Last week we updated the Bungee Connect system with a couple small bug fixes. Those who were directly impacted by the issues are already aware of the fixes, but it still merits an update to the broader community so that everybody is aware of changes as they roll out.
What got fixed:
Bug# 7889 Redux: We added the ability to specify an authentication type up front. Previously we were always using “probe” mode which would send the request without any authentication, expect the server to reject the request with a 401 and specify the types of authentication it supported. Now you can specify your authentication type up front, avoiding the extra round-trip to discover the authentication types supported by the server you are hitting. It also makes it possible to speed up each request by a few hundred milliseconds, since we can now avoid the probing round-trip.
The second bug we fixed is around DWA (Delegated Web Authentication). As part of our DWA package, we supply the getStandardCallbackUrl() method that returns the URL needed to merge a session back into the existing session. An application uses this URL to pass to the authentication service. The authentication service then redirects the user to that URL after the authentication request has completed. The bug with the getStandardCallbackUrl() method was that it always returned a URL prefixed with “https://webauth.bungeeconnect.com/” which only worked during simulation. We fixed the method to return a URL prefixed with the same prefix as the current session. This solved the problem for applications that needed to use the getStandardCallbackUrl() method in production, which is only an issue for developers of new DWA drivers.
Thanks to all our community of Bungee Connect developers. As always, if there are questions about this update or about Bungee Connect in general, don’t hesitate to ask them either as a comment on this blog post or ask them in our getsatisfaction.com channel.
Director, Product Management & Development
daveb at bungeelabs dot com