Documentation

On this page

 

SecureAuth IdP Release Notes provide information on the features and improvements in each release. This page includes Release Notes for major releases and minor (bug fix) releases.

Error rendering macro 'show-if'

Failed to render Visibility macro due to: Invalid space permission(s): space=sa internal knowledge base

8.1.1 Release Notes

Released on August 28, 2015

Version 8.1.1 New Features

FeatureDescriptionReference
Microsoft Azure AD Logon Method ImprovementsAdded support for userPrincipalName (UPN) login in addition to sAMAccountName 
Mobile Device Fingerprint (DFP)

Added support for mobile Device Fingerprint (DFP), which utilizes the SecureAuth Device Recognition App for iOS and Android installed on mobile devices to validate the user ID for 2-Factor Authentication

This feature is available with the use of the SecureAuth Device Recognition (DR) App for iOS and Android

https://docs.secureauth.com/x/fwMBAg
Additional Audit Log Logging DataAdded more granular reporting data in audit log 
Drag and Drop Adaptive Authentication OrganizationAdded ability to reorder the Adaptive Authentication functions, which provides exit points for admin based on priority or to fit specific use caseshttps://docs.secureauth.com/x/MAYBAg

8.1.1 Resolved Issues

Ref IDIssueDescription
1027Debug logging checkbox incorrectly displaying setting as enabledDebug log option enabled / "checked" in Realm A and saved; then in Realm B, the debug log option is enabled / "checked", even when the setting was not explicitly enabled in Realm B. This makes it appear as if the debug log option is enabled when, in fact, it is not
1036Appliance Installation Utility (SiSu) loggingLimited logging functionality, which hinders troubleshooting
741Syntax checking for web.configNot all elements within the web.config evaluated
922Windows OTP Client App registration errorUser may experience Java script error when registering Microsoft Windows SecureAuth OTP Client Application (desktop OTP)
923Appliance Installation Utility (SiSu) fails to activate Windows licenseWindows activation prompt in SiSu malfunction
869"Submit" not default text for Registration Page button"Submit" button not set as default button on the Registration page, therefore a user cannot press "Enter" to navigate to next page
876KBA / KBQ options 4 and above not functioningWhen employing more than the recommended 3 KBA / KBQs, malfunction occurs
849No feedback present after "Update Resource" is selectedOn the Update Resource page, clicking "Update" initiates the process; but upon completion, no feedback message indicating that it is complete or whether there is an error displays
857Navigation tab change in "Multiple Workflow" configurationAfter selecting "Multiple Workflow Configuration" on the Workflow tab in the Web Admin, the new multiple workflow page displays under the Registration Methods tab
834Multi-domain input box alignmentMulti-domain input box not aligned with other fields on the page
907No Data Store configuration Web Admin errorAn error occurs stating, "The selected value is invalid" when No Data Store is selected from the Membership Data Store dropdown
1016Adaptive Authentication option malfunction"Require user to enter username before adaptive authentication occurs" option not respected when selected
860Inline Password Change misalignment on mobileInline Password Change text boxes and labels on mobile devices not properly aligned
996"Access History" or "Device Fingerprint (DFP)" error for LDAP data stores (other than AD)If Access History or DFP is enabled and the data store is LDAP (but not AD), then an error occurs
1003Invalid locked user account statusIf LockoutTime is greater than zero (0), then SecureAuth IdP reports the account as locked out
1004Mobile SSO failure with DFP enabledWhen DFP is enabled and the user is on mobile device, SSO fails
737Java warning for clients with Java installedJava not detected properly on clients, resulting in warnings that Java is not installed
734Java auto-install malfunctionJava auto-install login does not prompt or redirect users to the Java site
1017SSO failure with DFP enabled due to text case issuesTransparent SSO cookie matching logic is case-sensitive, and if a user logged in with a varied username (e.g. User01 and user01), then the persistent cookie is not recognized
990DFP + SQL errorWhen using SQL backend for DFP, if the DFP field in SQL Server exists (manual input), then the SecureAuth application errors attempting to create the field dynamically
866Password Complexity requirements not shown on Password Reset page in some languagesBased on the OS language settings, the Password Complexity requirements not displaying on Password Reset page
878Inconsistent error messages on KBA when using Authentication APIError messages received while using KBAs with Authentication API are not consistent
762SAML Multi-tenant Consumer handling error
  • Invalid data store selection yields better handling
  • Support different names in the pre auth and post auth cookies
  • "Add Identity Provider" caching previously saved data
  • SAML Consumer settings from one realm do not copy over to another realm
892ODBC Password field auto-fillPreviously, the Password field was a text box that would auto-fill into the Connection String; but the Password field has been removed and the complete Connection String is exposed
1050OATH Provisioning with Mult-data Store failureOATH Provisioning with multi-data store configuration fails

8.1.1 Known Issues

Ref IDIssueDescriptionWorkaround
1144SiSu error messageWhen previously-used activation code is used again, a non-intuitive error occursNone
1140"Back" button on Self-service Page (to return to Post Authentication tab) malfunctionWhen Configure Self-service Page is selected on the Post Authentication tab, a new page displays for the Self-service configuration, which includes a "Back" button that is supposed to return the admin to the Post Authentication page, but it does notUse browser's "Back" button
1128Parity between all log typesSysLog has more verbose data versus SQL, Text, and EVTModify web.config to match the sections
1115"Test Connection" button responds with incorrect feedbackData store "Test Connection" button returns error on first attempt, but confirms connection on second attemptNone
1113Password Reset Send Email option failurePassword Reset Send Email is not set to user 
1077KBQ text issues in iOS and Android web browsersKBQ text does not fit in mobile devices' web browsersNone
873Certificate Enrollment with NetConnect embedded browser script errorScript error occurs during certificate enrollment with NetConnect embedded browser when Java Detection field is set to FalseUpgrade Java to latest version
841Self-service Page incorrectly displays on mobileAlignment issues on mobile device platformsNone
816Disallowed Keywords option (System Info tab of Web Admin) only supported for SQLUser input restrictions set in the Disallowed Keywords field only supported with SQLNone
803Admin summary page not displaying all 2-Factor Authentication optionsNot all registration methods reflected on summary pageNone
799Authentication API: GET with invalid URL returns unhandled server errorGET with invalid URL endpoints returns unhandled server errorUse valid URL
795"Cancel" button saves property when using Add Custom Profile Property featureWhen adding Custom Profile Properties, clicking "Cancel" still creates and saves the propertyNone
683PIN textbox overridden by KBA on Self-service PagePIN contents may be corrupted if entered with KBA dataRe-enter PIN after selecting KBQs and providing KBAs
681Private Mode Cert Length issueCertificate treated by realm as expired, regardless of value placed in Private Mode Cert Length fieldNone
679SecureAuth IdP prompt for IE 11 updateConstant prompt from SecureAuth IdP for IE 11 update with Java Version 8 update 40Update Java or use another browser
583PIN option shows when no data is presentShow When Empty field in Web Admin not respectedNone
498Fingerprint not detected after Chrome updateExisting fingerprint may not be recognized after Chrome updateNone

8.1.0 Release Notes

Released on June 4, 2015

Version 8.1.0 New Features

Feature
Description
References
Audit Log EnhancementsAdditional data including application and threat intelligence is added to Audit Log.  Syslog format complies with RFC 3164 and RFC 5424. 
Authentication APIRESTFul API supporting user authentication, two factor, and adaptive authentication functions enabling customers to leverage SecureAuth IdP for strong authentication which is tightly integrated into customer applications.https://docs.secureauth.com/x/WQABAg
Bulk User Load with CSVNew IdM module to support bulk user uploading for create and update functions.https://docs.secureauth.com/x/7wcBAg
Adaptive Authentication v2Enhance the adaptive authentication engine to support configurable workflows and complex use cases based on unique customer requirements.https://docs.secureauth.com/x/MAYBAg
Microsoft Windows Azure Active Directory (WAAD)Add Membership, Profile, and IdM support for Microsoft WAADhttps://docs.secureauth.com/x/RwAOAg
Multiple OATH Seed SupportEach enrolled device is assigned its own OATH seed, so each seed can be revoked individually.https://docs.secureauth.com/x/kgIBAg
SecureAuth IdP Setup UtilityA generic appliance image that can be downloaded and uniquely configured for customer environments leveraging the SecureAuth IdP Setup Utility. https://docs.secureauth.com/x/OwYBAg
OpenID Connect / Amazon CognitoEnhanced OpenID Connect to support Amazon Cognito and other complex OpenID Connect use cases.https://docs.secureauth.com/x/yQcBAg
Oracle Database SupportSupport Oracle DB (11.2 and 12.1) as the user datastore for both Membership and Profile Providerhttps://docs.secureauth.com/x/5gcBAg
Password Reset and Unlock Account in Help DeskExtend Help Desk module to support resetting user's password and unlocking user's accounthttps://docs.secureauth.com/x/TYDXAQ
SAML Attribute MappingWhen SecureAuth is functioning in a Service Provider (SP) role, SAML attributes are accepted and can be mapped to an assertion such as SAML, WS-*, and other federation protocols. https://docs.secureauth.com/x/rQYBAg
SAML Multi-Tenant ConsumerSupport consuming SAML from multiple providers in a single realm.https://docs.secureauth.com/x/oQYBAg
Second Help Desk OptionEnhance current Help Desk option by providing a second Help Desk option.https://docs.secureauth.com/x/8QcBAg
Self Service Unlock AccountEnhance usability of the current Unlock function and make Password Reset optional.  Enhance error handling for better user feedback.https://docs.secureauth.com/x/aAciAg
SHA256 SupportSHA256 Certificate support enabling enhanced encryption.https://docs.secureauth.com/x/XwYYAg
Support Password and OTP Combined EntrySupport password and OTP validation in a single field.https://docs.secureauth.com/x/7QcBAg
Web.Config ValidationWeb.Config Editor XML-level validation during save function.  More intuitive roll back option.https://docs.secureauth.com/x/NIDXAQ
WS-* 1.3Extend current WS-* protocol to support version 1.3, which is needed for some of the newer Microsoft products (such as Dynamics CRM)https://docs.secureauth.com/x/vxXy

8.1.0 Resolved Issues

Ref ID

Issue

Description

527

Labels and defaults changed

Changed some default values and labels in various admin pages

580

Geo-velocity history change

Limit Geo-velocity history value and allow admin configuration

609

Realms not displayed in portal

Secure Portal does not display link to realm if more than one user group is defined for group checking

612

Code hardening

Code hardening IdP

618

Wrong password displayed

Web Admin password field in data tab may display incorrect value after page is saved

619

Blank OTP in postauth

Blank OATH OTP is allowed in post-authentication action

620

Spelling errors

Various spelling errors were resolved

621

Case sensitive trans log

Transaction log user ID hash is case sensitive

623

Case sensitive group names

Some SPs are case sensitive to group names

672

Remove redundant files

Removed unneeded files in \authorized folder

693

Distingishedname not returned

AD group lookup does not return the full distingishedname of the group

696

Missing header ribbon

8.1 Admin Interface - Wizard / CopyRealms.aspx Missing Header Ribbon

706

Languages not saved

Supported languages selection does not save

707

Chinese incorrect labeling

Chinese (Simplified) incorrect labeling

711

IP block error

Remove IP Block button in Update Web Config returns error

720

Code hardening

Code hardening: Java Applet

728

Code hardening

Code hardening: admin console

739

JRE 8 appsetting not defined

Appsetting for JRE 8 version is not defined in webadmin

813

Duplicated event ID in syslog

Syslog web admin audit logs share the same event ID

845

UpdateWebConfig not updating resources

Update Resource in UpdateWebConfig not accounting all languages

897

Cipher settings change

Change default Cipher settings

898

TSL settings change

Change default TLS settings

8.1.0 Known Issues

Ref IDIssueDescription
734Java certificate detection failureFunction to detect Java certificate fails on Windows 8.1
737Java warning on useridview

Function to detect Java certificates produces incorrect error message indicating user does not have the required Java components

User is able to continue authentication without error

741web.config validation does not check all elementsFunction to validate XML syntax consistency in web.config does not validate all elements
762SAML Multi-tenant Consumer errorsIncorrect configuration of SAML Multi-tenant Consumer in console results in unhandled errors
834Multi-domain setup text alignmentText alignment issue in multi-domain configuration
907dbmembership errordbmembership error may be displayed in SecureAuth0 (Admin Realm) under certain scenarios
922Windows OTP App errorEnrollment page for OTP seed for Windows client may receive script error and prevent enrollment.  Configuration change required:
Set value in web.config for realm998 <httpCookies httpOnlyCookies="false" requireSSL="true" />
923SecureAuth IdP Setup Utility Activate Windows license issueSecureAuth IdP Setup Utility does not properly activate Windows, legacy activation method must be used
986Network connectivity is required to complete Appliance setupIf the Network segment the SecureAuth IdP appliance is configured for does not support DHCP, the setup utility will hang. Close the SecureAuth IdP Setup Utility and perform the appropriate Network Adapter IP configuration for that network segment, then re-run the utility

  • No labels