Page tree

CEF DIGITAL home page

eID Services


eIDAS-Node version 1.4.5


Current release

This page contains a collection of the resources for the eIDAS-Node version 1.4.5, released on 11th April 2019.





Download eIDAS-Node v1.4.5


Bugs, issues or suggestions?

or email cef-eid-support@ec.europa.eu

Description

Release 1.4.5 of the eIDAS sample implementation for Member States is an all-in-one package for the Java platform including binary distributions for Glassfish, JBoss, Tomcat, WebLogic, WebSphere and the source code (Maven project). This release is based on version 1.1 of the eIDAS technical specifications and includes the following improvements and fixes:

Bug fixes:

  • N/A

Security fixes:

  • Bouncycastle dependency was upgraded from v1.52 to v1.60 clearing the following vulnerabilities:

EID-823        CVE-2016-1000338,           EID-824        CVE-2016-1000339,

EID-825        CVE-2016-1000340,           EID-826        CVE-2016-1000341,

EID-827        CVE-2016-1000342,           EID-828        CVE-2016-1000343,

EID-829        CVE-2016-1000344,           EID-830        CVE-2016-1000345,

EID-831        CVE-2016-1000346,           EID-832        CVE-2016-1000352,

EID-833        CVE-2017-13098,              EID-834        CVE-2018-1000613.


  • Bootstrap dependency was upgraded from v3.3.5 to v4.3.1 clearing the following vulnerabilities:

EID-802        Vulnerable version of Bootsrap,

EID-818        CVE-2018-14040,      EID-820        CVE-2018-14041,

EID-821        CVE-2018-14042,      EID-822        CVE-2019-8331.


Interoperability

  • This release has been successfully tested for interoperability with previous releases of eIDAS-Node versions of 2.2 and 1.4.4.
  • This release successfully tested and works with Middleware version 1.0.7.

Please consult the release notes and the Migration Guide for a more detailed description of the changes introduced with this release.

Member States can either use this release as a sample implementation for demonstration purposes or they can adapt it as a basis for their own eIDAS scheme.

The testing tools (demo SP, demo IdP) and the supplied Specific part, should be used for demo purposes only on your local machine, and should not be deployed in your infrastructure.

With each release, the CEF eID Team strives to improve users' CEF eID experience. Future versions of the eIDAS Technical Specifications will be further improved based on the feedback received on this current version.

Data integrity

MD5

SHA256


Release note


Release Note


Last updated 11 April 2019




Useful documentation 


eIDAS-Node Installation, Configuration and Integration Quick Start Guide 1.4.5
Describes how to quickly install a Service Provider, eIDAS-Node Connector, eIDAS-Node Proxy Service and IdP from the distributions in this release package. 
Facilitates migration from eIDAS-Node v1.4.4 to eIDAS-Node v1.4.5
Describes the steps involved when implementing a Basic Setup and goes on to provide detailed information required for customisation and deployment.
Describes the installation and configuration settings for Demo Tools (SP and IdP) supplied with the package for basic testing.
eIDAS-Node and SAML v1.4.1
Describes the W3C recommendations and how SAML XML encryption is implemented and integrated in eID. 
eIDAS-Node National IdP and SP Integration Guide v1.4.1
Provides guidance by recommending one way in which eID can be integrated into a national eID infrastructure for cross-border authentication.
eIDAS-Node Error and Event Logging v1.4.4
Provides information on the eID implementation of error and event logging as a building block for generating an audit trail of activity on the eIDAS Network. It describes the files that are generated, the file format, the components that are monitored and the events that are recorded.
Contains tables showing the error codes that could be generated by components along with a description of the error, specific behaviour and, where relevant, possible operator actions to remedy the error.
Describes the security considerations that should be taken into account when implementing and operating your eIDAS-Node scheme.
Licence
European Union Public Licence.