AuthControl Sentry® updates¶
This section lists all the changes to the AuthControl Sentry®
New Features¶
- Log4j Update
The update of log4j to version 2.19.0 in this release is an important and necessary step in ensuring the security and stability of our software. With the recent discovery of vulnerabilities in log4j version 2, it is imperative to take measures and mitigate any potential risks. Updating log4j is not only a matter of addressing security concerns but also to ensure that the software remains up-to-date and compatible with other systems or dependencies. In addition, the update done stores logs directly in a database, making the stand-alone logviewer obsolete, and making log searching much faster.
- Spring Framework Update
This release features an important update to the Spring Framework, which addresses vulnerabilities present in previous versions. The Spring Framework is a widely-used Java-based framework that provides developers with an extensive set of tools and features for building enterprise-grade applications. This update ensures that the software remains secure and stable, providing customers with greater peace of mind. By mitigating these vulnerabilities, the update protects the application and ensures the integrity of customer systems. The update also ensures that the software remains compatible with other systems and technologies, providing a seamless experience for customers. Overall, this update to the Spring Framework represents a significant step in the commitment to providing secure and reliable software solutions.
- New transport integration with SaudiAlert
This release features an exciting new integration with Saudialert, a leading cloud-based SMS gateway provider based in Saudi Arabia. This integration enables Middle East customers to leverage Saudialert’s reliable SMS infrastructure directly from the software, allowing them to send SMS alerts and notifications with ease. This integration also offers greater flexibility and customization options for customers in the Middle East, allowing them to tailor their SMS messages to specific regions and languages. Overall, the integration with Saudialert SMS gateway provider provides a powerful and efficient SMS solution for Middle East customers to enhance their communication efforts.
- New Reports Available
This release includes the addition of new reports in Sentry, following several customer requests. These reports provide customers with valuable insights and analytics on their data, allowing them to make more informed decisions. The new reports cover a range of topics and have been designed to be user-friendly and intuitive. Customers can customize and filter the reports to meet their specific needs, and can easily export the data for further analysis. This new feature is a valuable addition to the application and demonstrates the commitment to meeting customer needs and providing a superior user experience.
- Appliance Identification
This release includes an important new feature for customers using the high-availability architecture of the product. The feature enhances the ability to identify whether writing to a shared database is being done by the primary or standby appliance. This is accomplished through the identification of the appliance in logs whenever a write occurs. In addition, the feature includes the ability to set different default configurations for scheduled jobs where required. This provides customers with greater visibility and control over their high-availability architecture, enabling them to monitor and manage the appliances more effectively.
Improvements¶
- Enhanced Authentication Error Messages
This release includes an important improvement to authentication error messages. Authentication errors are now more explicit and informative, providing administrators with a clearer understanding of the reason for the failed authentication. This feature provides system administrators with greater visibility into the cause of authentication failures, enabling them to more effectively manage user accounts and ensure the security of the system.
- Enhanced SCPinPad parameter handling
This release includes an enhancement in the SCPinPad API’s parameter handling. The padno parameter, which was originally intended to distinguish between multiple requests for the same username, has been updated to support a new behavior. These updates will provide improved flexibility and usability for integrations using the SCPinPad API.
Bug Fixes¶
- User Exist API fix
The User Existence API has been fixed to address an issue where it would check all user attributes, leading to inconsistencies or false positives. With this update, the API will only check for the username or altusername attribute, ensuring accurate results and reducing the potential for errors. It will also check any attributes defined as alternative usernames for the Agent making the request. This fix improves the reliability and accuracy of the User Existence API.
- API Improved Error Response
This issue was related to an API that previously would not provide a clear and descriptive error response when the request structure was incorrect. Instead, logs would print a Java error due to the lack of XML content in the response. With the bug fix, the API now provides an XML response that is more user-friendly and that indicates the reason for the error, making it easier to diagnose and address any issues.
- Database Pooled Connection Error
This bug fix addresses an issue where the application logs were throwing an error due to a null pointer exception caused by a missing object in a specific scenario. The fix corrects the code to properly handle the missing object and prevent the error message. Fixed User Sync Crashing due to license limit Previous Sentry versions would crash the user sync service when the user license limit was reached. However, this issue has been resolved in the current version, and the user sync service will no longer crash when the user license limit is reached.
- Append PIN option not copied to TOTP on upgrade
In the previous version, the Append PIN option for OATH policies was only copied to HOTP on upgrade and not to TOTP. This led to inconsistencies in policy settings and configuration issues. With the latest bug fix this is properly copied to both HOTP and TOTP during upgrades, ensuring consistent policy settings for both types of OATH policies.
- Fixed incorrect message sent to user upon undelete or un-disable
In previous versions, when a user was undeleted or un-disabled, an incorrect message stating that the user was “unlocked” was sent. This has now been fixed, and the proper message is now sent to the user. This ensures that users receive accurate and appropriate messages, improving the overall user experience.
- Fixed issue with OATH and MobileApp
Previously, if a user with an OATH token entered a mobile app code, the OATH would fail and the logic would assume that the mobile app code was not applied. This issue has been fixed, and users with OATH tokens can now enter mobile app codes without any issues.
- Issues after switching from Shipping Database
A fix has been implemented for an issue related to switching from shipping database mode. The issue was caused by new flags in the database which required a tomcat restart. The issue has now been resolved and switch from shipping database mode will not cause previous issue.
- API locked policy
In Sentry last version, AdminAPI status flags had changes and “locked” attribute was no longer valid. Instead, the attribute “lockedByAdmin” should be used. For backward compatibility, both attributes will be accepted.
- HTML Message Preview not deconding
In Sentry last version, HTML preview doesn’t decode from base64 and messages were not properly previewed in browser. This issue has been fixed.
Further Assistance¶
If you are an existing customer and have purchased through a Swivel Secure Partner, please contact them for further assistance
If you are an Accredited Partner and you wish to raise a ticket.
As a customer with a Premium Maintenance Agreement, our team of security experts are here to help you 24/7. The service agreement you received categorises issues in priority order P1 through to P4.