...
Ticket number | External description |
---|---|
IDS-608 | There is a known UI/UX issue where a very large site list is displayed within the SSO management UI. This results in hard to use UI if large lists of sites are present in the SSO deployment. A possible workaround is to use an ldap editor to configure the authorization policies and groups. |
IDS-941 | There is a known issue where unregistered SMTP OTP authentication will not permit TLS or any secure authentication. Documentation improvement will be made to ensure proper configuration is shown if unsecure SMTP servers are required. |
IDS-1171 | There is This issue is fully resolved. There was a known issue when using with OpenLDAP BDB 2.4.44 when performing and earlier involving SSO session cleanup which will cause replication issuesand replication issues. Upgrading to SSO 9.0 with OpenLDAP MDB will ensure that this issue no longer occurs. |
IDS-1525 | There is a known issue where SSO logs will contain a stopped search warning entry when tomcat is shutdown. This error can be safely ignored. |
IDS-1526 | There is a known issue where SSO logs will contain an unstopped thread warning entry when tomcat is shutdown. This error can be safely ignored. |
IDS-1635 | There is a known issue where the logout HTML of SSO contains two DOCTYPE entries. There is no known work around for this. |
IDS-1832 | There is a known issue where editing an existing authorisation policy (example case added an attribute) resulted in the alteration of ubiloginNameValue. This affects SSO 8.3.0 and later. There is no work around at this time. |
IDS-1995 | When using BankID and Safari, during initial login Safari displays a 0kb file being downloaded when there is no downloaded file |
IDS-2089 | There is a known issue where shutting down Ubisecure Accounting service on a windows server will show errors within the ids-accounting.log. |
IDS-2092 | There is a known issue where the tomcat log will show a severe servlet warning for com.ubisecure.ss-ui. However, this warning is due to a user repeating the same action (double clicking an item or using the back button). This warning can be safely ignored and will be addressed in a future release. |
IDS-2094 | There is a known issue where disabling the main account in the SSO login directory does not disable the User Driven Federation accounts. Users are still able to login to services with the Federated account even while the main account is disabled. Work around: Administrators who are disabling a main login directory account should ensure that they check and disable any associated UDF accounts at the same time. This issue will be addressed in a future release. |
IDS-2095 | There is a known issue that the Acccounting service generates a temp folder under Ubisecure\ubilogin-sso\accounting\temp each time it is restarted. A workaround that system administrator can do is to create a cron job that removes these folders on a regular interval. |
IDS-2096 | There is a known issue where attempting to use exceptionally long SAML Entity IDs will result in creation failure (larger than 64 characters) . There is no known work around and may not be possible to resolve due to LDAP field limitations. We will address this in a future release. |
IDS-2120 | There is a known issue where dual node SSO will require jndi.properties to be manually configured on the second node during SSO upgrade. |
IDS-2121 | There is a known issue where dual node SSO will require settings.sh to be manually configured on the second node during SSO upgrade. |
IDS-2261 | There are several known issues with javascript tools when using SSO Password reset. Similar javascript is used in UAS with no issue. If you are experiencing password reset javascript issue, please contact Ubisecure Support referencing this internal ticket for potential work arounds. |
IDS-2315 | There is a known issue that SSO returns refresh token for un-registered users. This should not be done since there is no way of handling the lifecycle of the un-registered user's refresh token. |
IDS-2332 | There is a known issue when using OpenLDAP in SSO where slapd runs out of connections to process incoming requests. |
IDS-2663 | There is a known issue where creating a new site via a Safari browser where the site as an @ symbol in the email address will cause an error and no site will be created. This error is not experiences with current Chrome or Firefox browsers. As a work around please use one of these alternate browsers. |
IDS-2829 | There is a known issue that TOTP API is unable to generate secret for user if keysize has not been configured in the method. This is mitigated by ensuring that keysize is set when creating TOTP method. |
IDS-2880 | There is a known issue when not including the scope of a sub claim in the authorisation policy for API protection. If this is not included during the API call, the response will not include any sub claims in the introspection response. A work around is to ensure your authorisation policy include the required claims. |
IDS-2891 | There is a known issue if the Lockout Duration is set to 0, then no lockout time will be used ever. Work around is to set a very high number (in seconds) for accounts which should be locked out, but in a long duration. Remember to stop and start service for this configuration change to take place. |
IDS-3113 | There is know issue after upgrading to SSO 8.8. If there were old Unregistered CIBA methods configured in the system, Administrators are unable to see the configuration information. To resolve this, Administrators are able to update the method Type from previous "Backchannel Authentication Adapter" to new "Unregistered OpenID Connect CIBA" type and restart SSO server. |
IDS-3186 | There is a known issue when changing password, if the current password is reused as the new password, an internal application error is shown. There is no known work around. Shown also as CustomerID known issue. |
...