PIP 6.2.0 Release Notes

December 14th 2022

The new release of PhenixID Identity Provisioning (PIP) improves the stability, compatibility and security of your solution, and is recommended for all installations.

New or updated features

1. SOAP library Updated

The SOAP library has been updated from Axis1 to Axis2, mainly for hosting of SOAP web services.

IMPORTANT NOTE: This is a major upgrade as it affects all web services being hosted by PhenixID Identity Provisioning – if there are third party web services, they need to be updated to use Axis2 instead of Axis1.

2. File Data Source: Whitespace trimming

When using the file data source (CSV), whitespaces in the start and end of each field value was always removed – is now possible to keep those whitespaces.

3. LDAP Data Source: Connection Attempts

For the LDAP data source, it is now possible to configure a number of maximal attempts to try connecting before failing hard.

4. Explicit sorting of Policies

It is now possible to enforce explicit sorting of policies. For example, if you have a category including 100 policies and you work with two of them regularly and the others seldom then you can priorities the two so they are easy to access. Lowest numbers will be on top of the policy list, else it will be ordred alphabetically just like before.

5. Remove Duplicate Values in Multivalue Action

Version: 1.0
The action will remove duplicate multivalues in selected attributes.

6. Policy Actions

The actions tab on a policy will now allow selection of and operating on multiple actions simultaneously.

8. Actions always grouped by categories

The actions are now always being grouped by the categories that the user can set themself.

9. Import objects dialog: Hide identical objects

In the import objects dialog, it is now possible to hide identical objects that already exist in the configuration (default behavior) by checking/unchecking a checkbox.

10. Action Group: Multiple select

When editing the list of actions in an action group, it is now possible to select and operate on multiple actions simultaneously.

12. Nexus Certificate Manager Revoke Action

Version 1.0
Use PhenixID Identity Provisioning to revoke a certificate in Nexus Certificate Manager CA.
For more information, please read PSD1203

13. Sort Multivalues Actions

Version 1.0
This action can be used to sort multivalues in one or many session attributes.

14. Session Values Expansion limit increased

When expanding SESSION() and GLOBAL() in texts, there were previously an upper limit of how many expansions that would be processed of 100 per type of expansion. This limit has now been increased from 100 to 10000.

Updated Actions

1. Replace a Value in Attribute: Allow escaped replacement text

Version: 1.7
It is now possible to use escape characters for the replaced text, it also possible to replace text in multiple session attributes while writing the new value to some other attribute to avoid overwriting the source value.

2. String Trim

Version: 1.3
It is now possible to trim all attributes instead of only a specific set of attributes. Instead of adding attribute1, attribute2 and so on you can simply add * (asterisk).

3. Policy Logging

The following actions was not logging all events correctly to the policy logs due to threading issues.

  • Google Actions Version: 2.1
    (Groups: Create, Get, Sync; Users: Create, Update)
  • PowerShell Actions Version: 1.2
  • PowerShell – Deprecated Version: 2.0
  • REST Actions Version: 1.6
  • REST POST Version: 2.0
  • Launch Application Version: 2.3

4. Create LDAP Object

Version: 2.5
Previously, when a specific session attribute was mapped to multiple LDAP attributes, only the last mapping was written to the object.

5. Raise Alert

Version: 1.2
It is possible to add conditions for when to trigger an alert based on the number of session objects.

6. Multiple actions: Added output attribute

It is now possible to specify that the output shall be written to one, or many, other session attributes instead of overwriting the original value.
The following actions have been updated:

  • DN Manipulator Version: 1.7
  • Text to Binary Convert Version: 1.5
  • String Replacer Version: 1.9
  • String Extract Version: 1.5
  • Replace a Value in Attribute Version: 1.7
  • Numeric Handler Version: 1.3
  • Hash Attribute Version: 1.5

Bug Fixes

1. New configuration could crash configurator

When starting a brand new configuration in the configurator and navigate to a policy, the configurator would previously crash.
This has now been corrected.

2. Existing log files could crash the configurator

In some scenarios, existing log files could cause the configurator to crash when starting if the last modified timestamp on the log files were equal between several files.
This has now been corrected.

3. Policy Logging

For certain multithreaded actions, some log events was not logged to the policy log.
This has now been corrected.

4. Import object dialog: resize issues

When resizing the import object dialog the rendering did not work properly.
This has now been corrected.

Misc

1. Java

Identity Provisioning is now tested and bundled with java 17.0.4_1 from Azul.

2. Upgrade verifications

Verify so there are no duplicate jar-files, as this might cause an unexpected behavior.

Compare /lib with /ext. If duplicates exists, make sure to keep the latest version of jar-files.

3. End of Support

Information about the oldest supported version can be found here.