John Jellema Within this release cycle we have focused on several new features and many improvements. You gain direct benefits by installing this version as we have updated all essential third party components and removed a large number of defects. With the addition of Accounting Service, Ubisecure Identity Server now consists of two main components, SSO (8.4.0), CustomerID (5.4.0) and a module ids-accounting (1.0.7) which runs alongside SSO. Additionally we have been focusing on improvements related to our continuous integration and testing frameworks to reduce our release cycle time and increase the quality of the delivered software.
For all our major releases we are running performance tests to make sure that there are no impacting degradations. Between 2018.1 and 2019.1 we have not witnessed any significant decrease in performance. Moving forward we also intend to include similar test runs for our patch releases to spot any possible deviation between the releases even earlier.
New in this release
Accounting Service
This new Spring Boot application will provide better understanding of the amount of users that authenticate through your services and which of your authentication methods are the most frequently used.
The reports that you are able to get from this service are;
- Monthly active unique user counts per authentication method
- Daily active unique users per authentication method
- Daily successful authentication events
The data in these reports are stored in pseudonymised format in a PostgreSQL database, which means that this will be a pre-requisite to have installed moving forward from this version of Identity Server. The pseudonymisation done for the personally identifiable information (PII) is calculated using the HmacSHA256 algorithm (see the formula above) and the secret key provided by the administrator during installation. Meaning the accounting reports will contain unique users by login method – but with no end-user PII exposed or decipherable. More information about the security features, configuration and usage of Accounting Service can be found here: https://developer.ubisecure.com/docs/display/IDS20191/Accounting+Service+-+SSO
Per user authentication matching
The user experience for authentication might sometimes be confusing, especially if your environment has many different login options presented to the user. This is why we have implemented this JavaScript addition for our SSO login UI. With this JavaScript and the use of regular expressions, you are able to match specific authentication methods towards organisations or users. We have also taken Github into active use to have a better way of distributing JavaScripts and other extensions to you moving forward.
Get the JavaScripts from https://github.com/ubisecure/per-user-authentication-matching
3rd party library updates
Security is always on our mind with whatever we do and that’s why we have made significant updates for most of our 3rd party libraries. This will ensure that your environment is protected against the most critical vulnerabilities out there. We are continuously scanning and updating the libraries we use in order to keep up with the latest security patches. Note: If your instance is publicly facing we strongly recommend that you update to this version of Identity Server.
To see which libraries were updated within this release, please review:
https://developer.ubisecure.com/docs/display/IDS20191/3rd+party+licenses+-+SSO
https://developer.ubisecure.com/docs/display/IDS20191/3rd+party+licenses+-+CustomerID
Corrections
Part of this release cycle was spent on squashing bugs that had been found by either ourselves or by you, our customers and partners. We want to increase transparency on the issues which may affect your deployment,so we have included the full list of existing known issues at the end of the release notes. This should help you to understand why a specific function, configuration or use case may not operate as you would expect. Your feedback will help us prioritise the most critical items that need to be addressed by referring to the known issue identifying number (IDS-####) when contacting Support. We will maintain this list for future releases – please be sure to review it if you are experiencing any difficulties.
For a full list of features, improvement and corrections, please see https://developer.ubisecure.com/docs/display/IDS20191/Identity+Server+2019.1+Release+Notes
Head over to https://www.ubisecure.com/developers/ to download the latest version of Ubisecure Identity Server today!
About The Author: John Jellema
As VP Product Management, John is responsible for ensuring Ubisecure’s ongoing development of its Identity Platform, optimising the feature development while driving generational change across the IAM delivery platform. Since joining Ubisecure in 2017, John has refocused the cloud and on-premises delivered services to fulfil customer expectations across the Nordics.
Prior to joining Ubisecure, John worked for Verizon as a Global Security Product Manager, developing and managing its DDoS platform around the world. With more than 20 years experience in global product management, John is passionate about seamless technology integration. Standing on the shoulders of giants permits us to achieve greatness today and into the future.
More posts by John Jellema