Upgrade from previous version
Current version is pre 2.0
Even though PhenixID server is fully compliant with previous versions there are differences. Upgrades should not be done without contacting PhenixID.
When contacting PhenixID please add information about current usage of PhenixID server. This will help in assessing the work upgrading the system.
Current version is 2.0 or later
The installer will guide through the update. Be sure to backup the existing installation before starting the upgrade.
As always, verify customizations from earlier version and transfer to new installation if needed.
NOTE:
There has been changes to the "front end files" such as css, js and templates. If you see strange behavior with the web apps or authentication pages, please clear the browser cache.
From version 2.6 there has been a change to the template file used by One Touch.
The server will now look for this file in the folder /resources and the name of the default template file has changed from onetouch_template_json.template to ot_auth_template.json.
If there are One Touch scenarios configured in earlier versions, please go into the Configuration Manager, locate your scenario(s) for One Touch and click on the tab "Advanced".
Edit the name of the template file according to your environment.
If One Touch tokens have been enrolled in version 2.7 and before, you might see this error on startup.
Error: com.orientechnologies.orient.core.exception.OSchemaException: The database contains some schema-less data in the property 'DEVICES.created' that is not compatible with the type DATETIME. Fix those records and change the schema again DB name="phenixid"
Please contact PhenixID support for assistance if this occurs.
Upgrading from an clustered installation
Clustering configuration and recommendation has been updated in a way that previously installed systems using cluster will need additional configuration. Functionality will be maintained.
Please contact PhenixID support for assistance in upgrading (free of charge).
BankID template update
If using Swedish bankid, the template has been updated. Current configuration is found in Authenticators manual.
Authentication API
Module com.phenixidentity~phenix-api-authenticate API has been updated.
The API module MUST include a "http_configuration_ref" reference to a http listener.
Read more here
Authentication API with OneTouch
Module com.phenixidentity~phenix-api-authenticate API calls has been updated.
In order to access any One Touch api endpoint, the uri now must end with a "/", ie /api/authentication/onetouch/assign/
In addition the ending part of the URI must be listed as an allowed operation:
"allowedOperation":["assign"].
ADFS MFA Adapter
The ADFS MFA Adapter for One Touch has been updated to work against a PAS 3.2 backend.
Download new binaries here.
Follow the instructions for configuring PAS for the PhenixID ADFS MFA adapter for OneTouch.
Replace PhenixIDMFAAuthenticationProviderOneTouch.dll.
Unregister and register the PhenixID One Touch MFA Adapter.
Customized GUI templates for http authentication
If customized http templates have been configured on the PAS server, please change the jquery js reference within the template file:
From:
/authenticate/res/js/jquery-<version>.min.js
To:
/authenticate/res/js/jquery.min.js