Skip to main content
Skip table of contents

Release notes Digital Access component 6.5.1

Version: 6.5.1

Release date: 2023-12-22

Important!

SHA1 is no longer accepted by Digital Access for SAML signing

Digital Access as IDP will no longer accept SAML messages signed using SHA1 algorithm from DA version 6.4.0 onwards. All applications must use other safe and available algorithms.

If there are clarifications or concerns regarding the above, contact Nexus support for more information.

Features

Jira ticket noDescription
DA-22

Added support for Elliptic Curve Cryptography (ECC) certificates for the mTLS authentication in Digital Access. 

Currently, only a few algorithms are supported:

  • TLS_ECDHE_ECDSA_WITH_AES_128_CCM
  • TLS_ECDHE_ECDSA_WITH_AES_256_CCM
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
  • TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
DA-1524

When Digital Access acts as Identity Provider, added the capability to assign SAMLAuthncontext value to the IDPs added in the SAML federation so that the IDPs also get listed along with the basic authentication methods when the SP application passes a certain SAMLAuthncontext value.

You can modify the settings under Add/Edit Identity Provider > Attribute settings.

DA-1626

Added logging, in case of SAML SP sign authentication request by extracting digest from SAML request. There is also a check if SHA1 has been used and if so, a warning message is added to the audit log. The warning message includes information about the SP entityID and federation name. 

General recommendation: Use more secure algorithms for SP applications. Do not use SHA1.

Minor improvements

Jira ticket noDescription
DA-1485

There was an issue in case of OAuth2, when access rules were added in the clients that the order in which they were added was not saved and sorted correctly. This has been fixed.

DA-1193

There was an issue where a user belonging to a nested group in delegated management took a longer time due to recursion for login. This has been fixed.

Contact information

For information regarding support, training, and other services in your area, visit www.nexusgroup.com/

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.