Skip to main content
Version: 1.5.x.x LTS

Release notes

caution

LTS19 version of nevisMeta is discontinued, no more releases are provided

nevisMeta 1.5.15.4 LTS - 16.11.2022

Changes and new features

Breaking changes

There are no breaking changes in this release.

General

  • UPGRADED: We upgraded moment.js to 2.29.4. (NEVISMETA-1788)
  • UPGRADED: We upgraded jackson to 2.13.4. (NEVISMETA-1792)
  • UPGRADED: We upgraded jettison to 1.5.1. (NEVISMETA-1799)
  • UPGRADED: We upgraded primefaces to 12.0.0. (NEVISMETA-1790)
  • REMOVED: We removed xstream. (NEVISMETA-1798)

nevisMeta 1.5.14.1 LTS - 17.08.2022

Changes and new features

Breaking changes

There are no breaking changes in this release.

General

  • UPGRADED: Spring is upgraded to 5.3.20. (NEVISMETA-1747)
  • UPGRADED: moment.js is upgraded to 2.29.3. (NEVISMETA-1746)
  • UPGRADED: handlebars.js is upgraded to 4.7.7. (NEVISMETA-1746)
  • UPGRADED: angularjs is upgraded to 1.8.2. (NEVISMETA-1746)
  • UPGRADED: Jetty is upgraded to 9.4.48.v20220622. (NEVISMETA-1766)
  • REMOVED: We removed the xalan dependency. (NEVISAUTH-3759)

nevisMeta 1.5.13.0 LTS - 18.05.2022

Changes and new features

Breaking changes

There are no breaking changes in this release.

General

  • UPGRADED: Xstream version is upgraded to 1.4.19.
  • UPGRADED: Jackson is upgraded to 2.13.2. (NEVISMETA-1712)
  • UPGRADED: Jackson-databind is upgraded to 2.13.2.2. (NEVISMETA-1712)
  • UPGRADED: Spring is upgraded to 5.3.19. (NEVISMETA-1730)

nevisMeta 1.5.12.0 LTS - 16.02.2022

Changes and new features

Breaking changes

There are no breaking changes in this release.

General

  • UPGRADED: JSF is upgraded to version 2.3.9. (NEVISMETA-1683)
  • UPGRADED: Log4j version is upgraded to 1.2.17. (NEVISMETA-1691)
  • REMOVED: The supplied log4j version 1.2.17 is patched to remove vulnerable classes org/apache/log4j/net/JMSAppender.class and org/apache/log4j/net/SocketServer.class. (NEVISMETA-1691)

nevisMeta 1.5.11.0 LTS - 17.11.2021

This is a technical release.

Changes and new features

There are no changes or new features.

nevisMeta 1.5.10.0 LTS - 18.08.2021

Changes and new features

General

  • FIXED: When deleting a resource server with scopes configured as consent persisted, nevisMeta showed an error message and the resource server could not be deleted. The bug is now fixed.

nevisMeta 1.5.9.1 LTS - 18.05.2021

Changes and new features

General

  • NEW: During the startup of a nevisMeta instance, the new Nevis logo is shown as ASCII art in nevismeta.log.
  • FIXED: The shutdown of nevisMeta interrupted ongoing connections. From now on, once the stop command is executed, nevisMeta waits a maximum of 30 seconds until all connections are stopped, and then nevisMeta itself stops.
  • FIXED: In case the client secret was empty, nevisMeta stored it as an empty string. From now on, nevisMeta stores an empty client secret as NULL.
  • FIXED: When restoring a deleted future state, the default validity option was Valid immediately, which not only reset the state, but changed the date as well. The default is now Keep validity date as is. This change also corrects the behavior of the function Restore overrides future state changes, which erroneously restored past states as well.

nevisMeta 1.5.8.0 LTS - 17.02.2021

Changes and new features

General

  • CHANGED: As of this release, it is possible to create clients with an empty grant_type and response_type via the REST API. Because of this change, the behavior of the REST API is now in line with that of the Web Console when creating a new client.
  • FIXED: The bug where a resource server disappeared from its original setup after you exported and reimported the server into another setup.
  • FIXED: The bug where responses in the REST API contained the Expires field twice. One of these fields was incorrect (it showed an 1970 expiry date). Now the field appears only once and with the correct value.
  • FIXED: The bug where the mapping of roles and userID using the Ninja configuration in the file nevismeta.properties did not work correctly.
  • FIXED: The bug where a previously deleted, now restored setup state was valid from noon the next day, instead of immediately.

Breaking changes

  • You can now create a new nevisMeta database with the nevismeta command (see the chapter Persistence backend]. It is no longer possible to do this in the old way.

nevisMeta 1.5.7.55 LTS - 19.11.2020

This is a technical release.

Changes and new features

There are no changes or new features.

nevisMeta 1.5.6.4 LTS - 19.08.2020

Changes and new features

General

  • NEW: nevisMeta now supports enabling hostname verification when client authentication is required in a standalone deployment. See the new verify-hostname attribute in the "Deployment Types" chapter of the reference guide for additional information.
  • FIXED: The bug that caused the nevismeta status command to write warning messages such as "lsof: WARNING: can't stat() ..." in the standard output (standalone deployment type) has been fixed.
  • FIXED: We fixed a bug related to spaces inside jvm arguments in JAVA_OPTS (env.conf) for Standalone deployments. It caused an error: "Error: Could not find or load main class" and prevented nevisMeta from starting. New definition syntax as array is introduced for JAVA_OPTS, which now also allows comments to be used between new lines. The old string type definition is still supported, but to fix the previously mentioned error, you will need to change to the array type definition. For more, see the "Deployment Types" chapter of the reference guide.

When directly using the server CLI to start nevisMeta, the manual sourcing of env.conf is no longer necessary. See the section "Example usage of the standalone CLI" in the "Deployment Types" chapter of the reference guide.

  • FIXED: An error message in the log files incorrectly stating certain configuration options to be invalid has been fixed.
  • FIXED: Syntax errors while installing nevisMeta RPM (Examples: "invalid format character", "invalid group ID") have been fixed.
  • FIXED: A typo in the configuration property server.auth.ninja.log-debug, server.auth.ninja.log_debug prevented detailed Ninja debug logs even if the appropriate package was set in the log4j.xml. This is now fixed.
  • FIXED: The Cancel button was not working properly when editing the Client / Resource server name on the UI.

nevisMeta 1.5.5.3 LTS - 07.05.2020

Changes and new features

General

  • CHANGED: The web-based tool for migrating to MariaDB has been replaced by a command line tool. For more information, see Migrating from Couchbase to MariaDB. This tool is experimental.
  • DEPRECATED: REST services no longer include the identifier links in the response header.

This change might break existing deployments. If the identifiers in the response headers must be present, add the response.linkheader.enabled attribute to the nevismeta.properties configuration file. Set the attribute's value to "true".

Note that enabling this attribute may result in errors. This happens if the number of results in the query return exceeds the HTTP header size limit.

This backwards compatibility mode might be removed in future releases.

nevisMeta 1.5.4.2 LTS - 10.04.2020

Changes and new features

General

  • FIXED: A concurrency issue that generated unauthorized (401) and forbidden (403) HTTP errors.
  • FIXED: A bug that caused a WARNING being logged on startup due to an incorrect configuration of the HTTP server in standalone deployments. Now, the HTTP server in standalone deployments is properly configured.

nevisMeta 1.5.4.1 LTS - 20.02.2020

Changes and new features

General

  • DEPRECATED: The GlassFish deployment has been deprecated. It will be removed in future releases. It is recommended using the standalone deployment instead.
  • DEPRECATED: The Couchbase Server persistence backend has been deprecated. Support will remain available in the LTS version. However, it is not recommended that you continue using Couchbase. Migrate to MariaDB instead.

nevisMeta 1.5.3.71 LTS - 20.11.2019

Initial Long Term Support Release

Changes and new features

General

  • CHANGED: Revocation console improvements. (Tickets NEVISMETA-1108, NEVISMETA-1143)
  • CHANGED: Enable OAuth2 public clients with optional client secret. (Ticket NEVISMETA-1139)
  • CHANGED: nevisMeta supports PKCE mode from now on. Refer to
  • CHANGED: Implement a mechanism to trigger the database schema update manually (mariaDb only). (Tickets NEVISMETA-1091, NEVISMETA-1146)
  • CHANGED: Make Management Probes host configurable by adding a new key "management.server.host" in config file. (Ticket NEVISMETA-1039)
  • FIXED: The bug where duplicate error messages are shown when creating "Resource server" without "Entity name". (Ticket NEVISMETA-1019)
  • FIXED: The bug where all the scheduled deleted states were restored when the user restored a state. (Ticket NEVISMETA-729)
  • FIXED: The bug where the user is not able to restore the scheduled delete state on the same date. (Ticket NEVISMETA-713)
  • FIXED: The bug where the icon of "Force Reauthentication" is incorrect when the default value is "Reauthentication enforced". (Ticket NEVISMETA-852)
  • FIXED: The bug that prevents the user from restoring a deactivated entity on the same date as delete date. (Ticket NEVISMETA-1121)
  • FIXED: The bug where the user can input "zero" values into "TTL" fields when creating or editing an entity. (Ticket NEVISMETA-1125)
  • FIXED: Improve Repair tool to remove AuthorizationServer. (Ticket NEVISMETA-1168)

Known bug

  • Only on couchbase, due to the limited function of couchbase. The total results always show the total number of refresh tokens/ persisted consents in database instead of the finding result.

Upgrading from nevisMeta 1.5.2.1

Couchbase as persistence backend

There are no changes to the data model and configuration properties.

MariaDB as persistence backend

As from this release, 1.5.3.71, nevisMeta supports PKCE, there is an update in the mariaDB database structure. To migrate to the newest database version, refer to(.