We are happy to announce the new PAS 5.1.0 which introduces several important improvements and bug fixes, listed below.

This is first large feature upgrade after the 5.0 technical upgrade end of 2023.
The new 5.1.0 version will be drastically easier to configure for administrators, due to a lot more built in support for SAML and OIDC protocols and enhanced guides.

1. New Authenticator architecture - with clear separation of protocols versus authentication methods, and new simplified configuration guides to support easier and faster configuration. Link to documentation here

2. OpenID Connect enhancements - significantly more OIDC functionality now available "out-of-the-box" in code instead of via manual configuration. Also some new OIDC support not previously possible, e.g Hybrid Flow support. Link to documentation here

3. Enable "Sign" transactions in BankID och Freja eID. Link to documentation for BankID here and Freja here

4. Other minor improvements

5. Defects fixed (see list  below)

We recommend using the new Authenticators for all new implementations.

Customers and partners who are already using legacy Authenticators, can continue to use these but are advised to gradually transition configurations to the new setup whenever suitable or possible.

Please read documentation under Authentication in PAS 5.1 and beyond to get more familiar with the new solution. 

PHX-3314 Sessioner/traceid mixed in logs
TraceID in logs are sometimes mixed between sessions. Issue resolved

PHX-3316 Redirect URI should not require port component for loopback redirects
Fix for adhering to OAuth 2.0 specification (port number should not be required in URI for loopback redirects)

PHX-3359 Myapps favicon are overwritten
Favicon for myapps is not the one stated in mods overlay. Issue resolved

PHX-3368 Incorect icon after new installation is completed
During installation process an old PhenixID logo is shown. Issue resolved

PHX-3390 Missing dependency: com.verisec:RelyingPartyApiClient cause FrejaEIDAuthenticatorSAML to not work
The jarfile RelyingPartyApiClient.jar is missing in the installation. Issue resolved

PHX-3393 OWASP: nimbus-jose-jwt-9.31.jar: CVE-2023-52428(7.5)
Vulnerability CVS-2023-52428 identified. Issue resolved

PHX-3420 SAML2SithsEID authenticator NullPointerException
SAML2SithsEID crashes when using SITHS EID in PAS 5.x. Issue resolved

PHX-3421 OWASP: postgresql-42.6.0.jar: CVE-2024-1597(10.0)
Vulnerability CVS-2024-1597 identified. Issue resolved

PHX-3428 Slow or hangning http-klient at reconf
HTTP client sometimes hangs after reconf. Issue resolved

PHX-3475 BankID: QR-codes go out of sync
Animated QR code could get out of synch if waiting too long. Issue resolved

PHX-3484 Freja dose not do a app switch after approval
After successful Freja eID identification, phone doesnt switch back to app initiating authorization. Issue resolved

PHX-3487 DestinationServiceName is being logged wrong in new authenticators
Log contains IdP name instead of SP name, OIDC OP instead of RP. Issur resolved