SAML SP for Java release notes - SSO
Overview
The release notes summarizes important information you should be aware
of before installing or upgrading Ubilogin SAML SP for Java.
Techincal Specifications
System Requirements:
Since version 9.0.0
- Java Platform, Standard Edition Runtime Environment version 11
- Java Servlet 3.1 or 3.0 compliant application server
- System time synchronized with the time of the IDP
- Ubilogin SSO Server 9.x
- If IDP uses stronger encryption schemes, such as AES-256, you need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files. Ubilogin SSO Server does not require this.
Previous versions
- Java Platform, either
- Standard Edition Runtime Environment Version 8 (Java SE 8)
- or Standard Edition Runtime Environment Version 7 (Java SE 7)
- or Standard Edition Runtime Environment Version 6 (Java SE 6)
- Java Servlet 3.1 or 3.0 compliant application server
- System time synchronized with the time of the IDP
- Ubilogin SSO Server 6.x or 7.x
- If IDP uses stronger encryption schemes, such as AES-256, you need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files. Ubilogin SSO Server does not require this.
Known Issues
When using IBM Java:
- Unrestricted JCE policy is required and is available from IBM. The error "identity.properties: invalid keystore" is shown to system.out if this unrestricted JCE policy
- Identity generation with the command line command
"java -jar ubisaml2.jar generate" is not supported with IBM Java.
Use Oracle Java for this step.
Change Log
9.0.0 (compatible with SSO 9.x)
- New: Java 11 support added (Java 8 is not supported).
- New:Â Key rotation feature added.
2.5.0.42315
- Java 8 is now supported
- Java 5 is no longer supported
- Fixed IAM-217: Xalan library deployment in application server causes receiving SOAP message (LogoutRequest/Response and AttributeQuery response) to fail with StackOverflowError
2.4.2.36685
- New: Feature to disable schema validation of SAML messages
2.4.1.34813
- New: Ubisecure SSO UI template can be selected when doing Authentication Request using AuthnRequest.setTemplate()
2.3.3.31525
- Fixed: VirtualHostManager.getUbiloginServiceProvider() now returns correct instance
2.3.2.23575, 26.10.2011
- Fixed: SOAP logout handling
- Fixed: Session logout initiated erroneously after application server restart
2.3.1.20830, 29.9.2011
- Fixed: Null pointer exception during Attribute Query
2.3.0.20223, 28.2.2011
- New: Support for virtual hosting
2.2.2_19499, 21.1.2011
- New: Simplified deployment on Java SE 6 by removing unnecessary dependencies.
- New: For J2SE 5.0 install additional dependencies from ubisp-java5-libs.zip
- Fixed: IPv6 address range support for netmask
- Changed: NotOnOrAfter setting
2.2.1.17309, 15.10.2010
- Fixed: Logout handling when using IBM Java
2.2.0.16862, 4.10.2010
- Fixed: AuthnRequest.setLocale()
- New: AuthnRequest.getExtensions() Add extensions to SAML AuthnRequest
2.1.1.14526, 30.4.2010
- Fixed: AuthnContextDeclRef was not set
- Changed: Default encryption scheme does not require Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.
2.1.0.14035, 1.4.2010
- Requires Ubilogin SSO 5.0 or newer.
- New: Liberty SAML 2.0 interoperability fixes
- New: Support for more than one IDP via DiscoveryEventListener
- New: SAML 2.0 SOAP logout
- New: SAML 2.0 Artifact binding
- New: SAML 2.0 NameIDMapping protocol
- Fixed: IBM Java 1.6.0 compatibility
- Fixed: Problem with Servlet 2.3 DTDs
2.0.3.10386, 13.3.2009
- returnurl-pattern setting added to ServiceProviderServlet
- api changes: AuthnStatement and IssueInstant properties added to UbiloginSAMLAssertion
2.0.2.10204
- changed: not-pattern now specifies the urls with anonymous access allowed
- api changes: UbiloginServiceProvider, ServiceProviderEvent, AuthnRequest
- fixed: interop issues with http-redirect binding
- fixed: encoding issues with certain unicode characters
- fixed: any event listener may cancel event processing by committing the servlet response
2.0.7201
- changed: allow 60 seconds tolerance while validating NotBefore/NotOnOrAfter timestamps
- fixed: issues when application was deployed to root context
- fixed: possible concurrency issue with ISO8601 formatter