MuseKnowledge Proxy 4.2 is launched

A new version of MuseKnowledge Proxy, the result of constantly adding features, is available now for download, trial and purchase/upgrade.  

 

Some highlights of this new release are detailed here.   Improvements in Source Profiling have been added, and now for non IP vendor authentication, sources requiring Extractors can make use of inline server-side JavaScript for special processing of the tokens extracted.  Also, sources requiring user certificate authentication are now covered via a client side JKS KeyStore containing a key pair (private key and certificate), and using a KeyStore password that must coincide with the key pair one (Java’s standard).

 

Sources with poor SSL configuration, and with error messages in the Server Name Indication extensions and yielding “handshake alert: unrecognized_name” are also working now through a JDK workaround to the global static Virtual Machine setting.  

 

On integration side, login improvements and more are now offered.  The HMAC login is used together with other login modules whose parameters in addition to authentication are being used during the signature process. HMAC (keyed-hash message authentication code) signed and time limited links are securing login links with credentials by restricted their usage from a certain portal for a brief period (e.g. 30 seconds).  

 

SAML 2.0 authentication as a Service Provider in a multi-tenant fashion is now fully supported in Muse Knowledge Proxy, both for integration purposes orfor standalone deployments. All products supporting SAML 2.0 in Identity Provider mode (e.g. ADFS, Okta, Shibboleth, OpenAM, Efecte EIM or Ping Federate) are now compatible with MuseKnowledge Proxy. We performed successful tests with the Shibboleth IDP implementation (with Open LDAP and with Active Directory at the other end), Simple SAML PHP IDP, with SSOCircle IDP and with Shibboleth Discovery Service implementation.   Some of the key features of the Muse Knowledge Proxy SAML implementation include:

  • metadata management supporting adding IDP metadata and generation of SP metadata, pre-validation of IDP metadata to detect the need of certificates, tests for authentication, inspecting SAML attributes, guidelines and more;
  • local discovery service;
  • external discovery;
  • IDP metadata configuration through URL (with a local file backup with periodically refreshes) or through file upload;
  • specifying IDP metadata as a file/url containing one EntityDescriptor or as multiple EntityDescriptor wrapped in EntitiesDescriptor (e.g. a federation) with filters eliminating conflicts if the SP metadata is also present in the same file.

  In addition to the existing support for enabling remote rewritten content to be served using gzip compression, Muse Knowledge Proxy now includes support to serve the local content encoded using gzip; hence content originating to MuseKnowledge Proxy, such as the application interfaces is now served using gzip compression.  

 

The detailed list of changes is available in the Muse Knowledge Proxy Release Notes PDF Document and the new features are described in the manuals that are part of the distribution. As usual we offer a Free 30 Day Trial period to fully evaluate the new version of MuseKnowledge Proxy. You can request a Trial License Key by simply filling in the trial form here.