Release notes 4.04

4.04.17

Improvements

  • Security improvements

4.04.16

Improvements

  • Security improvements

4.04.15

Bug fixes

  • Fixed building redirect uri when only the X-Forwarded-Proto header is set in the request

4.04.14

Bug fixes

  • Fixed SAML response validation for SSO responses

4.04.13

Bug fixes

  • Fixed persisting redirect bugs for specific scenarios

4.04.12

Bug fixes

  • Removed duplicated context root in request url for some scenarios

4.04.11

Bug fixes

  • Removed double context path in redirects for some scenarios

4.04.10

Bug fixes

  • UTF-8 BOM stripped from template files to prevent database storage issues.
  • Correct client id set for client credential events.
  • PGP invalid signature length error resolved.
  • Https to http redirect issues in IdP communication resolved.
  • Only allow mobile authentication message data to be fetched once.
  • Properly remove all data related to an application for a user when using the application end user api.

4.04.09

Improvements

  • Added preemptive authentication support for the external REST services proxy configuration

4.04.08

Improvements

  • Switched to Docker Compose variables for configuration instead of ETCD properties.
  • Added proxy support for GCM.

Bug fixes

  • Remove FIDO user authenticators on delete consent.
  • Invalid attempts during SMS abuse now properly stored in cache.
  • FIDO deregistration now only deregisters one authenticator instead of all of them.

4.04.07

Bug fixes

  • Improved FIDO error handling.

4.04.06

Bug fixes

  • Unique constraint issue with multiple IdP attribute mappings on Oracle and MSSQL.
  • Display max resend value for Mobile authentication via SMS in read only view.

4.04.05

Bug fixes

  • Use of semicolon as user dns separator instead of space.
  • Mobile authentication via SMS exception in stateless cluster setup.

4.04.04

Improvements

  • Dummy user IdP shows a page to provide a userId if no userId was provided as request parameter.

Bug fixes

  • Mobile authentication transaction marked as unanswered when result fetched before callback is answered in stateless cluster setup.
  • Acknowledged mobile authentication transactions resend in stateless cluster setup.

4.04.03

Improvements

  • Integrated custom implementation of two way OTP authentication into core code base, transparent change.

4.04.02

Bug fixes

  • Send the callback after a mobile authentication answer asynchronous.
  • Make REST communication with other services stateless.
  • Don't fully rely on FIDO server to validate registration during authentication.
  • Validate the user identifier not empty in SAML response.
  • Mobile authentication disabled when device disconnection via Token end user api.

4.04.01

Bug fixes

  • Users with operator role not able to download app config and template set exports.
  • Unable to find user details when clicking on user id in events overview for case sensitive user identifiers.
  • Performance improvements user search admin console.
  • DB Connection TTL not configurable causing issues with databases behind firewalls.

4.04.00

Features

  • Allow fallback on PIN for mobile authentication via FIDO.
  • More detailed events for FIDO success and failure responses.
  • SSL/TLS ciphers are made configurable.

Bug fixes

  • Mobile authentication via FIDO fixes.
  • Add check for duplicate name for Mobile authentication types.
  • No longer allow to send a mobile authentication answer multiple times until callback is handled by portal.
  • Potential concurrent modification exception during push resend for iOS.