Documentation

On this page

SecureAuth IdP Release Notes provide information on the features and improvements in each release. This page includes Release Notes for major releases and minor (bug fix) releases.

Error rendering macro 'show-if'

Failed to render Visibility macro due to: Invalid space permission(s): space=sa internal knowledge base

8.2.0 Release Notes

Released on January 8, 2016

 

In February 2016, SecureAuth issued Hotfix HF820-66 to resolve certain issues – more information can be found here

Version 8.2.0 New Features

Feature
Description
References
Push-to-AcceptSecureAuth's latest 2-Factor Authentication method, providing convenient and secure authentication using the SecureAuth Authenticate App for Android and iOS v5.x to enable or disable access by tapping "Accept" or "Deny" to the login request made by SecureAuth IdP.https://docs.secureauth.com/x/xAVjAg
Updated Web Portal and ThemeSecureAuth IdP includes a new out-of-the-box theme (2016 Light) and an updated Secure Portal that provide a progressive look and feel for client-side pages, improving performance and enhancing the overall end-user experience.https://docs.secureauth.com/x/VoBDAg
Cisco ISE pxGrid IntegrationThe integration with Cisco ISE pxGrid enables SecureAuth IdP to leverage credentials acquired by Cisco ISE authentication to unburden the end-user's login process by removing the need to supply the user ID during the SecureAuth IdP workflow.https://docs.secureauth.com/x/vIBDAg
Authentication API 8.2The Authentication API has been enhanced for SecureAuth IdP 8.2 to include additional authentication methods, the full adaptive authentication analysis suite, and Device Fingerprinting (DFP) to enable customers / developers to secure custom applications without sacrificing existing workflows or user interfaces.https://docs.secureauth.com/x/4QI4Ag
Refactored Localization SupportThe localization (translations) have been refactored to significantly improve user experience in non-English languages. 
Scalability and Performance EnhancementsComponents have been optimized to improve transaction and response times. 
Splunk DashboardA visual representation of SecureAuth IdP through Splunk (or custom application) that displays logon activity, threat activity, realm utilization, and overall system health.https://docs.secureauth.com/x/vY9DAg
SecureAuth App for iOS and Android v4.1Version 4.1 of the SecureAuth App for iOS and Android supports the new Push-to-Accept (Login Requests) registration method and includes various performance and stability improvements.https://docs.secureauth.com/x/4gI4Ag

8.2.0 Resolved Issues

Ref ID

Issue

Description

1244IWA Browser Looping on Locked PCWhen user performs Windows + lock on their PC while on an SSO browser session, the browser loops continuously attempting to authenticate until device is unlocked
468GFIPM Extension Attributes Improper Update on UpgradeWhen upgrading SecureAuth IdP that has an existing GFIPM implementation, the Update Web.config job does not rename the extended properties for LDAP providers
863Profile Data Lost if Save Clicked before Page Load CompleteIf Save is clicked in the SecureAuth IdP Web Admin before the profile data completes loading, then the profile data is lost
909Adaptive Authentication "Step-up" Option Response FailureIf the Authentication Mode field (Workflow tab) is set to not include 2-Factor Authentication (e.g. username / password only), then the "step-up" Adaptive Authentication failure action does not function
1066Object Reference Error for PIN OptionWhen the PIN option "Show When Empty" is set to True, an Object Reference Error occurs after user enters PIN
1084EULA Link DisappearanceAfter clicking the EULA link on client-side pages, the link does not restore after EULA page is closed
1085HTTP or HTTPS Links Render Incorrectly on EULAHTTP or HTTPS links may not render correctly on EULA statement, appending HTTP or HTTPS to the end of the URL
1113Password Reset Email Send FailureWhen email notification is enabled for password reset, email is not sent
1146Audit Log App Name Not DisplayingSyslog may not display the App Name because of embedded spaces in the name
1230Custom Front End Pages not Passing Query String ParametersAll custom front end pages do not pass query string parameters, resulting in failure for workflows that must consume the parameters
1238Credential Provider / Multi-Data Store FailureWhen using Multi-Data Store (web services) as the data store, the credential provider cannot authenticate
1272Log Entry Omissions when AEResult is NULLIf AEResult is NULL, then some log entries may be lost
1275Geo-velocity FailureIf Access Histories Profile Property (Data tab) is not properly mapped to directory attribute and checked "Writable", then geo-velocity check fails and exits the Adaptive Authentication process
1311Social ID Integration Failure after UpgradeFacebook, Windows Live, and LinkedIn integrations do not function after 8.1.1 upgrade
1317Adaptive Authentication "Redirect" Option Response FailureWhen "Authentication Mode" is set to "Username / Password on 1st Page", the "Redirect" failure action does not function
1325Incorrect EventID for Failure StateEventID 20000 displays when it should be 29990 for Failure state
1068Certificate PFX Request FailureWhen AirWatch sends a certificate PFX request and their user agent's header is NULL, the request fails
1114Registration Method Label Change FailureWhen a registration method's label is changed in the Verbiage Editor, the modification is not reflected on client-side pages
1243Help Desk Page PIN Update IssueWhen the Administrator (Help Desk) updates a user's PIN, the Administrator's PIN is updated instead

8.2.0 Known Issues

Ref IDIssueDescription
1524HTML Appended to Logging Text FileWhen downloading a text log, superfluous HTML is added to the end of the log
1523Self-services Page "Back" Button MalfunctionThe "Back" button on the SecureAuth IdP Web Admin Self-service configuration page does not function
1508Session Timeout / Workflow IssueWhen the "Authentication Mode" field is set to "2nd Factor Only", the workflow reverts to "Standard" and prompts the user for a password once the session has timed out
1507Theme Switch Invalidates DFPAfter changing the theme (2013 to 2016 or vice versa), the user's Device / Browser Fingerprint (DFP) is invalidated and user must undergo 2-Factor Authentication
1494Symantec VIP Configuration IssueWhen Symantec VIP is set to "Disabled" (Registration Methods tab), the value is not retained when saved
1366Windows Phone Unable to Seed TOTPUnable to seed Windows phone for TOTP due to server-specific issue
1309Inline Password Change Cache Issue

When an incorrect password is provided on the first page, SecureAuth IdP caches the value for the Inline Password Change; and after user attempts to change the password, IdP states the password is incorrect and clears password value in the field. Subsequent password entry attempts with the correct password continue to fail.

Workaround: Restart login and enter the correct password on the first page

1297DFP / OS Version IssueNot all OS versions are being used in user-agent scoring, resulting in DFP check failure
1288IE Cert Issue for Realm Login

IE errors out during certificate enrollment

Workaround: Add the Certificate Enrollment page as a trusted site on IE

1283Performance ImpactIf there is a Syslog server defined, and the IP of that server does not exist on the network, SecureAuth IdP performance may be degraded
1278Publicprivatecookie Token Not Accepted with Pre-auth Page Configured

If using a pre-auth page (Begin Site) the publicprivatecookie Token is not accepted by the State Engine

Workaround: Set "Remember User Selection" to "True" (Workflow tab)

1273"Bad Data" Error for FP Cookie with FIPS EnabledThe Fingerprint (FP) Cookie fails when Windows FIPS mode is enabled
1561KBQ / Base64 Encoding IssueWhen using Oracle data store, knowledge-based questions are not encoded in Base64
1560Account Management StatusOn the Account Management screen, the status is always displayed as "Normal", even if account is not
1559KBQ / Base64 Encoding IssueWhen using ASPNETDB data store, knowledge-based questions are not encoded in Base64
1556Social Login Provisioning FailureWhen SQL Database is used as data store, the self-services realm configured for social login provisioning does not function properly, and social IDs are not provisioned
1555User Creation FailureWhen SQL Database is used as data store, the Create User process does function properly, and new users are not created or added to the intended group
1554Multi-Data Store Profile Connection Settings Failure

When "WCFBindingType" app setting is missing from the web.config, a "Could not validate credentials" Error is presented

Workaround: Add the "WCFBindingType" app setting to the web.config, with a True or False value

Setting it to "True" enables SecureAuth IdP to validate the password; setting it to False enables SecureAuth IdP to check the password, which is required during login

1548Validate Password Stored Procedure FailureWhen using a SQL Database data store, the Validate Password Stored Procedure fails if data in the database is NULL for password salt and password format
1545Machine Certificate Issuance FailureCreating machine certificates through ActiveX fails, while personal certificates work
1543PIN Hide Checkbox Displays on Self-service Page when DisabledWhen the PIN Hide checkbox is disabled in the Self-service Account Update configuration, it does not appear initially; however, after making changes to the PIN and clicking outside of the text field, the Hide checkbox is enabled
1542OpenID Connect Consent Permissions IssueWhen revoking previously approved permission(s), the value is removed from the SecureAuth IdP page and from the directory; however, if user clicks Save again, the permission is approved again, and reappears on the page and the value is returned to the directory
1540Vague Error for Language FileIf a language file is missing (i.e. if new languages are added), the update resource process generates a vague error
1530"Seconds" Value Not ClearedWhen a user resets user registration for certificate validation, the "Seconds" input value is not cleared
VariousText Alignment IssuesVarious text alignment issues in SecureAuth IdP Web Admin and client-side pages

  • No labels