The Kitewheel Customer Journey Hub Release has some exciting new features, upgrades and bug fixes.
The highlights include:
- Add support for Mutual Auth in REST Web-Services
- Fix bug in login case sensitivity
- Fix bug in Schema filtering not returning all results
- Security fix to address XSS vulnerability
Mutual Authentication for REST Web-Services
Mutual authentication or two-way authentication refers to two parties authenticating each other at the same time. This is an added security protection that is often implemented in by internal business application servers. By default the TLS protocol only proves the identity of the server to the client using X.509 certificate and the authentication of the client to the server is left to the application layer. TLS also offers client-to-server authentication using client-side X.509 authentication. This requires provisioning of the certificates to the clients. Mutual TLS authentication (mTLS) is widespread in business-to-business (B2B) applications as it insures that only a limited number of programmatic and homogeneous clients are connecting to specific web services, the operational burden is limited and security requirements are greater.
For information on enabling Mutual Authentication please see the documentation.
Bug Fixes
The following bug fixes are included in this release:
- Login email address is no longer case sensitive.
- Schema Search now properly returns results.
- A cross-site scripting vulnerability in the Hub application has been fixed.
