# |
Explanation |
RFE-24 |
Server ID added to logged TXIDs A server ID has been added to the TXID printed in the Payara logs to help with logging conflicts across the cluster. Old TXID: [TXID=71-1671722582291]
New TXID: [TXID=2-168-1671488338984]
|
RFE-25 |
TTE logged for expected errors SKFS previously printed a Time To Complete (TTC) for every successful transaction but it does not have anything similar for failures/errors. SKFS version 4.8.0 will introduce a Time To Error (TTE) for expected failures/errors encountered in the server. Example of logged TTE: FIDO-ERR-0003: Error during calling web service: [TXID=1-77-1671497178295, START=1671497178305, FINISH=1671497178323, TTE=18]]]
|
RFE-26 |
Add Application TXID to logs Add the ability for an application to optionally add a custom "appTXID" within a web service reqeust's payload object. This appTXID will be logged along with the TXID. The updated request bodies can be found here. Example of logged appTXID: [TXID=1-77-1671754556627, appTXID=CustomAppTXID]
|
RFE-27 |
Obfuscate IDs printed in server logs Instead of logging the whole id, rawId, and credentialId in both register and authenticate web services, obfuscate them by only logging the first and last 8 (default) characters of the strings, while still returning the whole string in the web service responses. A new skfs configuration has been added: "skfs.cfg.property.return.obfuscation.limit" Ex: When the id, rawId, or credentialId "abcdefghijklmnopqrstuvwxyz" is obfuscated...
The web service response does not change, showing the entirety of the id/rawId/credentialId. |
RFE-29 |
Add cross origin support in FIDO policy SKFS administrators may now specify whether cross-origin requests are allowed in the SKFS. If so, they may specify from which origins the SKFS will process requests. Here is a detailed example of the SKFS FIDO policy. An example cross origin policy key would look like the following: { "FidoPolicy": { |
BUG-8 |
Add support for EC keys for Windows 11 22H2 in TPM 2.0 version TPM 2.0 started issuing Elliptic-Curve (EC) keys in Windows 11 22H2. Earlier versions of the FIDO Server only supported RSA and have now added the capability to handle EC keys. |