Upgrading from 6.4.X to 6.5.0

There are no changes to the database schema, SDK, or the configuration model in this version. As a result, it should be possible to upgrade without explicit action. Some changes were made that can be important to know about when upgrading, however. These are described below.

BankID Authenticator and Signing Consentor Messages

Two new message keys were added to the BankID Authenticator and Signing Consentor message files: view.button.continue and view.completed-otherdevice. These are used in HAAPI representations, namely in a form action that a user should follow after using BankID on another device. In addition, the value of the launch.view.title message key of the BankID Authenticator was updated to match the recommended message.

Logging Changes

The logging subsystem was enhanced to support masking of sensitive values, even for messaged logged at the DEBUG and TRACE levels (which are not intended to be used in production). The relevant documentation can be found in the Logging section of this guide. If masking is undesirable, for instance, in a pre-production environment, the pattern converter %um can be used wherever %m or %msg are used in the $IDSVR_HOME/etc/log4j2.xml file. This will prevent any masking of log messages. An example of that is shown in the following listing:

Listing 129 An example of a Console logger that unmasks all messages
<Console name="stdout" target="SYSTEM_OUT">
    <!-- Note MarkerPatternSelector is not needed -->
    <PatternLayout pattern="%um%n"/>
</Console>

The request logger (se.curity.identityserver.app.RequestReceiver) has had its default log level changed to INFO, affecting what data is stored in the request log. At DEBUG and TRACE, this logger may log PII, keys, tokens, etc. This can be re-enabled in the $IDSVR_HOME/etc/log4j2.xml file. Alternatively, it can be enabled on a per-client basis for more targeted debugging. Note that this change will not be applied if the log4j2.xml file has been customized and is being maintained for a particular deployment.