Page tree
Skip to end of metadata
Go to start of metadata

Version: 5.13.2

Release Date: 2019-04-23

Introduction

Nexus is proud to announce the availability of Nexus Hybrid Access Gateway 5.13.2.

Main new features

Support for signing during SAML authentication

If the SAML request contains a SignMessage element, Hybrid Access Gateway forwards the contained message to the signing interface of Swedish BankID as well as Nexus Personal Mobile and Nexus Personal Desktop. The same message can also be shown in the browser by changing the authentication method template.

Hybrid Access Gateway displays all authentication methods that are configured for the corresponding AuthContext.

Prevent username change during step-up authentication

When a user authenticates with an additional method, username change can be prevented. This property is set to 'true' by default. During authentication, the user id of the linked user is compared to the one in the existing session. If they are not the same, the authentication is declined. 

Detailed feature list

Features

JIRA ticket no

Description

HAG-848

Prevent username change during step-up authentication

When a user authenticates with an additional method, username change can be prevented. The extended property, called "User name may not change during session", is set to 'true' by default. During authentication, the user id of the linked user is compared to the one in the existing session. If they are not the same, the authentication is declined.

HAG-1475

Changed default URL of Image API

The pre-configured Image API URL in the Policy Service has been changed to represent DNS mapping instead of URL mapping. If the URL has already been changed, this feature does not have any effect.

HAG-1489

Support for signing during SAML authentication

If the SAML request contains a SignMessage element, Hybrid Access Gateway forwards the contained message to the signing interface of Swedish BankID as well as Nexus Personal Mobile and Nexus Personal Desktop. The same message can also be shown in the browser by changing the authentication method template.

Hybrid Access Gateway displays all authentication methods that are configured for the corresponding AuthContext.

HAG-1509

Allow signing of assertion and response together

Sign Response and Sign Assertion can now be selected together. If both are selected, assertion is signed first. After that, the whole response is signed with the same certificate. 

When SAML meta data is imported for a new federation, and the attribute WantAssertionsSigned is set to true, Sign Assertion is automatically checked.

HAG-1511

Configure additional authentication contexts

Additional AuthContext values can be configured in the Remote Configuration file, if the pre-configured values are not sufficient.

HAG-1515

Allow multiple authentication contexts for one authentication method

More than one AuthContext can now be configured for a certain authentication method by using space separated values. If one of these authentication contexts is asked by the service provider, the corresponding authentication methods are shown to the user.

Corrected bugs

JIRA ticket no

Description

HAG-1403

The upgrade of Hybrid Access Gateway failed if the internal Postgres database was disabled or removed.

HAG-1469

Not possible to upload custom attestation key

HAG-1492

When authenticating with Personal Mobile, the wait time between Authentication Service and Policy Service is too low. The time-out value that is used for HTTP connections to Nexus Personal Messaging is now the same as the RADIUS session time-out value.

HAG-1498

The publish process is slow

Known issues and deprecated features

JIRA ticket no

Description

HAG-1506User is not automatically linked with the User Storage during authentication if another user already has a valid session open

End of Sales statement

Refer to Supported versions of Hybrid Access Gateway.

End of Life statement

Refer to Supported versions of Hybrid Access Gateway.

Contact

Contact Information

For information regarding support, training and other services in your area, please visit our website at www.nexusgroup.com/

Support

Nexus offers maintenance and support services for Nexus Hybrid Access Gateway to customers and partners. For more information, please refer to the Nexus Technical Support at www.nexusgroup.com/support/, or contact your local sales representative.

Related information