From 538817b33615908893ebaa00c7f6fc955a0e8cc5 Mon Sep 17 00:00:00 2001 From: Bas Zoetekouw Date: Thu, 26 Feb 2026 15:57:25 +0100 Subject: [PATCH 1/5] update voot --- core/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/docker-compose.yml b/core/docker-compose.yml index 18290c9..990c659 100644 --- a/core/docker-compose.yml +++ b/core/docker-compose.yml @@ -367,7 +367,7 @@ services: - "invite" voot: - image: ghcr.io/openconext/openconext-voot/voot:6.2.0 + image: ghcr.io/openconext/openconext-voot/voot:7.0.1 environment: USE_SYSTEM_CA_CERTS: true networks: From 75228f080450969adead459b2df46af3cc6d63af Mon Sep 17 00:00:00 2001 From: Bas Zoetekouw Date: Thu, 26 Feb 2026 15:57:39 +0100 Subject: [PATCH 2/5] remove teams --- core/docker-compose.yml | 53 ----------------------------------------- 1 file changed, 53 deletions(-) diff --git a/core/docker-compose.yml b/core/docker-compose.yml index 990c659..3711b0d 100644 --- a/core/docker-compose.yml +++ b/core/docker-compose.yml @@ -25,7 +25,6 @@ services: - voot.dev.openconext.local - pdp.dev.openconext.local - aa.dev.openconext.local - - teams.dev.openconext.local - spdashboard.dev.openconext.local - mujina-idp.dev.openconext.local - invite.dev.openconext.local @@ -224,7 +223,6 @@ services: condition: service_healthy profiles: - "oidc" - - "teams" - "extras" - "invite" @@ -235,7 +233,6 @@ services: hostname: oidcplaygroundgui.docker profiles: - "oidc" - - "teams" - "extras" oidcplaygroundserver: @@ -253,49 +250,6 @@ services: working_dir: / profiles: - "oidc" - - "teams" - - "extras" - - teamsgui: - image: ghcr.io/openconext/openconext-teams-ng/teams-gui:9.3.1 - volumes: - - ./:/config - environment: - HTTPD_CSP: "" - HTTPD_SERVERNAME: "teams.dev.openconext.local" - OPENCONEXT_INSTANCENAME: "OpenConext dev" - OPENCONEXT_ENGINE_LOGOUT_URL: "https://engine.dev.openconext.local/logout" - OPENCONEXT_HELP_EMAIL: "support@openconext.org" - SHIB_ENTITYID: "https://teams.dev.openconext.local/shibboleth" - SHIB_REMOTE_ENTITYID: "https://engine.dev.openconext.local/authentication/idp/metadata" - SHIB_REMOTE_METADATA: "https://engine.dev.openconext.local/authentication/idp/metadata" - networks: - coreconextdev: - hostname: teamsgui.docker - depends_on: - engine: - condition: service_healthy - mariadb: - condition: service_healthy - profiles: - - "teams" - - "extras" - - teamsserver: - image: ghcr.io/openconext/openconext-teams-ng/teams-server:9.3.1 - environment: - USE_SYSTEM_CA_CERTS: true - volumes: - - ./haproxy/haproxy.crt:/certificates/haproxy.crt - - ./cacert/__cacert_entrypoint.sh:/__cacert_entrypoint.sh - networks: - coreconextdev: - entrypoint: /__cacert_entrypoint.sh - command: "java -jar app.jar --spring.profiles.active=devconf" - hostname: teamsserver.docker - working_dir: / - profiles: - - "teams" - "extras" inviteserver: @@ -318,7 +272,6 @@ services: working_dir: / profiles: - "php" - - "teams" - "extras" - "invite" @@ -341,7 +294,6 @@ services: condition: service_started profiles: - "extras" - - "teams" - "invite" invitewelcome: @@ -363,7 +315,6 @@ services: condition: service_started profiles: - "extras" - - "teams" - "invite" voot: @@ -380,7 +331,6 @@ services: hostname: voot.docker working_dir: / profiles: - - "teams" - "extras" aa: image: ghcr.io/openconext/openconext-attribute-aggregation/aa-server:3.2.0 @@ -396,7 +346,6 @@ services: hostname: aa.docker working_dir: / profiles: - - "teams" - "extras" - "php" @@ -416,7 +365,6 @@ services: working_dir: / profiles: - "extras" - - "teams" pdpgui: image: ghcr.io/openconext/openconext-pdp/pdp-gui:5.1.0 @@ -441,7 +389,6 @@ services: condition: service_healthy profiles: - "extras" - - "teams" userlifecycle: image: ghcr.io/openconext/openconext-user-lifecycle/user-lifecycle:prod From 8d2303c3a862b046cc85813112737a6a12c69365 Mon Sep 17 00:00:00 2001 From: Bas Zoetekouw Date: Thu, 26 Feb 2026 15:58:41 +0100 Subject: [PATCH 3/5] update PDP --- core/docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/core/docker-compose.yml b/core/docker-compose.yml index 3711b0d..88022a8 100644 --- a/core/docker-compose.yml +++ b/core/docker-compose.yml @@ -350,7 +350,7 @@ services: - "php" pdpserver: - image: ghcr.io/openconext/openconext-pdp/pdp-server:5.1.0 + image: ghcr.io/openconext/openconext-pdp/pdp-server:7.6.0 environment: USE_SYSTEM_CA_CERTS: true networks: @@ -367,7 +367,7 @@ services: - "extras" pdpgui: - image: ghcr.io/openconext/openconext-pdp/pdp-gui:5.1.0 + image: ghcr.io/openconext/openconext-pdp/pdp-gui:7.6.0 volumes: - ./:/config environment: From 4cb337057dc129994770300692aa1e3b360a8772 Mon Sep 17 00:00:00 2001 From: Bas Zoetekouw Date: Thu, 26 Feb 2026 16:02:17 +0100 Subject: [PATCH 4/5] update AA --- core/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/docker-compose.yml b/core/docker-compose.yml index 88022a8..eb13bb9 100644 --- a/core/docker-compose.yml +++ b/core/docker-compose.yml @@ -333,7 +333,7 @@ services: profiles: - "extras" aa: - image: ghcr.io/openconext/openconext-attribute-aggregation/aa-server:3.2.0 + image: ghcr.io/openconext/openconext-attribute-aggregation/aa-server:5.1.2 environment: USE_SYSTEM_CA_CERTS: true networks: From 5ab96e808591a0560d0005c83971decb14e69cf8 Mon Sep 17 00:00:00 2001 From: Johan Kromhout Date: Thu, 15 Jan 2026 10:58:50 +0100 Subject: [PATCH 5/5] `Single sign on registration bypass?` has been renamed to `GSSP Fallback enabled?` in RA. See https://github.com/OpenConext/Stepup-RA/pull/454 --- .../tests/behat/features/ra_insitution-configuration.feature | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/stepup/tests/behat/features/ra_insitution-configuration.feature b/stepup/tests/behat/features/ra_insitution-configuration.feature index 43b08c2..f34c369 100644 --- a/stepup/tests/behat/features/ra_insitution-configuration.feature +++ b/stepup/tests/behat/features/ra_insitution-configuration.feature @@ -43,7 +43,7 @@ Feature: A RAA can view the institution configuration | Show RAA contact information? | Yes | | E-mail verification enabled? | Yes | | Single sign on on second factor authentications? | Yes | - | Single sign on registration bypass? | Yes | + | GSSP Fallback enabled? | Yes | | Token activation using an activated token | Allowed | | Activate a token without the service desk or an activated token | Allowed | | Allowed second factor tokens | All enabled tokens are available | @@ -59,7 +59,7 @@ Feature: A RAA can view the institution configuration | Show RAA contact information? | No | | E-mail verification enabled? | No | | Single sign on on second factor authentications? | No | - | Single sign on registration bypass? | No | + | GSSP Fallback enabled? | No | | Token activation using an activated token | Not allowed | | Activate a token without the service desk or an activated token | Not allowed | | Allowed second factor tokens | sms |