We are pleased to announce Topicus KeyHub 13.2. This release continues our effort on auditing and group management. As usual, a number of smaller improvements have been made and several issues have been fixed. Before upgrading to 13.2 be sure to read the following important notice.
TKH-1077
When we started Topicus KeyHub, PostgreSQL 9.5 was the latest stable version. As of today, PostgreSQL 11 has been available for quite some time and our virtual appliance provided use with a smooth upgrade path to this new version. If you run our appliance the upgrade will be fully automated. For our customers running our Docker containers we strongly recommend to migrate to our virtual appliance. Please contact us if you need assistance with this.
If you choose to continue to run our Docker containers, you will need to migrate the database manually. The easiest way to do this is:
If you do not migrate your database, it will fail to start and Topicus KeyHub will become unavailable.
TKH-491
A long-standing wish has finally been fulfilled: it is now possible to set an end date to a group membership. This can be set directly when accepting a new member of a group or set later on existing members. In addition, a new member can be made manager right away.
TKH-1049
ISO 27001 certification requires you perform periodic audits on your authorization. This process can now be initiated from Topicus KeyHub. When configured, Topicus KeyHub will instruct the managers of a group to perform an audit on set months.
In addition to the notable changes above, we made the following smaller improvements to groups and auditing:
TKH-1100
A manager of a group is now alerted when he or she is the last manager of a group.TKH-1106
TKH-1109
Various tweaks to the user interface were made to improve the user experience.TKH-1119
Testcase coverage was improved considerably for audits.TKH-1135
Removing the auditor group will now revert the flag to KeyHub Administrators.We spend a lot of effort in polishing the installation experience of the virtual appliance. The following improvements were made:
TKH-1073
A backup now also contains the configured cron jobs.TKH-1076
Testcases were added for backup and recovery, simulating various success and failure scenarios.TKH-1082
You can now use self-signed certificates during the installation and generate them with a single click on a button.TKH-1090
Docker was upgraded to 18.09.TKH-1121
Broken third-party CentOS rpm repositories could cause the installation to fail. These repositories are now optional.TKH-1122
Topicus KeyHub will now refuse to start the installation wizard when the virtual machine does not have enough memory.TKH-1123
The installation wizard now detects Azure deployments and fine-tunes the experience.TKH-1130
On slow systems, the installer could run out of time and/or display conflicting information. This is now fixed.The following smaller improvements and bug fixes were made:
TKH-916
CORS support for OIDC and OAuth2 was added, allowing Javascript clients to fully use OIDC and the OAuth2 code flow.TKH-1095
Different certificates can now be configured for the primary and failover hostsTKH-1101
The thread pools in wildfly are now split in 3 groups, greatly reducing the risk for DOS attacks.TKH-1120
TKH-1132
TKH-1133
Testcase coverage was greatly enhanced in the following areas: UID sequences, declined requests and duplicate requests.TKH-1124
We now use reproducible docker images for WildFly as parents for the Topicus KeyHub images.TKH-1125
When using source directory provisioning, it is now possible to provision outside the configured base DN of the corresponding directory.TKH-1126
The Topicus KeyHub docker images no longer have an active admin use for WildFly management.TKH-1127
The obsolete install checker images has been removed.TKH-1129
Testing a linked LDAP no longer gives an error.