Summary
This release impacts those applications using Haventec Connect with Password Migration Flow.
It introduces the following changes:
- User registration can now be done as part of device registration.
- Usernames no longer need to be case-sensitive
- Keycloak sessions are closed when no longer needed
- Appropriate error messages when deleted devices are accessed.
- Dependency upgrades to mitigate security vulnerabilities.
Change Log:
- [Feature] Connect: /password-authentication/device must create user if it does not exist
- [Bugfix] username not normalised in loginPasswordUser or registerPasswordDevice
- [Bugfix] Connect: registerPasswordDevice username field is not normalised
- [Bugfix] Incorrect error when accessing a deleted device
- [Security] Libraries updated to comply with latest CVE scans.
Backwards Compatibility
- This release is NOT backwards compatible with prior release Connect 1.0.30, as there is a change in functionality across the /password-authentication loginPasswordUser and registerPasswordDevice functions.
- This release is compatible with the following releases of all Haventec Services:
- Java SDK 1.1.3
- Node SDK 1.0.9
- Authenticate 1.2.78 to 1.2.79.1
- Console 1.2.70 to 1.2.71.2
- Haventec IAM 15.0.2 and 15.1.1
Known Issues
- [Bugfix] Session leak with logout of a password device - an ERROR message is generated when attempting this
Release Steps
- Verify pre-release system integrity by
- Perform system functional tests
- Check that there are no errors in logs
- Verify performance and response times are expected
- Perform the release to deploy Connect 1.0.31
- Verify post-release system integrity by:
- Perform system functional tests
- Check that there are no errors in logs
- Verify performance and response times are expected.
Rollback Steps
- Deploy previous version of Connect
- Verify system integrity by:
- Perform system functional tests
- Check that there are no errors in logs
- Verify performance and response times are expected.
Comments
0 comments
Please sign in to leave a comment.