HomeManagement Center

Breaking changes

Here we address changes that may cause previously working configurations to stop working after the update, if they are not adjusted to handle the changes below.

This version

The LDAP search valve has been updated to better handle single vs. multi-value attributes. In previous versions, all returned values were treated as multi-value attributes, even when only a single value was present, which made configuration unnecessarily complex. With this update, attributes containing a single value are now returned as a simple value ("") instead of an array ([""]).

Impersonate has updated configuration

Ensure to adapt if used in environment.

3.1.0

Updated default encryption

As of 3.1.0 default encryption has been changed. This will only affect systems where encryption is enabled.

To keep previous implementation ensure environment setting:

FORTIFIED_SECRETS_IMPL = local

3.0.0

SAML NameID format update

When deciding outgoing SAML assertion NameID format selection process is updated. If NameID format is configured this will supersed anything else. If not configured, requested format value from the AuthNRequest is used.

If none of the above is true, default fallback is:

urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified

Any format values in SAML meta data is ignored.

Overriding logos has new way of configuration

Default property names, and the overriding, of logos have changed.

All logos are now configured in a "logos" property in the ui_config and ui_config_overrides.json

{
  "logos": {
    "app_logo": {
      "src": "assets/fortified_logo_green-white.svg",
      "height": "40px"
    },
    "access_header": {
      "src": "assets/fortified_logo_green-teal.svg",
      "height": "80px"
    },
    "access_footer": {
      "src": "assets/fortified_logo_green-teal.svg",
      "height": "40px",
      "link": {
        "url": "https://fortifiedid.se",
        "text": "FortifiedID"
      }
    }
  }
}

All Integrity Access ui's now use logos defined in the access_header and access_footer. All apps with a top header bar (Password Reset, Portal etc) use the app_logo.

This allows for better separation of logos and for using the same configuration and/or same configuration file for multiple ui apps.

For more information about new configuration possibilities, see UI Configuration Overrides

New Hazel cast schema

If running cluster, update cluster configuration xml file using schema:

http://www.hazelcast.com/schema/config/hazelcast-config-5.3.xsd

Session cookie defaults

All session cookies now are set out to require User-Agent communication being done using TLS (encrypted channel)

Running in a non secure channel will require setting:

"http_session_cookie_secure": false,

It is always recommended encrypting data transfer between User-Agent and server.

PreviousRelease notesNextArchitecture