What's New

Note: For the latest technical information about the product, refer to the Release Notes available in the product deliveries.

ActivID Authentication Server v8.4

Update Enhancement/Fix

Amazon® Web Services (AWS) support

ActivID Authentication Server can be now deployed on AWS leveraging:

  • AMI Red Hat Enterprise Linux 7.7
  • AWS RDS or Aurora with PostgreSQL® v11+ database engine
  • AWS CloudHSM v2

Environment updates
  • Support of Oracle® Linux 7.7 and Red Hat® Enterprise Linux 7.7
  • Support of JBoss® EAP 7.2 (note that JBoss EAP 7.0.x is now deprecated)
  • Support of the latest JDK 8 (Oracle / Open JDK )
  • Improved database migration on Oracle 18c (IAAS-6696)

OpenID Connect enhancements
  • ClientID registration improvement to correctly register a duplicate clientID (IAAS-6527)
  • Reuse of authorization code twice now results in revoking previously issued access token (IAAS-6470)
  • Support of the POST method on the userinfo endpoint (IAAS-6469)
  • Usercode validation issue in CIBA bcauthorize request is now fixed (IAAS-6585)
  • Refresh of third party components to fix security vulnerability (IAAS-6596)

SCIM and RESTful configuration API enhancements
  • New API to create and assign roles (IAAS-6367)
  • Croatian diacritical characters in UTF-8 are now correctly supported (IAAS-6410)
  • Performance optimization when searching for a user (IAAS-6599)
  • Improved performances when creating large number of tenants on AWS PostgreSQL

Security updates
  • Bouncy Castle v1.64
  • Apache XML Security for Java v2.1.4
  • Nimbus JOSE JWT v8.2.1
  • Jackson Databind v2.7.9.6
  • Security improvement for when a user changes their password - all user sessions (active and non-active) of the authenticators are deleted and the session transfer codes generated by these session are also deleted (IAAS-6457)

Other improvements
  • Improved audit function in the ActivID Management Console when registering new service in HID Approve (IAAS-6518)
  • Improved HID Approve™ service key renewal if a previous SKR has failed (IAAS-6496)
  • Deprecated SMS BT Delivery Adapters have been removed (IAAS-6506):

    • SMS BT Delivery Adapters must be deleted before installing ActivID AS 8.4 . If they are not deleted:

    • BT Delivery Adapters will no longer appear in the OOB Delivery Gateway view of the ActivID Management Console.
    • BT Delivery Adapters will still appear in the Authentication Type view (in Assignments, then Delivery Gateways).

    Although harmless, it is recommended that you use the ac.4tress.deleteSmsBtAdapters sample to remove the adapters.

  • Hot fix installation improvement (IAAS-6413)
  • Hot fix installation will support the /tmp directory configured with "noexec" permission (IAAS-6525)