Viewer

  TiQR Changelog

File: Changelog_tiqr.txt
Size: 8 KBytes
MD5: 7CA586A61AE5A7719ACB89BAAD253172

1.2.7
    - This update is required for WebADM version >= 1.7.6.
    - Mobile Endpoint is auto-genarated with WAProxy configurations.
    - Removed the data field rom SOAP responses.
    - Re-scoped some application settings.
    
1.2.6
    - Added support for WebADM v1.7 (it does not work with previous versions).
    - Fixed Password Reset with TiQR authentication failing when AD account is locked.
    - Do not allow logins for user accounts locked in ActiveDirectory (Lockout policy).
    - Added support for AD DisplayName attribute.
    - Added support for WebADM version 1.6.7.
    - Fixed minor PGP issues.
    
1.2.5
    - Added compatibility with newer cURL version WebADM v1.6.1.
    - Added support for WebADM v1.6 (this version does not run on previous WebADM).
    - Added an option to return PGP ASCII armored signatures.
    - Added localized messages API compliance with WebADM v1.5.10.
    - Added support for Apple & Android Push Id renewals (requires WebADM v1.6.2).
    
1.2.4
    - The TiQR Mobile Endpoint is now available under the WebADM HTTPS URL and
      not under the Web service URL anymore. The new endpoint URL changed from
      https://yourserver:8443/tiqr/mobile/ to https://yourserver/ws/openotp/.
      > This change is required for public enpoints to use WebADM custom certificates.
      > WAProxy URLs are not impacted but you need WAProxy 1.1.1 with this version.

1.2.3
    - Added product categorization for WebADM v1.4.5.
    - Added an 'options' field to the API (reserved for RCDevs integration plugins).
    - TiQR push notification service is now configured in WebADM servers.xml.
    - Added support for PGP armored signatures and detached signatures.
    - Simplified message templates (unified authentocation and crypto messages).
    - Added error IDs to the error reponses.
    - Added support for WebADM service protocol API version checking.
    
1.2.0
    - Added PGP signature support for TiQR Server (compliant with OpenPGP v4).
      > TiQR PGP Server requires TiQR Mobile PGP which will be released soon.
    - Added support for batched signature requests (multiple signed data per request).
      > The TiQR API and WSDL changed to support passing arrays of signed data.
    - Added support for TiQR Sign with TouchID confirmations.
    - Added push notification support with RCDevs Push Server.
      > The support for RCDevs PushAPI and Neopixl push services have been removed.
    - Signature challenge sessions timeout have a max value of 10 minutes.
    - Added support for WebADM user_level configurations in webadm.conf.
    - Added public key export formats for PGP and X.509 certificates.

1.1.1
    - This version is designed for WebADM v1.4 and is not compatbile with v1.3.
    - Added support for WebADM 1.4 admin roles for admin pages and manager methods.
    - Changed the SOAP encoding to RPC-literal for better compatibility with languages.
      > The API remains fully compatible the previous RPC-encoded format.
    - Upgraded Pushpixl notification API for use with latest Neopixl push services.
    - Removed the settings to enable/disable status requests. Status is always enabled.
    - Added support for the %USERID% and %USERDN% variables in user message templates.
    - The Auth Success URL can optionally return some reply data in JSON format.
      > If present these additional data are merged with the user/group reply data.
    
1.1.0
    - Added supports for electronic signatures and encryption with RSA algorithms.
      Signatures and data decryption are done on TiQRv3 via QR-based transactions.
      Signature validations and data encryption are available from the API.
      > Only the RCDevs' version of TiQR (TiQRv3) supports the cryptographic operations.
      > New message templates are added for cryptographic operations.
      > RSA key size (1024 or 2048 bit) can be configured in TiQR application settings.
      > RSA cryptographic operations can be configured to require LDAP passwords.
    - Fixed some issues with the account blocking after max tries is reached.
    - TiQR client side account blocking has been removed.
    - Added the possibility to cancel login and cryptographic operations on TiQR.
    - Default OATH-OCRA Suite changed to OCRA-1:HOTP-SHA256-8:QH10-S.
    - Fixed TiQR sample proxy script failing with bigger logo transfers.
    - Added a new setting to 'Enable User Login' to enable/disable TiQR for some users.
      > This setting replaces the 'DISABLED' Login Mode choice which is now removed.
      > Be sure to reconfigure all the users having their LoginMode set to DISABLED!
    - Added tiqrCheck response code 3 to indicate TiQR authentication is success but
      LDAP password is still expected.
    - Many code improvements and fixes.
    
1.0.7
    - Added support for hardware encryption with Yubico YubiHSM.
      HSM hardware cryptography is currently used for:
      > TiQR OCRA Challenges.
      > Token seed storage in the user metadata (AES-256-CBC mode).
    - ReplyData from groups are combined with the user values.
    - Added Manager methods to get user statistics (like with the bin/report tool).
      > Method 'TiQR.User_Report' gets statistics for a user DN.
      > Method 'TiQR.Domain_Report' gets statistics for all users within a domain.
      The Manager method 'User_Report' can report the user blocking status.
    - All the Web APIs support the 'lang' HTTP-GET parameter to force a language code.
      > Forcing a language overrides the user language defined in a language attribute.
    - Added the possiblibity to call a Web service URL to inform of a user login success.

1.0.6
    - TiQR server uses the new JSON-based protocol for TiQR client v2.x.
    - Better support of TiQR blocking.
    - Minor bug fixes.

1.0.5
    - New application architecture designed for WebADM v1.2.6.
    - Added detection of expired Active Directory passwords.
    - Adapted some admin page layouts for WebADM v1.2.5.
    - Enhancements to the user blocking system.
    - Enhancements to the OCRA algorithm.
    - TiQR honors ActiveDirectory account disabled flag.
    - JSON API can be used in restful mode.

1.0.4
    - Added support for location-based restriction in WebADM 1.2.3.
    - Added 'source' field to the API (please update your client implementations).
    - Added 'client' and 'source' parameters to the TiQR Register Manager interface.
    - Added the tiqrSessionQR API method which allows an application to retrieving the
      QRCode or QR URI for a session previously started with the tiqrStart method.
    - Better user language support.
    - Code rewrites.

1.0.3
    - Added the TiQR client blocking feature which allows TiQR to invalidate all the
      registered user identities after too mamny login failures.
    - Added a setting to enable user blocking alerts.
    - Added a setting to configure the QR Code image format (GIF, PNG or JPG).
    - Added support for newer WebADM 1.2.1 licensing.
    - Enhanced the user account unblocking action in WebADM Admin portal.
    - Added a Manager method for resetting and checking user account blocking status.
    - Added XML-RPC API.

1.0.2
    - Updated for WebADM 1.2.
    - Added JSON-RPC 2.0 API.
    - Added support for WebADM 1.2.x Manager interface.
    - Added JSON Web service API.
    - Added authentication failures count in user data (RejectCount).
    - Minor Bug fixes.

1.0.1
    - Added the LDAP+TiQR LoginMode.
      > The SOAP API has been changed for the new LDAP feature!
    - Replaced Enabled setting by the Disabled LoginMode.
    - Minor bug fixes.

1.0.0
    Initial TiQR release.