Version: 22.10
Release date: 2022-10-27
The Smart ID 22.10 release provides updates, improvements, and bug fixes for the components included to ensure high quality and security.
Upgrade Smart ID
See Upgrade Smart ID with general information regarding upgrading Smart ID. See also specific information regarding upgrade from 22.04 to 22.10: Upgrade Smart ID Identity Manager from 22.04 to 22.10.
Smart ID compatibility
Smart ID 22.10 is compatible with the following component versions:
Components | Version |
---|---|
6.2.4 (included in Smart ID 22.10) | |
3.5.0 (included in Smart ID 22.10) | |
8.5.0 and later | |
Main new features
Usability improvements in Smart ID Self-Service and Identity Manager Operator
The Smart ID 22.10 release provides several improvements in Smart ID Self-Service and in Identity Manager Operator. Smart ID Self-Service contains an easy-to-use quick search for the object lists and allows individual sorting of the processes on the dashboard. Furthermore, in order to improve accessibility compliance, a fully functional keyboard navigation has been introduced to Smart ID Self-Service.
In Identity Manager Operator, the available processes on the start page are now easier to access via a list.
Mobile Visual ID enrollment in Identity Manager
With this release of Smart ID, Identity Manager introduces support for visual IDs in the Smart ID Mobile App. In addition to provisioning of digital IDs (X.509 certificates), a visual ID similar to a physical employee card can be provisioned. The visual card on the mobile can contain front-side and backside layouts, including individual texts (name, card number etc.), as well as individual photos and logos.
Detailed feature list
Features
Jira ticket no | Description | Digital Access | Identity Manager & Self-Service | Physical Access | Messaging |
---|---|---|---|---|---|
CRED-10136 | CRL synchronization between Certificate Manager and Identity Manager Certificate Revocation Lists (CRLs) from Nexus Certificate Manager can be pushed into Identity Manager via distribution rules in Certificate Manager. This helps to keep the certificate status in Identity Manager up-to-date, even if revocation is done in a third party system, or directly in Certificate Manager. See Push CRL from Certificate Manager to Identity Manager for more information. | X | |||
CRED-11623 | Running "Scheduled Jobs" (BatchSync) without search configuration The batch synchronization functionality in Identity Manager has been extended. It is now possible to run jobs without any search configuration as input source. The functionality can now also be used in general schedule processes for background execution. This is called "Timed process". To reflect this change, "Batch Sync" is renamed to "Scheduled Jobs". Read more in Set up scheduled jobs in Identity Manager. | X | |||
CRED-11829 | New library version for liquibase New library version for liquibase. | X | |||
CRED-11831 | New library version for spring/spring security New library version for spring/spring security. | X | |||
CRED-11833 | New library version for xmlsec New library version for xmlsec (via Opensaml). | X | |||
CRED-12231 | Mobile Visual ID provisioning in Identity Manager With this release of Smart ID, Identity Manager introduces support for visual IDs in the Smart ID Mobile App. In addition to provisioning of digital IDs (X.509 certificates), a visual ID similar to a physical employee card can be provisioned. The visual card on the mobile can contain frontside and backside layouts, including individual texts (name, card number etc.), as well as individual photos and logos. See Smart ID Messaging - Standard service tasks in Identity Manager for more information. | X | |||
CRED-12304 | New library version for Velocity New library version for Velocity. | X | |||
CRED-12709 | New library version for Esapi New library version for Esapi. | X | |||
CRED-12985 | Quick search in Smart ID Self-Service This release provides a new, and very easy-to-use search functionality in Smart ID Self-Service. In the listings of available cards, requests, certificates on the main page of Self-Service, a quick search has been introduced that helps to navigate through the lists, especially when managing large object lists (for example, managing cards for contractors). See Set properties for Smart ID Self-Service for more information. | X | |||
CRED-13131 | List all processes on the start page of Identity Manager Operator In previous versions of Identity Manager and PRIME, only the "new process" per selected category (create new employees, new cards etc.) was shown. In order to improve the usability, all available processes to create new objects are now listed on the start page, irrespective of the selected category, so that any of these processes can be started with just one click. See Configure tasks (processes) in Identity Manager Operator for more information. | X | |||
CRED-13218 | New library version for CaptainCasa New library version for CaptainCasa. | X | |||
CRED-13277 | Keep or delete history entries in Identity Manager Until now, ObjectHistory data was kept for a certain, configurable time-frame in the database, even if the corresponding core object was deleted. The reason for this is the chained signature of the history which guarantees an audit-proof history. With this release, you can decide if you want to keep the history data, with an audit-proof signature, or if you want to deactivate the chained signature and delete object history due to GDPR reasons. See section "Delete old history entries" in Chained signature for object history in Identity Manager for more information. | X | |||
CRED-13297 | Process sorting in Smart ID Self-Service and Identity Manager Operator The order in which the processes on the Self-Service Dashboard are shown can now be defined in Identity Manager Admin via the "Process sorting" item in the menu tree. Also the processes, listed on the Identity Manager Operator start page (see new feature CRED-13131) can be sorted in the same way. See Configure tasks (processes) in Smart ID Self-Service and Configure tasks (processes) in Identity Manager Operator for more information. | X | |||
CRED-13503 | Extract SERIALNUMBER attribute from X.509 certificate The standard service task "Cert: Extract Certificate Attributes" is extended and can now also extract the SERIALNUMBER value from the Subject DN attribute. See "Cert: Extract Certificate Attribute" in Certificates - Standard service tasks in Identity Manager. | X | |||
CRED-13513 | Supporting new Microsoft OID in certificate requests Microsoft recently introduced a new attribute (OID 1.3.6.1.4.1.311.25.2) in certificates that are used for Windows smart card authentication. The attribute will be activated by default in May 2023 as mandatory via a Windows update. Identity Manager now supports this attribute in certificate requests via Nexus Certificate Manager and Microsoft ADCS. | X | |||
CRED-13705 | Keyboard navigation in Smart ID Self-Service Keyboard navigation is introduced in Smart ID Self-Service to improve accessibility. See Smart ID Self-Service for more information. | X | |||
CRED-13832 | Improved logging for BPMN-history cleaner Improved logging on debug level for the BPMN-history cleaner background job. | X | |||
CRED-13836 | New library version for slf4j New library version for slf4j. | X | |||
CRED-13906 | New library version for Jetty http2-server New library version for Jetty http2-server to mitigate a high severity CVE (CVE-2022-2048). | X | |||
CRED-13964 | Footer with static links in Smart ID Self-Service Static tests and links can now be customized in the footer for Self-Service login screen and the other pages in Self-Service. See Configure footer text in Smart ID Self-Service for more information. | X | |||
CRED-14063 | New library version for moment.js New library version for moment.js in CaptainCasa to mitigate two high severity CVEs. (CVE-2022-24785 and CVE-2022-31129) | X | |||
CRED-14188 | Updated version for Apache Commons Text Updated version for Apache Commons Text to mitigate CVE-2022-42889. See Apache Commons Text Vulnerability for more information. | X | |||
IDC-917 | Oracle DB support for Physical Access Added Oracle DB support for Physical Access. See Smart ID deployment recommendations. | X | |||
IDC-2116 | Support for Doors and Zones in Salto Added support in Salto for Doors and Zones for SALTO ProAccess SPACE based on configuration settings (UseUpgradedVersion). See Set up integration with Salto for more information. | X |
Corrected bugs
Jira ticket no | Description | Digital Access | Identity Manager & Self-Service | Physical Access | Messaging |
---|---|---|---|---|---|
CRED-8554 | There was an issue with the scrollbar on a form not resetting when going from one form to the next. This has been fixed. | X | |||
CRED-9811 | There was an issue when uploading the configuration in Identity Manager Operator where the name of the configuration was not fully displayed. This has been fixed. | X | |||
CRED-9879 | There was an issue in Identity Manager Operator where symbolic names sometimes were displayed instead of translations, even if translations were available. This has been fixed. | X | |||
CRED-9906 | There was an issue in Identity Manager Admin when using the character "-" in CSV export paths. This has been fixed so that all valid Windows and Unix paths are supported. | X | |||
CRED-10620 | When using ${...} statements in groovy scripts, they where unintentionally interpreted as JUEL expressions. This has been fixed. | X | |||
CRED-11413 | There was an issue when running a search in the "Batch orders" page in Identity Manager Operator where photos were not displayed. This has been fixed. | X | |||
CRED-11728 | In certain scenarios it could happen, after starting a Batch Sync Job manually via the "Start once" button in Identity Manager Operator, that the respective job did no longer work. This has been fixed now. | X | |||
CRED-12965 | There was an issue where the description of a batch order template was not visible in Identity Manager Operator, only the symbolic name. This has been fixed. | X | |||
CRED-13242 | There was an issue when clicking on the expanded view for objects where all objects were not shown in the list. This has been fixed. | X | |||
CRED-13299 | When editing system properties in the "Admin" page in Identity Manager Operator, the labels were not completely displayed in some cases. This has been fixed. | X | |||
CRED-13815 | Removed Null Pointer Exceptions and improved error handling of invalid filters in search, and specifically in LoadEntityParameterizedAction. See "Process: Load Entity" in Process - Standard service tasks in Identity Manager. | X | |||
CRED-13885 | There was an issue where the order of the search configurations in the search drop-down menus in Identity Manager Operator were not sorted as defined. This has been fixed. | X | |||
CRED-13900 | There was an issue where you could not deselect a value in a drop-down field even when the field was not mandatory. This has been fixed by adding a blank line in the drop-down. | X |
Release announcement
For details on the updated Smart ID configurations and deployment configurations, see here:
Contact
Contact Information
For information regarding support, training and other services in your area, please visit our website at www.nexusgroup.com/.
Support
Nexus offers maintenance and support services for Smart ID components to customers and partners. For more information, please refer to the Nexus Technical Support at www.nexusgroup.com/support/, or contact your local sales representative.