forked from wso2/product-is
-
Notifications
You must be signed in to change notification settings - Fork 0
/
release-notes.html
234 lines (189 loc) · 10.7 KB
/
release-notes.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
<!--
~ Copyright 2005-2011 WSO2, Inc. (http://wso2.com)
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1"/>
<title>Welcome to WSO2 Identity Server v5.1.0!</title>
<link href="css/is-docs.css" rel="stylesheet"/>
</head>
<body>
<h1>WSO2 Identity Server : An Open Source Identity and Entitlement Management Server</h1>
<h3>WSO2 Identity Server v5.1.0 Release Note</h3>
<h3>23 May 2014</h3>
<p>
The WSO2 Identity Server team is pleased to announce the release of version 5.1.0 of
the WSO2 Identity Server (IS).
</p>
<p>WSO2 Identity Server is an open source Identity and Entitlement management server. It supports a wide array of authentication
protocols such as SAML 2.0 Web SSO, OpenID, OAuth 2.0/1.0a, OpenID Connect and WS-Federation Passive.
It supports role based authorization and fined grained authorization with XACML 2.0/3.0 while inbound/outbound provisioning is
supported through SCIM and SPML</p>
<p>
WSO2 Identity Server is developed on top of the revolutionary
<a href="http://wso2.com/products/carbon">WSO2 Carbon platform</a>,
an OSGi based framework that provides seamless modularity to your SOA via
componentization.</p>
<p>All the major features have been developed as pluggable Carbon components.</p>
<p>
You can download this distribution from <a href="http://wso2.com/products/identity-server/">
http://wso2.com/products/identity-server/</a>.</p>
<p>The online documentation is available at
<a href="http://docs.wso2.org/wiki/display/IS500/WSO2+Identity+Server+Documentation">
http://docs.wso2.org/wiki/display/IS500/WSO2+Identity+Server+Documentation.</a></p>
<h2>How to Run </h2>
<ol>
<li>Extract the downloaded zip</li>
<li>Go to the bin directory in the extracted folder</li>
<li>Run the wso2server.sh or wso2server.bat as appropriate</li>
<li>If you need to start the OSGi console with the server use the property
-DosgiConsole when starting the server. The INSTALL.txt file found on the
installation directory will give you a comprehensive set of options and
properties that can be passed into the startup script</li>
</ol>
<h2>New Features In This Release</h2>
<ul>
<li>Identity Bridge</li>
<p>WSO2 Identity Server 5.1.0 is capable of translating between heterogeneous authentication protocols and transforming
and mediating any identity assertion, between SAML2.0, OAuth 1.0a/2.0, OpenID, OpenID Connect, WS-Federation Passive.
This leads to seamless integration between internal applications and cloud applications such as Salesforce, Google Apps
and Office 365.</p>
<li>Multi-option and multi-step authentication</li>
<p>With WSO2 Identity Server 5.1.0, a given service provider (irrespective of the protocol it supports) can select the
login options it wants to present to it users. Authentication can be a mix of two types: Multi-option login and
multi-step login. With multi-option authentication - the user will be presented with a login screen to pick whatever
the authentication mechanism he/she wants (e.g.: Username/password, Social login with Facebook, Login with a
federated Home Identity Provider). A service provider can also choose to have multi-step authentication.
Multi step authentication can naturally be extended to be multi-factor depending on the kind of authentication.</p>
<li> Request Path Authenticators.</li>
<p>The responsibly of getting the user's credentials is left to the service provider, and the credentials will be
attached to the request to the Identity Server.
<li>Social Login with Facebook / Google / Microsoft Windows Live.</li>
<p>Facebook / Google / Microsoft Windows Live authenticators are the very first authenticators we are shipping with
Identity Server 5.1.0 for social login.</p>
<li>Ability to plug-in custom developed authenticators.</li>
<p>Owing to the power of OSGi, custom authenticators can be easily written and put into the Identity Server which
will pick them dynamically and execute. The UI will also be extended with property fields for administrators to
configure the authenticators if they are federated authenticators</p>
<li>Provisioning Bridge.</li>
<p>WSO2 Identity Server 5.1.0 is capable of accepting inbound provisioning requests based on SOAP or SCIM,
provisioning to the Resident Identity Provider using LDAP, Active Directory, JDBC or Carbon Remote UserStoreManagement
user management APIs, and transform them to outbound provisioning requests based on SCIM, SPML 2.0, Salesforce,
Google Apps provisioning APIs.</p>
<li>Just-in-time provisioning.</li>
<p>In the process of federated login WSO2 Identity Server is capable of provisioning the corresponding subject to a
preferred user store domain as well as other configured Identity Providers.</p>
<li>Ability to plug-in custom developed provisioning connectors.</li>
<p>Like with authenticators provisioning connectors also can be added to the system by implementing the relevant
APIs and dropping them to the system as OSGi bundles.</p>
<li>User Dashboard.</li>
<p>WSO2 Identity Server 5.1.0 ships with a jaggery based user dashboard to expose end user functionality.
This dashboard is completely decoupled from the management console, and is completely extensible due to the fact that
it is able to render gadgets. The application can run from within IS or as a separate jaggery app on AS.</p>
<li>SAML2 Web SSO profile Request / Response validator.</li>
<p>A UI based tool in the Identity Server 5.1.0 management console for debugging the SAML2 Web SSO requests and responses.</p>
<li>Remote User Store Management.</li>
<p>WSO2 Carbon's User/Group Administration SOAP API is also now supported as part of the UserStoreManager
implementations shipped by default. This means heterogeneous user stores distributed across different data centers
can be managed from a single Identity Server node.</p>
<li>Custom permissions.</li>
<p>Application specific permissions can be added by service providers and assigned to roles, and by using the
remote authorization API do permission based access control for users.</p>
<li>Encrypted SAML2 Assertions.</li>
<p>The SAML2 assertion issued for SAML2 based SSO login can now have encrypted assertions. To decrypt the assertion
the service provider will have to have the Identity Server tenant's public certificate.</p>
<li>NTLM grant type for OAuth 2.0</li>
</ul>
<h2>Key Features of WSO2 Identity Server</h2>
<ul>
<li>Dynamically discovered federation</li>
<li>Identity Bridge - translation between heterogeneous Identity authentication protocols</li>
<li>SP Initiated and IDP Initiated SAML 2.0 Web Browser SSO provider</li>
<li>SAML2 Single Logout profile support</li>
<li>OpenID 2.0 Provider</li>
<li>OpenID Connect Authorization Server</li>
<li>Social login with Facebook, Google, Yahoo and Windows Live</li>
<li>XACML 3.0/2.0 based Entitlement Engine with WS-XACML support</li>
<li>OAuth 2.0/1.0a Authorization Server with OAuth 2.0/1.0a support</li>
<li>Inbound and Outbound Identity Provisioning with SCIM 1.1</li>
<li>Outbound Identiy Provisioning with SPML 2.0, Salesforce and GoogleApps</li>
<li>Integrated Windows Authentication and webSEAL authentication</li>
<li>Multi-option and multi-step (multi-factor) authentication</li>
<li>Claim based Security Token Service(STS) with SAML 2.0/1.1 support.</li>
<li>Support for various types of User Stores such as JDBC, Cassandra, LDAP, Active Directory in Read/Write mode.</li>
<li>Claim Management</li>
<li>User Profiles and Profile Management</li>
<li>Separable front-end and back-end - a single front-end server can be used to administer several back-end servers</li>
</ul>
<h2>Issues Fixed in This Release</h2>
<p>
This release of WSO2 Identity Server comes with a number of bug fixes, both in the base Carbon
framework and in the Identity Server specific components. All the issues which have been
fixed in this release can be found at:
</p>
<ul>
<li><a href="https://wso2.org/jira/issues/?filter=11808">Fixed Issues for WSO2 Identity Server 5.1.0</a></li>
</ul>
<h2>Known Issues</h2>
<p>
All the known issues in WSO2 Identity Server 5.1.0 are reported at:
</p>
<ul>
<li><a href="https://wso2.org/jira/issues/?filter=11786">Known issues in WSO2 Identity Server 5.1.0</a></li>
</ul>
<h2>How You Can Contribute</h2>
<h3>
Mailing Lists
</h3>
<p>
Join our mailing list and correspond with the developers directly.
</p>
<ul>
<li>
Developer list : <a href="mailto:dev@wso2.org">dev@wso2.org</a>
| <a href="mailto:dev-request@wso2.org?subject=subscribe">Subscribe</a>
| <a href="http://wso2.org/mailarchive/dev/">Mail Archive</a>
</li>
<li>
User forum : <a href="http://stackoverflow.com/questions/tagged/wso2">StackOverflow</a>
</li>
</ul>
<h3>
Reporting Issues
</h3>
<p>
We encourage you to report issues, documentation faults and feature requests regarding
WSO2 Identity Server or in the Carbon base framework through the public
<a href="https://wso2.org/jira/browse/IDENTITY">WSO2 Identity Server JIRA</a> or <a href="http://www.wso2.org/jira/browse/CARBON">Carbon JIRA</a>.
</p>
<h2>Support</h2>
<p>
We are committed to ensuring that your enterprise middleware deployment is completely supported
from evaluation to
production. Our unique approach ensures that all support leverages our open development
methodology and is provided by
the very same engineers who build the technology.
For more details and to take advantage of this unique opportunity
<a target="_blank" href="http://wso2.com/support/">
http://wso2.com/support/</a>
</p>
<p>For more information about WSO2 Identity Server, please see <a
href="http://wso2.com/products/identity-server">http://wso2.com/products/identity-server</a> or visit
the <a href="http://wso2.org/library">WSO2 Oxygen Tank</a> developer portal for addition
resources.</p>
<p>Thank you for your interest in WSO2 Identity Server.</p>
<p>Copyright WSO2 Inc.</p>
</body>
</html>