4.2.0-b2028
- Update radius library.
- Fix for quick-config tool.
- Fix exception on eap type for non radius NCs.
- Bash script fixes (chown errors).
4.2.0-b2023
- Fix for LEAP RADIUS support and NetMotion 2FA integration.
4.2.0-b2020
- Fix for JVM crash after updating kernel. Kernel update for CVE-2017-1000364 cause JVM to crash. Expanded thread stack to fix.
4.2.0-b2016
- Security fix for AD Protocol. In some instances, the string used to overwrite the passcode failed Windows complexity requirements and the over-write failed and the passcode remained the password. This fix assures that the string meets Windows complexity requirements.
4.2.0-b2014
- Fix for wClient API > register a user with a pre-registration code without a group membership
- Fix for the radius service not stopping properly
4.2.0-b2007
- Fixes memory leak in wAuth API
- Improved certificate validation for wAuth API
- Support for Centos/RHEL 7
- Dropped support for Centos/RHEL 5 and 32-bit platforms (Centos 5 security updates stop March 2017)
4.2.0-b1984
- Fixed SQL updates scripts. Fix for missing AD column.
- Add the expiration date patch to timecop to avoid older users/devices being deleted.
- Add device last_activity to token data in wClient API
4.2.0-b1981
- Fix for missing links to add and delete WiKIDAdmin users
- Update for API to better reflect 'last activity'.
4.2.0-b1978
- Completely updated UI for the WiKIDAdmin web interface.
- There's no longer a default password for the WiKIDAdmin (run '/opt/WiKID/sbin/update_wikidadmin_passwd.sh -f' to force a change). It is created during setup.
- Added templated for logging into the WiKIDAdmin using Active Directory creds, see https://www.wikidsystems.com/support/installation-how-tos/how-to-use-ad-for-wikidadmin-access/.
- Fix wAuth API for complex passwords.
- Return multiple RADIUS attributes if a user is in multiple groups.
- Pre-registration can add a user to a group.
4.1.0-b1955
- Make the one-time passwords for Active Directory meet complexity requirements
- Enable complex one-time passcodes for Active Directory protocol
4.1.0-b1949
- Improved security for the WiKIDAdmin interface, SQLi protections
- Add Owasp ESAPI library support
- Style tweeks and minor UI fixes
4.1.0-b1941
- You can now add a 2nd token to an existing user much more easily. Just use the Manually Add a Token page. No need to use the API.
- There is now an AD Password reset option - allows AD users to login once with two-factor authentication and then be forced to change their password.
- Improved tomcat security headers for XSS, nosniff and X-Frame options
4.1.0-b1926
- Added native Microsoft Windows two-factor authentication protocol
4.0.2-b1921
- Add logging for WiKID user and device events
- Fix User-agent mapping for Android/BlackBerry and older Android only
- Update debian dependencies to Java 8
- Logging improvements for admins, users
4.0.1-b1821
- Minor UI text changes to clarify new CA system
- Fix for Select All button on User's tab
4.0.1-b1821
- Minor UI text changes to clarify new CA system
- Fix for Select All button on User's tab
4.0.2-b1917
- Fix User-agent mapping for Android/BlackBerry
- Update last activity to include passcode requests
- Update debian dependencies to require Java 8
4.0.1-b1905
- Update to tomcat 8 - NB: requires Java 8
- Fix user counting for users with multiple device registrations.
- Change certs to SHA256
4.0.1-b1906
- Remove references to certs being emailed.
4.0.1-b1817
- Bug fix for DB Connection errors/leaks that could lead to server freezes
- Upgrade db drivers
- Updates to loggers to remove poor warnings
4.0-B1803
- Bug fix for error on Pre-registration page
- Known issue: Your list of pre-registered users may not display. Export to see them or pre-register one user and they should display.
4.0-B1798
- Bug fix for Blank page on Certificate Signing request page
- Bug fix for quick-start setup and Cert upgrade process
4.0-B1787
- Added quick-start configuration option to command line
- Moved to new Certificate and license management system
- Certificate expiration and other warnings
- Enabled Radius by default
- Many small improvements
3.6.0-B1672
- Extend expiration of registered devices
- Fixed bug in null user search
- Improvements to support jar
- Minor UI bug fixes
3.6.0-b1659
- Fixed UI bug where domain name change didn't show in Users list
- UI now shows Enabled/Disabled on Users list
- Fixed bug where domain name change added a '+' for a space (requires 3.1.30 token)
3.5.0-b1580
- J2SE token checks for domain name changes.
- Add user-token report with duplicates pre-fixed with DUP and case ignored.
- Change "Passcode is not a number" to info level logging.
- Added support.jar as an optional support data collector.
- User count on home page is case-insensitive.
3.5.0-b1542
- Performance tuning for high-volume servers with a large number of users.
- Make System.out logs dependent on the log4j setting
- Fixed the 'null' note in edit user
- Pagination and filters added to user page.
- Improved user search. The overall user search function at the top is now a substring search.
- Improved logging.
- Pagination added to log page.
3.5.0-b1472
- Better logic for finding a JDK; also report launch errors in a better way
- Updates to address ldap and sudo issues
3.5.0-b1438
- Set maxlength on radius secret to 128
- comment out unneeded tac_plus build
3.5.0-b1428
- Update for handling CA cert expiration
- Updated arch-setup code
- Updated Utilities RPM - Please update both RPMs.
3.5.0-b1421
- Fix an issue where pre-registration codes were not visible
3.5.0-b1411
- Disable unnecessary HTTP methods
3.5.0-b1403
- Change text back to localhost.p12 and passphrase to match documentation
- Remove weak SSL ciphers for PCI compliance
3.5.0-b1373
- Fix minor typo
- Fix for radius config
3.5.0-b1359
- Enforce password complexity on WiKIDAdmin for PCI Compliance
- Moved Registered URL to bottom. Added link explaining mutual https authentication.
- Simplified radius config options.
3.5.0-b1359
- Enforce password complexity on WiKIDAdmin for PCI Compliance
- Moved Registered URL to bottom. Added link explaining mutual https authentication.
- Simplified radius config options.
3.5.0-b1373
- Fix minor typo
- Fix for radius config
3.5.0-b1403
- Change text back to localhost.p12 and passphrase to match documentation
- Remove weak SSL ciphers for PCI compliance
3.5.0-b1352
- Fixed EAPMD5 issue where the server would validate the passcode but client would still fail
- Fix a bad registration code killing the wClient connection
- Added the ability to update a users "note" via the API
- Fixed valid OTP rejected after invalid OTP is given - radius only
- Fixed issue with mutual https authentication
3.5.0-b1342
- Upgraded Tomcat to version 7
- Add log4j to tomcat libs for clean shutdown
- Fix for radius reports MESSAGE AUTHENTICATOR IS INCORRECT
- Fix for Sorting by Type & Last Activity on user page result in blank page
- Run WiKID as non-Root user (wikid)
- Updates to compile with gcc3
- Release of 64-bit Utitilies RPM
- Add new pre-registration mode for multi-server pre-registration
- Better handling of various java installs
- Fix for MD5 radius errors
- Updated Radius plugin
3.4.87-b1216
- Disallow blank or null passwords for directory binds since this falls back to an anonymous bind and appears to succeed.
- Catch exception other than NamingException in adregister2 example script.
- Log4j db appender module for WiKID logging
- Intellij IDEA module file for Android token
- Set Content-Type to "" to get past mod_security.
- Bug fixes
3.4.87-b1169
- Fixes bug when attempting to add a second software token to an existing user
3.4.87-b1159
- Edit Username after registration
- Token Type listed in User Tab
- Add note to user/token
- Improved Radius start time
- Client port restriction update
- Allow multiple groups per user
- Option to automatically re-enable users after certain time period
- Schema update to support multiple group assignment and precedence.
- Query the database to retrieve a full list of users for audit purposes
3.4.87-b1092
- Added the ability to create pre-registration codes via the wClient API.
- Fix an issue where a null group name is converted to a string literal "null".
- Allow overriding an existing pre-registration.
- Fix a typo where missing quotes broke the jsp
- Update example.jsp documentation
- Fix an issue where a null values were converted to a string literal "null".
- Throw an IllegalArgumentException if you try to set the userid to null
- Make radius return non-string attribute values when appropriate.
- Added a service script in /etc/WiKID/conf/templates
- query they database to retrieve a full list of users for audit purposes
- Fixed issue causing server to freeze occasionally, especially under replication
- Fixed issue causing bad password attempts to not be counted properly
- Add an API call to delete a device by ID
- Added Reports
3.4.87-b839
- Disable domain caching
- correct oss/enterprise bracketing
- Added the ability to create pre-registration codes via the wClient API (see example.jsp)
3.4.87-b824
- Example 2-Factor app using wClient
- fix lingering old ldap ports
- New home for ruby client
- Comment out dedicated domain code
- make sure root owns the files
- SRVTHREE-2 - Multiple pre-registration for a single token
- Allow the same username across pre-registration domains and add domain column to display
- Domains can be limited to locked, wireless or locked & wireless software tokens
- Fix android wireless detection bug.
- Fix a bug that equated the selection of wireless tokens to locked tokens.
3.4.85-b780
- Fix broken Unicode in portuguese brazilian translation
- make path to dpkg explicit
- fix typo in build script
- added %dir to /bin of the spec file for usogres inclusion
- Update radserver jar (Fixes slow radius start bug)
- Update build file to add wClient jar
- Example for using wClient
3.4.81-b676
- Fixes for AD self-registration scripts.
- Removed $JAVA_HOME/bin/ from the keytool command for openjdk compatibility
- Fix missing imports statements
- Automatically delete registration codes when deleting the associated domain. - Fixes "unable to delete domain bug".
- Catch integrity violation in dbmigrate11 that was preventing subsequent DB updates.
- Added the ability to create pre-registration codes via the wClient API.