forked from wso2/product-is
-
Notifications
You must be signed in to change notification settings - Fork 0
/
release-notes.html
223 lines (187 loc) · 9.31 KB
/
release-notes.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
<!--
~ Copyright 2011 WSO2, Inc. (http://wso2.com)
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1"/>
<title>Welcome to @product.name@ [email protected]@!</title>
<link href="css/is-docs.css" rel="stylesheet"/>
</head>
<body>
<h1>@product.name@ : An Open Source Identity and Entitlement Management Server</h1>
<h3>@product.name@ [email protected]@ Release Note</h3>
<h3>18 December 2015</h3>
<p>
The @product.name@ team is pleased to announce the release of version @product.version@ of
the @product.name@ (IS).
</p>
<p>@product.name@ is an open source Identity and Entitlement management server. It supports a wide array of
authentication
protocols such as SAML 2.0 Web SSO, OpenID, OAuth 2.0/1.0a, OpenID Connect and WS-Federation Passive.
It supports role based authorization and fined grained authorization with XACML 2.0/3.0 while inbound/outbound
provisioning is
supported through SCIM and SPML</p>
<p>
@product.name@ is developed on top of the revolutionary
<a href="http://wso2.com/products/carbon">WSO2 Carbon platform</a>,
an OSGi based framework that provides seamless modularity to your SOA via
componentization.</p>
<p>All the major features have been developed as pluggable Carbon components.</p>
<p>
You can download this distribution from <a href="http://wso2.com/products/identity-server/">
http://wso2.com/products/identity-server/</a>.</p>
<p>The online documentation is available at
<a href="http://docs.wso2.org/wiki/display/IS510/WSO2+Identity+Server+Documentation">
http://docs.wso2.org/wiki/display/IS510/WSO2+Identity+Server+Documentation.</a></p>
<h2>How to Run </h2>
<ol>
<li>Extract the downloaded zip</li>
<li>Go to the bin directory in the extracted folder</li>
<li>Run the wso2server.sh or wso2server.bat as appropriate</li>
<li>If you need to start the OSGi console with the server use the property
-DosgiConsole when starting the server.
</li>
</ol>
<h2>New Features In This Release</h2>
<ul>
<li>Workflow support for Identity Server</li>
<p>Engage workflows for any user/role operations carried out using WSO2 IS Management Console.
For example, when a new user gets registered with WSO2 IS, a workflow will automatically be triggered and
s/he will be assigned to a particular user role.</p>
<li>FIDO compliance</li>
<p>Fast Identity Online (FIDO) is a specification developed to reduce the reliance on password
for user authentication. The standard will enable any Web/cloud application to interface with a
variety of FIDO-enabled security devices.</p>
<li>Link multiple user accounts</li>
<p>In cases where users will have multiple entries in their respective user stores, to avoid requiring multiple
logins to an application to obtain a fully privileged view for a single user's details, we now support merging
of multiple user profiles.</p>
<li>PATCH operation support for SCIM 1.1</li>
<p>PUT supports the replace operation but not the update operation. Since group is a heavy resource, the
operation that alters without replacement (PATCH) needs to be implemented. If not each time a new user is
added to the group, all the users should be sent in the PUT request.</p>
<li>SAML 2.0 Bearer Token Renewal</li>
<p>In IS 5.0.0, STS feature supports renewing Bearer type SAML 1.1 tokens only;
attempts to renew Bearer type SAML 2.0 Tokens get failed. With IS 5.2.0 product will
facilitate renewing expired Bearer type SAML 2.0 Tokens.</p>
<li>OpenID Connect Core 1.0 Compliance</li>
<p>The IS 5.0.0 had OpenID Support, however there were many points in the spec that were being violated.
Now that the specification is finalized we have made IS 5.2.0 OpenID Connect support specification
compliant. A major improvement this area is support for IDToken response type from the
OpenID Connect authorization endpoint.</p>
<li>Ability to notify external endpoints when changes are made to Identities</li>
<p>@product.name@ is now able to send invalidation notifications to external endpoints when there is a change in user
roles, permissions or attributes as well as clear the internal cache when user roles, permissions or attributes
been updated</p>
</ul>
<h2>Key Features of @product.name@</h2>
<ul>
<li>Dynamically discovered federation</li>
<li>Identity Bridge - translation between heterogeneous Identity authentication protocols</li>
<li>SP Initiated and IDP Initiated SAML 2.0 Web Browser SSO provider</li>
<li>SAML2 Single Logout profile support</li>
<li>OpenID 2.0 Provider</li>
<li>OpenID Connect Authorization Server</li>
<li>Social login with Facebook, Google, Yahoo and Windows Live</li>
<li>XACML 3.0/2.0 based Entitlement Engine with WS-XACML support</li>
<li>OAuth 2.0/1.0a Authorization Server with OAuth 2.0/1.0a support</li>
<li>Inbound and Outbound Identity Provisioning with SCIM 1.1</li>
<li>Outbound Identity Provisioning with SPML 2.0, Salesforce and GoogleApps</li>
<li>Integrated Windows Authentication and webSEAL authentication</li>
<li>Multi-option and multi-step (multi-factor) authentication</li>
<li>Claim based Security Token Service(STS) with SAML 2.0/1.1 support.</li>
<li>Support for various types of User Stores such as JDBC, Cassandra, LDAP, Active Directory in Read/Write mode.
</li>
<li>Claim Management</li>
<li>User Profiles and Profile Management</li>
<li>Separable front-end and back-end - a single front-end server can be used to administer several back-endservers</li>
<li>Identity Bridge</li>
<li>Multi-option and multi-step authentication</li>
<li> Request Path Authenticators.</li>
<li>Social Login with Facebook / Google / Microsoft Windows Live.</li>
<li>Ability to plug-in custom developed authenticators.</li>
<li>Provisioning Bridge.</li>
<li>Just-in-time provisioning.</li>
<li>Ability to plug-in custom developed provisioning connectors.</li>
<li>User Dashboard.</li>
<li>SAML2 Web SSO profile Request / Response validator.</li>
<li>Remote User Store Management.</li>
<li>Custom permissions.</li>
<li>Encrypted SAML2 Assertions.</li>
<li>NTLM grant type for OAuth 2.0</li>
<li>Workflows for user management operations</li>
<li>2 factor authentication with FIDO</li>
<li>Linking 2 or more local/federated user accounts</li>
</ul>
<h2>Issues Fixed in This Release</h2>
<p>
This release of WSO2 Identity Server comes with a number of bug fixes, both in the base Carbon
framework and in the Identity Server specific components. All the issues which have been
fixed in this release can be found at:
</p>
<ul>
<li><a href="https://wso2.org/jira/issues/?filter=12586">Fixed Issues for WSO2 Identity Server 5.2.0</a></li>
</ul>
<h2>Known Issues</h2>
<p>
All the known issues in WSO2 Identity Server 5.2.0 are reported at:
</p>
<ul>
<li><a href="https://wso2.org/jira/issues/?filter=12587">Known issues in WSO2 Identity Server 5.2.0</a></li>
</ul>
<h2>How You Can Contribute</h2>
<h3>
Mailing Lists
</h3>
<p>
Join our mailing list and correspond with the developers directly.
</p>
<ul>
<li>
Developer list : <a href="mailto:[email protected]">[email protected]</a>
| <a href="mailto:[email protected]?subject=subscribe">Subscribe</a>
| <a href="http://wso2.org/mailarchive/dev/">Mail Archive</a>
</li>
<li>
User forum : <a href="http://stackoverflow.com/questions/tagged/wso2">StackOverflow</a>
</li>
</ul>
<h3>
Reporting Issues
</h3>
<p>
We encourage you to report issues, documentation faults and feature requests regarding
WSO2 Identity Server or in the Carbon base framework through the public
<a href="https://wso2.org/jira/browse/IDENTITY">@product.name@ JIRA</a> or <a
href="http://www.wso2.org/jira/browse/CARBON">Carbon JIRA</a>.
</p>
<h2>Support</h2>
<p>
We are committed to ensuring that your enterprise middleware deployment is completely supported
from evaluation to
production. Our unique approach ensures that all support leverages our open development
methodology and is provided by
the very same engineers who build the technology.
For more details and to take advantage of this unique opportunity
<a target="_blank" href="http://wso2.com/support/">
http://wso2.com/support/</a>
</p>
<p>For more information about WSO2 Identity Server, please see <a
href="http://wso2.com/products/identity-server">http://wso2.com/products/identity-server</a> or visit
the <a href="http://wso2.org/library">WSO2 Oxygen Tank</a> developer portal for additional resources.</p>
<p>Thank you for your interest in @product.name@.</p>
<p>Copyright WSO2 Inc.</p>
</body>
</html>