# Release 3.3.8
Name: "onion ring sandybrown leaf"
# Overview
# Secure Authentication Tokens
In an effort to enhance the security of Rundeck Authentication tokens are now stored securely and will only be displayed upon creation. Here are the highlights of this new functionality:
- New tokens created will be stored hashed, and only will be displayed once when created, either by UI or API. After creation it won't be possible to obtain tokens.
- Existing tokens will be kept as is until deleted.
- Webhook tokens will preserve the previous behavior and wont be hashed.
- For the API, all token api endpoints now require V19 or higher, as V18 and earlier behavior require to obtain the token value which is no longer possible. The only exception is the "Create Token" api endpoint which preserves its behavior.
# Jenkins Update
The Rundeck/Jenkins integration received an update (opens new window) that addressed some open issues. We've also added some Option Value and Notification plugins to the Enterprise product to supplement the updated Jenkins code:
- Post Deployment Notification Plugin (opens new window)
- Artifacts Option Value Plugin
- Build Option Value Plugin
# Issues
# Enterprise Updates
- SSO sync can now use user info that is provided in non-OIDC standard attributes
- Enable OAuth2 client authentication method configuration (Ping SSO)
- Changes to allow use of the namespaces for HashiCorp Vault in rundeck-config.properties
- [FIXED] PyWinRM fails when using options or arguments with simple quotes
- Property loader wasn't decrypting property value (opens new window)
# Core Product Updates
- Migrate auth call from frameworkService to new ACL classes in repository controller (opens new window)
- Update pywinrm plugin to add a function to remove/replace simple quotes when execute CMD command (opens new window)
- Update Ace editor to fix handling of yaml multiline string (opens new window)
- Allow syncing user info in pre-authenticated mode (opens new window)
- Package and Publish UI Trellis (opens new window)
- Fix NPE while cleaning up pending triggers (opens new window)
- Add user email to the context that is used to resolve parameters for options (opens new window)
- Fixing Enterprise download link that was point to Open Source version (update available notification) (opens new window)
- Fix execution log viewer not updating settings on running job (opens new window)
- Add ability to redirect login page to a different uri (opens new window)
- Fix an issue with notification plugin and dynamic properties (opens new window)
- Update Gradle to 5.6.4 (opens new window)
- Fix/job life cycle node list (opens new window)
- Secure authentication tokens (opens new window)
- Updating node set on subworkflow state when the node filter is modified during the job execution (opens new window)
- NPE In JobSchedulerService (opens new window)
Plus many additional updates to package verisons across Enterprise and Open Source products.
# Contributors
- Alberto Hormazabal (ahormazabal)
- Greg Schueler (gschueler)
- Imad Jafir (imad6639)
- Jaime Tobar (jtobard)
- Nicole Valenzuela (nvalenzuela20)
- Greg Zapp (ProTip)
- Rodrigo Navarro (ronaveva)
- Stephen Joyner (sjrd218)
- Carlos Franco (carlosrfranco)
- Luis Toledo (ltamaster)
- Forrest Evans (fdevans)
# Bug Reporters
- ProTip
- ahormazabal
- carlosrfranco
- gschueler
- imad6639
- ltamaster
- nvalenzuela20
- ronaveva
- sjrd218
Remember!!
For MySQL users: Starting with Rundeck 3.3.4 the MySQL JDBC driver is no longer be
bundled with the distributions. See the Upgrade Guide
for instructions to ensure your Rundeck installation can still connect to MySQL after upgrading.