Digital

Blog

European Commission Digital

SMP 4.2 released
Bogdan DUMITRIU posted on Jun 30, 2022

SMP 4.2 released

We are happy to announce that SMP 4.2 was released. SMP is the sample implementation of an eDelivery Service Metadata Publisher maintained by the European Commission.

SMP 4.2 includes a number of new features, improvements, and bug fixes, among which:

  • UI single sign-on authentication using an external CAS authentication server.
    Service providers can now seamlessly integrate the eDelivery SMP into their environment in a way that allows end users to access multiple applications while providing their credentials only once. This feature also provides a safer environment for the end users, as it allows SMP to authenticate without gaining access to a user's security credentials, such as a password.

  • Separate UI login credentials and Rest Service (API) credentials (access tokens).
    To allow more secure credential management for the end user, access tokens are now used for web service authentication, with the username/password only used for interactions with the user interface.
  • Extension framework: support for custom extensions for payload security verification (e.g., malware scanning).
    To ensure safe use of the eDelivery SMP, service providers can now create and deploy a custom-made SMP extension for security scanning of files uploaded by the end users.
  • Alert features: ability to send email notifications for alerts (e.g., when credentials are about to expire, failed logins, etc.)
    The eDelivery SMP will be able to send automated email alerts to end users before (and after) their credentials expire.
  • Configuration properties that can be now edited in the UI.
    No more manual database or file property updates and server restarts. Now SMP configuration can be altered using the Admin service console.
  • Admin UI services made accessible using a separate URL, avoiding the need to expose sensitive service to the Internet (e.g., it can be secured via a firewall).

  • Support for multivalued RDN certificates for authentication to SMP.
  • Support for SSLClientCert header authentication (base64-encoded X.509 certificate) when authenticating the client for the Rest Service (API) via reverse proxy.
  • X.509 certificate policy extension validation: the eDelivery SMP now has the option to restrict the valid certificates, which must have a certificate policy ID from the allowed list of policy IDs.
  • Support for participant identifiers without the scheme: they can now be used as service group identifiers.
  • Various security enhancements.

SMP 4.2 is backward compatible with 4.1.x.

You can find more information about the release on this page.

For more information, please contact us via our portal or by e-mail: EC-EDELIVERY-SUPPORT@ec.europa.eu

The eDelivery Building Block | SMP

eDelivery is a building block that provides technical specifications and standards, installable software and ancillary services to allow projects to create a network of nodes for secure digital data exchange.

SMP is the sample software provided by the European Commission to implement an eDelivery Service Metadata Publisher (SMP) for publishing and retrieving data necessary for an eDelivery party to dynamically configure its system for message exchange with counterparties using eDelivery. It is based on the eDelivery SMP profile, an open technical specification for publishing service metadata within a 4-corner network.


Photo by Shahadat Rahman on Unsplash