CRED-12229

Reading encrypted PINs from pre-personalized cards

Identity Manager now supports reading and decrypting PINs (from an encrypted data object) from pre-personalized smart cards, in combination with Nexus Personal Desktop Client middleware. See section "Read encrypted PINs" in Encodings using Personal Desktop Client middleware in Identity Manager (PDOC-843) for more information.

CRED-12665

Updated third party libraries

Updated third party libraries in Smart ID agent in order to fix potential vulnerabilities.

CRED-12964

Multi-instance support for MobileIron connector

The MobileIron connector in Identity Manager now supports connecting to multiple instances of MobileIron via one single connector instance. This means that the Connection parameters to MobileIron can be stored in the Identity Manager runtime system and passed to the connector as additional attributes. See Configure MobileIron connector for more information. 

CRED-13050

CMP registration

A new standard service task for optional CMP registration to Certificate Manager has been added. See Certificates - Standard service tasks in Identity Manager

DA-233

Enabling of email and sms notifications when updating user accounts 

It is now possible to send email and sms notifications when updating a user account in case of synchronized, challenge, OATH or Personal mobile authentication methods through XPI.
The same is possible also while provisioning a new OATH profile through XPI.

To enable notification by sms/email, set the below properties to true in policy-service's customize.conf file

wrapper.java.additional.<30>=-Dcom.portwise.xpi.ws.notification_by_sms=true

wrapper.java.additional.<31>=-Dcom.portwise.xpi.ws.notification_by_email=true

By default, notification is disabled.

PMOB-3496

Updated Java version for Messaging (Hermod)

Updated base image to use Java 17.0.3 to address vulnerabilities CVE-2022-21476 and CVE-2022-21449.

IDC-2043

Support for additional card number mapping configuration in Salto PACS

In Salto PACS system there is now support for additional card number mapping configuration to map card number with General Purpose Field 1 [GPF1]. See Set up integration with Salto.

IDC-2044

Support for Zones and Access groups in Salto PACS

In Salto PACS system there is now support for Zones and Access groups (Doors, Lockers, Suits etc.) as entitlements types for import and export and all entitlement types can be configured using configuration settings. See Set up integration with Salto.

CRED-9159

There was an issue with smart card authentication when the full Subject DN was used as a unique identifier. This has been fixed.

CRED-12280

There was an issue where sending out emails did not work when object history validation failed. This has been fixed.

CRED-12585

Permission handling for user tasks was not working correctly when running the processes via REST Process API. This has been fixed.

CRED-12781

There was an issue with missing translations from English to Swedish in the Search config purpose configuration in Identity Manager Admin. This has been fixed.

CRED-12813

Removed P12 soft tokens from the "available readers" list when using Nexus Personal Desktop Client for smart card encoding.

CRED-12879

There was an issue where the smart card selection via ICCSN during PKI encoding did not work in combination with Nexus Personal Desktop Client middleware. This has been fixed.

CRED-12963

There was an issue where the start and end date for BatchSync jobs were not displayed in the Job Overview in Identity Manager Operator. This has been fixed.

 CRED-13291

The Batch Sync Job list in Identity Manager Operator was not working anymore in some scenarios when updating from a previous version. This has been fixed with this release

DA-931

Upgraded postgres to version 42.3.4 to fix CVE-2022-21724.

PMOB-2514

XML Digital ​Signature does no longer support SHA1. It is recommended to start using SHA2. For more information, see https://bugs.openjdk.java.net/browse/JDK-8261246