Page tree
Skip to end of metadata
Go to start of metadata


The release notes summarizes important information you should be aware
of before installing or upgrading Ubilogin SAML SP for Java.

Techincal Specifications

System Requirements:

  • Java Platform, either
  • Standard Edition Runtime Environment Version 8 (Java SE 8)
  • or Standard Edition Runtime Environment Version 7 (Java SE 7)
  • or Standard Edition Runtime Environment Version 6 (Java SE 6)
  • Java Servlet 3.1 or 3.0 compliant application server
  • System time synchronized with the time of the IDP
  • Ubilogin SSO Server 6.x or 7.x
  • If IDP uses stronger encryption schemes, such as AES-256, you need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files. Ubilogin SSO Server does not require this.

Known Issues

When using IBM Java:

  • Unrestricted JCE policy is required and is available from IBM. The error " invalid keystore" is shown to system.out if this unrestricted JCE policy
  • Identity generation with the command line command
    "java -jar ubisaml2.jar generate" is not supported with IBM Java.
    Use Oracle Java for this step.

Change Log

  • Java 8 is now supported
  • Java 5 is no longer supported
  • Fixed IAM-217: Xalan library deployment in application server causes receiving SOAP message (LogoutRequest/Response and AttributeQuery response) to fail with StackOverflowError

  • New: Feature to disable schema validation of SAML messages

  • New: Ubisecure SSO UI template can be selected when doing Authentication Request using AuthnRequest.setTemplate()

  • Fixed: VirtualHostManager.getUbiloginServiceProvider() now returns correct instance, 26.10.2011

  • Fixed: SOAP logout handling
  • Fixed: Session logout initiated erroneously after application server restart, 29.9.2011

  • Fixed: Null pointer exception during Attribute Query, 28.2.2011

  • New: Support for virtual hosting

2.2.2_19499, 21.1.2011

  • New: Simplified deployment on Java SE 6 by removing unnecessary dependencies.
  • New: For J2SE 5.0 install additional dependencies from
  • Fixed: IPv6 address range support for netmask
  • Changed: NotOnOrAfter setting, 15.10.2010

  • Fixed: Logout handling when using IBM Java, 4.10.2010

  • Fixed: AuthnRequest.setLocale()
  • New: AuthnRequest.getExtensions() Add extensions to SAML AuthnRequest, 30.4.2010

  • Fixed: AuthnContextDeclRef was not set
  • Changed: Default encryption scheme does not require Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files., 1.4.2010

  • Requires Ubilogin SSO 5.0 or newer.
  • New: Liberty SAML 2.0 interoperability fixes
  • New: Support for more than one IDP via DiscoveryEventListener
  • New: SAML 2.0 SOAP logout
  • New: SAML 2.0 Artifact binding
  • New: SAML 2.0 NameIDMapping protocol
  • Fixed: IBM Java 1.6.0 compatibility
  • Fixed: Problem with Servlet 2.3 DTDs, 13.3.2009

  • returnurl-pattern setting added to ServiceProviderServlet
  • api changes: AuthnStatement and IssueInstant properties added to UbiloginSAMLAssertion

  • changed: not-pattern now specifies the urls with anonymous access allowed
  • api changes: UbiloginServiceProvider, ServiceProviderEvent, AuthnRequest
  • fixed: interop issues with http-redirect binding
  • fixed: encoding issues with certain unicode characters
  • fixed: any event listener may cancel event processing by committing the servlet response


  • changed: allow 60 seconds tolerance while validating NotBefore/NotOnOrAfter timestamps
  • fixed: issues when application was deployed to root context
  • fixed: possible concurrency issue with ISO8601 formatter
  • No labels