Detailed release information / GUI 1.6.118 (not released)
Enhanced: Performance:
New behavior when access Generic Service when store audit-log.
New behavior when using paging against database items for better performance.
Updated: NiP.GS.LogServer with creating failed audit-log locally in separated threads.
Discontinued: Check for Generic Service state.
Updated: Database
Updated: GetLoginStatus with current/active organization name.
Updated: Structures:
Dynamic attribute structure with office address object.
Log structure:
XML-deserialized log-blob will be stored in separated column in log database table for external use.
Receipt HTML structure:
Added: Users in task action list to simulate a list of executive officers.
Removed tags from the executive officers list.
Structure for deleting office objects:
Will delete all non-user references.
Task access structure:
Using name-mapping of user groups when using delegation.
Using name-mapping of user groups when call GetTask and ExecuteTask.
User group restriction structure:
Using name-mapping of restriction structure when assigning user groups across organizations.
User search structure:
Additional identity list will be removed from returned list when access is denied for users with flag 0x1 (secrecy).
Organization name will be removed from returned list when access is denied for users with flag 0x1 (secrecy).
Updated: GemaltoCodeLetterOrder: Updated behavior when sending order to manufacturer.
Updated: GemaltoOrderStatus: Updated behavior when handling delivered code-letter orders from manufacturer.
Updated: Monitor: Set expired certificate whitelist items to inactive.
Discontinued: Blocking of the task type RevokeTokenCertificate for external tokens.
System and GUI (Customer specific)
Updated: NiP/Inera(Telia/Cygate) database synchronization utility.
Updated: User search structure:
Prohibit wildcard characters of outer scope for the IneraHSA-service.
Added: "DeleteAllObjects" parameterobject for "PluginResetToken" action as workaround for Oberthur cards. (Note! Do not use elsewhere.)
Added: "IsNonUserAction" parameterobject to Action configuration. Users will be unable to open a task with this action if task has been delegated elsewhere.
Added: New privilege: AdditionalOrderInformation.
Added: "Dynamic" string userDisplayName to Token tasks.
Added: Organization parameter for org-switch in SCS
Added: SCS cardType parameter (sis vs nonsis) to be able to only fetch photo from SCS.
Added: Task information to dynamic strings in fields, get any parameter or inputfieldobj via
Added: userDisplayName may be used in receipts.
Updated: Added possibility for more Dynamic GUI string attributes in text resource strings.
Changed: Changes in config.js:
default configuration to allow OTP.
default configuration for autoSwitchOrganization set to true.
Changed: Now will sort roles based on hierarchy, add seperator and add readonly on "lower" roles.
Updated: Readonly fields and disabled buttons on special fields when readonly.
Updated: Password policy parameters.
Issue with ascending sort order when search for log items.
Issue with condition of user group name mapping across organizations.
Issue with condition of using ICitizenService interface <> IneraHSA-service
Issue with date time format at certificate whitelist items.
Issue with missing user information when log token task.
Issue with some attributes when generating end-entity receipts
Issue with task delegation using name-mapping together when call GetTask.
Issue with task delegation using name-mapping together with extra flags. / GUI 1.6.107
Updated: Behavior when creating bind (mode=0x3) tasks:
Organization auto-switch if task contains OrganizationId that is not equal with current.
Updated: GetData structure:
Possible to call for token template id by its name.
Updated: Receipt HTML structure:
Added customer (Efos) specific attributes.
Updated: Task execution with synchronize if available.
Updated: TokenOrder structure with using current office-id as OfficeReference and OfficeCode (Gemalto interface) instead of configuration.
Added userDisplayName to popupdata for activity view terms for tokens
Updated _netidx.js to version 1.0.4
Issue with deleting task of user group condition of token template restriction.
Issue with explicit task type when search for tasks.
Issue with missing postal adress for person with Inera-HSA as origin service type.
Issue with multiple search matches when search for user without personal id against IneraHSA-service.
Issue with overwritten flags when search for users.
Fixes — GUI
Card history now visible even if no certificates.
Group hierarchy now only includes everything up until first parenthesis
Issue where ReadOnly did not affect select checkboxes.
Issue with javascript crash on searchlist.
Search list now with width:auto for long text.
Secrecy marking now visible even on non created users. / GUI 1.6.103
Additional GUI features:
Config for special case "groupHierarchy" for Efos.
Customization of the information in the user view possible regarding order, size and text format.
Error messages and popupdata made selectable to be able to copy the value.
NiP GUI keyboard navigation enhanced, positioning more visible and navigation through tab generally available.
Link to user from Token view if such exists.
New icon for certificates without keyUsage 'non-repudiation'. Nonrep certs have a badge, other certs have a lock.
Placeholders in input fields now showing until something is written (even if the marker is placed in the field).
Search results: colored marker to represent the servive that is the source of the result.
Sorting function for tables (can now sort on columns in admin tables and popup tables).
Card history for token objects.
Individuals with no given name in a national service will get a 'dash' character as given name and first name.
Information for smart cards regarding letter number and send date of PIN/PUK letters.
Task for ordering of smart cards from card manufacturer divided into two tasks: ordering and handing out to end user.
Possible to add a whitelist of user groups for a specific token template.
TPM support as proof-of-concept (not generally supported).
Added: Structures:
Global configuration of notifications (SMTP/SMS) across organizations:
Tasks: Create-/Update-/Delete-GenericText into administration.
User group restrictions:
Added Tasks: Create-/Update-/Delete-UserGroupRestriction into administration.
Updated: Behavior when using Gemalto-GetOrderStatus module:
Possible to add temporary tokens into system when published from manufacturer.
Updated: Database context
Updated: GemaltoCardStatus TimerService-module:
Added structure for download external revoked cards/tokens.
Updated: GenericTextManager:
Added new types.
Added new service types.
Cross-implementation of HTML receipt structure.
Cross-implementation of certificate expiration notifications.
Updated: NiP Commander with utility for customized installation (useful for customized NiP-packages).
Updated: NiP.GemaltoInterop:
Added new office elements into order object.
Updated: NiP.TS.GemaltoCodeLetterOrder: Added 'DisplayName' and 'CustomerOrderId' attributes, appended to file string.
Updated: Structures:
AssignUserGroup > UserGroupRestriction structure with added exception if officer is behalf of organization.
CreateCertificateWhitelist structure:
Not possible to create item if name combined with certificate template already exists.
Gemalto GetOrderStatus structure:
Updated Exteral order with mapping LetterNumber and PostalDate to current task.
SearchUser structure with:
new conditions depending on service.
replacing persons with missing given name with dash character.
SynchronizeUser structure with:
possibility to exclude download of image from LDAP.
replacing persons with missing given name with dash character.
Updated: Token state init with user-serialnumber comparison when enroll additional certificates.
System and GUI (Customer specific)
Added GUI: config for special case "groupHierarchy" for Efos.
Updated: EndEntity search structure:
AdditionalIdentity HSA-id to be searchable.
Updated: NiP.Commander: NiP/Inera(Telia/Cygate) database synchronization utility:
Auto-detection of difference of tokens and certificates.
Added: Inera_Carelink log database as relation-helper.
Organization relation will primary use HSA-ID for national register object instead of organization name mapping.
Updated: Returning objects from ICitizenService with removing of slash-characters in surname if present.
Fixed: Issue with filtering searchbases against Inera HSA service.
Fixed: Issue with Inera HSA service flagged as priority.
Fixed: Issue with synchronize user information in specific flow combining IHealthcareService <> ICitizenService.
Fixed GUI: policy on special Efos tokenid manual entry.
Added: new task: DistributeToken.
Possible to distribute token separated from order task.
Added: new token activity: AdditionalOrderInformation:
Possible to view LetterNumber and PostalDate from external orders.
Added: Privilege 'CancelTaskPretermit':
Possible to pretermit permission and cancel tasks behalf of user permission.
Added: Task.Action.Prepare<GetTerms>:
Possible to get terms from generic text manager against task when needed.
Added: Task.Action.Server.Execute<SaveTokenReceipt> (209):
Possible to modify token HTML-receipt after presenting.
Updated: CreateCertificateWhitelist admin-task:
Added task-action for possibility to filter on certificate template before whitelist rule.
Updated: Generic activity description with current type instead of text.
Updated: Task.Action.Execute<SaveTerms>:
Possible to combine Task.Action.Prepare<Download> with SaveTerms.
Updated: Task.Action.Prepare<GetTokenTemplateConfig.Validity> with setting value as Parameter as well as InputField.
Updated: Token template restriction:
Possible to add a whitelist of user groups for a specific token template.
Updated: Token template restriction:
Possible to add a whitelist of user groups for a specific token template within organization delegation structure (group name only).
Added: arrows to indicate the direction of sorted data.
Added: automatic choice of logonuser cert for Gemalto SCS launch.
Added: code folding to adminxmlarea
Added: colored marker to represent the source of search results, color coded based on data source.
Added: "CardHistory" tab to token object.
Added: dynamic strings to popup information and help texts.
Added: fieldpolicy "text", text fields now default set to "text" to include latin characters.
Added: fieldtype contactless and icon.
Added: fieldtype 'file' for file uploads without showing data in textarea.
Added: hardcoded "Retired Token" typeName for hover at historical tokens.
Added: link to user on token-view if exists.
Added: made all fields in objectview customizeable. Bold, italic, header, and spacing (move down 4px) available.
Added: new icon for certificates without keyUsage 'non-repudiation'. Nonrep certs have a badge, other certs have a lock.
Added: For users with no access rights to officer or admin tabs an error message will be shown and the user will be logged out (earlier an empty page was shown).
Added: placeholders in input fields now showing until something is written (even if the marker is placed in the field).
Added: possible to show selected CertificateWhiteListId field as table (must set field type to "table" in admintask)
Added: "savefile" option for fieldtype 'file' visible when readonly
Added: search and go-to-line functionality for codemirror. See for options.
Added: support for options PasswordMinLen, PasswordMaxLen, PasswordType for TaskActionPluginCreateToken.
Added: support for generating key with any pin type.
Added: support to hide filename and filetype with paramaterobjects NameVisibility och TypeVisibility in action download.
Added: sorting function for tables (can now sort on collumn in admintables and popuptables).
Changed: file names now case insensitive. (example: derp.jpg and derp.JPG can both be uploaded).
Changed: how overflow of table contents is handled. It will now linebreak automatically and be fully expanded.
Changed: error messages and popupdata made selectable to be aböe to copy the value.
Changed: modified structure for selectmultiple list to allow for duplicate values, for example the two first names "Jar" and "Jar".
Enhanced: NiP GUI keyboard navigation enhanced, positioning more visible and navigation through tab generally available.
Updated: text resources
DateTime UTC-compare when generating one-time-password.
Issue with cached customized search condition list.
Issue with conversion of date time as ISO 8601 for certificate whitelist items.
Issue with counter when issuing additional certificates with multiple alias users.
Issue with current list when creating new user group restriction.
Issue with date time conversion when call CreateToken.
Issue with delegation of token-task against relation object.
Issue with inconsistent of name when use UpdateRole task.
Issue with readonly input field when using the UpdateUser structure.
Issue with saving terms for OrderToken tasks.
Issue with user<>token-releation detection structure.
Issue with user group delegation.
Issue with using group-name for task delegation.
Fixes — GUI
Counter at top of task now shows x/y where x is number of actions performed and y is number of actions in total. (disregarding other checks that were done before).
Issue where long info in selectmultiple caused ugly html.
Modifying givenName will now dynamically update list of first names to choose from.
Multiple HTML tags in a popupdata will now only show as a list if Acquis
Popupheaders now fetch dynamic string properly
RawSign action will now show signatureimage based on userimageid / GUI 1.6.83
Additional GUI features for:
mobile device certificate issuance
officer GUI
self-service GUI
Updated: Dynamic attribute structure with more attributes for EndEntity objects.
Updated: Dynamic attribute structure with added TokenTemplate and Office types.
Updated: GetData:
Added: CertificateTemplate into dynamic attribute structure.
Updated: NiP.TS.Module.Monitor: Added EndEntity certificates into expiration notify structure
Updated: Structure of attributes for IneraHSA-service when call SynchronizeUser.
Updated: Task.Action.Prepare<GetOneTimePassword> with possibility to set value as Parameter as well as InputField.
Updated: Task<CreateOffice>:
Added: AdditonalInfo as default.
Added: <br> for paragraph seperation in popup notifications.
Added: Allow officers to type in token serial number if no token is inserted in the enrollment process.
Added: Double confirmation option.
Added: Dynamic GUI side strings to add dynamic information regarding an object to texts in tasks.
Added: GUI side configuration so that user gets an option to enter their userinfo (personalnumber currently) during OTP login.
Added: Link to information site via right side menu. Set the URL in config.js.
Added: Link to test site via right side menu. Set the URL in config.js.
Added: Option of Version control for Gemalto SCS action.
Added: Parameter "OTPInformation" to change what it displayed at the popup.
Added: Possibility to open Gemalto SCS from GUI after executed action.
Added: Option in config.js "allowHideStrings" which adds button to hide strings (and show tableValues instead) found under right menu.
Added: Option to show OTP as popup after action is completed.
Added: "selectall" checkbox to selectmultiple field type.
Added: tokenhistorylist to SelfService page.
Added: UserId can now be sent during OTP login.
Changed: Added 4px distance between rows 2 and 3 on userinformation post.
Changed: Displays StatusReason instead of Status for historical end entity tokens.
Changed: Displays OTP with space separation every two characters.
Updated: login steps with client information.
Updated: Text Resources
Issue with TimerService-trace not being written where expected. (issue found in v5.4.1)
Issue with tasks not being released when idle status is reached. (issue found in v5.3.2)
Issue with permission/presentation/cache and session-id of AccessibleOrganizationList structure. (issue found in v5.3.2) / GUI 1.6.72
Acquis, possible to force officers to approve before issuing of certificates
Admin GUI, enhanced to make the configurations easier for administrators
Functions and Function certificates (EndEntity), new structure/functionality for functions similar to users
Whitelists for functions and function certificates
New mobile device token types: PhoneStd, PhoneLtd, TabletStd and TabletLtd
Bootstrap process at first installation of NiP
Support for Gemalto SIS Capture Station light (included with SIS Capture Station v3.5.1)
Support for new Gemalto services
Rebuilt framework for offices (changed demands regarding transfer of office information to Gemalto).
New batch ordering inteface (changed demands regarding transfer of office information to Gemalto).
Added: Activities:
AdditionalIdentities (into User.ActivityTypeList)
Added: RevokeToken method into EWS.Service.External API:
Support: SOAP, REST and Basic HTTP binding
Added: Self-service: Multiple login for current user:
Possible to login with multiple devices for a user (useful when enrolling certificates against i.e. Net iD Access)
Added: Structures:
Acquis structure (add acquis terms into enrollment task-flows)
Certificate approvement structure and configuration (for different purposes):
Possible to call approvement when call Login
Possible to call approvement when call CreateTask
Certificate whitelist structure (add rules against end entity certificates)
EndEntity structure (add and manage function certificates, requires NiP-GUI version 1.6.52 or higher)
New flap-, search* and object-structure in NiP-GUI
Support the AdditionalIdentity structure
Receipt structure at certificate enrollment
Terms structure at certificate enrollment
AdditionalInformation activity for the EndEntity objects
EndEntity enrollment structure (merges CSR and end entity object as modified extension).
Mobile device restriction structure for tasks (allow mobile device information)
SynchronizeUser structure (call ExecuteActivity<AdditionalIdentities>)
User restriction structure for tasks (set maximum number of allowed certificates for mobile devices)
Added: Web service support:
Gemalto card orders, replacing old web service
Gemalto service for change of SIS card status:
Possible to block/revoke SIS cards
Possible to maculate SIS cards
Enhanced: Cryptographic Message Syntax Standard — PKCS7 certificate support
Enhanced: Trace
Possible to filter by API-CALL only
Possible to filter by level against TraceServer (GenericService)
Possible to edit buffer against TraceServer (GenericService)
Possible to edit directory path against TraceServer (GenericService)
Updated: EndEntity enrollment prepare-tasks with separated purposes
Updated: RevokeToken method of EWS.Sevice.External API (added: Reason type)
Updated: Structures:
CreateToken structure:
Added: Current ClientInfo from session-ticket to Token.AdditionalInfo when creating SoftToken objects
CertificatePublisher structure:
Check for availability of IneraHSA-service before publishing/deleting certificates
Structure will create a new system-task as pending that a new TimerService module will use to publish/delete certificate against external services
BatchOrder structure (additional office parameters)
DynamicAttribute structure (always using current-organization-id when call of organization attributes)
EndEntity search structure (added: Status parameter in response)
Login structure:
Not possible to login with OTP if user has status flagged as terminated
Configure number of attempts when login with OneTimePassword
Multiple login structure (login with multiple devices for a user when login with OneTimePassword as well as certificate
Person first name structure:
Enhanced structure for persons with external inconsistent data as first name against given name and containing dash characters
Added: Reason type
Task delegation structure:
Possible to except task object (as user id) when current user is delegated within same group
Possible to except task requestor (as user id) when current user is delegated within same group
Possible to set action delegation against end user as task.objectid
TokenOrder structure (additional office types into token order object against Gemalto)
User-Secrecy structure (SynchronizeUserSecrecy as auto-check when call features that requires flag 0x1 (secrecy))
Verify OTP structure (configure number of attempts when verify OneTimePassword)
Updated: User object (added: ApprovedAcquis activity for User objects)
Updated: Database context.
System (Customer specific)
Added: EndEntity structure (requires NiP-GUI version 1.6.52 or higher)
Support Inera HSA service
Updated: Structures:
Certificate publisher structure
Publishing of certificates to IneraHSA service
Updated format of the token.contactless information when publishing certificates to Inera HSA service
Certificate revocation structure (deleting certificates in Inera HSA service)
TaskLog structure (explicit using additional info when DN-string is present from Inera HSA service)
Token template restriction structure (check for Inera HSA service existance)
User search / synchronize structure towards Inera HSA service:
Auto-corrects root base DN string if not present or invalid
Auto-corrects organization name if not match (only for organizations without organization-delegation structure)
Auto-corrects duplicated person items into single row (for organizations without organization-delegation structure)
Auto-corrects duplicated person items into single row per HSA-organizaton (for organizations using organization-delegation structure)
Updated: Task: CreateNationalRegister / UpdateNationalRegister:
Added: HSA-id and HSA-Base input field types
Added: InputField 'Email' into CreateEndEntity, CreateEntityBind and UpdateEndEntity tasks.
Added: Mobile devices TokenTypes:
Added: Privileges:
Added: Tasks
AssignOffice (restrict offices to user at office list presentations)
EndEntity tasks:
ChangeEndEntityStatus (inactivate function object)
CreateEndEntity (create function)
DeleteEndEntity (delete function)
UpdateEndEntity (update function information)
Added: Task-type and Tasks:
Acquis task-types and tasks:
DisableUser (revoke all tokens and set user as inactive)
EndEntity task-types and tasks:
OrderUserImage (create a user image order for Gemalto SIS Capture Station
Whitelist task-types and tasks:
Mobile devices task-types and tasks:
Added: Task-type:
EndEntity task-types:
Added: Task.Action.Execute: SendMessage:
Possible to send separated message as single request direct in task (SMTP only)
Added: Task.Action.Prepare:
GetLoginCertificate: (import the user’s login certificate into task (useful for log))
TokenTemplateRestrictions (add restrictions when call token template tasks)
Updated: Administration:
Added: Type for TraceServerLevel of UpdateSettings task
Added: Type for TraceServerBuffer of UpdateSettings task
Added: Type for TraceServerPath of UpdateSettings task (directory only i.e. 'C:\temp\')
Added: Additional configuration types of CreateOffice and UpdateOffice tasks
Updated: TokenTemplate tasks with optional TypeDescription attribute
Updated: Behavior of installation:
Possible to setup the application with One Time Password as bootstrap setup
Updated: Database install/upgrade of Commander:
Returns a One Time Password when installing with a clean database for bootstrap setup
Updated: NiP Commander with utility for synchronize existing Inera (Telia/Cygate) with NiP-databases
Updated: Tasks:
CreateNationalRegister (added: Search base for USER and ENDENTITY)
UpdateNationalRegister (Search base for USER and ENDENTITY)
Updated: UpdateSettings admin task with new input field policy
Updated: Utilities of Commander:
Possible to install/remove bootstrap certificate into local store
Added: Mobile devices token types
Updated: User search structure:
Only possible to use wildcard at the end of directive against additional identities
Added: Flag of internal storage only
Combines all external services
Added: Codemirror xml editor for xml and adminxmlareas
Added: Checkbox to readonlyfields THAT HAVE A POLICY. Fields with no policy will still not have a validity badge
Added: Field type:
XmlArea (currently allows for expanding the area during editing)
Added: Hover on search results for user saying where the user has been fetched from (database or service).
Added: Information about token card type "IDPRIME" etc on hover on token check panel
Added: Information for each search result (users/functions) in search list where result was found.
Added: Information in user view (after serarch) about where the user/function was fetched from (for users/functions not yet created)
Added: Made adminxmlarea toggleable between "simple" and "xml" mode. Simple mode shows only tagged xml fields. Xml mode shows all.
Added: Policy type "xmlArea:{}"
Added: Possibility to add attributes to xml. These attributes are:
nip_admin_editable: Default = false. Says whether or not adminxmlarea should show this field as a normal field
nip_admin_type: Default = text. Possible values text and textarea as of this time.
nip_admin_name: Default = <tagname>. If a name is not specified the field will have a title named after the xml tag
Added: Posibility to show options as tables in admin gui. Currently only activated for certificatewhitelist which is now shown as a table filterable by certificate template
Added: Scroll bars for lists exceeding 12 rows.
Changed: Execute button is now grey when policies are not fulfilled
Changed: Made button with actions scrollable after 10 entries. Note: This removes the help mark too
Changed: Made entire row in search results clickable
Changed: Moved organization menu to the left. Added input field. Added scroll bar at overflow
Changed: OnEnter behavior
Changed: Pressing backspace while in readonly field will no longer take you back to the previous page
Changed: SelfService active tokens will now always be expanded by default
Changed: Sorting adminTables in order active > inactive > alphabetical
Updated: Certificates in search result will now be marked redish when inactive
Updated: If you set a date on a datetime field, 00:00:00 will automatically be added to the end if a time is lacking
Updated: Passwords, two different labels for signature passwords and logon passwords to be used in dialogs.
Fixed: Image for rawsign function. Will now take UserImage ParameterObject. See ticket for conf
Fixed: Incorrect hover icon on help caret
Fixed: Input fields that are readonly are now visibly marked
Fixed: It is no longer possible to execute a task with invalid readonly fields
Fixed: Lack of error message on zero search hits
Fixed: Missing first text string when UTF8-BOM is included at start of UTF8 formatted text file.
Fixed: Non-existant field validation for newpassword second field