Download > DualShield > Documents
Release Notes
DualShield Authentication Platform 5.9.4.1205
NEW FEATURES
- » Supports PIN in FIDO U2F authentication
- » Add URL for downloading metadata
- » Advanced log filter
- » Add new SMS gateway: FlowRoute
- » Access card tokens can be pre-scanned then imported in a batch
- » Add the test function to LDAP connections
IMPROVEMENTS
- » Increase the maximum number of concurrent requests in Tomcat from 100 to 5000
- » Add the "Automatically activate the certificate when created or assigned" option to the Certificate policy
- » Support import files with UTF-8, UTF-16LE, UTF-16BE encoding
- » Enforce hisotry in password reset
- » Add a timeout option to the failthru server settings
- » Events in a sub-process now also trigger alert
- » Improve work flow of FIDO U2F token registration.
BUG FIX
- » Encoding in message gateway template was ignored
- » Radius arrrtibute profile caused internal error
- » Access card authentication did not work properly on Web applications
- » Trying to unlock a user account returns error "cannot invoke method and() on null object"
- » Wrongful attempt to unlock user when the "Look in the External Directory for the User Account Enabled State" is not enabled
- » Unable to unlock a user. Error: cannot invoke method and() on null object
- » When more than one domain exist in a realm, active sync reports "user is not found" after a mobile device was registered
- » RelayState was wrongfully decooded with UrlDecode
- » Apache Commons Collections Security Vulnerabilities
- » A new ManagementConsole Service Provider was not registered when installing a Front-End Server.
- » WinSSO + WSFed + Office365 cannot logout correctly
- » Front-End Provisioning Server ACS & SLO URL are incorrectly registered
- » Radius profile "assigned to" menu doesn't work on IE
- » SSO selects wrong address of user when sending messages
DualShield Authentication Platform 5.9.4.0919
NEW FEATURES
- » Supports IdP Initiated SAML Logon Request
- » Added lifetime option in all token policies
- » New SMS Gateway Provider - Clickatell Platform
- » New option in SAML Service Provider: Allow using AssertionConsumerService from SAML Request
- » Task script: Clear expired tokens
- » Task script: Remove tokens from users in a specific user group/unit
- » Task script: Disable inactive tokens after a specific period of time
- » Task Script: Synchronise AD/LDAP groups
IMPROVEMENTS
- » SSO now checks Access Control policy
- » Automatically confine MobileID token at the first time use
- » Specify "NameFormat" in a SAML return attribute
- » Version Control of Task Scripts & Report Templates
- » Added NAS IP Address and NAS Identifier to RADIUS client
- » Added "Execute on server" option on tasks
- » Import User: Supporting more user attributes, such as userPrincipalName etc
- » IP Address Block supports CIDR Subnet Mask Notation
- » Use Multi-part mime to embed QR code image in HTML email messages
- » Change the behaviour of "Automatic Push" of MobileID Token/Client Deployment
BUG FIX
- » LDAP weighting was not functional
- » DualShield sends out duplicated syslog records
- » Importing users failed on Oracle database
- » OOBA cannot send out notifications via HTTP proxy
- » OOBA login to DPS would throw exception if client IP in payload is set to null
- » Apple Push Notification doesn't work with proxy server enabled
- » Token assignment start time always shows current time if it is not set
- » Error "Illegal Json Response" when register the Windows Logon Agent
- » Error "User is not found" when LDAP server is not connectable
- » Error "HTTP status code 500" when exporting report
- » Error "Login with ticket failed" in a load balancing cluster environment
- » Error "Incorrect logon method used in current step" when "Emergency Code" is set as a logon procedure