Version History

1.1.0

v1.1.0 (2026-06-08)

New Features

  • Added support for activating and deactivating Identity Providers.
  • Added drag-and-drop reordering for Identity Providers.
  • Added convenient “Back to Identity Provider” navigation links on mapping pages.
  • Added metadata URL caching and refresh helpers for Identity Providers.

User Experience Improvements

  • Improved the Identity Provider edit form with clearer documentation and setup guidance.
  • Moved Attribute and Group Mapping actions to the Identity Provider edit page for a more streamlined workflow.
  • Refined the SAML login form layout and overall usability.
  • Removed the redundant “Select Identity Provider” dropdown from mapping pages.
  • Removed the “Add Identity Provider” button from edit pages to reduce interface clutter.
  • Improved UI stability on Attribute and Group Mapping pages when no Identity Providers are configured.

Attribute & Group Mapping Enhancements

  • Modernized Attribute Mapping with AJAX-based add/delete operations.
  • Unified success and error messaging using ConcreteAlert.
  • Unified delete confirmation dialogs across Identity Providers, Attribute Mapping, and Group Mapping.

SAML & Authentication Improvements

  • Enhanced SAML authentication flow by persisting the active Identity Provider in session storage.
  • Improved Single Logout (SLO) handling and login/logout process consistency.
  • Improved SAML login error handling and logging for easier troubleshooting.
  • Hardened SAML response base64 decoding in Saml2Auth::processLogin.
  • Hardened XML parsing using LIBXML_NONET and improved invalid certificate handling during metadata imports.
  • Added validation in KeyManager to prevent saving or loading invalid or empty keys.

Maintenance & Refactoring

  • Replaced the javascript-localized asset with direct localized string injection to simplify the codebase and reduce HTTP requests.
  • Removed the deprecated stopPropagation() call from the user login event.
  • Removed the unused AssetsLocalization controller and related route.
  • Improved unit test bootstrap so composer test can run without a full Concrete CMS installation.

Bug Fixes

  • Fixed isSamlUser() lookup to correctly use the user ID instead of the user object.
  • Improved isSamlUser() to support both user IDs and user objects.
  • Fixed Identity Provider selection issues on Attribute and Group Mapping pages.
  • Fixed an incorrect database relationship configuration in the Group Mapping entity.
  • Fixed raw JSON responses when saving Group Mappings by improving AJAX handling.
  • Fixed redundant HTML wrapping in AJAX error responses.
  • Fixed SAML logout Identity Provider lookup to use the correct concreteUser field instead of uID.

1.0.1

v1.0.1 (2026-02-03)

  • Fix bug with searching Saml user by uID
  • Add alias routes to keep backward compatibility.
  • Implement SAML Single Log Out (SLO) attempt handler.
  • Improve SLO callback with error logging.
  • Improve IDP selection logic during logout.

1.0.0

  • Initial public release to the marketplace
SAAS Hosted
$250/year
Self Hosted
$250 – includes 1 year of updates
Author
MacareuxDigital

Macareux Digital

Send Message
Documentation
Version History
Documentation
Categories
Authentication & SSO
Tags
Macareux, SAML, authentication, Concrete, login, sso
Last Updated
June 8th, 2026
Date Published
October 8th, 2025
Compatibility
Concrete CMS 9.0.0+
License
Standard Marketplace License
Uses Bedrock
N/A
Is Translatable
No