Humio Server 1.6.10 LTS (2019-12-12)
| Version? | Type? | Release Date? | Availability? | End of Support | Security Updates | Upgrades From? | Config. Changes? |
|---|---|---|---|---|---|---|---|
| 1.6.10 | LTS | 2019-12-12 | Cloud | 2020-11-30 | No | 1.5.19 | Yes |
| JAR Checksum | Value |
|---|---|
| MD5 | c8cfd22a5be0456f5905247b6f2bab3b |
| SHA1 | 4c4b734217c5ac90bd9be5f6e2f34c4e182f8fa6 |
| SHA256 | 2a2529e2b2bdbd54162075adb55b514d80bbe60ec1854b8044fb7cbea985c006 |
| SHA512 | 883ee5a113ceeab99063d07d3b19b935e382dfdab598903fb896392d225d8dddc91716db56e29f4a92053d7b37e818806fcdad86126b9a5e2b68c17ad4f32c76 |
Bug Fixes and LDAP improvements. There are some changes to the configuration that will be required. See the change log below.
Breaking Changes
The following items create a breaking change in the behavior, response or operation of this release.
Summary
LDAP: It is now possible to specify an attribute within the LDAP record to use for the username rather than the default (an email address). This is only the case when using
ldap-searchmethod by specifying theLDAP_USERNAME_ATTRIBUTEin the environment. Group names when using LDAP have historically been the distinguished name (DN) for that group, it is now possible to specify and attribute in the group record for the name by settingLDAP_GROUPNAME_ATTRIBUTE. These changes necessitated a breaking change in theldap-searchcode path in cases where users of Humio authenticate with a username (e.g.user) rather than an email address (e.g. user@example.com). To elicit the same behavior as previous versions of Humio simply specify theLDAP_SEARCH_DOMAIN_NAMEwhich in the past would default to the value ofLDAP_DOMAIN_NAMEbut no longer does.
Fixed in this release
Summary
Require setting
LDAP_SEARCH_DOMAIN_NAMEexplicitly when usingldap-searchauthentication method.Add
LDAP_USERNAME_ATTRIBUTEandLDAP_GROUPNAME_ATTRIBUTEconfiguration settings to enable more control over names carried from LDAP into Humio.Query sessions were not properly cleaned up after becoming unused. This lead to a leak causing high amount of chatter between nodes.
Username/email is treated case-insensitive in Humio. This is more expected behavior of usernames as emails addresses are often used. In some rare occasions duplicate accounts might have been created with difference in casing and this change can trigger the otherwise dormant account to be chosen when logging in the next time. If this happens, use the administrations page to delete the unwanted user account and let the user log in again.