This patch release includes defect fixes and addition of minor functions for the 4.7 release, and is recommended for all 4.7 installations.
Bug fixes
The 4.7.1 release includes the following fixes
- PHX-2963 resp_attributes type 6 (Service-Type) value returned incorrectly
Service-Type attribute in RADIUS always returned the wrong value. Now updated and the Service-Type attribute can now be set using PropertyAddValve
- PHX-2963 resp_attributes type 6 (Service-Type) value returned incorrectly
Service-Type attribute in RADIUS always returned the wrong value. Now updated and the Service-Type attribute can now be set using PropertyAddValve
- PHX-3030 Wrong language is show in PSS if browSer is set to Swedish
If Chromium based browser have Swedish as default language, the Password Selfservice service would show a mix of English and Swedish
- PHX-3068 Signing, OCSP/CRL: Incorrect validation
Validation of OSCP/CRL tokens fails since wrong value is compared
- PHX-3110 BankID – 400 response when signing gives Java error
BankIDSignValve and BankIDCollectValve woudl generate a java error if BankID returns a 400 response. The solution also includes an update where the error code of the 400 response is forwarded to the application
- PHX-3122 IOS redirect to native browser when using non native browser
Independent of which browser is used when initiating a BankID authentication, iOS devices will redirected back to default web browser
- PHX-3170 Add loginhint to OIDC to auth-request
Support for “login_hint” in OIDC auth-request is missing
- PHX-3188 Clear “SAMLSignApproved” with the rest of the SAML attributes on a new SAMLRequest
Attribute SAMLSignApproved is not cleared
- PHX-3189 validateSchema for SAML SignMessage causes freeze/crash in some environments
validateSchema function in SAMLAuthRequestDecoder freezes/chrashes, preventing SignMessage to be parsed
New/updated features
- PHX-3021 Add support for basic authorization in bankid proxy module
Support basic authorization header in BankID proxy/api
- PHX-3030 Wrong language is show in PSS if browser is set to Swedish
If Chromium based browser have Swedish as default language, the Password Selfservice service would show a mix of English and Swedish
- PHX-3102 SithsEidCollectAuthenticationStatusValve that returns Inera response intact as json
Return the intact Inera response as json
- PHX-3108 BankID 6.0 Phoneauth via proxy/api
Phoneauth endpoint according to BankID 6.0 added in BankID proxy/api
- PHX-3112 OpenID Connect Session Management 1.0
Support for OpenID Connect Session management 1.0 implemented
- PHX-3126 Add BankIDPhoneSignValve
Add BankIDPhoneSignValve according to BankID 6.0
- PHX-3127 Make it possible to expand requirement from request in BankIDAuthenticateValve and BankIDSignValve
Add the possibility to add requirements in a request when using HTTP API with BankID valves
- PHX-3171 BankID 6.0 Phonesign via proxy/api
Add Phonesign endpoint according to BankID 6.0 to BankID proxy/api
- PHX-3187 Make AssertionConsumer strict scoped attribute validation option
Let the administrator decide by config if AssertionConsumer should use strict scoped validation or not
See patch release information for 4.7.1 and read the full release notes for PhenixID Authentication Services 4.7 here:
Read full release
