Overview

The release notes summarizes important information you should be aware
of before installing or upgrading Ubilogin SAML SP for Java.

Techincal Specifications

Java Platform, Standard Edition Runtime Environment version 11
Java Servlet 3.1 or 3.0 compliant application server
System time synchronized with the time of the IDP
Ubilogin SSO Server 9.x
If IDP uses stronger encryption schemes, such as AES-256, you need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files. Ubilogin SSO Server does not require this.

Java Platform, either
Standard Edition Runtime Environment Version 8 (Java SE 8)
or Standard Edition Runtime Environment Version 7 (Java SE 7)
or Standard Edition Runtime Environment Version 6 (Java SE 6)
Java Servlet 3.1 or 3.0 compliant application server
System time synchronized with the time of the IDP
Ubilogin SSO Server 6.x or 7.x
If IDP uses stronger encryption schemes, such as AES-256, you need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files. Ubilogin SSO Server does not require this.

When using IBM Java:

Unrestricted JCE policy is required and is available from IBM. The error "identity.properties: invalid keystore" is shown to system.out if this unrestricted JCE policy
Identity generation with the command line command
"java -jar ubisaml2.jar generate" is not supported with IBM Java.
Use Oracle Java for this step.

Java 8 is now supported
Java 5 is no longer supported
Fixed IAM-217: Xalan library deployment in application server causes receiving SOAP message (LogoutRequest/Response and AttributeQuery response) to fail with StackOverflowError

New: Ubisecure SSO UI template can be selected when doing Authentication Request using AuthnRequest.setTemplate()

Fixed: VirtualHostManager.getUbiloginServiceProvider() now returns correct instance

Fixed: AuthnContextDeclRef was not set
Changed: Default encryption scheme does not require Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.

returnurl-pattern setting added to ServiceProviderServlet
api changes: AuthnStatement and IssueInstant properties added to UbiloginSAMLAssertion

changed: not-pattern now specifies the urls with anonymous access allowed
api changes: UbiloginServiceProvider, ServiceProviderEvent, AuthnRequest
fixed: interop issues with http-redirect binding
fixed: encoding issues with certain unicode characters
fixed: any event listener may cancel event processing by committing the servlet response

changed: allow 60 seconds tolerance while validating NotBefore/NotOnOrAfter timestamps
fixed: issues when application was deployed to root context
fixed: possible concurrency issue with ISO8601 formatter