eIDAS-Node PRE- RELEASE version 2.6
Pre-release
This page contains a collection of the resources for the eIDAS-Node PRE-RELEASE version 2.6, released on 16th November 2021.
Description
PRE-Release 2.6 of the eIDAS sample implementation for Member States is an all-in-one package for the Java platform including binary distributions for WildFly, Tomcat, WebLogic, WebSphere and the source code (Maven project). This release is based on version 1.2 of the eIDAS Technical Specifications.
Main changes
- Addition of the support for PKCS11 AKA "HSM"
- Removal the in-code enforcement of the usage of the BouncyCastle provider
- Upgrade of OpenSaml dependencies from version 3.4.3 to version 4.1.1.
- Seeing as the migration to OpenSaml 4 requires an upgrade to Java 11 (11_0_20), the supported list of servers has been changed with server that can support java 11.
- The supported list of servers is now the following :
- Tomcat v9.0.x
- Wildfly 23.0.2 Final (Servlet Distribution)
- Weblogic 14.1.1.0.0
- WebSphere Liberty 21.0.0.5 (WebProfile 8
- Removal of Hazelcast support
- Simplification of the eIDAS-Node default parameters
- Preparation of the removal of stork's QAA related code
- Improvement of (default) configuration for SAML engine
- ConfigurationSecurityBean code cleaning
- Replacement of JKS keystores by PKCS12 keystores inside the sources
- Disabled support for TLSv1.0 & TLSv1.1 in Java 11 revision 11
- New metadata signature algorithm configuration entry
- New key encryption Agreement Method algorithm configuration Entry
- Use SHA-256 as Digest method with RSA-OAEP encryption
- Error page adaptation to include contact details
- Remove validation of 2 maximum number of MDSs
- Junit tests coverage improvements
- Bug fixes
- Security fixes
- Source code fixes
- Documentation fixes
- Updates in dependencies
Interoperability
This PRE-Release has been successfully tested for interoperability with previous releases of eIDAS-Node versions v2.5.0 and v1.4.5
This PRE-Release was successfully tested and works with Middleware version 2.2.3
For a more detailed description of the changes introduced with this release please consult the section “3 Changes” found in the eIDAS-Node Migration Guide.
Member States can use this PRE-release as a sample implementation for validation purposes only.
The testing tools (demo SP, demo IdP), the supplied Specific part and the Simple Protocol, should be used for demo purposes only on your local machine, and should not be deployed in your infrastructure.
Member States may report any issue or bug related to the eIDAS-Node Pre-release v2.6. They can do so by raising a ticket at the DIGITAL eID service desk and this before Christmas 2021
Data integrity
Release note
Useful documentation
Describes how to quickly install demonstration versions of an eIDAS-Node Connector, eIDAS-Node Proxy Service, Service Provider (SP) and Identity Provider (IdP) from the distributions in this release package to enable familiarity with the DIGITAL eID software. | |
Facilitates migration from eIDAS-Node v2.5 to eIDAS-Node v2.6 | |
Describes the steps involved when implementing a Basic Setup and goes on to provide detailed information required for customisation and deployment. Provides a comprehensive view of eID and its components (in terms of binaries, source code and configuration files). | |
Describes the installation and configuration settings for Demo Tools (SP and IdP) supplied with the package for basic testing. | |
Provides guidance by recommending one way in which the eIDAS-Node can be integrated into your national eID infrastructure. | |
Contains tables showing the error codes that could be generated by components along with a description of the error, specific behaviour and, where relevant, possible operator actions to remedy the error. | |
Provides information on the eID implementation of error and event logging as a building block for generating an audit trail of activity on the eIDAS Network. It describes the files that are generated, the file format, the components that are monitored and the events that are recorded. | |
Describes the W3C recommendations and how SAML XML encryption is implemented and integrated in eID. Encryption of the sensitive data carried in SAML 2.0 Requests and Assertions is discussed alongside the use of AEAD algorithms as essential building blocks. | |
eIDAS-Node Security Considerations v2.5 | The latest version of this document will be shared together with the final release of eIDAS-Node v2.6. The document describes the security considerations that should be taken into account when integrating and operating the DIGITAL eIDAS-Node v2.5. |
EUPL v1.2 | European Union Public License. |