We are pleased to announce Topicus KeyHub 12.2. This release brings more improvements to vaults and features a whole new and automated installer. As usual, a large number of smaller improvements have been made and several issues have been fixed.

Virtual appliance

TKH-813 TKH-875 It's a small step for mankind, but a giant leap for Topicus KeyHub: we just released our first Virtual Appliance. A complete OVA ready to install in any virtual environment. This means anyone can now download and install Topicus KeyHub and experience the new mindset in Access Management. This big accomplishment was only described in two tickets. Big tickets. Huge tickets.


Vault improvements

Release 12 was all about Vaults. With so many new features, we expected our users to have a few additional requests which we obviously implemented straight away. Below you will find the complete list of vault improvements we added to make sure that using Topicus KeyHub as a password manager is as easy as it can be.

  • TKH-870 You can now add a vault record directly from a selected vault.
  • TKH-874 The browser extension is now much smarter in deciding whether to select TOTP or username.
  • TKH-892 Click-to-copy was added to the username of a vault record.
  • TKH-914 The vault record edit screen layout was improved slightly.
  • TKH-929 After applying a secret from the extension, the browser now navigates back to the previously active tab.
  • TKH-941 The maximum file size for vault records was increased to 500kb.
  • TKH-942 The vault contents now refresh correctly after transferring a vault record to another vault.
  • TKH-944 2FA secrets that contain spaces are now accepted as well.
  • TKH-950 The URL of a vault record is now also shown when searching from your dashboard.
  • TKH-960 Passwords are now copied to the clipboard directly (in combination with the browser extension installed).
  • TKH-962 Clients with vault access now retain access to a vault even when it is emptied.

Small improvements

The following smaller improvements and bug fixes were made:

  • TKH-843 TKH-877 TKH-913 A new Android app was released with better support for TLS 1.2.
  • TKH-881 Some minor performance enhancements were made in the REST backend.
  • TKH-890 The new Android app no longer collects crash reports.
  • TKH-918 The buffers in the proxy container were increased in size to prevent bad gateway errors.
  • TKH-919 The browser extension on Firefox will no longer ask for your password twice due to a missing favicon.ico.
  • TKH-920 TKH-923 TKH-924 TKH-926 Several corner-cases in tests were fixed, making the test suite much more reliable.
  • TKH-922 The application server was upgraded to WildFly 12.
  • TKH-925 valid in directory is no longer displayed on directories which do not support validating a user, such as OIDC directories.
  • TKH-927 The id_token now correctly contains the requested claims as specified in section 5.3.2 of the OIDC specification.
  • TKH-928 Account provisioning no longer tries to set sAMAccountName when it's longer than 20 characters.
  • TKH-932 An error was fixed when a KeyHub Administrator tried to view pages he/she was not allowed to view.
  • TKH-933 Adding a provisioned LDAP with an empty group DN will no longer result in an error.
  • TKH-943 The backend no longer returns stacktraces to untrusted applications when an error occurs.
  • TKH-945 E-mail addresses are now correctly retrieved for Azure AD accounts.
  • TKH-954 All dependencies for the browser extension were upgraded to the latest versions.
  • TKH-958 Many unneeded claims were removed from issued access tokens, greatly reducing their size.
  • TKH-963 The vault-session cookie now has the HttpOnly attribute, making it inaccessible to Javascript.