All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
New Features:
daa30f3 Add theme support
9ca0e94 Validate ACLs and add network groups
29a9002 Enhance LDAP/SMTP TLS Configuration and Unify Them
b12528a Display TOTP secret on device registration
426f526 LDAP StartTLS
365304a Add Optional Check for Session Username on VerifyGet
aa64d0c Support MSAD password reset via unicodePwd attribute
a29eeb5 Add JSON log formatting option
f1ecc5b Create dedicated health endpoint
Bug fixes:
2763aef Static Session Expiration Key
ba04d10 Make username_attribute a mandatory placeholder in users_filter
50df949 Prevent crash when email has not been set
fd7b4ad Disable colored logging outputs when file is specified
423cd09 Dynamically determine healthcheck URL
2834f3f Fix re-rendering callbacks
Deprecation Notices:
All of these deprecations will be fully removed in release 4.28.0
The SMTP notifiers trusted_cert option has been deprecated (replaced by global certificates_directory)
The SMTP notifiers disable_verify_cert option has been deprecated (replaced by notifier.smtp.tls.skip_verify)
The LDAP authentication backends skip_verify option has been deprecated (replaced by authentication_backend.ldap.tls.skip_verify)
The LDAP authentication backends minimum_tls_version option has been deprecated (replaced by authentication_backend.ldap.tls.minimum_version)
LDAP User Provider Filters (final removal in 4.27.0):
User Filters containing {0} are being deprecated and will generate warnings. Replaced with {input}.
Group Filters containing {0} or {1} are being deprecated and will generate warnings.
Replaced with {input} and {username} respectively.
Authelia is an open-source authentication and authorization server providing
2-factor authentication and single sign-on (SSO) for your applications via a web
portal. It acts as a companion of reverse proxies like nginx, Traefik or HAProxy
to let them know whether queries should pass through. Unauthenticated user are
redirected to Authelia Sign-in portal instead.