eIDAS-Node version 1.4.4
This page contains a collection of the resources for the eIDAS-Node version 1.4.4, released on 18th December 2018.
Description
Release 1.4.4 of the eIDAS sample implementation for Member States is an all-in-one package for the Java platform including binary distributions for Glassfish, JBoss, Tomcat, WebLogic, WebSphere and the source code (Maven project). This release is based on version 1.1 of the eIDAS technical specifications and includes the following improvements and fixes:
Message logging improvements:
- Improved the logging trail to address gaps with respect to message id and node id for entities with which the eIDAS-Node interacts, e.g., SP and IdP. (EID-667)
Bug fixes:
- (EID-652) Problem in validation of entityID of SP
Security fixes:
- (EID-658) Interference with audit trail
- (EID-671) Exposure to host header poisoning
- Upgraded the dependencies listed below to avoid the vulnerabilities (CVEs) corresponding to their previous versions:
- Spring Framework to v4.3.18 from v4.1.0.
- Xerces to v2.12 from v2.11.
- JQuery to v3.3.1 from v1.11.3
Interoperability
- This release has been successfully tested for interoperability with previous releases of eIDAS-Node versions of 2.2 and v1.4.3.
- This release successfully tested and works with Middleware versions1.0.6 and 1.0.7.
Please consult the release notes and the Migration Guide for a more detailed description of the changes introduced with this release.
Member States can either use this release as a sample implementation for demonstration purposes or they can adapt it as a basis for their own eIDAS scheme.
The testing tools (demo SP, demo IdP) and the supplied Specific part, should be used for demo purposes only on your local machine, and should not be deployed in your infrastructure.
With each release, the DIGITAL eID Team strives to improve users' DIGITAL eID experience. Future versions of the eIDAS Technical Specifications will be further improved based on the feedback received on this current version.
Data integrity
Release note
Useful documentation
eIDAS-Node Installation, Configuration and Integration Quick Start Guide 1.4.4 | Describes how to quickly install a Service Provider, eIDAS-Node Connector, eIDAS-Node Proxy Service and IdP from the distributions in this release package. |
Facilitates migration from eIDAS-Node v1.4.3 to eIDAS-Node v1.4.4 | |
Describes the steps involved when implementing a Basic Setup and goes on to provide detailed information required for customisation and deployment. | |
Describes the installation and configuration settings for Demo Tools (SP and IdP) supplied with the package for basic testing. | |
eIDAS-Node and SAML v1.4.1 | Describes the W3C recommendations and how SAML XML encryption is implemented and integrated in eID. |
eIDAS-Node National IdP and SP Integration Guide v1.4.1 | Provides guidance by recommending one way in which eID can be integrated into a national eID infrastructure for cross-border authentication. |
eIDAS-Node Error and Event Logging v1.4.4 | Provides information on the eID implementation of error and event logging as a building block for generating an audit trail of activity on the eIDAS Network. It describes the files that are generated, the file format, the components that are monitored and the events that are recorded. |
Contains tables showing the error codes that could be generated by components along with a description of the error, specific behaviour and, where relevant, possible operator actions to remedy the error. | |
Describes the security considerations that should be taken into account when implementing and operating your eIDAS-Node scheme. | |
Licence | European Union Public Licence. |