[Announce] WSO2 Identity Server 5.3.0 Released !
Pulasthi Mahawithana
pulasthim at wso2.com
Wed Jan 11 05:32:00 PST 2017
WSO2 Identity Server 5.3.0 Released !
WSO2 Identity Server team is pleased to announce the release of version
5.3.0 of the WSO2 Identity Server (IS).
WSO2 Identity Server is an open source Identity and Entitlement Management
server. It supports a wide array of authentication protocols such as SAML
2.0 Web SSO, OAuth 2.0/1.0a, OpenID Connect and WS-Federation Passive. It
supports role based authorization and fine grained authorization with XACML
2.0/3.0 while inbound/outbound provisioning is supported through SCIM and
SPML.
WSO2 Identity Server is developed on top of the revolutionary WSO2 Carbon
platform, an OSGi based framework that provides seamless modularity to your
SOA solution via componentization.
All the major features have been developed as pluggable Carbon components.
You can download this distribution from http://wso2.com/products/
identity-server/.
Online documentation is available at http://docs.wso2.org/wiki/
display/IS530/WSO2+Identity+Server+Documentation.
How to Run
1. Extract the downloaded zip
2. Go to the bin directory in the extracted folder
3. Run the wso2server.sh or wso2server.bat files as appropriate
4. If you need to start the OSGi console with the server, use the property
-DosgiConsole when starting the server.
New Features in this Release
-
Improved Identity Management Capabilities : Identity management features
in WSO2 Identity Server 5.3.0, has been re-designed to provide strong
out-of-the-box support for key identity management use cases, including
password policies, login policies and account management policies.
-
Password policies
-
Password history validation (ability to keep track of user's old
passwords). See Password History Validation
<https://docs.wso2.com/display/IS530/Password+History+Validation>.
-
Password Patterns Configuration, See Password Patterns
<https://docs.wso2.com/display/IS530/Password+Patterns>
-
Login policies
-
Google ReCaptcha support for single sign on. See Setting Up
ReCaptcha
<https://docs.wso2.com/display/IS530/Setting+Up+ReCaptcha>.
-
Account locking in single and multi-tenant environments. See User
Account Locking and Account Disabling
<https://docs.wso2.com/display/IS530/User+Account+Locking+and+Account+Disabling>
.
-
Account management policies.
-
Account suspension reminders and locking idle accounts. See User
Account Suspension
<https://docs.wso2.com/display/IS530/User+Account+Suspension>.
-
Password and username recovery with challenge questions or
notifications. We also support challenge questions
internalization. See Password
Recovery <https://docs.wso2.com/display/IS530/Password+Recovery>.
-
Password reset via admin. For more information, See Forced
Password Reset
<https://docs.wso2.com/display/IS530/Forced+Password+Reset>.
-
Google ReCaptcha support for password recovery flow and self sign
up. See Setting Up ReCaptcha
<https://docs.wso2.com/display/IS530/Setting+Up+ReCaptcha>.
-
HTML support for email templates, template internalization and
dynamic properties for email templates. See Customizing Automated
Emails
<https://docs.wso2.com/display/IS530/Customizing+Automated+Emails>.
-
Brute force attack prevention. See Mitigating Brute Force Attacks
<https://docs.wso2.com/display/IS530/Mitigating+Brute+Force+Attacks>.
-
Login session monitoring and termination: WSO2 IS now supports
monitoring user sessions and authentication activities via alerts, and
manual termination of user sessions for better security. See Terminating
User Sessions
<https://docs.wso2.com/display/IS530/Terminating+User+Sessions>.
-
Rule based provisioning: WSO2 IS 5.3.0 has the ability to adopt
provision flows based on rules. These rules can be based on entities
related to an event such as user, idp, sp as well as environmental factors
like time and region.
-
Prompt for missing predefined required attributes in the authentication
flow: The user will be prompted to fill the missing attributes or claim
values, in the event of a missing mandatory claim at the point of login.
See Configuring Claims for a Service Provider
<https://docs.wso2.com/display/IS530/Configuring+Claims+for+a+Service+Provider>
.
-
OAuth 2.0/OpenID Connect Enhancements: Following OpenID Connect
specifications were implemented to enrich the OpenID connect support in
Identity Server.
-
OpenID Connect Dynamic Client Registration. See OpenID Connect
Dynamic Client Registration
<https://docs.wso2.com/display/IS530/OpenID+Connect+Dynamic+Client+Registration>
.
-
Token Introspection. See Invoke the OAuth Introspection Endpoint
<https://docs.wso2.com/display/IS530/Invoke+the+OAuth+Introspection+Endpoint>.
-
OpenID Connect Discovery support. See the OpenID Connect specification
<https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery>.
-
OAuth 2.0 client secret revocation and regeneration : See OAuth2 /OpenID
connect configurations
<https://docs.wso2.com/display/IS530/Configuring+OAuth2-OpenID+Connect+Single-Sign-On>
-
REST profile of XACML. With IS 5.3.0, we have added a REST layer on top
of the Balana entitlement engine. See Entitlement with APIs
<https://docs.wso2.com/display/IS530/Entitlement+with+APIs>.
-
SAML 2.0 Enhancements: Identity server 5.3.0 added following
specification support to its SAML feature list.
-
SAML 2.0 Metadata Profile.
-
SAML 2.0 Assertion Query/Request Profile
-
Security Analytics: WSO2 IS now detects and provides alerting capability
for abnormal and suspicious login sessions. See Managing Alerts
<https://docs.wso2.com/display/IS530/Managing+Alerts>.
-
SCIM 1.0 Enhancements : SCIM provisioning API improved to support
attribute query.
-
Engage access control policies in authentication flow : With WSO2 IS
5.3.0 it's possible to evaluate access control policies against an
authenticated user in authentication flow.
-
Integrated Windows Authentication (IWA) for IS deployed on Linux servers
: With this improvement we enable IS deployed on Linux servers to achieve
IWA with external Kerberos/NTLM Servers. See Configure IWA on Linux
<https://docs.wso2.com/display/IS530/Configuring+IWA+on+Linux>
-
Claim Management Improvement: With this release we relieve the user from
the painstaking task of having map claims from one dialect to another
indirectly by manipulating mapped attributes. From IS 5.3.0, users can
easily map claims from two dialects directly without worrying about mapped
attributes.
-
Identity Management REST APIs : New RESTful interfaces to connect with
account registration and recovery flows have been introduced with IS 5.3.0.
Known Issues
All the open issues pertaining to WSO2 Identity Server are reported at the
following locations:
-
IS Runtime <https://wso2.org/jira/issues/?filter=13613>
-
IS Analytics <https://wso2.org/jira/issues/?filter=13615>
How You Can Contribute
Mailing Lists
Join our mailing list and correspond with the developers directly.
Developer list : dev at wso2.org | Subscribe | Mail Archive
<http://mail.wso2.org/mailarchive/dev/>
User forum : StackOverflow
<http://stackoverflow.com/questions/tagged/wso2is>
Reporting Issues
We encourage you to report issues, documentation faults and feature
requests regarding WSO2 Identity Server or in the Carbon base framework
through the public WSO2 Identity Server JIRA
<https://wso2.org/jira/browse/IDENTITY> or Carbon JIRA
<https://wso2.org/jira/browse/CARBON>.
Support
We are committed to ensure your enterprise middleware deployment is
completely supported from evaluation to production. Our unique approach
ensures that all support leverages our open development methodology and is
provided by the very same engineers who build the technology. For more
details and to take advantage of this unique opportunity
http://wso2.com/support/. <http://wso2.com/support/>
For more information about WSO2 Identity Server, please see
http://wso2.com/products/identity-server or visit the WSO2 Oxygen Tank
<http://wso2.com/library/> developer portal for additional resources.
Thank you for your interest in WSO2 Identity Server.
The WSO2 Identity Server Team
--
*Pulasthi Mahawithana*
Senior Software Engineer
WSO2 Inc., http://wso2.com/
Mobile: +94-71-5179022
Blog: https://medium.com/@pulasthi7/
<https://wso2.com/signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.wso2.org/pipermail/announce/attachments/20170111/6a8cd35b/attachment-0001.html>
More information about the Announce
mailing list