Releases: wso2/product-is
WSO2 Identity Server 5.1.0
WSO2 Identity Server : An Open Source Identity and Entitlement Management Server
WSO2 Identity Server v5.1.0 Release Note
23 December 2015
The WSO2 Identity Server team is pleased to announce the release of version 5.1.0 of the WSO2 Identity Server (IS).
WSO2 Identity Server is an open source Identity and Entitlement management server. It supports a wide array of authentication protocols such as SAML 2.0 Web SSO, OpenID, OAuth 2.0/1.0a, OpenID Connect and WS-Federation Passive. It supports role based authorization and fined grained authorization with XACML 2.0/3.0 while inbound/outbound provisioning is supported through SCIM and SPML
WSO2 Identity Server is developed on top of the revolutionary WSO2 Carbon platform, an OSGi based framework that provides seamless modularity to your SOA via componentization.
All the major features have been developed as pluggable Carbon components.
You can download this distribution from http://wso2.com/products/identity-server/.
The online documentation is available at http://docs.wso2.org/wiki/display/IS510/WSO2+Identity+Server+Documentation.
How to Run
- Extract the downloaded zip
- Go to the bin directory in the extracted folder
- Run the wso2server.sh or wso2server.bat as appropriate
- If you need to start the OSGi console with the server use the property -DosgiConsole when starting the server.
New Features In This Release
- Workflow support for Identity Server
- FIDO compliance
- Link multiple user accounts
- PATCH operation support for SCIM 1.1
- SAML 2.0 Bearer Token Renewal
- OpenID Connect Core 1.0 Compliance
- Ability to notify external endpoints when changes are made to Identities
Engage workflows for any user/role operations carried out using WSO2 IS Management Console. For example, when a new user gets registered with WSO2 IS, a workflow will automatically be triggered and s/he will be assigned to a particular user role.
Fast Identity Online (FIDO) is a specification developed to reduce the reliance on password for user authentication. The standard will enable any Web/cloud application to interface with a variety of FIDO-enabled security devices.
In cases where users will have multiple entries in their respective user stores, to avoid requiring multiple logins to an application to obtain a fully privileged view for a single user's details, we now support merging of multiple user profiles.
PUT supports the replace operation but not the update operation. Since group is a heavy resource, the operation that alters without replacement (PATCH) needs to be implemented. If not each time a new user is added to the group, all the users should be sent in the PUT request.
In IS 5.0.0, STS feature supports renewing Bearer type SAML 1.1 tokens only; attempts to renew Bearer type SAML 2.0 Tokens get failed. With IS 5.1.0 product will facilitate renewing expired Bearer type SAML 2.0 Tokens.
The IS 5.0.0 had OpenID Support, however there were many points in the spec that were being violated. Now that the specification is finalized we have made IS 5.1.0 OpenID Connect support specification compliant. A major improvement this area is support for IDToken response type from the OpenID Connect authorization endpoint.
WSO2 Identity Server is now able to send invalidation notifications to external endpoints when there is a change in user roles, permissions or attributes as well as clear the internal cache when user roles, permissions or attributes been updated
Key Features of WSO2 Identity Server
- Dynamically discovered federation
- Identity Bridge - translation between heterogeneous Identity authentication protocols
- SP Initiated and IDP Initiated SAML 2.0 Web Browser SSO provider
- SAML2 Single Logout profile support
- OpenID 2.0 Provider
- OpenID Connect Authorization Server
- Social login with Facebook, Google, Yahoo and Windows Live
- XACML 3.0/2.0 based Entitlement Engine with WS-XACML support
- OAuth 2.0/1.0a Authorization Server with OAuth 2.0/1.0a support
- Inbound and Outbound Identity Provisioning with SCIM 1.1
- Outbound Identity Provisioning with SPML 2.0, Salesforce and GoogleApps
- Integrated Windows Authentication and webSEAL authentication
- Multi-option and multi-step (multi-factor) authentication
- Claim based Security Token Service(STS) with SAML 2.0/1.1 support.
- Support for various types of User Stores such as JDBC, Cassandra, LDAP, Active Directory in Read/Write mode.
- Claim Management
- User Profiles and Profile Management
- Separable front-end and back-end - a single front-end server can be used to administer several back-endservers
- Identity Bridge
- Multi-option and multi-step authentication
- Request Path Authenticators.
- Social Login with Facebook / Google / Microsoft Windows Live.
- Ability to plug-in custom developed authenticators.
- Provisioning Bridge.
- Just-in-time provisioning.
- Ability to plug-in custom developed provisioning connectors.
- User Dashboard.
- SAML2 Web SSO profile Request / Response validator.
- Remote User Store Management.
- Custom permissions.
- Encrypted SAML2 Assertions.
- NTLM grant type for OAuth 2.0
- Workflows for user management operations
- 2 factor authentication with FIDO
- Linking 2 or more local/federated user accounts
Issues Fixed in This Release
This release of WSO2 Identity Server comes with a number of bug fixes, both in the base Carbon framework and in the Identity Server specific components. All the issues which have been fixed in this release can be found at:
Known Issues
All the known issues in WSO2 Identity Server 5.1.0 are reported at:
How You Can Contribute
Mailing Lists
Join our mailing list and correspond with the developers directly.
- Developer list : [email protected] | Subscribe | Mail Archive
- User forum : StackOverflow
Reporting Issues
We encourage you to report issues, documentation faults and feature requests regarding WSO2 Identity Server or in the Carbon base framework through the public WSO2 Identity Server JIRA or Carbon JIRA.
Support
We are committed to ensuring that your enterprise middleware deployment is completely supported from evaluation to production. Our unique approach ensures that all support leverages our open development methodology and is provided by the very same engineers who build the technology. For more details and to take advantage of this unique opportunity http://wso2.com/support/
For more information about WSO2 Identity Server, please see http://wso2.com/products/identity-server or visit the WSO2 Oxygen Tank developer portal for additional resources.
Thank you for your interest in WSO2 Identity Server.
Copyright WSO2 Inc.
WSO2 IS 5.1.0-rc2
v5.1.0-rc2 [maven-release-plugin] copy for tag v5.1.0-rc2
WSO2 IS 5.1.0-rc1
v5.1.0-rc1 [maven-release-plugin] copy for tag v5.1.0-rc1
WSO2 IS 5.1.0 Beta
v5.1.0-beta [maven-release-plugin] copy for tag v5.1.0-beta
WSO2 IS 5.1.0 Alpha2
v5.1.0-alpha2 [maven-release-plugin] copy for tag v5.1.0-alpha2
WSO2 IS 5.1.0 Alpha
v5.1.0-alpha [maven-release-plugin] copy for tag v5.1.0-alpha
WSO2 IS 5.1.0 Milestone 6
Merge pull request #171 from thanujalk/master Fixing SAML test case.
WSO2 IS 5.1.0 Milestone 5
Merge pull request #161 from pulasthi7/workflow-support Workflow support
WSO2 IS 5.1.0 Milestone 4
WSO2 IS Team gracefully announce the 4th Milestone of WSO2 IS 5.1.0.
carbon-identity tag : https://github.com/wso2/carbon-identity/releases/tag/product-is-v5.1.0-m4
WSO2 IS 5.1.0 Milestone 3
WSO2 IS Team gracefully announce the 3rd Milestone of WSO2 IS 5.1.0.
carbon-identity tag : https://github.com/wso2/carbon-identity/releases/tag/product-is-v5.1.0-m3