Download > DualShield > Documents

Release Notes

DualShield Authentication Platform 5.9.4.1205

NEW FEATURES

  • » Supports PIN in FIDO U2F authentication
  • » Add URL for downloading metadata
  • » Advanced log filter
  • » Add new SMS gateway: FlowRoute
  • » Access card tokens can be pre-scanned then imported in a batch
  • » Add the test function to LDAP connections

IMPROVEMENTS

  • » Increase the maximum number of concurrent requests in Tomcat from 100 to 5000
  • » Add the "Automatically activate the certificate when created or assigned" option to the Certificate policy
  • » Support import files with UTF-8, UTF-16LE, UTF-16BE encoding
  • » Enforce hisotry in password reset
  • » Add a timeout option to the failthru server settings
  • » Events in a sub-process now also trigger alert
  • » Improve work flow of FIDO U2F token registration.

BUG FIX

  • » Encoding in message gateway template was ignored
  • » Radius arrrtibute profile caused internal error
  • » Access card authentication did not work properly on Web applications
  • » Trying to unlock a user account returns error "cannot invoke method and() on null object"
  • » Wrongful attempt to unlock user when the "Look in the External Directory for the User Account Enabled State" is not enabled
  • » Unable to unlock a user. Error: cannot invoke method and() on null object
  • » When more than one domain exist in a realm, active sync reports "user is not found" after a mobile device was registered
  • » RelayState was wrongfully decooded with UrlDecode
  • » Apache Commons Collections Security Vulnerabilities
  • » A new ManagementConsole Service Provider was not registered when installing a Front-End Server.
  • » WinSSO + WSFed + Office365 cannot logout correctly
  • » Front-End Provisioning Server ACS & SLO URL are incorrectly registered
  • » Radius profile "assigned to" menu doesn't work on IE
  • » SSO selects wrong address of user when sending messages

DualShield Authentication Platform 5.9.4.0919

NEW FEATURES

  • » Supports IdP Initiated SAML Logon Request
  • » Added lifetime option in all token policies
  • » New SMS Gateway Provider - Clickatell Platform
  • » New option in SAML Service Provider: Allow using AssertionConsumerService from SAML Request
  • » Task script: Clear expired tokens
  • » Task script: Remove tokens from users in a specific user group/unit
  • » Task script: Disable inactive tokens after a specific period of time
  • » Task Script: Synchronise AD/LDAP groups

IMPROVEMENTS

  • » SSO now checks Access Control policy
  • » Automatically confine MobileID token at the first time use
  • » Specify "NameFormat" in a SAML return attribute
  • » Version Control of Task Scripts & Report Templates
  • » Added NAS IP Address and NAS Identifier to RADIUS client
  • » Added "Execute on server" option on tasks
  • » Import User: Supporting more user attributes, such as userPrincipalName etc
  • » IP Address Block supports CIDR Subnet Mask Notation
  • » Use Multi-part mime to embed QR code image in HTML email messages
  • » Change the behaviour of "Automatic Push" of MobileID Token/Client Deployment

BUG FIX

  • » LDAP weighting was not functional
  • » DualShield sends out duplicated syslog records
  • » Importing users failed on Oracle database
  • » OOBA cannot send out notifications via HTTP proxy
  • » OOBA login to DPS would throw exception if client IP in payload is set to null
  • » Apple Push Notification doesn't work with proxy server enabled
  • » Token assignment start time always shows current time if it is not set
  • » Error "Illegal Json Response" when register the Windows Logon Agent
  • » Error "User is not found" when LDAP server is not connectable
  • » Error "HTTP status code 500" when exporting report
  • » Error "Login with ticket failed" in a load balancing cluster environment
  • » Error "Incorrect logon method used in current step" when "Emergency Code" is set as a logon procedure