NAME explicitly when using