...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
Version: 22.04.3
Release date: 2022-10-12
The Smart ID 22.04.3 release provides updates, improvements, and bug fixes for the components included to ensure high quality and security.
Upgrade Smart ID
See Upgrade Smart ID with general information regarding upgrading Smart ID. See also specific information regarding upgrade from 21.10 to 22.04: Upgrade Smart ID Identity Manager from 21.10 to 22.04.
Smart ID compatibility
Insert excerpt | ||
---|---|---|
|
...
|
...
Related information
...
|
...
|
Detailed feature list
Features
Jira ticket no | Description | Digital Access | Identity Manager & Self-Service | Physical Access | Messaging |
---|---|---|---|---|---|
CRED-13501 | Search for entity reference ID Two new parameters for "Execute Search Task" have been introduced to be able to search for a certain object via the (internal) entity reference ID, provided by the process map. For more information, see "Process: Execute Search Task" in Process - Standard service tasks in Identity Manager. | X | |||
CRED-13832 | Improved logging for BPMN-history cleaner Improved logging on debug level for the BPMN-history cleaner background job. | X | |||
CRED-13989 | Minidriver AdminKeys on TCOS cards This release supports management of Minidriver-AdminKeys and corresponding challenge-response mechanisms for TCOS3 |
...
cards in combination with |
...
TCOS3 middleware. For more information, see Encoding using T-Systems TCOS middleware in Identity Manager. | X | ||||
DA-330 | Added certificate filtering in case of Smart ID mobile and desktop authentication. For more details related to the filter and the extended property, see Signature filtering for Smart ID authentication. | X | |||
DA-929 | Upgraded Tomcat version to v9.0.65 | X | |||
DA-1028 | Added ability to pass the certificate attributes in the SAML response back to the service provider when Digital Access acts as Identity Provider (IDP) in case of Personal Desktop and Personal mobile authentication. | X | |||
DA-1031 | Added a field for SAML SLO URL in the admin UI when a Service Provider (SP) is configured manually with Digital Access acting as IDP. | X | |||
DA-1051 | Add one more encoding method for SP while sending the Subject parameter - Url Safe Base 64. This will url safe base 64 encode the subject in the SAML response. | X | |||
PMOB-3429 | Added support for Oracle database, see Smart ID deployment recommendations. | X | |||
PMOB-3524 | Added externalId as query url parameter in content provider callback. | X | |||
PMOB-3538 | Swagger configuration changed in updated swaggerV3 and it is enabled by default, see Install Hermod. | X | |||
PMOB-3552 | The sqlserver jdbc driver has ssl encryption enabled by default. To disable it, see "Example: cod-hermod.yml" in the Hermod configuration in Install Hermod. | X | |||
PMOB-3552 | The endpoint info is disabled by default in the updated java spring 2.7.1, see Install Hermod how to enable. | X |
Corrected bugs
Jira ticket no | Description | Digital Access | Identity Manager & Self-Service | Physical Access | Messaging |
---|---|---|---|---|---|
CRED-9969 | There was an issue where the "CA proxy" (used for the ADCS PKI connector) accepted expired server certificates as long as the client certificate was valid. This has been fixed. | X | |||
CRED-12966 | There was an issue where a blank (black) page sometimes was shown in the content area of Smart ID Self-Service, after a process from "possible actions" completed. This has been fixed. | X | |||
CRED-13148 | Certain keys could not be recovered with the ADCS connector. This has been fixed. | X | |||
CRED-13175 | When opening the search in a self-service user form which had a full CoreObject List, the items from the list in the form did not get pre-selected in the search. This has been fixed. | X | |||
CRED-13397 | There was an issue where the post-login process worked with username/password authentication, but not when SAML authentication was used in Smart ID Self Service. This has been fixed. | X | |||
CRED-13442 | Date conversions in the mapping tasks provided the wrong results when NULL or empty values where provided as input values. This has been fixed. | X | |||
CRED-13535 | Fixed an issue in the web session handling when running card production tasks in asynchronous multi-instance BPMN processes. | X | |||
CRED-13542 | There was an issue where the Smart ID Agent initially worked, but then after a certain time, when checking the connection, it failed to reconnect and might cause the Identity Manager Operator to hang. This has been fixed. | X | |||
CRED-13564 | There was an issue where open tasks sometimes got duplicated in the Open Tasks list in Identity Manager Operator. This has been fixed. | X | |||
CRED-13656 | There was an issue where read-only fields in Smart ID Self-Service forms could be changed by editing the html source code in the debug mode of the browser. This has been fixed. | X | |||
CRED-13666 | Fixed an error in searches, when searching for "null" or empty values on external JDBC data sources. | X | |||
CRED-13698 | When using post-login processes, there was an issue for some users where the role assignment did not work correctly due to conflicting internal user/role IDs. This has been fixed. | X | |||
CRED-13746 | The PGP recovery task did not support CoreObject Descriptor Lists (only CoreObject ID). This has been fixed. | X | |||
CRED-13754 | There was an issue with the Fetch-Entitlements task in Identity Manager throwing an "IllegalArgumentException". This has been fixed. | X | |||
CRED-13798 | Some missing French translations were added in Identity Manager Admin UI. | X | |||
CRED-13913 | There was an issue where some "BatchSync" jobs could not be executed due to duplicate keys in the internal job table. This has been fixed. | X | |||
CRED-14019 | Fixed a version conflict related to "JAXWS" web service library, which caused connection issues to third party web services in some rare cases. | X | |||
CRED-14086 | Initialization values for hidden fields were not written into the process map anymore. This has been fixed. | X | |||
DA-8 | Fixed the js warning in the built-in script GenericForm.html. | X | |||
DA-757 | Fixed the issue with the need to have the password authentication mechanism enabled for delegated user-storage users in admin. | X | |||
DA-857 | Memory handling changed when doing a publish in Administration Service, reducing required memory and improving the performance. | X | |||
DA-894 | Fixed a null pointer exception when updating Authentication Servers for the Personal Mobile/Personal Desktop authentication mechanism. | X | |||
DA-916 | [Nexus GO] Digital Access Policy Service REST endpoint: rest/v1.0/saml/authnrequest handled requests very slowly and caused a high CPU usage. This is fixed by reading from the cache instead of the xml. | X | |||
DA-928 | Fixed a null pointer exception when doing SAML authentication in Digital Access 6.1.4. | X | |||
DA-939 | Upgrading Digital Access from 6.0.5 to higher versions updates the Internal host values to names instead of IP, which should not be the case for deployments other than Swarm. | X | |||
DA-946 | Fixed an error causing Policy Service to crash, instead of crashing, Policy Service will now log a warning message indicating there is an invalid expression that needs to be amended via Administration Service UI. | X | |||
DA-973 | In case of Digital Access upgrade from 6.1.3 to 6.2.0, the BankID version was not getting updated to v5.1. This has been fixed. | X | |||
DA-1038 | Fixed an issue with OpenID Connect userinfo endpoint where the service incorrectly removed the end-user session after completion. | X | |||
DA-1013 | Fixed the issue where the OCSP server was not getting contacted in case of personal mobile/desktop authentication. | X | |||
IDC-2142 | Added Siport refactoring for improving performance. | X |
Release announcement
For details on the updated Smart ID configurations and deployment configurations, see here:
Expand | ||
---|---|---|
| ||
- |
Expand | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
|
Contact
Contact Information
For information regarding support, training and other services in your area, please visit our website at www.nexusgroup.com/.
Support
Nexus offers maintenance and support services for Smart ID components to customers and partners. For more information, please refer to the Nexus Technical Support at www.nexusgroup.com/support/, or contact your local sales representative.