Access Manager 4.5 Service Pack 4 (4.5.4) includes enhancements, improves usability, and resolves several previous issues.
Many of these improvements are made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the Access Manager forum on our community website that also includes product notifications, blogs, and product user groups.
For information about the previous release, see Access Manager 4.5 Service Pack 3 Release Notes.
For more information about this release and for the latest release notes, see the Documentation page. To download this product, see the Product page.
If you have suggestions for documentation improvements, click comment on this topic at the bottom of the specific page in the HTML version of the documentation posted at the Documentation page.
For information about Access Manager support lifecycle, see the Product Support Lifecycle page.
This release adds the following enhancements:
Support for configuring contracts for WS-Federation based applications. This feature allows configuring step-up authentication for applications such as, Sharepoint, Office365, that use WS-Federation protocol. For more information, see Defining Options for WS Federation Service Provider Service Provider and Contracts Assigned to a WS Federation Service Provider.
Support for entityID in WS-Federation schema. This support enables multiple federation configuration against WS-Federation targets. For more information, see Configuring WS Federation.
Support for configuring virtual attributes in WS-Federation tokens.
Introduced advanced option RedirectTargetWhiteList <comma separated list of DNSname> to define redirection of Whitelist. For more information see, Access Gateway Advanced Options.
This release adds support for the following software:
Tomcat 8.5.66
Open SSL 1.0.2y
Angular 1.8.2
Bootstrap 4.5.3
jQuery 3.6.0
This release includes the following software fixes:
|
Component |
Bug ID |
Issue |
|---|---|---|
|
Security |
331007 |
Information disclosure issue. |
|
Security |
331008 |
Malformed XML is causing service disruption issue. |
|
Security |
331013 |
Cross-site scripting attack vulnerability. |
|
Identity Provider |
331011 |
The issue with restriction on direct access to files in nidp folder. For more information, see Restricting the Direct Access to Files in the nidp Folder. |
|
Access Gateway |
331009 |
By default, a constant passcode is used to communicate between HTTPD and tomcat. For higher security, you can change this passcode. For more information, see AJP Communication Setting for Access Gateway. |
|
SAML2.0 |
324196 |
When using external Identity Server combined with step-up authentication, authentication to SAML service provider does not work. |
|
SAML2.0 |
257109 |
Despite selecting a specific step-up authentication method for SAML, a default contract is selected as step-up on Access Manager Administration console. |
|
Active Directory |
327159 |
Access Manager does not allow logging in with expired password for active directory users. For more information, see Configuring Identity Servers Clusters. |
|
OAuth |
316329 |
This issue occurs with users using external SAML identity provider for user authentication while accessing OAuth or OpenID application. After enabling step-up authentication method, users are not redirected back to the OAuth application after authentication, as expected. |
After purchasing Access Manager 4.5.4, you can access the product in the Customer Center. The activation code is in the Customer Center where you download the software. For more information, see Customer Center Frequently Asked Questions.
Log in to the Software License and Download portal.
Click Software.
On the Entitled Software tab, click the appropriate version of Access Manager for your environment to download the product.
The following files are available:
Table 1 Files Available for Access Manager 4.5.4
|
Filename |
Description |
|---|---|
|
AM_454_AccessManagerService_Linux64.tar.gz |
Contains Identity Server and Administration Console .tar file for Linux. |
|
AM_454_AccessManagerService_Win64.zip |
Contains Identity Server and Administration Console .exe file for Windows Server. |
|
AM_454_AccessGatewayAppliance_OVF.tar.gz |
Contains Access Gateway Appliance OVF template. |
|
AM_454_AccessGatewayAppliance.tar.gz |
Contains Access Gateway Appliance .tar file. |
|
AM_454_AccessGatewayService_Win64.zip |
Contains Access Gateway Service .exe file for Windows Server. |
|
AM_454_AccessGatewayService_Linux64.tar.gz |
Contains Access Gateway Service .tar file for Linux. |
|
AM_4531_50_AnalyticsDashboard.tar.gz |
Contains Analytics Dashboard .tar file. |
For information about the upgrade paths, see Supported Upgrade Paths
For more information about installing and upgrading, see the NetIQ Access Manager 4.5 Installation and Upgrade Guide
For more information about system requirements, see NetIQ Access Manager System Requirements
After upgrading to Access Manager 4.5.4, verify that the version number of the component is indicated as 4.5.4.0-25. To verify the version number, perform the following steps:
In Administration Console Dashboard, click Troubleshooting > Version.
Verify that the Version field lists 4.5.4.0-25.
To upgrade to Access Manager 4.5.4, you need to be on one of the following versions of Access Manager:
4.5 Service Pack 3 Patch Update 3
4.5 Service Pack 3 Hotfix 1
4.5 Service Pack 3
4.5 Service Pack 2 Hotfix 2
4.5 Service Pack 2 Hotfix 1
4.5 Service Pack 2
NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. There are no new issues other than the issues mentioned in Access Manager 4.5 Service Pack 3 Release Notes. If you need further assistance with any issue, please contact Technical Support.
Our goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you.
For detailed contact information, see the Support Contact Information website.
For general corporate and product information, see the NetIQ Corporate website.
For interactive conversations with your peers and NetIQ experts, become an active member of our community. The NetIQ online community provides product information, useful links to helpful resources, blogs, and social media channels.
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.
Copyright © 2021 NetIQ Corporation. All Rights Reserved.