Release Date: 2021-05-07
Smart ID Digital Access component 6.0.5 has been released today.
This version is included in the release of Smart ID 21.04.
Added Docker Swarm for Digital Access in 6.0.5 and the only way to upgrade to 6.0.5 is by following the upgrade documents mentioned under Upgrade Digital Access component. Also after upgrading to 6.0.5, the orchestrator and v-apps menu is removed from the virtual machine.
Detailed feature list
|Jira ticket no||Description|
Added ability to search user groups
Added ability to search user groups instead of having dropdown at multiple places so that groups can be searched and added even if there are more than 1000 AD groups.
Local users can be added as delegated administrator
Added ability to add local users as delegated administrator under Delegated Management. This works both for Digital Access Admin and XPIs.
Ericom client has been removed
Removed EricomClient / Access now references from Digital Access Admin under Resources. This will only be removed from the default standard resources and not the ones specifically added by users. Resources added by users will have to be manually removed.
Upgraded to Guacamole version 1.3.0
Added option to url encode for guacamole web resource.
Added support for TLS version 1.3.0
Added support for TLS version 1.3.0. Removed the support for SSL v2 and v3. Removed weak ciphers for TLS v1.0, 1.1. Disabled weak ciphers by default for TLS v1.2.
Known issue: User certificate authentication method no longer works when TLS1.3 is enabled. The workaround is to disable TLS1.3. See Known limitations in Digital Access for more details.
Added Docker Swarm orchestration
Added Docker Swarm orchestration for Digital Access deployment in virtual appliance. Read more here: Deploy Digital Access component. From version 6.0.5 onward, there will be only the command line way to upgrade Digital Access versions (both Online and Offline upgrade). Removed the v-apps and admin GUI upgrade options. More details can be found in the upgrade instructions document for different setups, see here Upgrade Digital Access component.
Also, upgrade to 6.0.5 and above will remove the existing orchestrator and replace it with industry adopted standard docker-swarm.
|Jira ticket no||Description|
Signatures over Web service API produced orphan sessions.
Added ‘cacheDuration’ attribute of value 15 minutes in SAML metadata when Digital Access acts as an IDP.
While importing server certificate, encrypted private key with newer encryption algorithm like PBE-SHA1-3DES works now. All PKCS#5 v1.5 and PKCS#12 algorithms are supported now.
Improved performance when many SAML attributes are added by reducing the unneeded repetitive storage calls.
Update the default NPS URL to ‘nps.go.nexusgroup.com’
Improved on the Docker health check logging to monitor the Docker health at service level to avoid log cluttering.
WS federation stops working after an upgrade to 6.0.x, this has been fixed.
If we Use Organization ID service for Freja authentication, then the registration level set in the Force authentication dropdown does not have any effect on the authentication. Hence disabled force authentication control if Use Org ID service is checked.
Oauth2 Discovery returns 202 Accepted when according to spec it should be 200 OK, this has been fixed.
Failing to delete profile connected to Smart ID Mobile App through XPI services, this has been fixed.
Upgraded openSSL version to 1.1.1k to fix the CVE-2021-3449 vulnerability.
For information regarding support, training and other services in your area, please visit our website at www.nexusgroup.com/.