The This Kitewheel Customer Journey Hub Release release has some exciting new features, upgrades and bug fixes.
The highlights include:
- Add The addition of support for Mutual Auth Authentication in REST Web - Services
- Fix bug in login case sensitivity
- Fix bug in Schema filtering not returning all results
- Security fix to address XSS vulnerability
...
Mutual authentication or two-way authentication refers to two parties authenticating each other at the same time. This is an added security protection that is often implemented in by for internal business application servers but is becoming more common in internet applications. By default the Transport Layer Security (TLS) protocol only proves the identity of the server to the client using X.509 certificate and the authentication of the client to the server is left to the application layer.
TLS also offers provides for client-to-server authentication using client-side X.509 authentication. This requires provisioning of the certificates to the clients. Mutual TLS authentication (mTLS) is widespread in business-to-business (B2B) applications as it insures ensures that only a limited number of programmatic and homogeneous clients are connecting to specific web services, the operational burden is limited and security requirements are greater.
For information on enabling Mutual Authentication please see the REST WEB Service documentation.
Bug Fixes
The following bug fixes are included in this release:
- Login KIT-2267 Login email address is no longer case sensitive.
- KIT-2142 Schema Search now properly returns results.
- KIT-2220 A cross-site scripting vulnerability in the Hub application has been fixed.