The WSO2 Identity Server team is pleased to announce the release of WSO2 Identity Server 5.3.0 Beta. You can download this distribution from following locations.
Runtime : https://github.com/wso2/product-is/releases/tag/v5.3.0-beta Analytics : https://github.com/wso2/analytics-is/releases/tag/v5.3.0-beta Following list contains all the features, improvements and bug fixes available with this beta release. *Runtime* Security Vulnerability - [IDENTITY-4701 <https://wso2.org/jira/browse/IDENTITY-4701>] - Move all operations in secret key revocation/regeneration, that change server state to ajaxprocessors and invoke them via POST Patch - [IDENTITY-4250 <https://wso2.org/jira/browse/IDENTITY-4250>] - Userinfo endpoint does not return claims for a valid token. - [IDENTITY-4728 <https://wso2.org/jira/browse/IDENTITY-4728>] - "More APIs from Provider" section becomes empty after migrating to API Manager 1.10 and browse the API Store without login - [IDENTITY-4773 <https://wso2.org/jira/browse/IDENTITY-4773>] - Supporting error codes generically for Basic Authenticator - [IDENTITY-5108 <https://wso2.org/jira/browse/IDENTITY-5108>] - Improve retrieving roles from cache for users - [IDENTITY-5149 <https://wso2.org/jira/browse/IDENTITY-5149>] - Secondary userstore encryption not works when deployed the userstore via file system - [IDENTITY-5227 <https://wso2.org/jira/browse/IDENTITY-5227>] - SCIM /me call does not return user attributes - [IDENTITY-5229 <https://wso2.org/jira/browse/IDENTITY-5229>] - Carbon products are limited to using RSA-SHA1 for Asymmetric key signature - [IDENTITY-5280 <https://wso2.org/jira/browse/IDENTITY-5280>] - Error is generated when SAML2 SP is sent a logout request when IDP session has been terminated. - [IDENTITY-5335 <https://wso2.org/jira/browse/IDENTITY-5335>] - Cannot delete internal roles using SCIM - [IDENTITY-5346 <https://wso2.org/jira/browse/IDENTITY-5346>] - UserDN Cache is not invalidated for authentication failures - [IDENTITY-5349 <https://wso2.org/jira/browse/IDENTITY-5349>] - We can not define full IDP url in WSO2IS dashboard - [IDENTITY-5350 <https://wso2.org/jira/browse/IDENTITY-5350>] - Cannot disable org.wso2.carbon.identity.user.profile.mgt.listener. ProfileMgtEventListener - [IDENTITY-5352 <https://wso2.org/jira/browse/IDENTITY-5352>] - When responseType equal to "id_token" the resulting token is passed back as a query parameter - [IDENTITY-5356 <https://wso2.org/jira/browse/IDENTITY-5356>] - SSO and SLO configuration for carbon server - Eventhough IdentityProviderSLOServiceURL is mentioned in authenticators.xml Destination value in SAML request is the SSO url not the SLO url. Bug - [IDENTITY-3868 <https://wso2.org/jira/browse/IDENTITY-3868>] - Can't authorize with 'remember me' checked - [IDENTITY-4754 <https://wso2.org/jira/browse/IDENTITY-4754>] - Cannot call setUserClaimValues when user store is readOnly. - [IDENTITY-4922 <https://wso2.org/jira/browse/IDENTITY-4922>] - Cannot login after clearing the database and run -Dsetup. - [IDENTITY-5165 <https://wso2.org/jira/browse/IDENTITY-5165>] - Error when IS is started with -Dsetup pointing to a MYSQL DB - [IDENTITY-5170 <https://wso2.org/jira/browse/IDENTITY-5170>] - CNF when calling OIDC DCR endpoint to register a client - [IDENTITY-5177 <https://wso2.org/jira/browse/IDENTITY-5177>] - Clear samlssotokenid cookie after SAML2 SSO loging out from IS - [IDENTITY-5183 <https://wso2.org/jira/browse/IDENTITY-5183>] - OIDC DCR does not work without dynamic imports - [IDENTITY-5186 <https://wso2.org/jira/browse/IDENTITY-5186>] - NoClassDefFoundError At Server startup from IWA authenticator - [IDENTITY-5228 <https://wso2.org/jira/browse/IDENTITY-5228>] - Permission is denied when trying to authorize concurrently - [IDENTITY-5247 <https://wso2.org/jira/browse/IDENTITY-5247>] - Invalid response status when authentication headers are not sent to secured REST API via Genric Authentication - [IDENTITY-5250 <https://wso2.org/jira/browse/IDENTITY-5250>] - IS dashboard not working after installing KM features - [IDENTITY-5253 <https://wso2.org/jira/browse/IDENTITY-5253>] - Invalid response status from selfsignup API when trying to add user with existing username - [IDENTITY-5254 <https://wso2.org/jira/browse/IDENTITY-5254>] - Error when updating user roles in tenant from Management console - [IDENTITY-5256 <https://wso2.org/jira/browse/IDENTITY-5256>] - When secured REST APIs via Genric Authentication, permissions doesn't get dynamically updated for the Autherization valve - [IDENTITY-5257 <https://wso2.org/jira/browse/IDENTITY-5257>] - When email username is enabled cannot login to management console as tenant users - [IDENTITY-5262 <https://wso2.org/jira/browse/IDENTITY-5262>] - Error in account lock while adding users to secondary userstore via selfsignup REST API - [IDENTITY-5265 <https://wso2.org/jira/browse/IDENTITY-5265>] - Error when admin force passsword reset for users in secondary user store - [IDENTITY-5271 <https://wso2.org/jira/browse/IDENTITY-5271>] - Broken user experience for selfsignup users to default IS-dashboard - [IDENTITY-5274 <https://wso2.org/jira/browse/IDENTITY-5274>] - Add DB script for IDN_SAML2_ASSERTION_STORE creation - [IDENTITY-5284 <https://wso2.org/jira/browse/IDENTITY-5284>] - Need to validate all 3 fields Firstname, Lastname and email in Username recovery page - [IDENTITY-5285 <https://wso2.org/jira/browse/IDENTITY-5285>] - Dashboard uses hostname defined in carbon.xml to send SAML post request to Identity Server - [IDENTITY-5286 <https://wso2.org/jira/browse/IDENTITY-5286>] - Error when "---BEGIN CERTIFICATE----" and "---END CERTIFICATE---" are not present in uploaded certificate - [IDENTITY-5288 <https://wso2.org/jira/browse/IDENTITY-5288>] - Claims displayed in the User Registration form should be configurable - [IDENTITY-5291 <https://wso2.org/jira/browse/IDENTITY-5291>] - Cannot login to dashboard with secondary userstore usernames - [IDENTITY-5295 <https://wso2.org/jira/browse/IDENTITY-5295>] - Balana build fails on Java 8 - [IDENTITY-5302 <https://wso2.org/jira/browse/IDENTITY-5302>] - "buildAttributeStatement" method must be protected in DefaultSAMLAssertionBuilder - [IDENTITY-5304 <https://wso2.org/jira/browse/IDENTITY-5304>] - reCaptcha doesn't work properly - [IDENTITY-5307 <https://wso2.org/jira/browse/IDENTITY-5307>] - When mandatory claims are defined in SP, authentication flow breaks in firefox - [IDENTITY-5308 <https://wso2.org/jira/browse/IDENTITY-5308>] - Error when self-sign up to secondory user stores via dashboard app - [IDENTITY-5321 <https://wso2.org/jira/browse/IDENTITY-5321>] - Incorrect Response for Authentication fail of Entitlement Rest Service - [IDENTITY-5322 <https://wso2.org/jira/browse/IDENTITY-5322>] - Entitlement Rest Service use only super tenant as PDP - [IDENTITY-5323 <https://wso2.org/jira/browse/IDENTITY-5323>] - Internal Server error when adding External Claim with incorrect Mapped Local Claim - [IDENTITY-5324 <https://wso2.org/jira/browse/IDENTITY-5324>] - User is prompted to fill Mandatory attributes in OIDC authentication flow even though they are already filled - [IDENTITY-5325 <https://wso2.org/jira/browse/IDENTITY-5325>] - Revoke and Regenerate Secret buttons of a OAuth/OIDC app does not work as expected - [IDENTITY-5328 <https://wso2.org/jira/browse/IDENTITY-5328>] - Null values in permission tree entries in management console - [IDENTITY-5333 <https://wso2.org/jira/browse/IDENTITY-5333>] - Account Lock after maximum allowed login attempt fail doesn't work when secondary user store is enabled - [IDENTITY-5338 <https://wso2.org/jira/browse/IDENTITY-5338>] - AccountSuspensionNotificationHandler needs to consider having secondary user stores - [IDENTITY-5339 <https://wso2.org/jira/browse/IDENTITY-5339>] - No challenge questions displayed for a user when admin doesn't specify any challenge questions for user's locale - [IDENTITY-5364 <https://wso2.org/jira/browse/IDENTITY-5364>] - Improve exception handling in Account lock handler - [IDENTITY-5365 <https://wso2.org/jira/browse/IDENTITY-5365>] - Make claim cache entries serializable - [IDENTITY-5372 <https://wso2.org/jira/browse/IDENTITY-5372>] - API Access allow across the tenant - [IDENTITY-5379 <https://wso2.org/jira/browse/IDENTITY-5379>] - kmarket-trading-sample is not working - [IDENTITY-5380 <https://wso2.org/jira/browse/IDENTITY-5380>] - KMarket Sample : WSO2IdentityAgent is not presentable - [IDENTITY-5381 <https://wso2.org/jira/browse/IDENTITY-5381>] - Getting a Null Pointer Exception in Authentication framework - [IDENTITY-5386 <https://wso2.org/jira/browse/IDENTITY-5386>] - Error while invoking entitlement REST APIs for tenants - [IDENTITY-5389 <https://wso2.org/jira/browse/IDENTITY-5389>] - Assertion query profile feature should have the option to enable\disable - [IDENTITY-5390 <https://wso2.org/jira/browse/IDENTITY-5390>] - For entitlement REST APIs when tenant domain in path and authenticated user tenant domain is different API call should be terminated before actual service implementation - [IDENTITY-5395 <https://wso2.org/jira/browse/IDENTITY-5395>] - Analytics integration test is failing after upgrading identity.data.publisher.oauth version - [IDENTITY-5404 <https://wso2.org/jira/browse/IDENTITY-5404>] - Provide ability to use old email template configuration if needed (without migration) - [IDENTITY-5405 <https://wso2.org/jira/browse/IDENTITY-5405>] - Admin console entitlement UIs responds with blank pages - [IDENTITY-5414 <https://wso2.org/jira/browse/IDENTITY-5414>] - Display names are "null" for a permission in the permission tree - [IDENTITY-5415 <https://wso2.org/jira/browse/IDENTITY-5415>] - Error issuing access token for tenant users - [IDENTITY-5418 <https://wso2.org/jira/browse/IDENTITY-5418>] - Setting supported by default doesn't apply until server restart Task - [IDENTITY-4689 <https://wso2.org/jira/browse/IDENTITY-4689>] - OSGi bundle creation best practices not followed in identity-event-handler-account-lock repo - [IDENTITY-5171 <https://wso2.org/jira/browse/IDENTITY-5171>] - Identity Management Rest API Docs are Outdated, need to generate from swagger - [IDENTITY-5215 <https://wso2.org/jira/browse/IDENTITY-5215>] - Move all Provisioning connector & Local Authenticator jars from plugins to dropins - [IDENTITY-5221 <https://wso2.org/jira/browse/IDENTITY-5221>] - Move Governance Connectors to Resident IDP UI as top level connectors - [IDENTITY-5261 <https://wso2.org/jira/browse/IDENTITY-5261>] - Why duplicate configs in Identity Governance - [IDENTITY-5361 <https://wso2.org/jira/browse/IDENTITY-5361>] - Add tenant domain to Rest API endpoint for authorization handlers - [IDENTITY-5368 <https://wso2.org/jira/browse/IDENTITY-5368>] - Need to update claim values in cache for setUserClaimValue - [IDENTITY-5388 <https://wso2.org/jira/browse/IDENTITY-5388>] - IS 5.2.0 to 5.3.0 Migration - [IDENTITY-5394 <https://wso2.org/jira/browse/IDENTITY-5394>] - Update identity governance config - [IDENTITY-5396 <https://wso2.org/jira/browse/IDENTITY-5396>] - Move to carbon-multitenancy 4.6.1 - [IDENTITY-5398 <https://wso2.org/jira/browse/IDENTITY-5398>] - Change permissions /permission/admin/configure/security/* to /permission/admin/manage/identity/* Improvement - [IDENTITY-4752 <https://wso2.org/jira/browse/IDENTITY-4752>] - Improve logic of handling events during tenant admin creation - [IDENTITY-4889 <https://wso2.org/jira/browse/IDENTITY-4889>] - No getter for ObligationId in Balana Obligation - [IDENTITY-5040 <https://wso2.org/jira/browse/IDENTITY-5040>] - No public constructor for Balana MultiRequests - [IDENTITY-5041 <https://wso2.org/jira/browse/IDENTITY-5041>] - Public method in PDP that can convert a given XACML String to ResponseCtx object in Balana - [IDENTITY-5147 <https://wso2.org/jira/browse/IDENTITY-5147>] - Password Policy Validation need to be implemented with Event Handler Architecture - [IDENTITY-5169 <https://wso2.org/jira/browse/IDENTITY-5169>] - Supports for LDAP fail over properly - [IDENTITY-5293 <https://wso2.org/jira/browse/IDENTITY-5293>] - Update Locale claim by selecting from a list of supported locales in user profile - [IDENTITY-5354 <https://wso2.org/jira/browse/IDENTITY-5354>] - Add Caching in Claim Metadata Manager - [IDENTITY-5355 <https://wso2.org/jira/browse/IDENTITY-5355>] - Improve usability in claim metadata management UI - [IDENTITY-5358 <https://wso2.org/jira/browse/IDENTITY-5358>] - Introspection endpoint MUST be secured - [IDENTITY-5369 <https://wso2.org/jira/browse/IDENTITY-5369>] - Improve Add SAML Service Provider UI with SAML metadata options - [IDENTITY-5373 <https://wso2.org/jira/browse/IDENTITY-5373>] - Improve idp add SAML configuration - [IDENTITY-5377 <https://wso2.org/jira/browse/IDENTITY-5377>] - Shouldn't we enforce authentication for DCR endpoint by default Sub-task - [IDENTITY-4430 <https://wso2.org/jira/browse/IDENTITY-4430>] - List users via scim: missing user profile attributes - [IDENTITY-4859 <https://wso2.org/jira/browse/IDENTITY-4859>] - Support arbitrary data parameters to populate the email templates - [IDENTITY-5269 <https://wso2.org/jira/browse/IDENTITY-5269>] - Error when setting challange questions for password recovery for secondary userstore users - [IDENTITY-5272 <https://wso2.org/jira/browse/IDENTITY-5272>] - User Profile Gadget doesn't work properly for selfsigned up users - [IDENTITY-5276 <https://wso2.org/jira/browse/IDENTITY-5276>] - Access Denied for Associated Accounts Gadget for self-signed up users in dashboard - [IDENTITY-5277 <https://wso2.org/jira/browse/IDENTITY-5277>] - Monitor Users Login Sessions gadget only should be available to users who has admin permission - [IDENTITY-5391 <https://wso2.org/jira/browse/IDENTITY-5391>] - Database schema migration - [IDENTITY-5392 <https://wso2.org/jira/browse/IDENTITY-5392>] - Claim Data Migration Analytics Improvement - [ANLYIS-179 <https://wso2.org/jira/browse/ANLYIS-179>] - Remove abnormal token refresh scenario - [ANLYIS-180 <https://wso2.org/jira/browse/ANLYIS-180>] - Improve SuspiciousLoginDetection execution plan - [ANLYIS-181 <https://wso2.org/jira/browse/ANLYIS-181>] - Adding pdf export support to datatables in IS analytics *How To Contribute* Your feedback are most welcome! Mailing Lists Join our mailing list and correspond with the developers directly. - Developer List : [email protected] | Subscribe <[email protected]> | Mail Archive <http://wso2.org/mailarchive/dev/> - User Forum : StackOverflow <http://stackoverflow.com/questions/tagged/wso2is> Reporting Issues We encourage you to report issues, improvements and feature requests regarding WSO2 Identity Server through public WSO2 Identity Server Runtime JIRA <https://wso2.org/jira/browse/IDENTITY> and Analytics JIRA <https://wso2.org/jira/browse/ANLYIS> ~ The WSO2 Identity Server Team ~ -- *Pulasthi Mahawithana* Senior Software Engineer WSO2 Inc., http://wso2.com/ Mobile: +94-71-5179022 Blog: http://blog.pulasthi.org <https://wso2.com/signature>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
