Release notes
nevisIDM 7.2505.3.3 - 29.08.2025
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2505.3.3 | 7.35 | 7.x |
Breaking changes
General changes and new features
- CHANGED: Added
deleteMode
parameter toIdmPruneHistoryJob
. If set toHARD
it deletes history of already deleted entities as without consideringdays
parameter. (NEVISIDM-10299) - CHANGED: nevisidmdb-schema image now deploys starting data if it finds a nevisIDM database without nevisidm application. (NEVISIDM-10276)
- UPGRADED: Spring Framework upgraded to 6.2.10. (NEVISIDM-10272)
- UPGRADED: Netty upgraded to 4.1.124.Final. (NEVISIDM-10274)
- UPGRADED: CXF upgraded to 4.1.3. (NEVISIDM-10275)
nevisIDM 7.2505.2.2 - 08.08.2025
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2505.2.2 | 7.35 | 7.x |
General/Core
- FIX: URL Rewrite for Unit Tree Search View corrected, so it only rewrites the end of the URL. (NEVISIDM-10162)
- FIX: Audit log now contains correct
oldValue
andnewValue
when credential state forVASCO
,SAML_FEDERATION
,FIDO_UAF
is modified. (NEVISIDM-10199) - UPGRADED: We upgraded Cxf to 4.0.7. (NEVISIDM-10224)
- FIXED: IdmPruneHistoryJob now deletes history records for already deleted entities younger than
days
days. (NEVISIDM-10234) - NEW: Added new endpoint to System REST API, where it displays the current timezoneId of the nevisIDM instance. (PAT-929)
- IMPROVED: Improved performance of SCIM user search: It fetches only the necessary rows from the database. (NEVISIDM-10231)
- FIXED: Language calculation for display name now works correctly. (NEVISIDM-10241)
Database
- FIXED: Added Schema migration
7.35
to fix the index creation issue for QueryService on Oracle. (NEVISIDM-10232)
nevisIDM 7.2505.1.1 - 10.06.2025
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2505.1.1 | 7.33 | 7.x |
General/Core
- FIX: The hardcoded/invalid profile identifier corrected in
import-techuser-workaround.sh
. (NEVISIDM-10148) - FIX: URL path manipulation corrected in unit tree search screen (in
getUnitTreeEndpoint
function ofunitsearch.js
). (NEVISIDM-10162) - FIX: Missing library
libaio
added tonevisidm-dbschema
image as well. (NEVISIDM-10163)
nevisIDM 7.2505.0.7 - 21.05.2025
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2505.0.7 | 7.33 | 7.x |
Breaking changes
General changes and new features
General/Core
- NEW: Attributes
soap.service
andsoap.operation
are added to SOAP related OpenTelemetry traces. (NEVISIDM-9612)- These new attributes are related to
jcanOptrace
that help to identify the SOAP service and operation.
- These new attributes are related to
- UPGRADED: Spring Framework upgraded to 6.2.0. (NEVISIDM-9895)
- UPGRADED: Supported (and recommended) Oracle driver version upgraded to
com.oracle.database.jdbc:ojdbc11:21.17.0.0
. (NEVISIDM-9930) - UPGRADED: LibreOffice libraries updated to 6.4.7. (NEVISIDM-9944)
- CHANGED: We modified data loading for our Query Service (NEVISIDM-10028):
- The data loading is now done in batches of
application.queryservice.dataloading.batchsize
records - Separated Client and User entities during data loading, thus when updating clientNames, filtering uses the old name until next running of the queryservice index updating cron job. Client names displayed in the return DTO updated instantly.
- The
application.queryservice.dataloading.batchsize
property is set to 4000 by default. - Fixed the issue wher
application.queryservice.forcedreindex.enabled
disregarded false value.
- The data loading is now done in batches of
- FIX: Credential creation considers policy type as well as policy name. (NEVISIDM-9861)
- NEW: Ability added to delete credentials via SelfAdmin API. (NEVISIDM-9985)
- FIX: Configuration parameter
daysNoActivitySinceReactivation
handling fixed inUpdateUserStateJob
. (NEVISIDM-9995) - FIX: Field name fixed in user login info history query. (NEVISIDM-9997)
- FIX: Improve
profileless
flag set on unit with profile error message. (NEVISIDM-10001) - FIX: Certificate duplication issue fixed. (NEVISIDM-10005)
- UPGRADED: Apache Jasper JSP upgraded to 10.1.31 and Elasticsearch REST Client upgraded to 8.13.3. (NEVISIDM-10010)
- NEW: We introduced
@Batchsize
annotation to improve child record fetching. (NEVISIDM-10022) - UPGRADED: Dependency checker upgraded to 12.1.0. (NEVISIDM-10023)
- FIX: Query service indexing improved with batch fetching to shorten transactions. (NEVISIDM-10028)
- NEW: The phone number normalization can be disabled with
normalizePhoneNumber
configuration parameter. (NEVISIDM-10094)- Affected auth states:
IdmGetPropertiesState
,IdmPasswordResetState
andIdmSetPropertiesState
.
- Affected auth states:
- FIX: Concurrency problem fixed in authentication cache holder. (NEVISIDM-10096)
- FIX: Changed Locale identifiers are corrected regarding ISO639. (NEVISIDM-10107)
- FIX: Authentication cache holder synchronization issue solved. (NEVISIDM-10129)
Web GUI
FIX: Duplicated display of security questions fixed when the user has multiple profiles. (NEVISIDM-9848)
REST API
SCIM API
Web Services
Auth States
Configuration
- NEW: New configuration file
atomikos.properties
introduced to overridetransactions.properties
. (NEVISIDM-9565) - NEW: From now on the nevisIdm Auth states use HTTP connection timeout setting correctly. (NEVISIDM-10091)
- UPDATED: Some minor improvements introduced for management interface stability. (NEVISIDM-10031)
- Jetty upgraded from 12.0.9 to 12.0.16;
- Management interface threads now can be configured (see
server.management.max-threads
configuration property); - Detailed logging messages added to health indicators.
Database
Upgrading from nevisIDM 7.2411.x
Step 1: Installation
Install the packages of nevisIDM 7.2505.0.7 on the server.
Step 2: Configuration files
No changes.
Step 3: Database
Update the nevisidmdb
package with the following command. This removes the current installed version of nevisidmdb
:
rpm -U nevisidmdb-7.2505.0.7.noarch.rpm
Migrate the database schema with the following command:
nevisidmdb migrate
Step 4: Cleanup
Remove the software packages of the old nevisIDM release from the server and restart the affected nevisIDM instances.
Step 5: nevisAuth configuration
- Install the new
nevisidmcl
package on all nevisAuth instances that connect to the upgraded nevisIDM instance. - Restart the affected nevisAuth instances.
nevisIDM 7.2411.2.13988899283 - 26.03.2025
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2411.2.13988899283 | 7.30 | 7.x |
General/Core
- FIXED: URLTicketRestService refactored and fidxed. (NEVISIDM-10011)
- The createURLTicket returns ticket tuple correctly;
- The getURLTicket regenerates and saves the newly generated URL Ticket.
- UPGRADED: Netty upgraded to 4.1.118.Final to fix CVE-2025-24970. (NEVISIDM-10018)
- FIXED: Downgrade Json-Smart from 2.5.1 to 2.4.11 to solve CVE-2024-57699. (NEVISIDM-10017)
- UPGRADED: Transitive dependency of OpenCSV, BeanUtils upgraded to 1.9.4. (NEVISIDM-10040)
- UPGRADED: Apache Jetty upgraded to 12.0.16. (NEVISIDM-10070)
nevisIDM 7.2411.1.13000877385 - 31.01.2025
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2411.1.13000877385 | 7.29 | 7.x |
General/Core
- FIXED: User search by profile query refactored/corrected. (NEVISIDM-9904)
- FIXED: Flush deletion to database when selfadmin service deletes a ticket. (NEVISIDM-9920)
- FIXED: Evict Runtime User from authorization cache after profile, user, certificate and authorization creation/deletion/modification. (NEVISIDM-9925)
- UPGRADED: LibreOffice libraries updated to 6.4.7. (NEVISIDM-9944)
- UPGRADED: Hibernate updated to 6.2.3.Final. (NEVISIDM-9945)
- FIXED: GUI error message corrected for ticket credential state change. (NEVISIDM-9634)
- CHANGED: Lock the user before update login info for REST calls as well. (NEVISIDM-9953)
- See new configuration property
application.need.user.lock.during.update.login.info
for more information.
- See new configuration property
- NEW: Case insensitive operators introduced for SCIM. (NEVISIDM-9862)
- IEQ: case insensitive equals (similar to EQ);
- INE: case insensitive not equals (similar to NE);
- ISW: case insensitive starts with (similar to SW);
- IEW: case insensitive ends with (similar to EW);
- ICO: case insensitive contains (similar to CO).
- FIXED: Extended user search on enum property accelerated. (NEVISIDM-9791)
- Rendered SQL optimized;
- New composite index
IIDMA_PROPVAL_ALD_ENT_PID
introduced on tableTIDMA_PROPERTY_VALUE
.
- CHANGED: Misleading
(SHA1)
removed from GUI field label as requested. (NEVISIDM-9550) - FIXED: We fixed the SCIM user create with profile properties related issue. (NEVISIDM-9919)
- FIXED: The application display name is now displayed on Profile Overview correctly. (NEVISIDM-9948)
- UPGRADED: Apache CXF upgraded to 4.0.6 and 3.5.10 to solve CVE-2025-23184. (NEVISIDM-9984)
- FIXED: We improved the performance of properties section on user history screen. (NEVISIDM-9837)
- FIXED: We fixed the issue with enum values on user history screen. (NEVISIDM-9837)
Breaking changes
- FIXED: Now default policy values are applied to
PASSWORD
,CONTEXT_PASSWORD
andDEVICE_PASSWORD
credentials when validating passwords. This behaviour can be turned off with the configuration property:application.policy.loadDefaultValues
. (NEVISIDM-9598)- Startup time check is added to check if there is some policy where it can cause issues. It can be turned off with
application.policies.passwordpolicies.checkatstartup
configuration property. - Policies for credential types
PASSWORD
,CONTEXT_PASSWORD
andDEVICE_PASSWORD
are validated when created and modified.
- Startup time check is added to check if there is some policy where it can cause issues. It can be turned off with
nevisIDM 7.2411.0.11839505839 - 20.11.2024
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2411.0.11839505839 | 7.28 | 7.x |
Breaking changes
General changes and new features
General/Core
- NEW: We added a new configuration property
application.is.keep.raw.phone.number
to configure the phone number to reformat it to E164 or keep it raw. (NEVISIDM-9689) - UPGRADED: We updated Jetty to 12.0.9. (NEVISIDM-9448)
- UPGRADED: We updated ws to 8.17.1. (NEVISIDM-9629)
- FIXED: Added missing dtds to DigesterFactory. (NEVISIDM-9552)
- FIXED: Fixed mistakenly applied/left out privilege escalation checks for credential related operations. (NEVISIDM-9334)
- CHANGED: IDM health check now only check database version once in
database.version.healthcheck.cache.timeout
seconds, otherwise it uses the cached value. (NEVISIDM-9563) - CHANGED: Added more detailed logging to authentication to better understand the causes of errors. (NEVISIDM-9783)
- CHANGED: Moved Lucene index working directory from
/tmp
to working directory ofIDM instance
. (NEVISIDM-9719)
Web GUI
- UPGRADED: We updated commons-io to 2.14.0. (NEVISIDM-9793)
- UPGRADED: We updated socket.io to 4.7.5. (NEVISIDM-9629)
- UPGRADED: We updated npm-ip to 2.0.1. (NEVISIDM-9609)
- CHANGED: On logout(
Logout.do
at the end of the URL) the runtime user will be removed from the cache. This evicts the runtime user from the runtime cache. (NEVISIDM-9779)
REST API
SCIM API
Web Services
- FIXED: For
queryRoles
,queryProfiles
andqueryUsers
now displaying the nevisIDM roles correctly. (NEVISIDM-9787) - FIXED: ModifyCredential now accepts state changes for FIDO UAF credentials with empty
credentialFidoUaf
tags in the request. (NEVISIDM-9762) - FIXED: When displaying credential SOAP services no longer logs an error if the user has
RECOVERY_CODE
orFIDO2
credentials is not found. (NEVISIDM-9599) - FIXED:
queryCredentials
SOAP request does not throw NullPointerException ifcredentialDetailLevel
isEXCLUDE
. (NEVISIDM-9582) - FIXED: Create history for custom properties when it is modified via REST API (NEVISIDM-9690)
Auth States
Configuration
- FIXED:
database.connectiom.pool.min
anddatabase.read.only.connectiom.pool.min
now has the correct default value of 3. (NEVISIDM-9601) - FIXED: Property Import mechanism now can display encrypted enum property values correctly after first start. (NEVISIDM-9587)
- NEW: Property import mechanism now handles properties with same name, but different scope correctly. (NEVISIDM-9463)
- NEW: Introduced new configuration property to control if UserRestService should return credential specific fields. Behaviour could be controlled with
show.user.credentials.special.attributes.enabled
. (NEVISIDM-9567)
Database
- FIXED: Added
CERTIFICATE_VALUE
toTIDMA_CERT_INFO_V
table on PostgreSQL Database schema. (NEVISIDM-9562) - CHANGED:
CONTEXT
column inTIDMA_CREDENTIAL
table is extended to be able to handle up to 4000 characters. (NEVISIDM-9807) - CHANGED: Dropped
TIDMA_ERROR
table from the database schema and modified error raising. (NEVISIDM-9477)
Upgrading from nevisIDM 8.2405.x
Step 1: Installation
Install the packages of nevisIDM 7.2411.0.11839505839 on the server.
Step 2: Configuration files
No changes.
Step 3: Database
Update the nevisidmdb
package with the following command. This removes the current installed version of nevisidmdb
:
rpm -U nevisidmdb-7.2411.0.11839505839-1.noarch.rpm
Migrate the database schema with the following command:
nevisidmdb migrate
Step 4: Cleanup
Remove the software packages of the old nevisIDM release from the server and restart the affected nevisIDM instances.
Step 5: nevisAuth configuration
- Install the new
nevisidmcl
package on all nevisAuth instances that connect to the upgraded nevisIDM instance. - Restart the affected nevisAuth instances.
nevisIDM 7.2405.5.11573997813 - 31.10.2024
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2405.5.11573997813 | 7.23 | 7.x |
General/Core
- FIXED: Issue where
RecreateCertificateInfosJob
display the cert credentials correctly is fixed. (NEVISIDM-9821)
nevisIDM 7.2405.4.11028242603 - 27.09.2024
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2405.4.11028242603 | 7.23 | 7.x |
General/Core
- UPGRADE: We updated path-to-regexp to 0.1.10. (NEVISIDM-9761)
- NEW: Audit messages with type
AUTHORIZATION_CREATE
,AUTHORIZATION_MODIFIY
andAUTHORIZATION_CREATE
now contains a fieldapplicationName
. (NEVISIDM-9777) - CHANGED: The mobile number field of MTan credentials are now updatable. (NEVISIDM-9656)
- FIXED: The issue where authorization related search queries were not working correctly if number of roles were larger than
database.performance.bindvar.max
is fixed. (NEVISIDM-9778) - FIXED:
UnitDataroomAuthCheckerForUser
now does not log DataInconsistency warning if User is imported via SCIM. (NEVISIDM-9759) - FIXED: Issue where MTan duplication check was finding MobileSignatures as duplicates is fixed. (NEVISIDM-9756)
- UPGRADED: We updated Braces lib from 3.0.2 to 3.0.3. (NEVISIDM-9617)
- UPGRADED: We updated NodeJs from 16.13.2 to 22.9.0. (NEVISIDM-9831)
- FIXED: The problem with credential login info counters solved on systems where the audit logging disabled. (NEVISIDM-9886)
nevisIDM 7.2405.3.10629987104 - 31.08.2024
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2405.3.10629987104 | 7.23 | 7.x |
General/Core
- UPGRADE: We updated Spring Framework to 6.0.23. (NEVISIDM-9697)
- UPGRADE: We updated CXF to 4.0.5. (NEVISIDM-9648)
- NEW: Introduced Customer facing settings for OWASP CSRF Guard, configurable with
application.owasp.csrfguard.overlay.properties.file
. (NEVISIDM-9655)
nevisIDM 7.2405.2.10082472190- 25.07.2024
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2405.2.10082472190 | 7.23 | 7.x |
General/Core
- FIXED: Added fixed database schema migration
7.10.1
to solve issue where7.10
failed on MariaDB ifTIDMA_UNIT.NAME
orTIDMA_USER.NAME
was longer than 50 characters. (NEVISIDM-9618) - NEW: Modified nevisidmdb tool to be able conditionally use
7.10.1
and7.10
on MariaDB, depending if7.10
is already applied. (NEVISIDM-9618) - FIXED: Fixed displaying IDM roles in QueryUser role listing if the querying user has restricted application dataroom. (NEVISIDM-9631)
- FIXED: Added default servlet to handle
GET
andPOST
on/nevisidm/admin/
similarly as they were before jetty 11 update. (NEVISIDM-9611) - NEW: Made deviceId modifiable on FIDO UAF credentials. (NEVISFIDO-2140)
nevisIDM Release 7.2405.1.9265059647 - 26.06.2024
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2405.1.9265059647 | 7.23 | 7.x |
General/Core
- NEW: FIDO2 Patch now works correctly with Oracle SQL Database. (NEVISIDM-9594)
nevisIDM 7.2405.0.9032132306 - 15.05.2024
Application version | Minimal required database schema version | Maximal supported database schema version |
---|---|---|
7.2405.0.9032132306 | 7.23 | 7.x |
Breaking changes
General changes and new features
General/Core
- UPGRADED: We updated Jetty to 12.0.6. (NEVISIDM-9448)
- UPGRADED: We updated Netty to 4.1.108.Final.
- UPGRADED: We updated Spring Framework to 6.0.19. (NEVISIDM-9487)
- UPGRADED: We updated CXF to 4.0.4. (NEVISIDM-9487)
- UPGRADED: We updated PostgreSQL Driver to 42.6.1.
- UPGRADED: We upgraded Commons-configuration2 to 2.10.1 (NEVISIDM-9470)
- NEW: Credential-type specific permissions have been extended with
AccessControl.CredentialSearch
; From now on, it is possible to provideCredentialSearch
to only specific credential types. For further information: Credential-type specific permissions of nevisIDM roles. (NEVISIDM-9309) - NEW: OpenTelemetry spanId and traceId is added to audit log if openTelemetry is configured (NEVISIDM-9480)
- FIXED: Potential performance issues related to getting generic credentials have been resolved. (NEVISIDM-9295)
- FIXED: Corrected issues with pagination of FIDO UAF credentials. (NEVISIDM-9315)
- FIXED: In Kubernetes, IDM now saves Asynchronous Email Sending into the persistent event queue. Previously, IDM with with OracleSQL or PostgreSQL database did not save it into the persistent event queue, making Asynchronous Email Sending impossible. (NEVISIDM-9476)
- CHANGED: Refactored dataroom handling to use separate dataroom test in SQL instead of summarizing them. (NEVISIDM-9408)
- CHANGED: Refactored JMS Bridge to use its internal status to check for potential disconnetcions, thus provide improved stability. (NEVISIDM-9319)
- CHANGED: Refactored the way IDM retrieves data from the persistent queue. (NEVISIDM-9502)
- FIXED: Potential performance issues related to getting generic credentials have been resolved. (NEVISIDM-9295)
- UPGRADED: On GUI CredentialType dropdowns lists only the CredentialTypes that signed-in user has the required credential-type specific right. Credential-type specific permissions (NEVISIDM-9500)
- UPGRADED: Extended CredentialGetDto classes with the following 9 credential types:
Ticket
,Otp
,TempStringPassword
,Vasco
,PUK
,DevicePassword
,MobileSignature
,SamlFederaion
,SecurityQuestions
. They can be queried with the new endpoint{userExtId}/credentials
in User REST service. (NEVISIDM-9479) - FIXED: JMS bridge feature refactored to avoid high resource consumption in case the bridge target is not enough stable. (NEVISIDM-9319)
- Bridge status added to health endpoint.
- The health endpoint counts the unsuccessful restart attempts and indicates as
down
if it reaches 10, otherwise asup
- The successful reconnection to bridge target resets the health endpoint counter
- The health endpoint counts the unsuccessful restart attempts and indicates as
- New configuration properties introduced:
messaging.bridge.failure.retry.interval
: passed toorg.apache.activemq.artemis.jms.bridge.impl.JMSBridgeImpl
asfailureRetryInterval
property; by default 10000messaging.bridge.max.retries.on.failure
: passed to~"~.JMSBridgeImpl
asmaxRetries
property; by default 6
- Before this refactor the
maxRetries
property was hardcoded with value-1
andfailureRetryInterval
as1000
.- This means it tried to reconnect for each one second infinitely and a
reinitalizer
algorithm tried to stop the bridge and re-instantiate - Unfortunately, the previous bridge instances didn't shut down properly, so a lot of memory and other resources were not freed up
- This means it tried to reconnect for each one second infinitely and a
- The current implementation instantiates the bridge only once.
- In case the bridge lost its
running
state (based on the newly introduced configurations) the IDM tries to start back - The mentioned health endpoint counts these restart attempts
- In case the bridge lost its
- Bridge status added to health endpoint.
- NEW: You can configure external JMS server for provisioning instead of using embedded Artemis server and JMS bridging. (NEVISIDM-9474)
- If you configure external JMS server, the embedded Artemis instance will not be started.
- New configuration properties introduced:
application.modules.provisioning.connection.factory.classname
: connection factory class name; e.g.org.apache.activemq.artemis.jms.client.ActiveMQXAConnectionFactory
application.modules.provisioning.connection.factory.xa.properties
: initialization properties for previous factory class; e.g.{"brokerURL": "https://artemis-server:61616", "user": "producer", "password": "secret"}
application.modules.provisioning.destination.classname
: JMS destination class name; e.g.org.apache.activemq.artemis.jms.client.ActiveMQQueue
application.modules.provisioning.destination.name
: JMS queue name; constructor parameter for previous class; e.g.Provisioning
application.modules.provisioning.destination.properties
: possible initialization properties for the destination class- There is no default value for these properties. The default behavior is to start and use embedded Artemis JSM server
- ATTENTION: The configured connection factory must implement
jakarta.jms.XAConnectionFactory
and destination must implementjakarta.jms.Destination
!
- NEW: The OpenTelemetry span and related
OpTrace
logging can contain the SOAP and REST request and response bodies. (NEVISIDM-9488)- New configuration property introduced:
add.request.and.response.body.to.opentelemetry
: need to add or not; by defaultfalse
- ATTENTION:
- Processing the complete request and response bodies can cause reduction of performance!
- The complete request and response bodies could contain sensitive information!
- It works only if you use OpenTelemetry extension agent and
OpTrace
logger is configured toTRACE
or you can see the body contents in Jaeger or similar tool!
- New configuration property introduced:
Auth States
General/Core
Web GUI
- FIXED: Improved performance of
Users per Applicaiton
report. (NEVISIDM-9451) - FIXED: Improved performance of the
Assign Roles to Profile
page. (NEVISIDM-9377) - FIXED: Search function on
Vasco Administation
tab now works correctly. (NEVISIDM-9513)
REST API
- NEW: The endpoint
{userExtId}/credentials
is added to the User REST Services to search for the credentials of the user with givenextId
. (NEVISIDM-9458) - NEW: Added new endpoint to find and delete generics credentials to ClientsRestService. (NEVISIDM-9485)
SCIM API
- NEW: SCIM is now able to filter or order users by
meta.created
andmeta.lastModified
fields. (NEVISIDM-9473)
Web Services
Auth States
- REMOVED: The constant TokenSignature.DFLT_ALGORITHM using SHA1 was removed from jcan-sectoken, use the value
SHA256withRSA
instead. (NEVISIDM-9456)
Configuration
- NEW: nevisIDM support multi-line JAVA_OPTS parameters in
conf/env.conf
. (NEVISIDM-9490) - NEW: If
add.request.and.response.body.to.opentelemetry
is set to true, nevisIDM logs the request and response body to OpenTelemetry. (NEVISIDM-9491) - NEW: Introduced new configuration properties
database.connection.healthcheck.retrydelay
anddatabase.connection.healthcheck.retrycount
to control behaviour better, if healthcheck called during connection pool maintenance. (NEVISIDM-9494) - NEW: Added new configuration properties
application.modules.provisioning.connection.factory.classname
,application.modules.provisioning.connection.factory.xa.properties
,application.modules.provisioning.destination.classname
,application.modules.provisioning.destination.name
andapplication.modules.provisioning.destination.propertie
to make JMS connection more configurable. (NEVISIDM-9474) - NEW: Introduced
rest.display.timezone
configuration property to set the timezone for date and time attributes in the REST API responses. For further information: rest.display.timezone(NEVISIDM-9450) - NEW: Introduced new configuration property
application.config.credentialTypesToBeLockedInDatabase
to provided fine-grained control over which credential types should be locked during uniqueness check. (NEVISIDM-9330)
Upgrading from nevisIDM 7.2402.x
Step 1: Installation
Install the packages of nevisIDM 7.2405.0.9032132306 on the server.
Step 2: Configuration files
No changes.
Step 3: Database
Update the nevisidmdb
package with the following command. This removes the current installed version of nevisidmdb
:
rpm -U nevisidmdb-7.2405.0.9032132306-1.noarch.rpm
Migrate the database schema with the following command:
nevisidmdb migrate
Step 4: Cleanup
Remove the software packages of the old nevisIDM release from the server and restart the affected nevisIDM instances.
Step 5: nevisAuth configuration
- Install the new
nevisidmcl
package on all nevisAuth instances that connect to the upgraded nevisIDM instance. - Restart the affected nevisAuth instances.