On February 15th we released LinOTP 2.9.1 to the repositories.
LinOTP 2.9.1
KeyIdentity GmbH is pleased to announce the availability of the following product release:
LinOTP 2.9.1 introduces many improvements, small features,
cleanups and bug fixes. The highlights are the implementation of
the KeyIdentity Push Token, a new caching functionality to
significantly speed up performance for UserIdResolvers and the
switch to StartTLS by default to improve the connection security to
LDAP UserIdResolvers.
The list below provides details of the most important changes.
Please also refer to the complete changelog at the end of this
newsletter
Highlights
- New Feature: KeyIdentity Push Token
LinOTP 2.9.1 is the first release to include support for the
KeyIdentity Push Token to secure logins and transactions while
providing a high level of usability on Android and iOS.
Based on the established cryptographic principles of the QRToken we
improved the workflows of the authentication process while
conserving a high level of security. It utilizes the native push
mechanisms of Android and iOS for the highest level of
compatibility based on the KeyIdentity Authenticator.
Please contact us for more information and about details on how to
integrate the KeyIdentity Push Token in your setup.
- New Feature: Caching for LDAP UserIdResolvers
The new caching feature is designed to improve the performance of LinOTP significantly in environments with a large number of users, complex realm setups and slow UserIdResolvers. Details about the configuration can be found at Caching-Feature.
- New Feature: StartTLS by default
LinOTP 2.9.1 switches to StartTLS by default in order to secure the communication with LDAP UserIdResolvers in environments without a LDAPS infrastructure. Please have a look at StartTLS for details.
Download
LinOTP 2.9.1 is available as Debian and RPM packages from www.linotp.org. Ubuntu packages are available from our PPA on Launchpad. Users of the KeyIdentity LinOTP Smart Virtual Appliance will receive LinOTP 2.9.1 via the integrated auto-update mechanism after February 20th 2017.
Note
With LinOTP 2.9.1 large parts of the LDAP UserIdResolver code was rewritten and the default for StartTLS have changed. Although LinOTP 2.9.1 has been tested thoroughly by KeyIdentity we recommend to setup LinOTP 2.9.1 in a staging environment before putting it into production.
We are happy to assist our support customers in upgrading their environment to the latest release. Please contact us at keyidentity@keyidentity.com.
The KeyIdentity LinOTP team
--
KeyIdentity GmbH
https://www.keyidentity.com
Robert-Koch-Straße 9, 64331 Weiterstadt
Germany
Sales Hotline: +49 6151 86086-277, Fax: -299
Email: sales@keyidentity.com
Registered Office: Weiterstadt, Amtsgericht Darmstadt: HRB8649
Board of Directors: Nils Manegold, Dr. Amir Alsbih
Changelog LinOTP 2.9.1
Enhancements
- Server: New token type: KeyIdentity PushToken
- Server: Add optional caching of resolver lookups
- Server: Show welcome and update screens
- WebUI: Add dialog for duplicating resolvers
- WebUI: Better password handling in resolver dialogs
- Reporting: Add paging and CSV output for reporting/show
- API: Use semicolon as CSV column separator by default
- UserIdResolver: Add StartTLS support
Bug Fixes
- Server: Fix remote token
- Server: Fix evaluating policies for non-existent realms
- API: Don't localize monitoring json output
- SMPPSMSProvider: Fix encoding issues for non-ascii characters
- WebUI: Alert in realm dialog if no resolvers are selected