RSA SecurID integrations

Changelog

The following is the change history for the RSA SecurID Integration Kit.

RSA SecurID Integration Kit 4.1.1 – December 2024

  • Fixed an issue that caused the Approve method’s push notification template to render twice.

  • Fixed an issue that caused the RSA SecurID IdP Adapter to fail when using PingFederate in BC FIPS mode.

RSA SecurID Integration Kit 4.1 – April 2024

  • Added support for the Approve method’s Selection mode. Support for the Approve method was introduced in RSA SecurID Integration Kit 4.0.

    To use Selection mode, you must have RSA Authentication Manager 8.7 SP2 or later, integrated with the RSA Cloud Authentication Service (CAS). You must enable the Selection feature in RSA CAS, and use version 4.3 or later of the RSA mobile app.

  • Added the ability to define a template file prefix and customize the pages that the adapter displays per adapter instance.

    If you modify a template file, rename the template file to give it a new prefix. Make sure to enter the new prefix in the HTML Template Prefix field.

RSA SecurID Integration Kit 4.0.1 – February 2024

  • Fixed an issue that caused an unavailable authentication method to display incorrectly.

RSA SecurID Integration Kit 4.0 – October 2023

  • Added support for the RSA Authentication Manager integrated with the RSA Cloud Authentication Service (CAS). The adapter supports the SecurID, Token, and Approve methods.

RSA SecurID Integration Kit 3.2.2 – December 2022

  • Updated the security dependencies used by the adapter to the latest available.

RSA SecurID Integration Kit 3.2.1 – September 2021

  • Fixed two issues that caused certain authentication attempts to be logged incorrectly in audit.log and server.log.

RSA SecurID Integration Kit 3.2 – June 2021

  • Added support for the PingFederate authentication API.

  • Added support for the JavaScript Widget for the PingFederate Authentication API.

  • Improved the template files to use the PingFederate localization framework. If you have existing customizations, you need to manually modify the new rsa-securid-messages.properties file. For help customizing messages, see Localizing messages for end users in the PingFederate documentation.

  • Fixed an issue that, after upgrading the adapter, caused an error when using the administrative API to bulk import an earlier version of the adapter.

  • Fixed an issue where the previous adapter wouldn’t failover to its replicas when the virtual machine was running but RSA services was not.

  • Fixed a user impersonation vulnerability. See security bulletin SECADV026.

RSA SecurID Integration Kit 3.1.1 – March 2021

  • Fixed an issue that caused unexpected behavior when LockoutPeriod was set to 0 in the account lockout settings file.

  • Improved the description for the Challenge Retries setting in the adapter configuration.

RSA SecurID Integration Kit 3.1 – November 2020

  • Added the ability to customize the ciphers used in outbound HTTP requests to RSA SecurID.

  • Improved error handling for cases where the user leaves the username or passcode field blank.

  • Fixed an issue that could cause the adapter to cancel some sign-on attempts.

RSA SecurID Integration Kit 3.0.1 – October 2019

  • Fixed a serialization issue that occurred when PingFederate was used in a cluster.

RSA SecurID Integration Kit 3.0 – August 2019

  • Added support for RSA Authentication Manager 8.4

  • Added support for Java 11 by updating the adapter to use the RSA SecurID Authentication API.

  • Added the ability to override the user ID attribute that is sent to the authentication API without affecting the ID shown to the user.

  • Added the ability to configure failover servers for the primary RSA Authentication API endpoint.

  • Added proxy connection override settings.

  • Added connection read and timeout settings.

  • Improved templates to support multi-factor authentication and CSRF protection.

  • Improved template usability and error messages.

RSA SecurID Integration Kit 2.1 – June 2018

  • Added support for RSA Authentication Manager 8.3

  • Improved variable names in the template pages

  • Added new variables available to the template pages

  • Added configuration field to set the log level of the RSA Authentication Agent SDK

  • Added validation for user-generated PINs in the adapter and template

RSA SecurID Integration Kit 2.0 – May 2017

  • Added support for RSA Authentication Manager 8.2

  • Removed support for versions 6.x and 7.x of RSA Authentication Manager

  • Updated the SecurID Adapter to use RSA Authentication Agent SDK 8.6 for Java

RSA SecurID Integration Kit 1.2.2 – January 2017

  • Resolved issue when configuring RSA in a clustered Windows environment

RSA SecurID Integration Kit 1.2.1 – December 2015

  • Security fixes

  • Fixed serialization issue when token is in new PIN mode

RSA SecurID Integration Kit 1.2 – September 2015

  • Qualified for RSA Authentication Manager 7.1 SP4

  • Updated SecurID adapter to be utilized as second factor authentication

  • Added session state management

RSA SecurID Integration Kit 1.1 – November 2013

  • RSA Authentication Agent API 8.1 SP2

RSA SecurID Integration Kit 1.0 – March 2010

  • Initial Release