BUG-1

Unique error codes created for each SKFS web service input

Many generic error codes have been replaced with unique error codes for each input in the SKFS web services. In addition, most generic error codes have either been updated with more apt descriptions or replaced by more accurate errors.

For more information on error codes and their meanings, click here.

BUG-2

HTTP 500 errors enclosed in HTML blob removed

Specific errors that returned an HTTP 500 Error enclosed within an HTML blob have been fixed to show an error code. Most of these error codes returned are the newly created codes from BUG-1.

BUG-3

Upper limit property for user session map timeout is ignored

The FIDO Server has a property that defines the timeout for the user session object that is stored in a map. There was a bug in code that ignored this property if it was set to anything above five minutes.

Code has now been modified to read and use the value specified regardless of what it is.

RFE-10

Add more details to the webservice response

By default, SKFS responds to web services with a success/failure message only but there may be requirements to fetch more data in the response objects during a registration or authentication web service and this version introduces three(3) configuration properties which will define the responses.

# Property to determine if webservices should return detailed information in response.
skfs.cfg.property.return.responsedetail=false

#Property to determine what webservices should return the detailed information
# Default : R,A ( Reg / Auth )
# Comma separated list of all the allowed web services example : R, or R,A or A and so on
skfs.cfg.property.return.responsedetail.webservices=R,A

# Property to determine the format for the response details that can be returned if the
# skfs.cfg.property.return.responsedetail property is set to true
# Allowed values : default | webauthn2
# Default value : default
skfs.cfg.property.return.responsedetail.format=default

# Property to determine if webservices should return detailed information in response. (Default is false)

skfs.cfg.property.return.responsedetail=false

This property defines what webservices will return detailed responses. It is a comma separated list and can contain only the following Registration (R) , Authentication (A). This property is only relevant if the "skfs.cfg.property.return.responsedetail" is set to true.

skfs.cfg.property.return.responsedetail.webservices=R,A

This property defines what the format will be for the detailed responses. Allowed values: default or webauthn2. This property is only relevant if the "skfs.cfg.property.return.responsedetail" is set to true.

skfs.cfg.property.return.responsedetail.format=default

RFE-17

Remove the rawid (credential id) print statements from server log

Currently SKFS prints the object generated by the authenticator for either registration or authentication and it contains rawid and id as well. The code has been modified to not print those id's in the server log except for when its returning detailed responses.

RFE-18

Modify De-register webservice behavior

Prior to SKFS 4.6.0, the deregister webservice deletes the FIDO credential from the fido_keys table in the database. This has been changed in this release to mark the key as "Deleted" in the status field and also update the credential id and the public key to the string "removed" in the database record. (The fido_keys database table has been modified and the status column has the 'Deleted' status added to it).

RFE-19

Change SKFS default java from JDK 8 to JDK 11

The SKFS has been upgraded to use JDK 11 by default.

RFE-20

Upgrade software distribution versions

Payara has been upgraded from version 5.2020.7 to 5.2021.6. MariaDB has been upgraded from version 10.5.8 to 10.6.8.