What is new ?

  • Logging systems
    • Unify tracing logs
    • Metered usage and billing information logs
  • Improve performance for both IdP and STS
  • New Configurator
    • Configurator: Implement the signing certificate validation when choosing the signing certificate from the store
    • Configurator: Auto build session state connection string
    • Configurator: Collect settings for all steps and execute them once at the final step
    • Configurator: auto select SSL certificate based on the tenant domain name
    • Configurator: reconfigure
    • Configurator: onscreen help text
    • Configurator: backup & restore
    • Configurator: Split up complex steps into smaller steps or move them to appropriate categories
  • Multiple certificates for user
  • EU STORK: make Identify compliant with STORK
  • New STS endpoints for Kombit and DMP
  • STS improvement
    • To support all bearer/symmetric/asymmetric key type request
    • Support both SAML/SAML 2.0 token types
    • Support 256 signing algorithm
    • Support Actas/OBO
  • REST service: various APIs to manipulate Identify domain objects
  • New claims transformation and enhancements
    • Add a new “Text Claims Transformation”
    • NOT EXIST condition on the claim transformation
    • Support the new concatenate claim transformation
    • Potential additional task: Script language for claims transformations
  • And various improvements
    • Idp-Initiated Should disabled Signoff button if there is no saml2 session
    • Can create variable name which is duplicate with the global variables in Claim Transformation.
    • Local OpenIdRP ‘s improvement
    • The status on the checkbox group on the Consent page is wrong
    • Exception displays when clicking Twice on “Continue” button on Consent page
    • [Security] Identify configurator assigns app pool identity full control to signing certificate
    • Password auto-generation follows the regexp “Password1″ on Shared Configurable Setting
    • eHerkenning: Identify consumes eHerkenning attribute service
    • DigiD: check/implement some small details
    • eGov compliance
    • eGov compliance: a setting for encryption algorithm
    • eGov compliance: local logout only
    • eGov compliance: MUST support the acceptance/rejection of particular <saml2:AuthnContext>
    • eGov compliance: IdPdisco
    • eGov compliance: Support the administrative initiation of Single Logout
    • eGov compliance: Attributes validUntil AND cacheDuration MUST be supported
    • Support for SSO POST binding
    • Identify configurator should check if MSDTC is enabled
    • Cannot login the tenant whose tenant id start with number
    • Should have a test mode for captcha for automation testing
    • Ensure that auto generated passwords don’t contain an ‘&’
    • Is it possible to de-activate token encryption on WS-Federation outgoing connections in Identify?
    • A tool in Manage Error to look up a Correlation error base on ID
    • Change the “endpoint identity” field on an LdapWS setting to Read-only field
    • “Capacity Planning” document
    • SaaS: Reduce memory footprint
    • Load testing (scalability) environment (additional)
    • Simulating “resultant set of claims”
    • Platform setting on connection dependency