Hi all, Tested - Password recovery with email notification - Password recovery with security questions. - Password history validation. - Password Pattern validations.
No blocking issues were found. *[+] Stable - Go ahead and release.* Thanks Isura. On Fri, Sep 14, 2018 at 6:28 AM Rushmin Fernando <[email protected]> wrote: > I tested following scenarios with MySQL 5.7 > > *Configurations* > Email username was enabled. > OAuth token encryption was enabled. > Internal keystore was configured. > > *Scenarios* > > > SCIM API > ------------- > > Create a user in primary user store and a JDBC secondary user store > Get user > Create group > Assign a user to a group > Remove a user from a group > Delete user > Delete group > > DCR API > ------------ > > Create application > Delete application > > Application Management - SOAP API > -------------------------------------------------- > > Update SP with a certificate and a new owner > Delete SP > > SCOPE API > ---------------- > > Create scope > Get scope > Delete scope > > Identity Provider Management - SOAP API > --------------------------------------------------------- > > Create IDP > Update IDP with a certificate > Delete IDP > > OAuth Token API > ------------------------ > Token with client credentials and password grant types > Token introspection > > [+] Stable - Go ahead and release > > On Fri, Sep 14, 2018 at 2:00 AM Ashen De Silva <[email protected]> wrote: > >> Hi All, >> >> I have tested the following scenarios with the H2 default database. >> >> - Configuring a service provider for OAuth/OpenID Connect and >> authenticating with the playground2 app. >> - Configuring a service provider for SAML SSO. >> - Add user, roles, and update permissions. >> >> *[+] Stable - Go ahead and release* >> >> Regards, >> Ashen >> >> >> On Thu, Sep 13, 2018 at 11:31 PM, Tharindu Edirisinghe < >> [email protected]> wrote: >> >>> Evaluated the static code analysis and dynamic security analysis reports. >>> >>> All the flagged issues are found to be false positives. >>> >>> [+] Stable in terms of security - Go ahead and release >>> >>> Thanks, >>> Tharindu Edirisinghe >>> >>> On Thu, Sep 13, 2018 at 10:48 PM Pamoda Wimalasiri <[email protected]> >>> wrote: >>> >>>> Hi all, >>>> >>>> I tested below scenarios with DB2 database. >>>> >>>> - Self-registration and account confirmation >>>> - Self-registration consent purposes >>>> - Just-In-Time Provisioning Consent Purposes >>>> - SAML2 Artifact binding and authenticate >>>> >>>> No blocking issues found. >>>> >>>> [+] Stable - Go ahead and release >>>> >>>> Thanks, >>>> Pamoda >>>> >>>> On Thu, Sep 13, 2018 at 10:39 PM Vihanga Liyanage <[email protected]> >>>> wrote: >>>> >>>>> Hi all, >>>>> >>>>> Tested below scenarios on IS 5.7.0-RC2 pack using the default H2 >>>>> database and Postgres SQL database. >>>>> >>>>> - Started with *-Dsetup* property in Postgres and DB scripts >>>>> executed without any issues. >>>>> - Add service provider, configured SAML SSO, authenticate with *the >>>>> dispatch *sample web app. >>>>> - Enable SAML2 Artifact binding and authenticate. >>>>> - Add SP certificate, enable signature validation in SAML2 >>>>> artifact resolve request and authenticate. >>>>> - Add new SP with Open ID OAuth/OpenID Connect Configuration and >>>>> authenticate with *the playground *sample web app. Tested all >>>>> OAuth grand types. >>>>> - Add SP certificate, enable ID token encryption, authenticate and >>>>> decrypt the encrypted ID token by providing the private key of the SP. >>>>> >>>>> No blocking issues found. >>>>> >>>>> [+] Stable - Go ahead and release >>>>> >>>>> Best regards, >>>>> Vihanga. >>>>> >>>>> On Thu, Sep 13, 2018 at 10:14 PM Janak Amarasena <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> Tested below scenarios with MySQL 5.7, >>>>>> >>>>>> - Self-Registration and Account Confirmation. >>>>>> - Configure Just-In-Time Provisioning Consent Purposes. >>>>>> - Add user, add roles, add permissions >>>>>> - UMA 2.0 flow >>>>>> - Obtain access token using password grant. >>>>>> - Create, delete, update, list resources and read resource >>>>>> description of a resource by invoking UMA resource registration >>>>>> endpoint. >>>>>> - Entitlement policy creation using write policy in xml and >>>>>> publishing. >>>>>> - Obtain permission ticket by invoking UMA permission endpoint. >>>>>> - Configure a service provider with OpenID Connect and obtain >>>>>> access token using UMA grant. >>>>>> - Invoke the OAuth Introspection Endpoint. >>>>>> - Enable SAML2 Artifact binding and authenticate >>>>>> >>>>>> No blocking issues found. >>>>>> >>>>>> [+] Stable - Go ahead and release >>>>>> >>>>>> Best Regards, >>>>>> Janak >>>>>> >>>>>> >>>>>> On Thu, Sep 13, 2018 at 10:10 PM, Tharindu Bandara < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi all, >>>>>>> >>>>>>> I have tested the following scenarios on IS 5.7.0 RC3 pack using >>>>>>> MySQL 5.7 database and did not encounter any issues. >>>>>>> >>>>>>> - Configuring a service provider for adaptive authentication. >>>>>>> - Configuring Role-Based Adaptive Authentication. >>>>>>> - Configuring User-Age-Based Adaptive Authentication. >>>>>>> - Configuring IP-Based Adaptive Authentication. >>>>>>> - Configuring New-Device-Based Adaptive Authentication. >>>>>>> - Using WSO2 Stream Processor for Adaptive Authentication. >>>>>>> - Configuring Risk-Based Adaptive Authentication. >>>>>>> - Configuring login-based adaptive authentication. >>>>>>> >>>>>>> [+] Stable - Go ahead and release. >>>>>>> >>>>>>> On Thu, Sep 13, 2018 at 10:05 PM Winma Heenatigala <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>> I have tested the following with Oracle and no issues were found. >>>>>>>> >>>>>>>> - Configuring Just-In-Time Provisioning Consent Purposes >>>>>>>> - Self-Registration and Account Confirmation >>>>>>>> - Configuring SAML 2.0 Artifact Binding >>>>>>>> - Add user, add roles, add permissions >>>>>>>> >>>>>>>> [+] Stable - Go ahead and release >>>>>>>> >>>>>>>> Thanks, >>>>>>>> Winma >>>>>>>> >>>>>>>> >>>>>>>> On Thu, Sep 13, 2018 at 9:03 PM, Minoli Perera <[email protected]> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Hi, >>>>>>>>> >>>>>>>>> Tested below scenarios on IS 5.7.0-RC3 pack with Oracle database >>>>>>>>> setup, >>>>>>>>> >>>>>>>>> - Self-Registration and Account Confirmation. >>>>>>>>> - Configure Just-In-Time Provisioning Consent Purposes. >>>>>>>>> - Add user, add roles, add permissions. >>>>>>>>> >>>>>>>>> No blocking issues found. >>>>>>>>> >>>>>>>>> [+] Stable - Go ahead and release >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> >>>>>>>>> On Thu, Sep 13, 2018 at 8:55 PM Chamath Samarawickrama < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Hi, >>>>>>>>>> >>>>>>>>>> I tested the following on* IS 5.7.0-RC3* using a *DB2* database >>>>>>>>>> setup. >>>>>>>>>> >>>>>>>>>> Configuring a Service Provider for Adaptive Authentication. >>>>>>>>>> Adaptive Authentication with, >>>>>>>>>> >>>>>>>>>> - Role-Based template >>>>>>>>>> - User-Age-Based template >>>>>>>>>> - Tenant-Based template >>>>>>>>>> - User Store-Based template >>>>>>>>>> - IP-Based template >>>>>>>>>> - New-Device-Based template >>>>>>>>>> - ACR-Based template >>>>>>>>>> - Login-Based template >>>>>>>>>> >>>>>>>>>> Configuring user input prompt templates in Adaptive >>>>>>>>>> Authentication. >>>>>>>>>> Using WSO2 Stream Processor for Adaptive Authentication >>>>>>>>>> >>>>>>>>>> - Tested with Risk-Based template >>>>>>>>>> >>>>>>>>>> No blocking issues were found. >>>>>>>>>> >>>>>>>>>> *[+] Stable - Go ahead and release.* >>>>>>>>>> >>>>>>>>>> On Thu, Sep 13, 2018, 19:09 Senthalan Kanagalingam < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> Hi all, >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> We are pleased to announce the third release candidate of WSO2 >>>>>>>>>>> Identity Server 5.7.0. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> This release fixes the following issues, >>>>>>>>>>> >>>>>>>>>>> - >>>>>>>>>>> >>>>>>>>>>> 5.7.0-RC2 fixes >>>>>>>>>>> <https://github.com/wso2/product-is/milestone/58?closed=1> >>>>>>>>>>> - >>>>>>>>>>> >>>>>>>>>>> 5.7.0-RC1 fixes >>>>>>>>>>> <https://github.com/wso2/product-is/milestone/52?closed=1> >>>>>>>>>>> - >>>>>>>>>>> >>>>>>>>>>> 5.7.0-Beta2 fixes >>>>>>>>>>> <https://github.com/wso2/product-is/milestone/57?closed=1> >>>>>>>>>>> - >>>>>>>>>>> >>>>>>>>>>> 5.7.0-Beta fixes >>>>>>>>>>> <https://github.com/wso2/product-is/milestone/54?closed=1> >>>>>>>>>>> - >>>>>>>>>>> >>>>>>>>>>> 5.7.0-Alpha3 fixes >>>>>>>>>>> <https://github.com/wso2/product-is/milestone/53?closed=1> >>>>>>>>>>> - >>>>>>>>>>> >>>>>>>>>>> 5.7.0-Alpha2 fixes >>>>>>>>>>> <https://github.com/wso2/product-is/milestone/51?closed=1> >>>>>>>>>>> - >>>>>>>>>>> >>>>>>>>>>> 5.7.0-Alpha fixes >>>>>>>>>>> <https://github.com/wso2/product-is/milestone/50?closed=1> >>>>>>>>>>> - >>>>>>>>>>> >>>>>>>>>>> 5.7.0-M5 fixes >>>>>>>>>>> <https://github.com/wso2/product-is/milestone/49?closed=1> >>>>>>>>>>> - >>>>>>>>>>> >>>>>>>>>>> 5.7.0-M4 fixes >>>>>>>>>>> <https://github.com/wso2/product-is/milestone/48?closed=1> >>>>>>>>>>> - >>>>>>>>>>> >>>>>>>>>>> 5.7.0-M3 fixes >>>>>>>>>>> <https://github.com/wso2/product-is/milestone/47?closed=1> >>>>>>>>>>> - >>>>>>>>>>> >>>>>>>>>>> 5.7.0-M2 fixes >>>>>>>>>>> <https://github.com/wso2/product-is/milestone/46?closed=1> >>>>>>>>>>> - >>>>>>>>>>> >>>>>>>>>>> 5.7.0-M1 fixes >>>>>>>>>>> <https://github.com/wso2/product-is/milestone/45?closed=1> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Source and distribution, >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Runtime - >>>>>>>>>>> https://github.com/wso2/product-is/releases/v5.7.0-rc3 >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Please download, test the product and vote. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> [+] Stable - go ahead and release >>>>>>>>>>> >>>>>>>>>>> [-] Broken - do not release (explain why) >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Thanks, >>>>>>>>>>> >>>>>>>>>>> - WSO2 Identity and Access Management Team - >>>>>>>>>>> -- >>>>>>>>>>> >>>>>>>>>>> *Senthalan Kanagalingam* >>>>>>>>>>> *Software Engineer - WSO2 Inc.* >>>>>>>>>>> *Mobile : +94 (0) 77 18 77 466* >>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>> >>>>>>>>>> _______________________________________________ >>>>>>>>>> Dev mailing list >>>>>>>>>> [email protected] >>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Minoli Perera, >>>>>>>>> Software Engineer, WSO2, Inc. >>>>>>>>> E-mail : [email protected] >>>>>>>>> Mobile : +94771567527 >>>>>>>>> <http://wso2.com/signature> >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> Dev mailing list >>>>>>>>> [email protected] >>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> >>>>>>>> *Winma Heenatigala* >>>>>>>> *Trainee Software Engineer | WSO2* >>>>>>>> >>>>>>>> *Mobile : +94719132444* >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Architecture mailing list >>>>>>>> [email protected] >>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> *Tharindu Bandara* >>>>>>> Software Engineer | WSO2 >>>>>>> >>>>>>> Email : [email protected] >>>>>>> Mobile : +94 714221776 >>>>>>> web : http://wso2.com >>>>>>> <https://www.google.com/url?q=http://wso2.com&sa=D&ust=1517653383990000&usg=AFQjCNFggB4bSJTKmdqKcBV0VY9xx1ABKg> >>>>>>> >>>>>>> https://wso2.com/signature >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Dev mailing list >>>>>>> [email protected] >>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> *Janak Amarasena* >>>>>> >>>>>> Software Engineer >>>>>> >>>>>> Email: [email protected] >>>>>> >>>>>> Mobile: +94777764144 >>>>>> >>>>>> Web: https://wso2.com >>>>>> >>>>>> >>>>>> <http://wso2.com/signature> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> [email protected] >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>> >>>>> >>>>> -- >>>>> >>>>> Vihanga Liyanage >>>>> >>>>> Software Engineer | WS*O₂* Inc. >>>>> >>>>> M : +*94710124103* | http://wso2.com >>>>> >>>>> [image: http://wso2.com/signature] <http://wso2.com/signature> >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>> >>>> >>>> -- >>>> >>>> *Pamoda Wimalasiri* >>>> Software Engineer - WSO2 >>>> >>>> Email : [email protected] >>>> Mobile : +94713705814 <+94%2077%20936%207571> >>>> Web : https://wso2.com/ >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>> >>> >>> -- >>> >>> Tharindu Edirisinghe >>> Associate Technical Lead | WSO2 Inc >>> Platform Security Team >>> Blog : http://tharindue.blogspot.com >>> mobile : +94 775181586 >>> >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> *Ashen De Silva* >> Intern - Software Engineering >> >> WSO2, Inc. >> Mob: +94 71 349 8442 >> Web: http://wso2.com >> >> >> <https://us18.wso2con.com/?utm_source=emailsignature&utm_medium=email&utm_campaign=emailsignatureclick_events> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > -- > *Best Regards* > > *Rushmin Fernando* > *Technical Lead* > > WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware > > mobile : +94775615183 > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- *Isura Dilhara Karunaratne* Associate Technical Lead | WSO2 <http://wso2.com/> *lean.enterprise.middleware* Email: [email protected] Mob : +94 772 254 810 Blog : http://isurad.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
