SAML SP for Java release notes - SSO

Owned by ubisebastian
Last updated: 2022-08-12
2 min read

Overview

The release notes summarizes important information you should be aware
of before installing or upgrading Ubilogin SAML SP for Java.

Techincal Specifications

System Requirements:

Since version 9.0.0

  • Java Platform, Standard Edition Runtime Environment version 11
  • Java Servlet 3.1 or 3.0 compliant application server
  • System time synchronized with the time of the IDP
  • Ubilogin SSO Server 9.x
  • If IDP uses stronger encryption schemes, such as AES-256, you need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files. Ubilogin SSO Server does not require this.

Previous versions

  • Java Platform, either
  • Standard Edition Runtime Environment Version 8 (Java SE 8)
  • or Standard Edition Runtime Environment Version 7 (Java SE 7)
  • or Standard Edition Runtime Environment Version 6 (Java SE 6)
  • Java Servlet 3.1 or 3.0 compliant application server
  • System time synchronized with the time of the IDP
  • Ubilogin SSO Server 6.x or 7.x
  • If IDP uses stronger encryption schemes, such as AES-256, you need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files. Ubilogin SSO Server does not require this.

Known Issues

When using IBM Java:

  • Unrestricted JCE policy is required and is available from IBM. The error "identity.properties: invalid keystore" is shown to system.out if this unrestricted JCE policy
  • Identity generation with the command line command
    "java -jar ubisaml2.jar generate" is not supported with IBM Java.
    Use Oracle Java for this step.

Change Log

9.0.0 (compatible with SSO 9.x)

  • New: Java 11 support added (Java 8 is not supported).
  • New: Key rotation feature added.

2.5.0.42315

  • Java 8 is now supported
  • Java 5 is no longer supported
  • Fixed IAM-217: Xalan library deployment in application server causes receiving SOAP message (LogoutRequest/Response and AttributeQuery response) to fail with StackOverflowError

2.4.2.36685

  • New: Feature to disable schema validation of SAML messages

2.4.1.34813

  • New: Ubisecure SSO UI template can be selected when doing Authentication Request using AuthnRequest.setTemplate()

2.3.3.31525

  • Fixed: VirtualHostManager.getUbiloginServiceProvider() now returns correct instance

2.3.2.23575, 26.10.2011

  • Fixed: SOAP logout handling
  • Fixed: Session logout initiated erroneously after application server restart

2.3.1.20830, 29.9.2011

  • Fixed: Null pointer exception during Attribute Query

2.3.0.20223, 28.2.2011

  • New: Support for virtual hosting

2.2.2_19499, 21.1.2011

  • New: Simplified deployment on Java SE 6 by removing unnecessary dependencies.
  • New: For J2SE 5.0 install additional dependencies from ubisp-java5-libs.zip
  • Fixed: IPv6 address range support for netmask
  • Changed: NotOnOrAfter setting

2.2.1.17309, 15.10.2010

  • Fixed: Logout handling when using IBM Java

2.2.0.16862, 4.10.2010

  • Fixed: AuthnRequest.setLocale()
  • New: AuthnRequest.getExtensions() Add extensions to SAML AuthnRequest

2.1.1.14526, 30.4.2010

  • Fixed: AuthnContextDeclRef was not set
  • Changed: Default encryption scheme does not require Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.

2.1.0.14035, 1.4.2010

  • Requires Ubilogin SSO 5.0 or newer.
  • New: Liberty SAML 2.0 interoperability fixes
  • New: Support for more than one IDP via DiscoveryEventListener
  • New: SAML 2.0 SOAP logout
  • New: SAML 2.0 Artifact binding
  • New: SAML 2.0 NameIDMapping protocol
  • Fixed: IBM Java 1.6.0 compatibility
  • Fixed: Problem with Servlet 2.3 DTDs

2.0.3.10386, 13.3.2009

  • returnurl-pattern setting added to ServiceProviderServlet
  • api changes: AuthnStatement and IssueInstant properties added to UbiloginSAMLAssertion

2.0.2.10204

  • changed: not-pattern now specifies the urls with anonymous access allowed
  • api changes: UbiloginServiceProvider, ServiceProviderEvent, AuthnRequest
  • fixed: interop issues with http-redirect binding
  • fixed: encoding issues with certain unicode characters
  • fixed: any event listener may cancel event processing by committing the servlet response

2.0.7201

  • changed: allow 60 seconds tolerance while validating NotBefore/NotOnOrAfter timestamps
  • fixed: issues when application was deployed to root context
  • fixed: possible concurrency issue with ISO8601 formatter

Ubisecure Privacy Policy & Cookie Statement