Release 8.2.3 - Pilatus

Owned by Silvan Grüter
Last updated: 29. Jan 2024 by Roger Fankhauser
4 min read

CoreOne Admin User Interface

  • The organization unity type is now displayed in the tree view and on the detail pages

  • There is a new security role CoreOne Suite User Identification Validator

CoreOne Application Services

  • Dynamic Approval Groups have been introduced. You are now able to select the line manager (resolved via the organisational structure) or the defined manager on the specific core identity of the person to be used as the approval directly from the approval group tab on the resource and role detail page.

  • The storage of the application secret and connection parameters stored in the application customer data table has been improved.

CoreOne Authentication Services

  • A auto-registration feature was implemented. When enabled on the external provider configuration, this will automatically create a user for external identities without displaying the registration form.

  • The sub used in the tokens can now be defined on the application configuration. This allows you to use any of the provisioned unique attributes as the sub.

  • The Level of Authentication has been renamed to Quality of Authentication and a Quality of Registration configuration has been added. With both you are able to build a Level of Trust as described in many standards such as eCH-0170 oder ISO/IEC 29115.

  • In order to check or improve the Quality of Registration, various verification methods have been integrated.

  • Automatic key rotation has been implemented. For further information check the documentation.

CoreOne Database Services

  • Breaking Change: Please make sure that you are using a MariaDB Version higher or equal to 10.5.2 and lower than 10.10 before updating.

  • Breaking Change: The default charset will be changed from latin1 to utf8mb4. This will be executed automatically with the installer, but on bigger installations, it’s recommended to execute the queries beforehand.

ALTER TABLE security_entity_type MODIFY COLUMN assembly_qualified_name varchar(768) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL; ALTER TABLE api_action MODIFY COLUMN assembly_name varchar(768) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL; ALTER TABLE servicecorelogin_client MODIFY COLUMN allowed_cors_origins TEXT CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT NULL NULL; ALTER TABLE servicecorelogin_client MODIFY COLUMN uri TEXT CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT NULL NULL; ALTER TABLE servicecorelogin_client MODIFY COLUMN logout_uri TEXT CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT NULL NULL; ALTER TABLE servicecorelogin_client MODIFY COLUMN post_logout_redirect_uris TEXT CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT NULL NULL; ALTER TABLE servicecorelogin_client MODIFY COLUMN identity_provider_restrictions TEXT CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT NULL NULL; ALTER TABLE servicecorelogin_client MODIFY COLUMN email_verification_redirect_uri TEXT CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT NULL NULL; ALTER TABLE servicecorelogin_client MODIFY COLUMN redirect_uri TEXT CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL; ALTER TABLE servicedmcore_reporting_powershell_report MODIFY COLUMN description TEXT CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT NULL NULL; ALTER TABLE servicedmcore_reporting_powershell_report MODIFY COLUMN powershell_modules TEXT CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT NULL NULL; ALTER TABLE servicedmcore_reporting_powershell_report MODIFY COLUMN powerhsell_snapins TEXT CHARACTER SET latin1 COLLATE latin1_general_ci DEFAULT NULL NULL; ALTER TABLE servicedmcore_reporting_powershell_report MODIFY COLUMN powershell_script_file_path TEXT CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL; DELIMITER // CREATE PROCEDURE ConvertToUtf8mb4MultipleDatabases() BEGIN     DECLARE done INT DEFAULT 0;     DECLARE stmt_str VARCHAR(1000);     DECLARE cur CURSOR FOR          SELECT CONCAT('ALTER TABLE `', table_schema, '`.`', table_name, '` CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;')         FROM information_schema.tables         WHERE table_schema IN ('moving_appcustomer_900000', 'moving_global', 'moving_site')          AND (table_collation LIKE 'latin1%' OR table_collation LIKE 'utf8%')         AND table_collation NOT LIKE 'utf8mb4%';     DECLARE CONTINUE HANDLER FOR NOT FOUND SET done = 1;          OPEN cur;          read_loop: LOOP         FETCH cur INTO stmt_str;         IF done THEN             LEAVE read_loop;         END IF;         SET @s = stmt_str;         PREPARE stmt FROM @s;         EXECUTE stmt;         DEALLOCATE PREPARE stmt;     END LOOP;          CLOSE cur; END // DELIMITER ; CALL ConvertToUtf8mb4MultipleDatabases(); DROP PROCEDURE ConvertToUtf8mb4MultipleDatabases; ALTER DATABASE moving_appcustomer_900000 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci; ALTER DATABASE moving_global CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci; ALTER DATABASE moving_site CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci; SET GLOBAL character_set_server = 'utf8mb4'; SET GLOBAL collation_server = 'utf8mb4_unicode_ci';

CoreOne Exchange Server System Connector

  • You can now define the primary e-mail address within the provisioning configuration, so that you no longer have to rely on the address policy of exchange.

CoreOne Self-Service Portal

  • Breaking Change: The structure of the templates in the ProgramData folder changed. Changes made in the templates folder needs to be migrated to the new structure following these steps:

    • Stop the APPPOOL for AUTH and SELF SERVICE

    • Backup the contents in the folder C:\ProgramData\itsense\Templates, then delete them

    • Start the apppools and open AUTH and PORTAL once (this will recreate the folders)

    • Add and replace the files from the backup again (files that were changed are bigger than 0 KB)

  • There is a new help button. When enabled and used, users have the option to enter a support request and add attachments. Both the message and the attachments will then be sent to a workflow, from which the data can be processed. From within the workflow, the data can be sent to a ticketing system or sent via e-mail to support center.

CoreOne CSV System Connector

  • The new CoreOne CSV System Connector allows you to provision user into a CSV data file. The CoreOne will maintain the whole user base within that CSV leveraging the ordinary CoreOne processes and methods.

 

© ITSENSE AG. Alle Rechte vorbehalten. ITSENSE und CoreOne sind eingetragene Marken der ITSENSE AG.