The WSO2 Identity Server team is pleased to announce the 2nd Milestone of WSO2 IdentityServer 5.4.0. You can download this distribution from the following location.
https://github.com/wso2/product-is/releases/tag/v5.4.0-m2 Following list contains all the features, improvements and bug fixes available with this milestone. New Feature - [IDENTITY-6086 <https://wso2.org/jira/browse/IDENTITY-6086>] - Cluster-wide local cache invalidation for Identity caches - [IDENTITY-6180 <https://wso2.org/jira/browse/IDENTITY-6180>] - OAuth Scopes API Improvement - [IDENTITY-5502 <https://wso2.org/jira/browse/IDENTITY-5502>] - Add ability to NameIDType in SAML SSO Federated Authenticator configs - [IDENTITY-5544 <https://wso2.org/jira/browse/IDENTITY-5544>] - Error while trying to define user password after receiving an activation email when the Ask password feature is enabled. - [IDENTITY-5890 <https://wso2.org/jira/browse/IDENTITY-5890>] - Thrift server keystore password doesn't support securevault - [IDENTITY-6038 <https://wso2.org/jira/browse/IDENTITY-6038>] - Customizing oauth2 token expiry times according to the SP - [IDENTITY-6103 <https://wso2.org/jira/browse/IDENTITY-6103>] - Possible connection leak in UserAccountAssociationDAO.getA ssociationsOfUser - [IDENTITY-6120 <https://wso2.org/jira/browse/IDENTITY-6120>] - Improvement in IdentityEventConfigBuilder - [IDENTITY-6150 <https://wso2.org/jira/browse/IDENTITY-6150>] - Introduce a new Configuration Property to decide the poolsize for OAuth Persistence tasks - [IDENTITY-6166 <https://wso2.org/jira/browse/IDENTITY-6166>] - Update UI for Lock Idle Accounts - [IDENTITY-6169 <https://wso2.org/jira/browse/IDENTITY-6169>] - Optimizations for token endpoint - [IDENTITY-6177 <https://wso2.org/jira/browse/IDENTITY-6177>] - [SCIM] When listing all the users, admin user details won't retrieved, but retrieved with the filtering - [IDENTITY-6236 <https://wso2.org/jira/browse/IDENTITY-6236>] - Add SCIM2 event listener to identity.xml Bug - [IDENTITY-4127 <https://wso2.org/jira/browse/IDENTITY-4127>] - SCIM Outbound Provisioning Fails due to Ask Password feature disabled - [IDENTITY-4159 <https://wso2.org/jira/browse/IDENTITY-4159>] - Error when processing the authentication request! (SAML2) ... Caused by: java.util.zip.ZipException: incorrect header check - [IDENTITY-4222 <https://wso2.org/jira/browse/IDENTITY-4222>] - Issue with secondary user store's user's permission which secondary user store created in tenant - [IDENTITY-4491 <https://wso2.org/jira/browse/IDENTITY-4491>] - Provisioning patterns are not showing properly salesforce for provisioning connector configuration is - [IDENTITY-4581 <https://wso2.org/jira/browse/IDENTITY-4581>] - Configuring federated identity providers for file based SP does not works correctly - [IDENTITY-4880 <https://wso2.org/jira/browse/IDENTITY-4880>] - Distinguish local and federated users in IDN_OAUTH2_AUTHORIZATION_CODE and IDN_OAUTH2_ACCESS_TOKEN tables - [IDENTITY-4977 <https://wso2.org/jira/browse/IDENTITY-4977>] - Expiration time of commonAuthId cookie is wrong when a different tenant user logged into saas app - [IDENTITY-4989 <https://wso2.org/jira/browse/IDENTITY-4989>] - UserInfo cannot be obtained for access tokens obtained with SAML2 Bearer grant type with SAML federated scenario - [IDENTITY-4994 <https://wso2.org/jira/browse/IDENTITY-4994>] - NPE on tenant deactivation - [IDENTITY-5003 <https://wso2.org/jira/browse/IDENTITY-5003>] - Secondary store users do not get provisioned when EmailUserName is enabled in carbon.xml - [IDENTITY-5038 <https://wso2.org/jira/browse/IDENTITY-5038>] - [Federation] [JIT provisioning] provisioned facebook user saved as user id in IS when multi step authentication - [IDENTITY-5126 <https://wso2.org/jira/browse/IDENTITY-5126>] - Subject claim retrieval is not consistent when claim mappings are not done in tenant mode. - [IDENTITY-5375 <https://wso2.org/jira/browse/IDENTITY-5375>] - Access token revoked for a different Application's encoded key - [IDENTITY-5612 <https://wso2.org/jira/browse/IDENTITY-5612>] - SSO fails for valid authenticated sessions after migrating from IS 5.1.0 to IS 5.2.0 - [IDENTITY-5715 <https://wso2.org/jira/browse/IDENTITY-5715>] - XACML simple policy evaluation fails when the templated policies enabled - [IDENTITY-5756 <https://wso2.org/jira/browse/IDENTITY-5756>] - Getting null pointer exceptions when testing SSO - [IDENTITY-5764 <https://wso2.org/jira/browse/IDENTITY-5764>] - Older ClaimAdminService should be backward compatible - [IDENTITY-5765 <https://wso2.org/jira/browse/IDENTITY-5765>] - Problem with response when XCAML policy with AdviceExpressions/ObligationExpressions and calling PDP's REST API with json response type - [IDENTITY-5863 <https://wso2.org/jira/browse/IDENTITY-5863>] - Error printed on SAML SSO with IS 5.3.0 - [IDENTITY-5884 <https://wso2.org/jira/browse/IDENTITY-5884>] - Deadlock during concurrent tenant creation requests in mysql - [IDENTITY-5889 <https://wso2.org/jira/browse/IDENTITY-5889>] - When "Subject Claim URI" is set for a Service Provider, the tenant domain does not get added to the user name - [IDENTITY-5906 <https://wso2.org/jira/browse/IDENTITY-5906>] - Ignoring the protocol type when picking the Identity Provider in SAML Bearer Grant - [IDENTITY-5924 <https://wso2.org/jira/browse/IDENTITY-5924>] - SAML2 SSO Carbon Authenticator cannot handle multiple AttributeValue elements in role claim - [IDENTITY-5944 <https://wso2.org/jira/browse/IDENTITY-5944>] - [Load Test] [NPE] Could not handle request: /oauth2/introspect during a load test - [IDENTITY-5948 <https://wso2.org/jira/browse/IDENTITY-5948>] - Generated IdP metadata URLs are always pointing to localhost:9443 - [IDENTITY-5961 <https://wso2.org/jira/browse/IDENTITY-5961>] - Build failure due to 'Comparison method violates general contract! error in maven-scr-plugin' - [IDENTITY-6025 <https://wso2.org/jira/browse/IDENTITY-6025>] - Ask password cannot be configured from management console when using identity REST API - [IDENTITY-6029 <https://wso2.org/jira/browse/IDENTITY-6029>] - Identity, service resident providers show blank pages with giving exceptions - [IDENTITY-6037 <https://wso2.org/jira/browse/IDENTITY-6037>] - objectGUID claim attribute not returned in the expected format in IS 5.2.0/IS 5.3.0 - [IDENTITY-6039 <https://wso2.org/jira/browse/IDENTITY-6039>] - Incorrect error message for OAuth Authz Request with a non exisitng client_id - [IDENTITY-6042 <https://wso2.org/jira/browse/IDENTITY-6042>] - Why does a role need to have the entire /admin/manage/identity/ permission node in order to assing a role to a user? - [IDENTITY-6063 <https://wso2.org/jira/browse/IDENTITY-6063>] - [OAuth2] Protecting against brute-force attacks - Password Credentials Grant - [IDENTITY-6064 <https://wso2.org/jira/browse/IDENTITY-6064>] - [OAuth2] carbon.super domain name is visible in error messages - Password Credentials Grant - [IDENTITY-6065 <https://wso2.org/jira/browse/IDENTITY-6065>] - [oauth] invoking with an invalid clientId - Client Credentials Grant - [IDENTITY-6066 <https://wso2.org/jira/browse/IDENTITY-6066>] - [oauth2] refreshing an access token with scopes that doesn't match with original - [IDENTITY-6069 <https://wso2.org/jira/browse/IDENTITY-6069>] - [oauth2] Token API is exposed over HTTP - [IDENTITY-6072 <https://wso2.org/jira/browse/IDENTITY-6072>] - OSGI import is missing in the claim management - [IDENTITY-6079 <https://wso2.org/jira/browse/IDENTITY-6079>] - SCIM extension attributes missing in retrieval - [IDENTITY-6082 <https://wso2.org/jira/browse/IDENTITY-6082>] - IS 5.1.0 prompting an error while trying update claim values which has multiple mapped attributes. That claim has been added when server startup using claim-config.xml file. - [IDENTITY-6085 <https://wso2.org/jira/browse/IDENTITY-6085>] - Cache timeout configuration does not work when distributed cache is disabled - [IDENTITY-6091 <https://wso2.org/jira/browse/IDENTITY-6091>] - Account Disabled feature cannot disable - [IDENTITY-6093 <https://wso2.org/jira/browse/IDENTITY-6093>] - Increase the size of TOKEN_SCOPE in IDN_OAUTH2_ACCESS_TOKEN_SCOPE - [IDENTITY-6100 <https://wso2.org/jira/browse/IDENTITY-6100>] - Account Lock and Workflows for Claims Clashes - [IDENTITY-6101 <https://wso2.org/jira/browse/IDENTITY-6101>] - Ask Password SOAP Option Doesn't Work - Why two options? - [IDENTITY-6104 <https://wso2.org/jira/browse/IDENTITY-6104>] - Introduce new properties for follwoing expiry times - [IDENTITY-6106 <https://wso2.org/jira/browse/IDENTITY-6106>] - A license header is shown in the INFO message box of Logging component - [IDENTITY-6111 <https://wso2.org/jira/browse/IDENTITY-6111>] - Log errors in the service level of the SP admin service level - [IDENTITY-6116 <https://wso2.org/jira/browse/IDENTITY-6116>] - User should not be allowed to reset password if tenant is deactivated. - [IDENTITY-6121 <https://wso2.org/jira/browse/IDENTITY-6121>] - Unique key violation when try to get access token for custom grant type - [IDENTITY-6130 <https://wso2.org/jira/browse/IDENTITY-6130>] - 'There is already an object named 'APPLICATION_NAME_CONSTRAINT' in the database' error occurs when executing MSSQL script given for AM DB. - [IDENTITY-6134 <https://wso2.org/jira/browse/IDENTITY-6134>] - Identity Provider Roles are assigned as it is in JIT provisioning when no role mapping configured in IDP - [IDENTITY-6137 <https://wso2.org/jira/browse/IDENTITY-6137>] - Getting "Something went wrong" when user return back to login page using browser back button or using a bookmark and submit the credentials again - [IDENTITY-6138 <https://wso2.org/jira/browse/IDENTITY-6138>] - Improve logs in IdentityStoreEventListner and handlers - [IDENTITY-6145 <https://wso2.org/jira/browse/IDENTITY-6145>] - ReadOnlyUserStoreManager missing Referral property in UI - [IDENTITY-6149 <https://wso2.org/jira/browse/IDENTITY-6149>] - Incorrect permissions checked in user-mgt UI - [IDENTITY-6153 <https://wso2.org/jira/browse/IDENTITY-6153>] - Token Revocation Endpoint URL in the resident identity provider does not get changed as expected - [IDENTITY-6154 <https://wso2.org/jira/browse/IDENTITY-6154>] - Incorrect response from userinfo EP for Apps without subject claim when session data is cleared. - [IDENTITY-6155 <https://wso2.org/jira/browse/IDENTITY-6155>] - Invoking the user info endpoint without properly setting the 'Bearer' header causes server errors - [IDENTITY-6157 <https://wso2.org/jira/browse/IDENTITY-6157>] - IS Hostnames in email templates must be taken from carbon.xml - [IDENTITY-6170 <https://wso2.org/jira/browse/IDENTITY-6170>] - Commit after return for a select query - [IDENTITY-6171 <https://wso2.org/jira/browse/IDENTITY-6171>] - A issue in searching users only in PRIMARY domain: getUserList API - [IDENTITY-6172 <https://wso2.org/jira/browse/IDENTITY-6172>] - Failed to persist identity claim values when primary user store is read only - [IDENTITY-6173 <https://wso2.org/jira/browse/IDENTITY-6173>] - Con App Key Violation Error for Federated Users while retrieving the access token. - [IDENTITY-6181 <https://wso2.org/jira/browse/IDENTITY-6181>] - Show password reset and self registration features in login page - [IDENTITY-6182 <https://wso2.org/jira/browse/IDENTITY-6182>] - "java.lang.IllegalStateException: Caller tenant domain cannot be null" exception was thrown when initializing the cluster - [IDENTITY-6203 <https://wso2.org/jira/browse/IDENTITY-6203>] - Server does not start when passing -Dprofile=worker as an argument - [IDENTITY-6210 <https://wso2.org/jira/browse/IDENTITY-6210>] - Customizing Authentication Error Messages : errorCode query param is not retrived when invalid credentials are provided - [IDENTITY-6215 <https://wso2.org/jira/browse/IDENTITY-6215>] - No way to stop sending mails in account lock/disable handler when account lock/disable - [IDENTITY-6221 <https://wso2.org/jira/browse/IDENTITY-6221>] - Error in RETRIEVE_ACCESS_TOKEN_VALIDATION_DATA_DB2SQL query - [IDENTITY-6222 <https://wso2.org/jira/browse/IDENTITY-6222>] - GET /Users/{scimId} is not returning wso2extension schema attributes - [IDENTITY-5759 <https://wso2.org/jira/browse/IDENTITY-5759>] - Deadlocks occurs in the IDN_AUTH_SESSION_STORE with high concurrency - [IDENTITY-5806 <https://wso2.org/jira/browse/IDENTITY-5806>] - RSTR_ACTION is "issue" not "issueFinal" in SAMLTokenIssuer - [IDENTITY-5827 <https://wso2.org/jira/browse/IDENTITY-5827>] - Generating refresh tokens within small time period throws errors - [IDENTITY-6024 <https://wso2.org/jira/browse/IDENTITY-6024>] - CRM Dynamics Installer WS-Trust request to Identity Server 5.3 failing - [IDENTITY-6046 <https://wso2.org/jira/browse/IDENTITY-6046>] - In IS when user create using ASK PASSWORD option, need code expire time in separate configuration - [IDENTITY-6051 <https://wso2.org/jira/browse/IDENTITY-6051>] - Need to handle account lock scenarios properly in authentication flow - [IDENTITY-6054 <https://wso2.org/jira/browse/IDENTITY-6054>] - Deadlock error when running load test on IS 5.2.0 for OIDC login - [IDENTITY-6076 <https://wso2.org/jira/browse/IDENTITY-6076>] - At logout when setting cookie expiration, domains and paths previously set to the cookie are not set. - [IDENTITY-6105 <https://wso2.org/jira/browse/IDENTITY-6105>] - SAMLSSOConfigService.uploadRPServiceProvider(metadata) does not set AssertionConsumerUrls and DefaultAssertionConsumerUrl in the response - [IDENTITY-6114 <https://wso2.org/jira/browse/IDENTITY-6114>] - IDN_IDENTITY_USER_DATA not handled properly in addUser() & deleteUser() operations - [IDENTITY-6119 <https://wso2.org/jira/browse/IDENTITY-6119>] - Federated IDP user account associations does not get cleared when associated user get deleted - [IDENTITY-6189 <https://wso2.org/jira/browse/IDENTITY-6189>] - The unserialized attribute javax.servlet.request.ssl_session_mgr causes issue in authenticators - [IDENTITY-6191 <https://wso2.org/jira/browse/IDENTITY-6191>] - IllegalStateException: The cache status is not STARTED Task - [IDENTITY-6041 <https://wso2.org/jira/browse/IDENTITY-6041>] - Add JWT Grant to the IS distribution by default - [IDENTITY-6115 <https://wso2.org/jira/browse/IDENTITY-6115>] - Ship SCIM 2.0 Connector OOTB in IS 5.4.0 - [IDENTITY-6142 <https://wso2.org/jira/browse/IDENTITY-6142>] - Increase column width for DATA_VALUE column of IDN_IDENTITY_USER_DATA table - [IDENTITY-6188 <https://wso2.org/jira/browse/IDENTITY-6188>] - Set proper timeout values for Identity Caches *How To Contribute* Your feedback is most welcome! Mailing Lists Join our mailing list and correspond with the developers directly. - Developer List: d...@wso2.org <https://mail.google.com/a/wso2.com/mail/?view=cm&fs=1&tf=1&to=d...@wso2.org> | Subscribe <https://mail.google.com/a/wso2.com/mail/?view=cm&fs=1&tf=1&to=dev-requ...@wso2.org> | Mail Archive <http://wso2.org/mailarchive/dev/> - User Forum: StackOverflow <http://stackoverflow.com/questions/tagged/wso2is> Reporting Issues We encourage you to report issues, improvements and feature requests regarding WSO2 IdentityServer through public WSO2 Identity Server Runtime JIRA <https://wso2.org/jira/browse/IDENTITY> and Analytics JIRA <https://wso2.org/jira/browse/ANLYIS> ~ The WSO2 Identity Server Team ~ -- *Best Regards* *Rushmin Fernando* *Technical Lead* WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware mobile : +94775615183
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
