Page created: 12 Oct 2023
|
Page updated: 12 Oct 2023
The following is the change history for the RSA SecurID Integration Kit.
RSA SecurID Integration Kit 4.0 – October 2023
- Added support for the RSA Authentication Manager integrated with the RSA Cloud
Authentication Service (CAS). The adapter supports the
SecurID
,Token
, andApprove
methods.
RSA SecurID Integration Kit 3.2.2 – December 2022
- Updated the security dependencies used by the adapter to the latest available.
RSA SecurID Integration Kit 3.2.1 – September 2021
- Fixed two issues that caused certain authentication attempts to be logged
incorrectly in
audit.log
andserver.log
.
RSA SecurID Integration Kit 3.2 – June 2021
- Added support for the PingFederate authentication API.
- Added support for the JavaScript Widget for the PingFederate Authentication API.
- Improved the template files to use the PingFederate localization framework. If you
have existing customizations, you need to manually modify the new
rsa-securid-messages.properties
file. For help customizing messages, see Localizing messages for end users in the PingFederate documentation. - Fixed an issue that, after upgrading the adapter, caused an error when using the administrative API to bulk import an earlier version of the adapter.
- Fixed an issue where the previous adapter wouldn't failover to its replicas when the virtual machine was running but RSA services was not.
- Fixed a user impersonation vulnerability. See security bulletin SECADV026.
RSA SecurID Integration Kit 3.1.1 – March 2021
- Fixed an issue that caused unexpected behavior when
LockoutPeriod
was set to0
in the account lockout settings file. - Improved the description for the Challenge Retries setting in the adapter configuration.
RSA SecurID Integration Kit 3.1 – November 2020
- Added the ability to customize the ciphers used in outbound HTTP requests to RSA SecurID.
- Improved error handling for cases where the user leaves the username or passcode field blank.
- Fixed an issue that could cause the adapter to cancel some sign-on attempts.
RSA SecurID Integration Kit 3.0.1 – October 2019
- Fixed a serialization issue that occurred when PingFederate was used in a cluster.
RSA SecurID Integration Kit 3.0 – August 2019
- Added support for RSA Authentication Manager 8.4
- Added support for Java 11 by updating the adapter to use the RSA SecurID Authentication API.
- Added the ability to override the user ID attribute that is sent to the authentication API without affecting the ID shown to the user.
- Added the ability to configure failover servers for the primary RSA Authentication API endpoint.
- Added proxy connection override settings.
- Added connection read and timeout settings.
- Improved templates to support multi-factor authentication and CSRF protection.
- Improved template usability and error messages.
RSA SecurID Integration Kit 2.1 – June 2018
- Added support for RSA Authentication Manager 8.3
- Improved variable names in the template pages
- Added new variables available to the template pages
- Added configuration field to set the log level of the RSA Authentication Agent SDK
- Added validation for user-generated PINs in the adapter and template
RSA SecurID Integration Kit 2.0 – May 2017
- Added support for RSA Authentication Manager 8.2
- Removed support for versions 6.x and 7.x of RSA Authentication Manager
- Updated the SecurID Adapter to use RSA Authentication Agent SDK 8.6 for Java
RSA SecurID Integration Kit 1.2.2 – January 2017
- Resolved issue when configuring RSA in a clustered Windows environment
RSA SecurID Integration Kit 1.2.1 – December 2015
- Security fixes
- Fixed serialization issue when token is in new PIN mode
RSA SecurID Integration Kit 1.2 – September 2015
- Qualified for RSA Authentication Manager 7.1 SP4
- Updated SecurID adapter to be utilized as second factor authentication
- Added session state management
RSA SecurID Integration Kit 1.1 – November 2013
- RSA Authentication Agent API 8.1 SP2
RSA SecurID Integration Kit 1.0 – March 2010
- Initial Release