From 3d1ba1cff711cc0938cab54ed9818e693a5d9072 Mon Sep 17 00:00:00 2001
From: Thomas Beekman <t.beekman@kennisnet.nl>
Date: Thu, 16 Oct 2025 16:50:56 +0200
Subject: [PATCH 1/5] Prepare for next development iteration

---
 release/pom.xml                               |  2 +-
 .../docs/2.3.8-SNAPSHOT/release-notes.md      | 23 +++++++++++++++++++
 2 files changed, 24 insertions(+), 1 deletion(-)
 create mode 100644 release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md

diff --git a/release/pom.xml b/release/pom.xml
index 6723cdc..a564c2c 100644
--- a/release/pom.xml
+++ b/release/pom.xml
@@ -31,7 +31,7 @@
     <properties>
         <!-- A list of all the previous versions in reverse order, separated by a comma separator -->
         <!-- The current version is automatically added in the release-notes-all overview. -->
-        <versions>2.3.7,2.3.6,2.3.5,2.3.4,2.3.3,2.3.2,2.3.1,2.3.0,2.2.1,2.2.0,2.1.1,2.1.0,2.0.6,2.0.5,2.0.4,2.0.3,2.0.2,2.0.1,1.0.0</versions>
+        <versions>2.3.8-SNAPSHOT,2.3.7,2.3.6,2.3.5,2.3.4,2.3.3,2.3.2,2.3.1,2.3.0,2.2.1,2.2.0,2.1.1,2.1.0,2.0.6,2.0.5,2.0.4,2.0.3,2.0.2,2.0.1,1.0.0</versions>
     </properties>
 
     <dependencies>
diff --git a/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md b/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md
new file mode 100644
index 0000000..2482551
--- /dev/null
+++ b/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md
@@ -0,0 +1,23 @@
+# OC SSO Notification Service - Release Notes
+
+| Field                     | Value                       |
+|:--------------------------|:----------------------------|
+| Application               | OC SSO Notification Service |
+| Version                   | 2.3.8-SNAPSHOT              |
+| Changes since version     | 2.3.7                       |
+| Release date              | dd-mm-yyyy (dd-mm-yyyy)     |
+| Delivery type             | Full release                |
+
+## Changes
+<!-- Please note only the stories should be added. -->
+
+| #        | Description                                                   |
+|:---------|:--------------------------------------------------------------|
+| ENT-XXXX |                                                               |
+
+
+## Configuration changes
+
+## Known vulnerabilities
+
+At the time of release, this version of the application had no known vulnerabilities with a CVE of 7 or higher.

From c011c672fcfb15e5eeed2ed003778604f30e09da Mon Sep 17 00:00:00 2001
From: Donovan Schaafsma <d.schaafsma@kennisnet.nl>
Date: Tue, 4 Nov 2025 16:12:09 +0100
Subject: [PATCH 2/5] ENT-5279: SSO notification seems to log 'SSONOT_FAILED'
 when successful

---
 .../web/controller/SsoNotificationController.java     | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/oc-sso-notificatie/src/main/java/nl/kennisnet/services/web/controller/SsoNotificationController.java b/oc-sso-notificatie/src/main/java/nl/kennisnet/services/web/controller/SsoNotificationController.java
index 93ca8ab..853f959 100644
--- a/oc-sso-notificatie/src/main/java/nl/kennisnet/services/web/controller/SsoNotificationController.java
+++ b/oc-sso-notificatie/src/main/java/nl/kennisnet/services/web/controller/SsoNotificationController.java
@@ -81,6 +81,8 @@ public class SsoNotificationController {
 
     private static final String SSONOT_FAILED = "SSONOT_FAILED";
 
+    private static final String SSONOT_INITIATED = "SSONOT_INITIATED";
+
     private static final String SSONOT_REDIRECT = "SSONOT_REDIRECT";
 
     private static final String SSONOT_SUCCESS= "SSONOT_SUCCESS";
@@ -128,11 +130,14 @@ public void processSsoNotification(@RequestParam(required = false) String id,
                                        HttpServletRequest request, HttpServletResponse response)
             throws IOException {
 
+        // Add IdP id to logback and initiate
+        MDC.put(IDP, String.valueOf(id));
+        MDC.put(EVENT, SSONOT_INITIATED);
+
         LOGGER.info("Request received with id ('{}') url ('{}') redirectUri ('{}') referrer ('{}') realm ('{}') " +
                 "notificationCookie ('{}')", id, url, redirectUri, referrer, realm, notificationCookie);
 
-        // Add IdP id to logback and set default to failed
-        MDC.put(IDP, String.valueOf(id));
+        // Set default to failed
         MDC.put(EVENT, SSONOT_FAILED);
 
         List<IdP> remoteSsoNotifications = idPProvider.getAllSsoNotifications();
@@ -158,6 +163,7 @@ public void processSsoNotification(@RequestParam(required = false) String id,
         URL createdUrl = determineAndVerifyURL(idp, url, referrer);
 
         // Set notification cookie
+        MDC.put(EVENT, SSONOT_SUCCESS);
         LOGGER.info("Setting notification Cookie ('{}') for id ('{}') with url ('{}') and realm ('{}')",
                 COOKIE_NOTIFICATION, id, createdUrl, realm);
 
@@ -171,7 +177,6 @@ public void processSsoNotification(@RequestParam(required = false) String id,
             response.sendRedirect(redirectUri);
             return;
         }
-        MDC.put(EVENT, SSONOT_SUCCESS);
         EVENT_LOGGER.info("Finished without redirecting");
     }
 

From 87e11ea1f1de3f217a1a49c281e8ae31d8bb0765 Mon Sep 17 00:00:00 2001
From: Donovan Schaafsma <d.schaafsma@kennisnet.nl>
Date: Wed, 5 Nov 2025 10:09:52 +0100
Subject: [PATCH 3/5] ENT-5279: SSO notification seems to log 'SSONOT_FAILED'
 when successful - release notes

---
 release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md b/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md
index 2482551..9ff9754 100644
--- a/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md
+++ b/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md
@@ -13,7 +13,7 @@
 
 | #        | Description                                                   |
 |:---------|:--------------------------------------------------------------|
-| ENT-XXXX |                                                               |
+| ENT-5279 | SSO notification seems to log 'SSONOT_FAILED' when successful |
 
 
 ## Configuration changes

From 3cd17d946d9a6d345d4f7f5c21278f2b3494bf53 Mon Sep 17 00:00:00 2001
From: Thomas Beekman <t.beekman@kennisnet.nl>
Date: Wed, 5 Nov 2025 12:05:52 +0100
Subject: [PATCH 4/5] ENT-5318: Build release OC SSO Notification 2.3.8 -
 updated Spring Boot

---
 .../controller/SsoNotificationController.java    |  8 ++++----
 pom.xml                                          | 16 ++++++++++++----
 .../docs/2.3.8-SNAPSHOT/release-notes.md         |  2 +-
 3 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/oc-sso-notificatie/src/main/java/nl/kennisnet/services/web/controller/SsoNotificationController.java b/oc-sso-notificatie/src/main/java/nl/kennisnet/services/web/controller/SsoNotificationController.java
index 853f959..850d70c 100644
--- a/oc-sso-notificatie/src/main/java/nl/kennisnet/services/web/controller/SsoNotificationController.java
+++ b/oc-sso-notificatie/src/main/java/nl/kennisnet/services/web/controller/SsoNotificationController.java
@@ -85,7 +85,7 @@ public class SsoNotificationController {
 
     private static final String SSONOT_REDIRECT = "SSONOT_REDIRECT";
 
-    private static final String SSONOT_SUCCESS= "SSONOT_SUCCESS";
+    private static final String SSONOT_SUCCESS = "SSONOT_SUCCESS";
 
     /** The name of the SSO Cookie notification ({@value}) */
     public static final String COOKIE_NOTIFICATION = "ssonot";
@@ -130,14 +130,14 @@ public void processSsoNotification(@RequestParam(required = false) String id,
                                        HttpServletRequest request, HttpServletResponse response)
             throws IOException {
 
-        // Add IdP id to logback and initiate
+        // Add IdP id to logback and set the MDC event to INITIATE
         MDC.put(IDP, String.valueOf(id));
         MDC.put(EVENT, SSONOT_INITIATED);
 
         LOGGER.info("Request received with id ('{}') url ('{}') redirectUri ('{}') referrer ('{}') realm ('{}') " +
                 "notificationCookie ('{}')", id, url, redirectUri, referrer, realm, notificationCookie);
 
-        // Set default to failed
+        // Set default MDC event to FAILED
         MDC.put(EVENT, SSONOT_FAILED);
 
         List<IdP> remoteSsoNotifications = idPProvider.getAllSsoNotifications();
@@ -162,7 +162,7 @@ public void processSsoNotification(@RequestParam(required = false) String id,
 
         URL createdUrl = determineAndVerifyURL(idp, url, referrer);
 
-        // Set notification cookie
+        // Put the MDC event to SUCCESS and place notification cookie
         MDC.put(EVENT, SSONOT_SUCCESS);
         LOGGER.info("Setting notification Cookie ('{}') for id ('{}') with url ('{}') and realm ('{}')",
                 COOKIE_NOTIFICATION, id, createdUrl, realm);
diff --git a/pom.xml b/pom.xml
index 4f110c3..685b1c4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -49,7 +49,7 @@
         <java.version>17</java.version>
         <doxia-module-markdown.version>1.5</doxia-module-markdown.version>
         <jacoco.version>0.8.13</jacoco.version>
-        <dependency-check-maven.version>12.1.6</dependency-check-maven.version>
+        <dependency-check-maven.version>12.1.8</dependency-check-maven.version>
         <logback-ecs-encoder.version>1.7.0</logback-ecs-encoder.version>
         <logback.encoder.version>7.4</logback.encoder.version>
         <maven-project-info-reports-plugin.version>2.8</maven-project-info-reports-plugin.version>
@@ -194,17 +194,25 @@
             <email>Kok.Stephan@kpmg.nl</email>
         </developer>
         <developer>
-            <id>mutlu01</id>
-            <name>Aram Mutlu</name>
+            <id>schaafsma01</id>
+            <name>Donovan Schaafsma</name>
             <organization>KPMG Advisory N.V.</organization>
             <roles>
                 <role>Developer</role>
             </roles>
-            <email>Mutlu.Aram@kpmg.nl</email>
+            <email>Schaafsma.Donovan@kpmg.nl</email>
         </developer>
     </developers>
 
     <contributors>
+        <contributor>
+            <name>Aram Mutlu</name>
+            <organization>KPMG Advisory N.V.</organization>
+            <roles>
+                <role>Developer</role>
+            </roles>
+            <email>Mutlu.Aram@kpmg.nl</email>
+        </contributor>
         <contributor>
             <name>Vincent Jong</name>
             <organization>KPMG Advisory N.V.</organization>
diff --git a/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md b/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md
index 9ff9754..437641b 100644
--- a/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md
+++ b/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md
@@ -9,11 +9,11 @@
 | Delivery type             | Full release                |
 
 ## Changes
-<!-- Please note only the stories should be added. -->
 
 | #        | Description                                                   |
 |:---------|:--------------------------------------------------------------|
 | ENT-5279 | SSO notification seems to log 'SSONOT_FAILED' when successful |
+| ENT-5318 | Build release OC SSO Notification 2.3.8                       |
 
 
 ## Configuration changes

From db0085d36f05a871f8f3bac207fcc69802f00885 Mon Sep 17 00:00:00 2001
From: Thomas Beekman <t.beekman@kennisnet.nl>
Date: Tue, 18 Nov 2025 17:15:49 +0100
Subject: [PATCH 5/5] ENT-5318: Build release OC SSO Notification 2.3.8

---
 pom.xml                                                    | 4 ++--
 release/pom.xml                                            | 2 +-
 .../docs/{2.3.8-SNAPSHOT => 2.3.8}/release-notes.md        | 7 ++++---
 3 files changed, 7 insertions(+), 6 deletions(-)
 rename release/src/site/markdown/docs/{2.3.8-SNAPSHOT => 2.3.8}/release-notes.md (86%)

diff --git a/pom.xml b/pom.xml
index 685b1c4..bee3a7a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -41,7 +41,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>3.5.6</version>
+        <version>3.5.7</version>
     </parent>
 
     <properties>
@@ -49,7 +49,7 @@
         <java.version>17</java.version>
         <doxia-module-markdown.version>1.5</doxia-module-markdown.version>
         <jacoco.version>0.8.13</jacoco.version>
-        <dependency-check-maven.version>12.1.8</dependency-check-maven.version>
+        <dependency-check-maven.version>12.1.9</dependency-check-maven.version>
         <logback-ecs-encoder.version>1.7.0</logback-ecs-encoder.version>
         <logback.encoder.version>7.4</logback.encoder.version>
         <maven-project-info-reports-plugin.version>2.8</maven-project-info-reports-plugin.version>
diff --git a/release/pom.xml b/release/pom.xml
index a564c2c..0dc6c69 100644
--- a/release/pom.xml
+++ b/release/pom.xml
@@ -31,7 +31,7 @@
     <properties>
         <!-- A list of all the previous versions in reverse order, separated by a comma separator -->
         <!-- The current version is automatically added in the release-notes-all overview. -->
-        <versions>2.3.8-SNAPSHOT,2.3.7,2.3.6,2.3.5,2.3.4,2.3.3,2.3.2,2.3.1,2.3.0,2.2.1,2.2.0,2.1.1,2.1.0,2.0.6,2.0.5,2.0.4,2.0.3,2.0.2,2.0.1,1.0.0</versions>
+        <versions>2.3.8,2.3.7,2.3.6,2.3.5,2.3.4,2.3.3,2.3.2,2.3.1,2.3.0,2.2.1,2.2.0,2.1.1,2.1.0,2.0.6,2.0.5,2.0.4,2.0.3,2.0.2,2.0.1,1.0.0</versions>
     </properties>
 
     <dependencies>
diff --git a/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md b/release/src/site/markdown/docs/2.3.8/release-notes.md
similarity index 86%
rename from release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md
rename to release/src/site/markdown/docs/2.3.8/release-notes.md
index 437641b..4bba334 100644
--- a/release/src/site/markdown/docs/2.3.8-SNAPSHOT/release-notes.md
+++ b/release/src/site/markdown/docs/2.3.8/release-notes.md
@@ -3,9 +3,9 @@
 | Field                     | Value                       |
 |:--------------------------|:----------------------------|
 | Application               | OC SSO Notification Service |
-| Version                   | 2.3.8-SNAPSHOT              |
+| Version                   | 2.3.8                       |
 | Changes since version     | 2.3.7                       |
-| Release date              | dd-mm-yyyy (dd-mm-yyyy)     |
+| Release date              | 18-11-2025 (dd-mm-yyyy)     |
 | Delivery type             | Full release                |
 
 ## Changes
@@ -15,9 +15,10 @@
 | ENT-5279 | SSO notification seems to log 'SSONOT_FAILED' when successful |
 | ENT-5318 | Build release OC SSO Notification 2.3.8                       |
 
-
 ## Configuration changes
 
+None.
+
 ## Known vulnerabilities
 
 At the time of release, this version of the application had no known vulnerabilities with a CVE of 7 or higher.