Please see the current Release Notes (here - scroll down to change log) for the active release change log

Ubisecure CustomerID 5.x.x

CustomerID 5.6.0 (05/11/2020)

Improvements

IDS-2719 - ubixmlsec library has been updated to version 1.5.8.50494 to use same version as SSO

CustomerID 5.5.4 (29/09/2020)

Corrections

IDS-2309 - Encrypted organizational attributes are now shown in human-readable format for user approval step in the Administrator UI. Earlier these attributes were shown in encrypted format for the Administrator
IDS-2257 - Error handling has been fixed when attempting to create a new organization, but with a case, such as "New Organization" vs "new organization". Previously this returned a stack trace in the Administrator UI. This has also been resolved in REST API 1.0, 2.0 and 2.1 to return error 409 in these cases

CustomerID 5.5.3 (25/08/2020)

Corrections

IDS-2170 - general.unsecure.debuglog.include.rest.password configuration key is removed due to its insecure nature of making queried passwords logged in the debug log file
IDS-2579 - REST API 1.0 (REQ001b) List Users now takes into account maxResults above 127 in AD LDS setup. Previously value above 127 returned all users (or maximum page size of 1000 users)

CustomerID 5.5.2 (18/08/2020)

(CustomerID 5.5.1 was omitted from public release due to a severe issue found and fixed during final release testing)

Improvements

IDS-2616 - Language keys in messages_xx.properties have been change to be case-insensitive to help Administrators with localisation

Corrections

IDS-2446 - Updating email address for a user through the Administrator GUI now updates all required fields in the database. One field was previously not updated and caused issues with new registrations for previously registered email addresses
IDS-2528 - Emptying custom attribute field through API 2.0 (MOD04) now also empties the LDAP field. This field was previously left populated while the SQL field was emptied
IDS-2650 - Duplicate language keys in messages_en.properties have been removed. With this fix, there was a change to the role removal confirmation language key "general.ui.actions.removerole" that has been replaced with "general.ui.confirm.removerole". Changes between versions can be found from Configuration changes in versions - CustomerID
IDS-2640 - Emptying custom attribute field mapped to SSN through API 2.0 (MOD04) now also empties the LDAP field. This was previously left populated while the SQL field was emptied

CustomerID 5.5.0 (17/06/2020)

Improvements

IDS-2225 - Improved version handling of CustomerID components in order to have a better understanding of which version is currently installed. Deployment of correct (i.e. same as the release version) versioned components are shown in the logs

Corrections

IDS-2304 - CustomerID again shows the full path of the organisation in the organisation search results in Administration view, this previously only showed the organisation friendly name
IDS-2330 - CustomerID roles for main and sub-organisations are again shown in different tables if configured to search for roles in sub-organisations as well (ui.organization.roles.recursive = true)

CustomerID 5.4.1 (18/12/2019)

Improvements

IDS-2255 - Query User REST calls in API 2.0 and 2.1 has been updated to also include organizationEntityName and organizationId in the response. More information about what values are returned can be found from REST API 2.0 - CustomerID and REST API 2.1 - CustomerID

Corrections

IDS-1467 - There was an ability to alter Organisational structure during the Approval of pending users. This feature was implemented erroneously and has been removed from the Pending User approval tab. Utilising this feature, in CustomerID 5.4.0 and previous versions will result in a synchronisation error to occur between LDAP and SQL records for all pending users in the modified Organization
IDS-81 - Fix for User Defined Federation logout when locale is included in URL
IDS-2167 - Fix for NullPointerException in REST API 1.0 REQ004b "Query Organizations" when querying an organization in a non-case sensitive manner
IDS-2203 - Fix for Query requests in REST API 2.0 and 2.1 where additional parameters (i.e. exactMatch) are used. In CustomerID 5.4.0 the additional parameters are not considered in the requests. More information about the additional parameters and usage can be found from REST API 2.0 - CustomerID and REST API 2.1 - CustomerID
IDS-1704 - Fix for updating user attributes returned by CustomerID backend call during registration process. See documentation on how to use Backend query configuration - CustomerID
IDS-2300 - Fix for sending API requests through proxy using X-Forwarded-For with multiple IPs. This previously resulted in UnknownHostException and incorrect client IP was logged
IDS-1415 - Fix for Application error if user has pressed Enter key during email confirmation in registration. This fix only resolves error condition, Enter key can still not be used to confirm the email address in registration
IDS-1521 - Fix for Administrators to be able to change pending user's organization in approval stage. There are still a few identified issues related to changing organization for pending users, IDS-2311 (changing main organization fails to create new sub-organization) and IDS-2312 (changing technical name of organization to name with Scandinavian letters)
IDS-2301 - Fix for encrypted organization custom attributes if there is an empty value in the field or one of the organizations. Previously this would return Internal Error when querying organization with REST API 2.1

CustomerID 5.4.0 (12/11/2019)

Improvements

IDS-80 - CustomerID now supports locale (language setting) URL parameter in registration
IDS-209 - Search field and "Filter results"-button is hidden if there are no mandates present
IDS-949 - CustomerID now supports configuration for locale parameter in returnURL (General properties - CustomerID)
IDS-1079 - Updated CustomerID external library (3rd party) dependencies (3rd party licenses - CustomerID)
IDS-1110 - Documented the following : CustomerID database migration from 5.x.x to 5.4 (Single node upgrade - CustomerID)
IDS-1168 - REST POST log entries are configurable for testing purposes (General properties - CustomerID)
IDS-1314 - Removed unnecessary "Are you sure you want to leave this page?" window in mandate role delegation screen
IDS-1568 - Enabled apostrophe ' as valid character in email address, i.e. john.o’reilly@ubisecure.com

Corrections

Approvals

IDS-1028 - Fix for cancelling rejection of role approval. If an approver cancels the rejection of role approval, the role does not get removed anymore
IDS-1081 - Approval tab button now updates the number of pending approvals if users that have pending approvals get deleted
IDS-1126 - Fix for expiration of pending users if approval is required
IDS-1198 - Fix for deletion of pending user if a role was added to the user through approval tab
IDS-1388 - Fix for unnecessary "Are you sure you want to leave this page?" window in approval rejection
IDS-1408 - Fix for deletion of pending user. Previously there might have been references left in the organization where there pending user was created

Configuration

IDS-611 - Fix for locales parameter in the eidm2.properties file
IDS-1099 - Fix for /eidm2/error/authnCancelled redirection
IDS-1187 - Fix for system user privileges related to role removal

Installation

IDS-1003 - Documentation correction for CREATE COLLATION on PostgreSQL 10.5 and newer versions (PostgreSQL preparation on Windows - CustomerID, PostgreSQL preparation on Linux - CustomerID)
IDS-1313 - Fix for import.cmd if filename contains space character on windows

Logging

IDS-1072 - Removed invalid error in server.log when user is redirected from registration to CustomerID UI
IDS-1367 - Organization changes are now written to diag and audit logs

Mandates

IDS-1075 - Fix for re-notification email for pending ORGTOORG mandate
IDS-1076 - Fix for expiration email for pending ORGTOORG mandate
IDS-1078 - Fix for filtering pending mandates
IDS-1362 - Email is now sent to mandatee when their mandate is removed
IDS-1363 - Fix for mandates allowed if user has OrganizationOwner role
IDS-1420 - Fix for PERTOORG mandate tab UI
IDS-1434 - Fix for mandate permission in organization title
IDS-1512 - Enforce mandate name in organization creation

Miscellaneous

IDS-1114 - Fix to ensure that Administrators can not unlink strongly authenticated accounts which use UDF linking
IDS-1300 - Fix for moving user to another organization in order not to save extra custom attribute to SQL anymore
IDS-1331 - Fix for invalid error message after successful mobile phone verification
IDS-1366 - Fix for removing sub-organization so that it no longer redirects the user to the frontpage
IDS-1371 - Error messages fixed to highlight which input fields do not meet requirements
IDS-1378 - Fix for importing users with uniqueID that is not 36 characters
IDS-1384 - Fix for when changing organization branch or organization identifier a unnecessary pop up "do you want to leave" does not appear anymore
IDS-1386 - Fix for when changing to a new password that is longer than 64 digits, the password is no longer shown in the error message
IDS-1414 - Updated documentation related to Organization Technical Name validator (Data model - CustomerID)
IDS-1470 - Fixed check/uncheck all check box

Permissions

IDS-1012 - Search box is no longer displayed if the user does not have permissions to list users
IDS-1443 - Fix for redirection after deleting sub organization if the user doesn't have permissions to parent organization

Registration

IDS-687 - Fix for duplicate user check in registration, blocked waiting for registration users
IDS-735 - Fixed unnecessary email sent when changing password for pending user
IDS-1205 - Fix for notification about user registration is sent to the inviter
IDS-1369 - If user gives too long password in registration, the default validation message does not show the password anymore
IDS-1581 - Fixed email / mobile phone validation check when user tries to register with invalid information

REST API

IDS-661 - Permit listing all organization attributes from a single REST call (REST API 2.0 - CustomerID, REST API 2.1 - CustomerID)
IDS-816 - Removed stack trace from CustomerID diag log file for many REST calls
IDS-1005 - Removed internal server error when using REST API v2.1: POST /organizations. Error is now correctly shown as a HTTP 201 client side error
IDS-1125 - Fix for REST: MOD014: Create mandate approval to permit administrator to set to true to false (always approved or always requested)
IDS-1240 - Fix for UI error when role invite is sent to user whose account was originally created via REST
IDS-1317 - Fix for REST API PUT103 operation to update a users password and make an audit log entry.
IDS-1422 - Removed URL pluralisation in MOD026 Create Pending user (REST 1.2) where URL path should be singular (“pendinguser” not “pendingusers”). REST: Create Registration/Pending user returns invalid url
IDS-1423 - Fix for REST MOD014 : Create duplicate mandate to return 409 conflict instead of 400 Bad Request
IDS-1435 - Fix in search behaviour for all REST calls where the user data contains potential wildcard characters (i.e. underscore, hyphen or period in a user email address)
IDS-1471 - Fix for REST operation MOD026 Create Pending User to set a default password rather than creating the user with no password (uncorrected behaviour required Admin to set an initial password for each new user manually)

Roles

IDS-1295 - Fixed role search to ensure duplicate entries are not shown
IDS-1077 - Removed an error message shown to administrator when they send a reminder or re-invitation to a pending user
IDS-1189 - Resized the Add Role popup window layout for ease of viewing
IDS-1197 - Fix for logged error message when role invite is sent via UI to new user who is waiting for registration
IDS-1364 - Removed visibility of Add Role button from users who do not have administration permission
IDS-1403 - Fixed error which permitted a user Role invitation when an organization is not set
IDS-1447 - Fix for error when an existing user requests access to a pre-selected role
IDS-1570 - Fixed pending user registration via REST MOD026 to assign additional roles (new users created within existing organisation should received pre-assigned roles)

Ubisecure CustomerID 5.3.5 (27/06/2019)

Corrections

IDS-1471: Corrected MOD026 Create Pending User logic to use the defined password for user, if user doesn't define password during registration flow.

Ubisecure CustomerID 5.3.4 (26/04/2019)

Corrections

IDS-1488: Corrected registration behaviour when multiple users performed registration at the same time. This defect caused backend responses with CustomerID XML schema field Modify type=current-user to modify wrong user when multiple users completed registration at the same time.

Ubisecure CustomerID 5.3.3 (11/04/2019)

Corrections

IDS-1466: Corrected backend call with disabled fields. This defect prevented having a step in registration which did not contain user editable fields.

Ubisecure CustomerID 5.3.2 (14/03/2019)

Corrections

IDS-1276: Corrected backend call error status handling for responses following the Ubisecure CustomerID XML schema.
IDS-1277: Corrected backend call error message handling for responses following the Ubisecure CustomerID XML schema.
IDS-1330: Corrected parametrized role assignment in registrations when a temporary attribute is used in the role definition.
IDS-1335: Corrected some performance problems with the organization's role tab when roles from sub organizations are also included.

Ubisecure CustomerID 5.3.1 (29/01/2019)

Corrections

IDS-1275: Corrected unintentional decryption of user attributes.
- See notification from Known issues - CustomerID.

Ubisecure CustomerID 5.3.0 (03/10/2018)

New Features

IDS-334, IDS-335: User status is shown when listing users and when looking at user information details. There is also a new status for pending users: "Waiting for registration", which means that the user has not registered yet. The previous "Pending" status is still used for users that have registered but are waiting for approval. Users that are in either of these statuses are called pending users in most use cases and the background color used for them in user lists is the same. Ability to search and remove pending users from the user interface.
IDS-391: Users can unlink federated accounts in CustomerID Self-Service user interface.

Improvements

IDS-593: Various minor improvements in the error reporting of command line scripts in the tools folder.
IDS-698: Added security related flags (secure and http-only) to session cookies.
IDS-111: Security update of 3rd party libraries.
- See documentation from 3rd party licenses - CustomerID.
IDS-184: CustomerID now supports internationalized email addresses.
IDS-804: Roles in mandates are listed more clearly in the user interface.

Corrections

IDS-972: Corrected enabling pending user via REST call MOD004 Update User.
- See documentation from REST API 2.0 - CustomerID.
IDS-1064: Corrected information updating concerning the OTP authentication method in Self-Service user interface.
IDS-759: Corrected response of REST API call REQ015 Query Registration when no result could not be found. Now we return 404 Not Found instead of 500 Internal Server Error.
- See documentation from REST API 1.2 - CustomerID.
IDS-1060: Corrected Lost Password wizard.
IDS-742: Corrected validation error message when trying to input an already existing email address.
IDS-421: Corrected role handling in REST API call MOD022 Update Mandate Template.
IDS-803: Corrected values of resource keys when using the "show resource keys" language in mandate related user interface screens.
IDS-805: Corrected sending person originated mandate invite to new organization.
IDS-806: Correction to approval using the drop down action list.
IDS-807: Corrected several issues with the addrole configuration.
- See documentation from User interface properties - CustomerID.
IDS-808: Corrected role request approvals.
IDS-839: Corrected error messages for UniqueAttributeValidator concerning the login attribute.
IDS-875: Corrected companyid and customerid attribute handling in registrations.
IDS-997: Corrected roles listing when using ui.organization.roles.recursive=true.
IDS-1059: Corrected confirmation thresholds.

Ubisecure CustomerID 5.2.18 (23/03/2018)

Corrections

IDS-654: Fixed duplicate user check based on SSN in registrations

Ubisecure CustomerID 5.2.17 (19/03/2018)

Corrections

IDS-634: Fixed an error with confirmation functionality in registrations
IDS-566: Fixed REST call GET106 List Organizations for organizations that have no custom attributes

Ubisecure CustomerID 5.2.16 (02/03/2018)

Corrections

IDS-581: Fixed potential error situation with logging
IDS-601: Fixed erronous sending of multiple data confirmation notifications

Ubisecure CustomerID 5.2.15

Improvements

IDS-550: Performance improvement for user search

Ubisecure CustomerID 5.2.14 (16/01/2018)

Improvements

IDS-440: Performance improvement for role approvals in approval tabs

Corrections

IDS-458: Password change related feedback messages have been fixed

Ubisecure CustomerID 5.2.12 (02/01/2018)

New Features

IAM-1663: REST API ping and basic health check
- See documentation from Health REST API 1.0 - CustomerID.
IAM-2865: Configurable attribute set for user searches in user interface
- See ui.user.search.attribute.names configuration property documentation from User interface properties - CustomerID.
IAM-1246: Possibility to run two CustomerID nodes
- See the new installation instructions from Two node installation - CustomerID.
IAM-2140: HTML email content support
- See notification.email.format.html configuration property documentation from Notification properties - CustomerID.
IAM-2294: Configuration option for user defined message part in role invitations
- See ui.role.invite.message.enabled configuration property documentation from User interface properties - CustomerID.

Improvements

IAM-2709: User search now checks that all inputs match search results
IAM-2077, IAM-1247: CustomerID workers have been separated from the main EAR
IAM-2665: Domain whitelisting for CSRF check
- See general.accepted.origin.whitelist configuration property documentation from General properties - CustomerID.
IAM-2705: Configurable favicon
- See documentation from Configuration files related to customization - CustomerID.
IAM-2833: Unicode support for built-in email address format validator
IAM-718: User status can be defined in a human readable way in REST filters
IAM-2284: Organization path is visible in summary step when inviting user to multiple roles

Corrections

IAM-2711, IAM-2744: Possible problems with role invitation to existing user fixed
IAM-2671: Fixed rejecting role invitations to existing users
IAM-2687: Fixed name change when Active Directory is in use
IAM-2633: Fixed email notification concerning pending user approval
IAM-2636: Fixed unnecessary email renotification to pending user when user was waiting for approval
IAM-2888: Fixed predefined role requests
IAM-2896: Fixed organization removal in case there is an open role invitation for a new user
IAM-3018: Fixed unwanted built-in attribute mandatoriness

Ubisecure CustomerID 5.1.9 (03/07/2017)

New Features

IAM-1986: Possibility to pass password value to backend call in registration summary step
IAM-2524: Password reset works for registered authentications without user having to have an SSN attribute
IAM-2354: Java information is logged when the system starts

Improvements

Workers have been separated to their own EAR
Reorganization of some JARs

Corrections

IAM-2064: Long organization names are no longer truncated in role add dialogue

Ubisecure CustomerID 5.1.5 (25/04/2017)

Corrections

New version of cid-sso-adapter that does not add duplicate libraries into Ubisecure SSO when it is installed.

Ubisecure CustomerID 5.1.4 (04/2017)

New Features

IAM-2003: Authorizer and REST API provide more information concerning delegations
In an authorization policy you can use eidm:delegations, which lists role, mandate and mandatee organization for each delegation
GET115 and GET116 REST calls added

Improvements

Performance improvements
IAM-1946: Updated WildFly version to 10.1.0.Final
IAM-2005: CSRF prevention checks added

Corrections

IAM-1842: Modify operations targeted to current-user from backend now work for existing user
IAM-1947: Importtool saves locale to SQL
IAM-2035: Corrected a possible NullPointerException in a certain type of role invitation

Ubisecure CustomerID 5.0.x (01/2017)

New Features

CID-5: Database layer uses JPA and supports PostgreSQL
CID-11: There is a separate Derby to PostgreSQL migration package available to help updating to this version
CID-513: Summary step in registrations is now optional

Improvements

Performance improvements
CID-90: CustomerID uses built-in WildFly (instead of Tomcat)
CID-112: CustomerID is packaged as an Enterprise Archive (EAR)
CID-89: CustomerID uses Java 8
CID-288: Updated Apache Wicket user interface framework version to 7.4.0
CID-482: CustomerID logging can be configured via WildFly also logging format structure has been improved

Corrections

CID-726: Corrected situation where REST response sometimes included a -1 value in port number

Removed Features

CID-727: Removed organization group feature
CID-455: Removed network source address based restrictions from CID REST API
Back channel logout is no longer supported.

Ubisecure CustomerID 4.x.x

Ubisecure CustomerID 4.6.0 (29/02/2016)

Corrections

IAM-45: Notification about pending role reception approval is now sent to new user after successful registration
IAM-154: User interface handles long organization name in organization search results correctly
IAM-1182: REST password change validates given password against the configured password policy.

Ubisecure CustomerID 4.5.0 (27/11/2015)

New Features

IAM-750: REST Query to list mandates received/sent by an organization/user

Corrections

IAM-170: Invitation renotification email show correct links
IAM-899: Role invitation wizard changes. Mail template step removed.
IAM-921: Organization user list and search performance improved when listing users by roles
IAM-1111: Updating e-mail address works correctly in AD with long emails (>20 characters)
IAM-740: CID Lostpwd shows now actual login ID to user

Ubisecure CustomerID 4.4.1 (30/09/2015)

Corrections

IAM-944: Registration allows creation of duplicate users when SSN matches
IAM-949: When loginusernprincipalname is used as login then no new users can be created
IAM-971: Validators are not working on user approval
IAM-945: CID should not include client IP address in AuthnStatement/SubjectLocality in SAML AP requests

Ubisecure CustomerID 4.4.0 (01/09/2015)

New Features

IAM-736: Organizations can be created with unique random string identifier automatically
IAM-794: Structured authorizer role information
IAM-821: REST: Search organizations by using any attribute

Corrections

IAM-909: User transfer from organization to another fails

Ubisecure CustomerID 4.3.0.40230 (07/2015)

New Features

IAM-747: Federation linking during registration workflow (UDF)
IAM-762: REST: search pending users by email

Improvements

Performance improvements

Corrections

IAM-775: Wrong language when transferring from registration to application
IAM-847: /eidm2/wf/changepwd operation based on temporary token instead of permanent one
IAM-260: REST: Creating ORG2ORG mandates fails

Ubisecure CustomerID 4.2.2.40007

New Features

IAM-747: A new way to configure authentication method activation step in registrations. It is now possible to also activate (link) external authentication methods to the created user account.

Corrections

IAM-738: Automatic role approvals after registration now work also for role invitations made using the REST-interface

Ubisecure CustomerID 4.2.1.39626

Corrections

IAM-725: Also pending users can now be searched via REST-interface

Ubisecure CustomerID 4.2.0.39098 (04/2015)

New Features

IAM-8: Registration workflow specific email text support
IAM-10: Top-level Approvals-tab is hidden in the admin user interface if user has no permissions to manage approvals
IAM-20: Email address confirmation is done at the user information wizard step in registrations (This is a change to the previous email address confirmation functionality)
IAM-38: Saml AP can be used with returnurl in registrations

Improvements

IAM-48: TUPAS methods can be grouped in user driven federation
IAM-229: Locale field can now be used also in role invitation wizard

Corrections

IAM-56: Mistyped email confirmation code no longer leads to an application error
IAM-39: In CustomerID Admin interface, organization name change now updates the view immediately
IAM-21: UI layout is no longer broken on approval tab (it was broken when using Firefox)
IAM-23: User custom attributes are saved when uniqueID attribute is used in user import
IAM-168: organization.class.default.restrictedRoleInvite no longer shows extra role in organization view

Ubisecure CustomerID 4.1.0.38078

New Features

Product name has beed changed from Ubisecure CustomerID to GlobalSign CustomerID
Configurable validation for attribute values
User driven federation support
More mobile friendly user interface
Registration fields can be prefilled from authentication method attributes
EIDM-1340: Automatic generation of organization technical name
EIDM-1372: Delete User REST query by user ID
EIDM-1384: Second web agent for CustomerID
EIDM-1391: Return URL can be given for registrations as an URL parameter
EIDM-1401: Verification step in registrations can now support also other authentication methods than TUPAS
EIDM-1348: Role invitation information can be queried via REST using user ID Improvements
Attribute validation is performed also for REST calls
Several performance improvements concerning large user amounts
EIDM-1349: Update user REST call can be used also for pending users
EIDM-1350: Query user REST call can be made based on user ID
EIDM-1351: Update user REST call can be made based on user ID
EIDM-1373: Listing users via REST can use any attribute for filtering results
EIDM-1374: Query Role REST call can be made based on role ID

Corrections

EIDM-173: Bank authentication (TUPAS) method name, title, and logo are now configurable
EIDM-572: Password change error messages are no longer duplicated
EIDM-598: An unknown TUPAS method in the properties does not present an exception in the browser
EIDM-618: Long information does not break the registration confirmation step display
EIDM-859: We will correctly report an error message if someone tries to create a sub organization that has the same name as a role in the parent organization
EIDM-920: Database update is now quicker
EIDM-991: Approval does not close if mandatory fields are left empty when approving
EIDM-1198: Removing multiple users is now quicker
EIDM-1204: Organization filtering is now quicker
EIDM-1255: Users imported with unique ID defined now get proper status
EIDM-1267: Custom usernames can now have validation via the new validation configuration option
EIDM-1294: Documentation updated concerning removed email.corporateRegisterEmail.message key from mail message configuration
EIDM-1377: Password change wizard now only sends the correct email message instead of two different messages
EIDM-1379: Verification now works also in protected registrations
EIDM-1381: Welcome message is sent for new user after create user wizard also when email confirmation is not required
EIDM-1383: Password change now only sends the correct email message and not two different ones
EIDM-1386: Reminder message about user registration is now sent correctly
EIDM-1392: Corrected possible problems with registration.x.temporary.fields
EIDM-1394: Changing language on registration no longer skips backend query
EIDM-1397: Pending password change expiration no longer deletes the registered user
EIDM-1403: Role add step can now be hidden from create user wizard
EIDM-1420: User CN information is now updated correctly also to the SQL database
EIDM-1421: Corrections to SSN uniqueness validation

Ubisecure CustomerID 4.0.0.35856

New Features

EIDM-1292: Mandate delegation based on user organization membership via received role
EIDM-1322: Support for XSLT in connection with backend query responses

Improvements

EIDM-1004: Suport for a separate validation code in the email message concerning email address change
EIDM-1318: CustomerID backend query message format implementation
EIDM-1342: Jersey upgrade (from 1.1x to 2.5.1)

Corrections

EIDM-1285: Mandate delegation and removal is now logged to audit logfile
EIDM-1311: Deleting organization now works even if there are pending mandates
EIDM-1328: Logout corrected in case saml.custid.ap has an active session in SSO
EIDM-1337: Role invite expire does not cause an error
EIDM-1338: Person mandate to new user does not anymore create a duplicate pending user when there already is a pending user with same email address
EIDM-1343: Empty or whitespace-only string as a result from backend query does not cause problems with parameter evaluation

Ubisecure CustomerID 3.x.x

Ubisecure CustomerID 3.12.0.34980

New Features

EIDM-1273: You can request predefined role sets from self-service
EIDM-1274: Registration workflow supports existing users

Improvements

EIDM-1112: Robots.txt search engine hiding
EIDM-1225: Role specific approval in registrations
EIDM-1272: Creation of several organizations from multivalue registration fields
EIDM-1290: Ubisecure favicon
Link to Administration interface from self-service if the user has the necessary permissions

Corrections

EIDM-1295: A problem related to role invitation renotifications has been corrected

Ubisecure CustomerID 3.11.1.34322

Corrections

EIDM-1257: Fixed role rejection count in the user interface in case email sending fails.
EIDM-1262: It is now possible to add roles also to disabled users.
EIDM-1275: Corrected character encoding handling when reading backend responses.
Nothing is automatically selected to the country list anymore.
Added missing self.mandate.read permission to default permissions.
Removed erronous self.edit.read permission from default permissions.
Mandate delegation panel doesn't show pending users anymore.
Added missing Derby starting command to Linux installation scripts.
Corrected an erronous path in Linux uninstall script.
Unified uninstallation in Linux so that also the Derby service will be removed in uninstall script.
Now we accept ', ` and ´ characters in firstname and surname fields.
Minor country ordering issue has been fixed.
Improved out of the box authorizer support for SSO versions starting from 6.8.0.
Corrected country selector behavior in IE 7 and IE 8. (Note that we don't actually officially support IE 7. However in this case we did a fix for it.)
Removed extra HTML coding for certain characters that were included in backend request parameters.

Ubisecure CustomerID 3.11.0.34122

New Features

EIDM-1210: Organization creation is ignored in registration workflow if the organization definition cannot be resolved
EIDM-1211: Role assign is ignored in registration workflow if the role definition cannot be resolved
EIDM-1212: Organization attributes may be stored separately in different organizations defined in the registration workflow configuration
EIDM-1251: Derby DB is started in a separate service

Improvements

EIDM-1247: User contact information may be added to the role approval page
EIDM-1222: Java updated to 64bit Java 7

Corrections

EIDM-1142: Special characters such as "!" in the REST password value no longer cause problems (for example when updating database)
EIDM-1228: It is again ok to send mandates to unregistered users when the mandate receiver approval is false
EIDM-1266: Custom attributes for user can be updated via REST

Ubisecure CustomerID 3.10.1.33745

Corrections

EIDM-1241: User information on self-service now works

Ubisecure CustomerID 3.10.0.33656

New Features

EIDM-1100: REST operation for role invitation for existing user
EIDM-1116: REST operation for listing active role invitations
EIDM-1208: Configurable country data type
EIDM-1220: REST operation for creating pending user
EIDM-1244: New Backend call possible when registration wizard is finished
EIDM-1245: Optionally require printing before registration wizard can be sent.

Improvements

EIDM-1223: Modify role.deassign permission for configuring role spesific deassignment

Ubisecure CustomerID 3.9.1.33383

Corrections

EIDM-913: Error with more than on pending user for same organization and organization is changed in approval
EIDM-1144: Add role might cause error when selecting another organization before role search is finished
EIDM-1174: Changing user attributes doesn't update breadcrumbs
EIDM-1187: Self-service password change removes pending password change requirement
EIDM-1209: User receives same email notification when he registers or changes his email, new key is: email.pendingEmailRegistration
EIDM-1216: user.delete permission not working at user action dropdown
Custom attributes are now supported in the role invitation wizard
Permissions are checked properly when deciding if to enable role assignment in the role action dropdown
Permissions are checked properly when deciding if to show user search results in the user selection step in the role assign wizard

Ubisecure CustomerID 3.9.0.33285

New Features

EIDM-967: Selected attributes and values can be shown in the Self-Registration Confirmation wizard step
EIDM-1109: role.assign permissions can now be role spesific

Improvements

EIDM-466: Possibility to authenticate registration backend query REST calls with HTTP BASIC Authentication
EIDM-969: Possibility to configure temporary registration fields (fields that are not stored in database)
EIDM-1039: More user friendly way of selecting users when adding a role to multiple users
EIDM-1052: Globally unselectable actions are no longer presented to the user
EIDM-1070: Removed unnecessary confirmation dialog when approving users
EIDM-1129: Performance improvements concerning mandates
EIDM-1154: Added information footer
EIDM-1189: More sophisticated configuration options for selecting UI messages from registration backend responses
EIDM-1190: Possibility to disable the back button in registrations

Corrections

EIDM-529: Duplicate error message
EIDM-1107: Password change fails on AD if user is not active
EIDM-1145: Approval tab counter doesn't check permission
EIDM-1163: OTP Printout-method status is not shown correctly in Self-Service Interface
EIDM-1168: Organization's technical name is shown instead of FriedlyName when removing role
EIDM-1171: Changing user's password link in admin interface is not working

Ubisecure CustomerID 3.8.1.32723

Corrections

EIDM-978: Roles are not automatically approved for new user
EIDM-1089: Roleinvitation without organisation selection causes error
EIDM-1092: language change does not work when creating a mandate
EIDM-1102: CustomerID is not replying organization TechnicalName when REST get or delete function is used
EIDM-1105: Password change link is visible to user that has no rights to edit information
EIDM-1139: Role list when doing role request throws NPE when only one role would be shown
EIDM-1140: Create User-button is shown in virtual organizations
EIDM-1141: Received Mandates shows received roles with technical name

Corrections in earlier versions

EIDM-441: Change password page contains obsolete button
EIDM-1009: loginuppercase is not correct
EIDM-1010: Delegate mandate shows duplicate users
EIDM-1012: Create user fails if organization doesnt exists
EIDM-1013: Canceling registration fails to User not found with unique id: null
EIDM-1015: Error when user tries to change login that already exists

Ubisecure CustomerID 3.8.0.32497

New Features

EIDM-927: REST API to support mandate management

Improvements

EIDM-1000: Mandate listings is limited and a search functionality is implemented to find the rest of the entries
EIDM-1001: New permission for removing issued mandates from users in the Admin UI
EIDM-1002: Possibility to insert a user custom attribute into an email

Corrections

EIDM-990: When selecting save or approval for an open approval, that approval is closed even if the operation failed
EIDM-1003: User approval should not be required if the creator of the user has permission rights to approve the user
EIDM-1094: workflow.roles.firstuser definition is applied if the user is the first one to have a role from the organization
EIDM-1095: Some attributes are not saved to SQL if user information is changed
EIDM-1098: Role localized names and descriptions are now shown when removing roles from users
EIDM-1102: CustomerID is not replying organization TechnicalName when REST get or delete function is used

Ubisecure CustomerID 3.7.2.31682

Improvements

EIDM-986: Inform in UI if user or role listing has been limited
EIDM-942: Sampo Bank TUPAS method changed to Danske Bank
EIDM-988: Performance improvements concerning the add user wizard
EIDM-985: Performance improvements concerning user search
EIDM-987: Performance improvements concerning database and LDAP updates
EIDM-975: Organization selections lists changed to organization search in role invitation and role request wizards (This was made so that memory usage can be kept in reasonable limits with large databases)
Performance improvements concerning role listing
Performance improvements concerning approval listing
Performance improvements concerning organization search

Corrections

EIDM-989: Issue count in the tab headings is now updated without delay in approval, role and mandate tab headings
EIDM-983: Approval reject popup now again closes after a successful reject operation

Ubisecure CustomerID 3.7.0.31102

New Features

EIDM-936: Create user-function can create users directly under organization

Improvements

EIDM-947: User search is based on SQL content instead of LDAP content
EIDM-948: Organization lists in workflows need to be changed to organization search

Corrections

EIDM-935: Login-attribute uniqueness is not checked
EIDM-949: Registration workflow doesnt create virtual organizations

Ubisecure CustomerID 3.6.0.29549

New Features

Organization's role listing can be configured to show sub-organizations
REST API response has xsd schema (cid-1.0.xsd)
REST response has changed for querying user and organization custom attributes

Improvements

Improved functionality to handle erroneous objects created with Import Tool

Ubisecure CustomerID 3.5.3.29169

Corrections

Saving organization's company id in OID format fixed

Ubisecure CustomerID 3.5.2.29115

New Features

Organization's role listing can be filtered with keywords

Improvements

Approval page is faster to load
Organization's role listing is faster and more user friendly when there is a large amount of organizations

Corrections

Corrected edit-permission in approval page

Ubisecure CustomerID 3.5.1.28859

New Features

Self-Service UI has field specific permissions for viewing and editing user information
Admin UI has field specific permissions for viewing and editing user information
Admin UI has field specific permissions for viewing and editing organization information
Approval UI has field specific permissions for viewing and editing information
It is possible to add organization custom attributes to SAML messages from the organization in which the user is stored

Improvements

REST returns custom attributes for organizations

Corrections

Approval UI save functionality works if reject reason is required
Authorizer now includes the guava-11.0.2.jar library so that it does not need to be added separately

Ubisecure CustomerID 3.5.0.28697

New Features

EIDM-868: It is now configurable if approval is required for received mandates or not
EIDM-750: Administrator is able to add roles to multiple users in one workflow
Administrator is able to remove roles from multiple users in one workflow
Administrator is able to invite multiple users to roles in one workflow
Administrator is able to remove multiple users at the same time
Administrator is able to remove multiple roles from an organization
Administrator is able to approve/reject multiple users at the same time
Administrator is able to approve/reject multiple role invitations at the same time
It is now configurable if the organization name should be in the Finnish company id format when targeting mandates to organizations

Improvements

EIDM-749: User approval request is validated before approving user
EIDM-870: User status is shown when requesting user information via the REST-interface
User approval request can be saved without giving all the required information
Delegating mandates to large number of users is faster
Listing organizations is faster
Listing organizations' users is faster

Corrections

EIDM-856: Organization custom attributes can be used in registration and approval page
New organizations are shown correctly in approval page
User's email confirmation is shown correctly in approval page

Ubisecure CustomerID 3.4.3.28216

Corrections

Fixed selecting user's organization in create user workflow
Generation of invalid login value in self-registration and create user workflows

Ubisecure CustomerID 3.4.2.28187

Improvements

Email messages support user's attributes as parameters
Create User workflow supports custom attributes
Create User workflow supports features from self-registration, configuring create user workflows has changed
Usability improvements in organization listings and search user interfaces
REST now supports reseting the Derby database

Corrections

Update methods -command creates derby object for all organizations
Mobile confirmation field can be set to disabled
Creating deep organization additions now works in registrations
Corrected a few serialization errors
Corrected handling of comma characters (",") in attributes

Ubisecure CustomerID 3.4.1.27680

Improvements

Support for custom attributes in ImportTool

Corrections

Organization's technical name can be shown in organization's information listing
Organization class editing is done using a drop-down list

Ubisecure CustomerID 3.4.0.27608

New Features

Custom attributes can be saved to CustomerID internal database
CustomerID Authorizer supports transmitting custom attributes in SAML messages (SSO version 6.3.1 is required)
User's attributes that are shown in Approval UI can be configured
User's attributes that are editable in Approval UI can be configured
Approver is able to edit and save user approval request
Approver is able ot edit user's roles in Approval UI
Approver is able to insert free text for the reject message
Approver is able to identify if organization is new or existing one
User's attributes that are shown in Self-Service UI can be configured
User's attributes that are shown in Admin User UI can be configured
Organization's attributes that are shown in Organization UI can be configured
Tomcat version updated to 7.0.26
Derby database version updated to 10.8.2.2
Wicket version updated to 1.4.19
Java version updated to 1.6.0_31

Improvements

CustomerID internal database is started in CustomerID Server (service is removed)

Corrections

CustomerID Authorizer returns inherited roles in Active Directory

Ubisecure CustomerID 3.3.2.26523

New Features

Search for organizations

Improvements

Improved support for large number of organizations
Separate list for pending registration invitations

Corrections

Email notifications were not sent for role invitations that required the approval of a newly registered user
Information updating problem when changing the email address of the invited person in role invitations

Ubisecure CustomerID 3.3.1.26211

Corrections

Modified organization configuration in registration

Ubisecure CustomerID 3.3.0.26146

New Features

EIDM-763: Custom attribute values can be stored encrypted
EIDM-771: Registration workflow configuration changes: user organization definition, additional organization creation, role assignment
User information can be exported in CSV format through REST API. Command line tool is alsoprovided
UI language codes can be selected as a presentation language in development mode

Improvements

EIDM-802: Role visibility defined mainly by role.listusers instead of user.read.roles permission
Removed unnecessary version information printout from HTML header
User export now includes user password if ubilogin directory is used as a user repository

Corrections

Role deassignment permission was based on user organization. Now it is based on role organization
Role invitation registration required always approval. Now approval is required based on workflow configuration

Ubisecure CustomerID 3.2.0.25817

New Features

EIDM-769: Configurable user details in role invitation
EIDM-767: Customizable error page for registration

Improvements

EIDM-789: Remove admin.user.delete.enabled property

Corrections

EIDM-793: Unexpected error when browsing organization
EIDM-796: eIDMUser-role is not added when creating user through REST interface

Ubisecure CustomerID 3.1.0.25673

New Features

EIDM-762: Two phase user information input in registration wizard
EIDM-764: Support for error messages based on backend query results
EIDM-765: Backend connection for requesting user information in registration
EIDM-768: Custom attribute storing to LDAP/AD attributes
EIDM-772: Validation for SSN in TUPAS-authentication
EIDM-790: SSN field is now handled as a custom attribute

Improvements

EIDM-780: Removal of roleinvite.enabled property
EIDM-781: Removal of addrole.enabled property
EIDM-785: Removal of createuser.enabled property
EIDM-788: Creating a new user using the REST interface automatically assigns user to the eIDMUser group

Corrections

Listing large number of users fails in OpenLDAP with Protocol Error

Ubisecure CustomerID 3.0.4.25334

Corrections

Email duplicate check was not included when companyAndCustomerId field was used in registrations
Email duplicate check did not allow registrations based on mandate invitation

Ubisecure CustomerID 3.0.3.25298

Corrections

The role selection popup in add role functionality did not work in certain situations

Ubisecure CustomerID 3.0.2.25282

Corrections

Email duplicate check did not include pending registrations
Insufficient role linkage in certain registrations

Ubisecure CustomerID 3.0.1.25247

Corrections

Role member listing did not contain mandate delegates in REST API
Session serialization contained errors

Ubisecure CustomerID 3.0.0.25183

New Features

EIDM-774: User is able to give companyId in registration without backend support
EIDM-577: Support for storing Finnish company IDs in OID format but presenting them in human readable format in the UI

Improvements

EIDM-558: Tupas authentication to be not required again when accessing the service directly after registration
EIDM-578: Parent level support for permissions
EIDM-733: Whitespaces should be removed from customerId-field

Corrections

EIDM-576: Friendly Name field should support characters: '/', '(' and ')'
EIDM-581: SSN is not saved if registration uses both Tupas and email verification
EIDM-662: When user accesses mail/phone number editing with a direct link to self-service, accessing roles tab after that gives an error message
EIDM-665: Return link is broken for users who have access only to one organization
EIDM-671: When login takes too long, SAML Expiration exception is shown to the user
EIDM-709: User doesn't see pending approvals in approval page even when he was the one inviting the pending user
EIDM-712: Error in first sign on after a single logout
EIDM-718: Role tab is broken after user confirm email change
EIDM-726: Mobile number validator should accept dashes and spaces but remove them
EIDM-727: In changing user's organization, virtual organizations are listed
EIDM-731: User approval request emails not sent if there is no organization main user
EIDM-736: Organization name field too long for background when using IE8
EIDM-738: SSN saved even if configured otherwise
EIDM-777: Null pointer exception if Tupas configuration file is missing

Browser not supported