Business Application Security
Visual Guard Update List
VG 2020.2
VG Security Runtime
-
VG Multi-Factor Authentication (VG MFA)
Visual Guard now includes a proprietary Multi-Factor Authentication system. Users have to enter a Pin code (One-time Password / OTP) or click on a link, sent by SMS or email.
-
VG Passwordless Authentication
Users can verify their identity without entering a password. In addition to simplifying the user experience, VG Passwordless Authentication strengthens security and reduces the risk of Identity thefts.
VG WinConsole
-
Enabling MFA for existing Visual Guard Accounts.
You can choose which account is MFA ready and progressively implement strong authentication.
VG WebConsole
-
Enabling MFA for existing Visual Guard Accounts.
You can choose which account is MFA ready and progressively implement strong authentication.
- Deleting Applications
- Support for Office 365 SMTP
- Enhanced export of VG EventViewer to Excel
VG Identity Server
-
Load Balancing
Load Balancing is now supported, between several VG Identity Servers connected to the same VG Repository, and sharing the same configuration.
- New protocols added to speed up communications between VG Identity Server and VG Runtime(s): GRPC V1 and GRPC V2 (Windows 11)
Bug Fix
- Separate Authentication from the Workflow Server
Because the Workflow Server works continuously, we saw 1000 to 2000 authentication per day only for the Workflow Server - Improve maintenance operation
- Connection to VG IdentityServer
VG 2020.1
VG Security Runtime
- Enhanced permission management for PowerServer
- A new entity called VGDistributedTransient has been added for supporting load balancing
VG WinConsole
-
Permission Matrix
Generating permission Matrix from the WinConsole, for Applications, Roles, and Users -
Managing Web API permission for PowerServer
- Datastores are listed automatically by scanning the PBLs of the PowerBuilder application.
- Mapping Datastores and Resources (which datastores access which tables for Create/Read/Update/Delete purposes). This allows creating permissions at table level : VG will enforce these permissions anytime a PB client is accessing the related datastores.
- Creating fine-grain authorizations to allow Reading / Updating / Deleting / Creating from specific Resources (tables)
- Creating fine-grain authorizations to allow Reading / Updating / Deleting / Creating from specific datastores
- When searching for users, the “contains” operator is now selected by default.
- Exporting Groups and Roles details in Excel files
- Enhanced Configuration UI for Identity Server
- New progress bar to monitor repository deployment / importing processes.
- Support for Cross-origin Resource Sharing (CORS)
WebConsole
-
Migration to .Net Core 3.1
Overall response time and performance improvements -
New WebConsole features
- Renaming an Application from VG WebConsole
- Managing Web API permission for PowerServer
(see WinConsole for more details) - Exporting Event Logs in Excel
- Generating Permission Matrix from VG WebConsole
- Generating VG configuration files
- Viewing VGLicense details
- If a user accessed the WebConsole with a Windows SSO authentication, he is able now to edit the UI language
VG Identity Server
-
New APIs
- ChangePassword()
- ForcePassword()
- WriteLog()
- GetCurrentPermissions()
- GetCurrentRoles()
- SetProfileAttribute()
- GetProfileAttribute()
- GetAllRoles()
- Grant and Revoke Role
- When connecting to a VG Repository via VG Identity Server, accessible databases are automatically listed.
Visual Guard 2020.0
VG Security Runtime
-
Support for .NET Core
Visual Guard now supports .NET Core with a new assembly Novalys.VisualGuard.Security.Core
-
Permission Matrix
You can now generate a permission matrix at role, group, and user level. This matrix shows in a grid the dependencies between users, roles, and permissions.
- VG Server private mode is now replaced by a direct HTTPS communication from the VGSecurityRuntime to VG Identity Server
-
Support for PowerServer 2021
- Authentication modes supported with PowerServer 2021:
- Windows accounts (authentication via Active Directory)
- Single Sign-On with Windows accounts
- OAuth2 authentication
- Token-based authentication
- Login/password authentication
- Authentication modes supported with PowerServer 2021:
- Dynamic permissions supported for PowerServer 2021
Dynamic permissions are Fine-grained permissions implemented without modifying the code.
They control access to specific features in the PB client, as well as the Web API. On the server-side, they allow securing resources (DB tables in most cases), regardless of the client technology: PowerBuilder, .NET, Angular, etc.
- Dynamic permissions supported for PowerServer 2021
VG Identity Server
VG Identity Server is a new Server. It is replacing both VG Server and VG WebPortal, which are no longer included in Versions 2020 and above.
VG Identity Server manages Identities and Access Control, using OpenID Connect or OAuth 2.0 protocols.
In addition, VG Identity Server can also:
- Authenticate users via external identity providers (Microsoft, Google, Facebook, etc.)
- Manage user sessions
- Federate several independent websites or applications across a single user session (Single Sign-on)
- Generate or validate tokens
- and more…
VG Identity Server supports contextual roles and groups, to adapt an authentication UI to the business context of a user.
WebConsole
-
New Design
The Visual Guard WebConsole has been redesigned and offers more customization options and styles
-
New features:
- Creating or declaring a VG repository
- Auditing the permissions of a VG group
- Enhanced monitoring: information has been narrowed down to relevant events. Data is preloaded for faster response time.
- Visual Guard Workflows
VG Workflows are managed within the VG Web Console.
They replace VG notifications and are meant to automate the detection of certain application events, to trigger required actions.
They are created/edited with a visual designer.
Visual Guard Documentation
- New online documentation with advanced search options
Visual Guard 2019 GA
Support of .NET Core
- Visual Guard 2019 is compatible with .Net Core to secure cross-platform (Windows, macOS, and Linux), cloud, and IoT applications
Support of Angular
- VG 2019 includes a new module to simplify the integration with Angular applications.
Web Administration Console
- The VG 2019 Web Console has been redesigned. In addition to offering a modern look, it is now responsive and can be used on all screen sizes, including mobile devices.
- The web console also includes new graphs for applications and sensitive activities monitoring
Win Administration Console
- Visual Guard 2019 supports securing .Net Core applications (.Net Core Console and .Net Core Web Applications), Hence using Visual Guard WinConsole, you can add your .net core applications to the repository.
- In the Event viewer wizard, it allows to filter event logs by application.
- Now, you can have the progress status of deployment process in deployment repository wizard.
- It allows to 'Edit Permissions' for Role and PermissionSet in more user-friendly way.
- It allows to 'Edit PermissionSets' for Role and PermissionSet in more user-friendly way.
Visual Guard 2018 GA
GDPR Compliance
Alerts and Notifications
Monitoring & Reporting
- Monitor activities with Real-time Graphs
- Analyze activities with Historical Graphs
- Review application usage with Attendance Graphs
Permissions Audit
Active Directory & Windows Accounts
- Federate multiple Active Directory (Domains)
- Create / Edit / Delete active directory User
- New Windows for selecting Windows Accounts
Evolution of the Visual Guard data model
Manage large volumes of Groups
Visual Guard 2017
Windows Admin Console
- Definition of attributes on groups, roles and applications.
- Images supported as user attribute.
- Possibility to define if a role belongs exclusively to groups or users.
User Management from the application
- Contextual selection of parent group.
- Developers can now dynamically change Groups and Roles by code, depending on business rules and application context
Visual Guard 2016
Security
New encryption system for the repository
Performance
Major optimization of the memory consumed by the VG runtime
Windows Admin Console
User duplication: Use existing Account as a template
Deployment wizard
The Deployment wizard now supports deleting shared roles.
PowerBuilder Application
The VG 2016 Setup now includes a PB sample and a connection to the VG Repository via a proxy.
Visual Guard 2015.1
User auditing
A new tab in the window “User Details” allows you to see all the actions performed by the user.
Event Viewer
The Event Viewer window now lets you sort the list of events by selecting a column for an easier and faster reading.
Windows SSO for web applications
You can now use the Windows session authentication to access a web application.
New group management
When a user belongs to multiple groups, it’s possible to select the group(s) according to the context of the current session.
Visual Guard 2015
Custom Modules
You can now add custom Identity Modules to Visual Guard. These modules can support Market Available Authentication Providers (storing data on cloud) or your own custom authentication with seperate database.
User Profile Attributes
Visual Guard now supports User Profile Attributes. These attributes can be categorized into groups. You can also search users based on these attributes.
Modify User
Edit User window is now available from multiple locations. You can edit user details from:
- Users Section
- Groups > Users
- Roles > Users
PowerBuilder Application
Now you can integrate Visual Guard into PowerBuilder applications, allowing you to apply security through permissions created with the new PB Permission Editor.
Visual Guard Server
We support VGServer clusters that allow your applications to have multiple VGServer Connections.
Refresh
Now in Visual Guard you are provided with the refresh functionality at each level of the Visual Guard Console application. This feature will refresh and load the current/latest contents of the selected entity.
Optimization
Improvement of Visual Guard performance. VG now supports large user bases.
Visual Guard - Version 5.2
 |
Professional Edition | Enterprise Edition | |||
New features in VG 5.2 |
|||||
| SSO across multiple sites of the same domain without using the component VGWebportal | |||||
| VGServer optimization for PB | |||||
| Database optimization | |||||
| Several Bug fixes and enhancements of Visual Guard 5.1 | |||||
Visual Guard - Version 5.1
|
|
Professional Edition | Enterprise Edition | ||
| New features in VG 5.1 | |||||
| Automatic Migration of the VGServer | |||||
| The deployment tool now supports PowerBuilder Applications | |||||
| A VGWebConfig section has been added in the web.config file to allow the customization of website security |
|||||
| Several Bug fixes and enhancements of Visual Guard 5.0 | |||||
Visual Guard - Version 5.0
|
|
Professional Edition | Enterprise Edition | ||
New features in VG 5.0 |
|||||
| API for Action, Permission, Permission Set, Deployment, Active Directory, Event log, Documentation, and more. |
|||||
| The internal working has been changed. Now, Visual Guard uses a new communication mode that allows the support of Microsoft Azure. |
|||||
| Visual Guard supports Microsoft Azure. | |||||
| VGServer can be used on Read and Write mode. | |||||
| New identity module to allow you to add new Identity types in Visual-Guard. | |||||
| Visual Guard supports PowerBuilder applications in Native Mode. | |||||
| Visual Guard supports IIS integrated mode. | |||||
New features in WinConsole |
|||||
| New window for user administration. | |||||
| The WinConsole can connect to VGServer. | |||||
| The WinConsole uses the API of Visual Guard (All actions provided by the WinConsole, can be reproduced in your application). |
|||||
New features in WebConsole |
|||||
| Permission sets module | |||||
| Auditing module | |||||
| Documentation module | |||||
| System Modules: a new module can be added in the WebConsole in order to add additional functionalities |
|||||
End of life notifications starting from Visual Guard 6
- File mode
- Authentication based upon Database User.
Supported Versions:
Visual Guard 5
Visual Guard 3.3.1
- Visual Guard - Version 3.3.1212.03
- Visual Guard - Version 3.3.1012.20
- Visual Guard - Version 3.3.1008.4
- Visual Guard - Version 3.2.912.01
- Visual Guard - Version 3.1.912.08
- Visual Guard - Version 3.1.911.5
- Visual Guard - version 3.0.908.10
Visual Guard - Version 3.3.1212.03
|
|
Professional Edition | Enterprise Edition | ||
WinConsole |
|||||
| Added: Support of IIS Integrated Mode | |||||
| Fixed: Security issue about shared role | |||||
| Enhanced: loading time of the repository optimized | |||||
|
|||||
Web Portal |
|||||
| Added: Support of MVC3 | |||||
Visual Guard - Version 3.3.1012.20
|
|
Professional Edition | Enterprise Edition | ||
New Features in VG 3.3.1 |
|||||
| ASP MVC | |||||
| New dlls for the ASP MVC to add new functionalities. | |||||
| Adding a new property in an application is an Anonymous System Role | |||||
For more information click here: Visual Guard Web Server.
See Also
- How to integrate Visual Guard in a WCF application
- Visual Guard expression language
- Upgrading v3.2 to v3.3
- Upgrading v3.1 to v3.2
- Upgrading v3.0 to v3.1
- Upgrading v2.8 to v3.0
- Upgrading v2.7 to v2.8
Visual Guard - Version 3.3.1008.4
| Professional Edition | Enterprise Edition | |||
New Application: Visual Guard Web Portal |
||||
| Manage web portal details (name, url and other user-related settings) | ||||
| Customize user interface with logo | ||||
| Customize web portal description on home page | ||||
| Custom button control to redirect to web portal or another web application | ||||
| New VG permission added to secure the web portal | ||||
| Manage multiple websites with the same system | ||||
New Features in VG WinConsole 3.3 |
||||
| Identity Federation: Partial support through ADFS Server 2.0 | ||||
| Manage ADFS Servers includes: | ||||
| - Listing ADFS servers | ||||
| - Creating, updating and deleting ADFS servers | ||||
| New type of user supported in the VG Repository: Federated User | ||||
| Manage federated users for a particular ADFS server, added through the ADFS server tab | ||||
| Supported Authentication Modes: | ||||
| Federated authentication has been added to the list of supported authenitcation modes | ||||
| Manage web portals in repository | ||||
| List of web portals | ||||
| Remove selected web portal | ||||
| Assign selected web portal to an application entity | ||||
| New Attributes of VG Groups | ||||
| Data1, data2 and data3 have been added to VG Groups | ||||
| New permissions for ADFS and web portal have been added | ||||
| Supports applications created in the .NET Framework 4.0 | ||||
Visual Guard Web Console |
||||
| Dashboard | ||||
| Status of Dashboard gadget saved in cookies to store its state. User will find the same UI upon return | ||||
| Users | ||||
| Search user by group and its descendants in the Manage Users screen | ||||
| Mixed mode authentication. Users can now log into the VG WebConsole with a Windows account | ||||
| "Unapprove" feature added on Manage Users screen | ||||
| Groups | ||||
| New VG Group Attributes: Data1, Data2 and Data3 | ||||
| Misc. | ||||
| Integrated "Help Manual" in Start Menu | ||||
| VG Web Console checks customer license key by asking for credentials | ||||
| Support for .NET Framework 4.0 | ||||
For more information click here: Visual Guard Web Server.
See Also
- How to integrate Visual Guard in a WCF application
- Visual Guard expression language
- Upgrading v3.2 to v3.3
- Upgrading v3.1 to v3.2
- Upgrading v3.0 to v3.1
- Upgrading v2.8 to v3.0
- Upgrading v2.7 to v2.8
Visual Guard - Version 3.2.912.01
| Professional Edition | Enterprise Edition | |
New Features |
||
Runtime |
||
| - Creation of customized roles for VG administrators | ||
| - Groups added |
||
| - Creation of an application in another technology (Java, PB, etc.)
added |
||
| - New system of permissions in Visual Guard added |
||
| - Security APIs added | ||
WebConsole |
||
| Added Group Management | ||
| Added On-line Help | ||
| Added Search Field | ||
WinConsole |
||
| Added Creation of an application in another technology | ||
| Added Creation of customized roles | ||
VGServer |
||
| Added New help for Public Mode | ||
| Added Support for Groups | ||
Visual Guard - Version 3.1.912.08
| Professional Edition | Enterprise Edition | |
New Features |
||
| VG Web Console 2.0 | ||
| - You can create windows User account in the web console 2.0, - Oracle Database supported, - Windows 64 bit supported. |
||
Console |
||
| Fixed Error in samples | ||
Runtime |
||
| AddedSupport of VG Server Public mode | ||
| AddedNew methods in API | ||
Visual Guard - Version 3.1.911.5
| Professional Edition | Enterprise Edition | |
New Features |
||
| New module: VG Server - V2 | ||
| It allows an application to communicate with the repository. It
is delivered with a specific administration console. The VG Server
is used in the following situations: - Complex architecture (the application cannot connect directly with the repository), - Applications developed with technologies other that .NET or PowerBuilder. It is available for any technologies (Java, C++, Delphi…) capable of SOAP calls or HTTP Requests. |
||
Console |
||
| Fixed Error on the Deployment tool for a Oracle database. | ||
WebConsole |
||
| Added Module of creation of Windows user Account | ||
Visual Guard - Version 3.0.908.10
| Professional Edition | Enterprise Edition | |
New Features |
||
| New module: VG Server - V1 | ||
| VG Server is a new key module of Visual Guard security solution. It consists in a group of web services, that you install on your server to expose some access control services for your applications. This module allows securing .Net applications that cannot directly access the VG repository (applications designed to be used in Extranet or Intranet). VG Server can be called to: - Authenticate users with username/password combination - Retrieve roles and permissions granted to a user Then, VG Runtime adapts the behavior of the application to the user. [read more] |
||
| New module: VG Server - V2 is coming soon | ||
| It will be available for any technologies (Java, C++, Delphi…) capable of SOAP calls or HTTP Requests. | ||
| New module: VG Web Console - 1.0 | ||
| The VG Web Console provides user administration features for: - Managing user accounts (CRUD operation) - Managing roles (CRUD operation) The Web console is designed to be used with only an access to the Internet for remote Identity management [read more] |
||
| New module: VG Web Console - 2.0 is coming soon | ||
| The web console is being entirely redesigned to be user administrator oriented [see a preview] | ||
| New APIs | ||
| New APIs were created to extend the number of methods. | ||
Console |
||
| Added New VG System roles: | ||
| Restricted Developer: The developer with this role can administer
the applications for which he is a "Membership Manager". Developer Deployer: The developer with this role can deploy all applications. Restricted Developer Deployer: The developer with this role can deploy only applications for which he is a “Membership Manager". |
||
Runtime |
||
| Added Support of VG Server. | ||
- Visual Guard for .NET - version 2.8.812.19
- Visual Guard for .NET - version 2.7.810.14
- Visual Guard for .NET - Version 2.7.809.26
- Visual Guard for .NET - Version 2.7.806.18
- Visual Guard for .NET - Version 2.7.805.27
- Visual Guard for .NET - Version 2.7.802.29
- Visual Guard for .NET - Version 2.6.709.16
- Visual Guard for .NET - Version 2.5.708.06
- Visual Guard for .NET - Version 2.5.705.30
- Visual Guard for .NET - Version 2.5.704.23
- Visual Guard for .NET - Version 2.1.702.19
- Visual Guard for .NET - Version 2.1.701.10
- Visual Guard for .NET - Version 2.0.60915
Visual Guard .NET - Version 2.8.812.19
New Features
- OFFLINE MODE
Allows users to run an application secured by Visual Guard, although the VG Repository is not accessible.
User permissions are cached in an off-line store and updated when the application logs again in to the VG repository. -
DEPLOYEMENT OF THE PARAMETERS OF REPOSITORY
Allows to deploy only the parameters of a repository if necessary.
Console
- Fixed: The user icon for type of user (Windows, VG or DB) should display in right panel
- Fixed: The link 'Click here for more information about the language used in expression' for the Add Expression is not working
- Fixed: When you select VGExpression node, Filter button is not active.
- Fixed: The links from 'Security Action Creation wizard' is not working
- Fixed: 'Granted Users' Property of Role from right panel is not updated.
- Fixed: The Shared Role icon is not same in right and left panel.
Runtime
- Fixed: The application took a lot time to run with offline mode.
- Fixed: Offline Mode is not working for Database user
- Fixed: Offline Mode is not working for File repository.
- Fixed: In the offline mode the authentication mode is not verified at the time of login to the application.
- Fixed: Offline mode is not working for Database user.
Visual Guard .NET - Version 2.7.810.14
Console
- Fixed: A SerializationException is thrown while creating a property action with a value based on a type specific to the application.
- Fixed: A NullReferenceException is thrown when editing 'property' action on Component.
- Fixed: VG crashes when refreshing the repository whose content is deleted but repository is present in the Console.
Webform
- Fixed: MasterPage of a MasterPage is not secured automatically.
WinForm
- Fixed: VGSecurityManager.LoadAnomymousSecurity(WindowsIdentity) does not use the specified identity.
- Fixed: VGMembership.CreateUser does not take into account the mustChangePasswordAtNextLogon parameter.
Visual Guard .NET - Version 2.7.809.26
Runtime
- Changed: Visual Guard no longer locks an account after the last
grace logon (when the password has expired). Visual Guard sets the
MustChangeAtNextLogon option to true for this account and the authentication
process fails. If you use the method VGSecurityManager.Authenticate
or VGSecurityManager.ValidateUser in your code, you have to check
whether this modification is compatible with your code.
For more information, read: Authentication Process Modification
- Added: A new VGMembership.FindUserByLastName method is added. This method returns a collection of users where the last name matches the specified last name.
- Added: A new constructor of VGLogEntry is added to support unnamed properties as format item (like in string.Format method) in the message.
- Fixed: VGRoles.UpdateRole always throws a security exception
- Fixed: VG adds a 'Successfull Logon Attempt' entry to the event log when the logon fails with 'MustChangePasswordAtNextLogon' status
- Fixed: AmbigousMatchException is thrown when 'Properties' action is executed at runtime.
Winform
- Improved: VGLoginForm takes into account the new authentication process.
- Fixed: Error messages are not cleared in VGChangePasswordForm
Oracle
- Improved: Improved performance when modified data is saved on Oracle
Console
- Added: A new event (ID 20013) is added to the event log when the Username of an account is modified.
- Added: A new event (ID 40023) is added to the event log when the name of an application is modified.
- Added: A new event (ID 40024) is added to the event log when the name of a role is modified.
- Added: A new event (ID 40025) is added to the event log when the name of a permission is modified.
- Added: A new event (ID 40026) is added to the event log when the name of a permission set is modified.
- Added: A new event (ID 40027) is added to the event log when the permission set of a role is modified.
- Added: A new event (ID 40028) is added to the event log when a permission is granted to a permission set.
- Added: A new event (ID 40029) is added to the event log when a permission is revoked from a permission set.
- Added: A new event (ID 40030) is added to the event log when a permission set is granted to a permission set.
- Added: A new event (ID 40031) is added to the event log when a permission set is revoked from a permission set.
- Improved: The password policy dialog box is redesigned to improve the display.
- Improved: The Security Action Wizard is redesigned to help to edit 'Properties' actions.
- Improved: It is now possible to filter the content of the 'Component' tree view when editing a 'Properties' action.
- Improved: It is now possible to create a 'Properties' action to modify properties of non-component object.
- Improved: It is now possible to Maximize/Restore the 'Event Viewer' dialog box.
- Improved: A new command line argument '-R' is added to the Visual Guard console and disallow to edit the list of repositories
- Improved: a new command line argument '-M' is added to the Visual Guard console and allows to launch multiple instance of the console
- Improved: It is now possible to duplicate a Permission Set.
- Improved: The text of the event 4015 (Permission modified) contains now information indicating when an action is removed, added or modified.
- Improved: When a property of repository, application, role, user, permission or permission set is modified in the console, Visual Guard records the old value and the new value in the text of log events.
- Improved: Improved performance during the refresh of data.
- Changed: By default only one instance of the Visual Guard console can be launched at same time.
- Fixed: In Edit the password policy window, fields should restore to the old value when blank value is entered in a numeric field.
- Fixed: Two unhandled exceptions occur when the new created version is removed from the console.
- Fixed: 'Is' operator generates an invalid message when the right hand operand is not a type.
- Fixed: the 'Last Modification' property of an item in console displays the date in UTC not in Local mode.
- Fixed: the 'MustChangePasswordAtNextLogon' option is set to false after changing the password even if the option is true in dialog box.
- Fixed: AmbigousMatchException is thrown when 'Properties' action is executed at runtime.
- Fixed: Event Viewer does not sort properly the list of events by date for Oracle repository.
- Fixed: The 'Other Assemblies' property is not duplicated while creating a 'New version' of an application.
- Fixed: List of permission is not always in alphabetic order in 'Change Permission' Dialog box.
Sample
- The sample application is improved to demonstrate how to use of Visual Guard in WCF context.
Visual Guard .NET - Version 2.7.806.18
Runtime
- Fixed: A RoleMemberAdded is generated in the event log when the property of a user is modified in the console
- Fixed: An exception is raised when calling VGMembershipUser.RevokeMembershipPermission method
- Fixed: the event InvalidLogonAttempt is not added to event log when the user is not authorized to access to the application.
- Fixed: All modified properties of VGMembershipUser are reset after calling ResetPassword, ChangePassword,Unlock methods.
- Improved: 2 new events MembershipPermissionRevoked and MembershipPermissionGranted are now generated by the console or when using Membership API
WebService
- Fixed: When VG is used with WCF services hosted by ASP.Net, it cannot find configuration files and raises a 'Unable to find valid Visual Guard configuration' exception.
Console
- Fixed: Not getting any property in the Generate Configuration file window.
- Fixed: The message "<my file> already exists. Do you want to replace it" is displayed twice when exporting event log
- Fixed: A 'strange' node is added after removing the last sub nodes of an item in the tree view. When clicking on this node, an unhandled exception is raised.
- Fixed: In the documentation generated by the console, lists of applications, users, permissions and roles are not properly sorted
- Improved: The first and last name of the user is now displayed in the Event Viewer.
Visual Guard .NET - Version 2.7.805.27
Runtime
- Fixed: When the password option 'Lock account after x grace login' is enabled, VGSecurityManager.Authenticate locks out the account during the last grace login.
- Fixed: When the password policy allows only 1 grace logins, the account is locked out just after the logon attempt.
- Fixed: An error occurs when 'Properties' action are executed on subfields of a field at runtime. Visual Guard throws 'VGInvalidActionException' exception
- Fixed: After creating a new account with membership API, VGSecurityManager.Authenticate returns sometimes 'UserAccountNotYetAvailable' in place of 'Success'
- Fixed: the username is case sensitive during authentication process against database repository
- Fixed: string concatenation with null value throw NullReferenceException exception when one of its operand is null. Now the concatenation returns an empty string as the standard .net concatenation.
- Fixed: includeWindowsGroups parameter of VGSecurityRuntime.CreateRuntimeForXXX is not taken into account
- Fixed: In some cases Username and Roles are not valid in value assigned by an action based on Visual Guard expression
- Fixed: VGMembershipUser.RevokeMembershipPermission method throws an exception when it is called and the user does not have the Membership Permission for the application.
- Improved: It is now possible to use the namespace of the object provided as context of evaluation as default namespace in Visual Guard expression.
- Added: A new log event 'NotEnoughPrivileges' is generated when a user try to access to Membership API and does not have enough privileges.
- Added: A new log event ' AccountUnlocked' is generated when a user unlock an account.
- Added: A new log event 'NotEnoughPrivileges' is generated when a user try to access to Membership API and does not have enough privileges.
- Added: A new log event ' MembershipPermissionGranted' is generated when Membership permission is granted to a user.
- Added: A new log event ' MembershipPermissionRevoked ' is generated when Membership permission is revoked from a user.
ASP.NET
- Fixed: InvalidOperationException Exception is raised while using membership API in a website when the repository is based on SQLServer
WINFORM
- Fixed: VGChangedPassword allows reusing an old password even if the password policy does not allow to reuse old password
- Fixed: VGLoginForm allows to change the password when the user is not authorized to access to the application and the password is required to change at first logon.
- Added: 'Password' property is added to VGLoginForm and allows getting and setting the current password.
ORACLE
- Fixed: an ORA-00942 error occurs when the install.sql script is executed manually on Oracle
- Fixed: an ORA-00942 error occurs when a log event is written in Oracle repository.
- Fixed: An ORA-1003 error occurs when intall.sql script is executed manullay by using Oracle 10 Express Edition console
SQL Server
- Fixed: Unable to manually execute twice install.sql script on SQLServer
Console
- Fixed: In repository creation wizard, the option Database authentication is not available for the default administrator
- Fixed: when End date is modified by using the calendar, the console raises an unhandled exception.
- Fixed: In some cases it is not possible to delete permission folders in repository based on Oracle.
- Fixed: In some cases it is not possible to write in event log in repository based on Oracle.
- Fixed: An exception is raised during the creation of SQLServer repository with database account as administrator.
- Fixed: Visual Guard does not properly refresh all items after the modification of an item
- Fixed: Visual Guard console does not detect modification for ASP.NEt 2.0 website when .svc or soap files are modified
- Fixed: Find Functionality is not working Properly
- Fixed: An unhandled exception 'Cannot be less than zero' is raised while creating or editing action.
- Fixed: a RoleMemberAdded is added to the log each time an account property is modified and the account is a member of 'Membership Manager' role.
- Improved: A new option allows unlocking the account in Change Password dialog box when the account is locked out
- Improved: It is not possible to provide 'Other Assemblies' by using relative path.
- Improved: Edit Configuration file allows to edit multiple repository configurations in one configuration file.
- Improved: The text of the message generated in the log event contains now the name of the modified property and its new value (for repository settings and user accounts).
Visual Guard .NET - Version 2.7.802.29
Support of WCF Services
Visual Guard .Net can now be integrated in application hosting WCF Services. Visual Guard .Net allows authentication based on Windows account or User/Password and authorization access to WCF Services.
Support of Windows Vista
The installation process is improved and complies with the standards recommended by Windows Vista.
Support of WPF Components
It is now possible to create action on WPF Components.
Support of applications loading assemblies dynamically
It is now possible to secure applications loading assemblies dynamically (like applications using the Microsoft CAB framework). You can indicate the list of the assemblies in the property 'Other Assemblies' of the application in the console.
Security actions
- Visual Guard .Net language
Visual Guard .Net provides a new language allowing to create complex expressions. This language supports the getting and setting properties, method invocation, instantiation of object, logical and arithmetic operators. This new language can be used to add a condition to a security action or calculate dynamically the value of a property.
For instance, it is possible to create an action disabling the 'Delete' button when the sales order displayed in a form is an order for a client of a country and it is not shipped.
SalesOrder.Customer.Country == ' USA ' and SalesOrder.ShippedDate != System.DateTime.MinValue
It is also possible to use this expression to calculate the value of a property. The following example allows to modify the Filter of a DataView. If the filter already contains a filter expression, Visual Guard adds the clause "Country = ' USA '" at the end of the expression otherwise it sets the filter with this clause.
#CurrentValue.Length == 0?'Country = '' USA ''':string.Format('({0}) and 'Country = '' USA ''', #CurrentValue)
- Modification of argument of the event raising a security action
Visual Guard .Net now allows to modify the property of the argument of the event raising a security action. For instance, it is possible to change the Cancel property of the Closing event when the action is executed on this event.
Visual Guard Console
- Auditing/Logging feature
It is now possible to filter the list of event by using a date range. Visual Guard .Net now provides the description of all predefined Visual Guard .Net events. This list of description can be edited. It is possible to change standard description or add a description for custom events. It is now possible to clean up the events of a repository older than a date (e.g. is it possible to delete all events older than 6 month).
- New 'Auditor' Roles
2 new roles are added to the Visual Guard .Net console: Auditor and Restricted Auditor. These roles allow to access a repository in read only mode. An auditor can consult the content of the repository, generate a report or consult the event log but it can't grant permission or administrate users of the repository. Restricted Auditor has the same rights as Auditor but can consult only a restricted list of application.
ASP.Net
Visual Guard .Net allows to check Visual Guard .Net permission for all ASP.Net component based on role (LoginView, SiteMap with Security Trimming, URL authorization mechanism). You just have to prefix the name of the permission by the '%' character in place of the name of role. For example, the following Authorization section of web.config file indicates that only user with the permission "Allow to edit and delete employee" can access the content of the folder containing the web.config
< authorization >
< allow roles = " %\Employees\Allow to edit and delete employee " />
< deny users = " * " />
</ authorization >
Visual Guard .NET - Version 2.6.709.16
Visual Guard Runtime
- Visual Guard now supports Logging/Auditing features. It is now possible to log user activities (invalid logon attempt, locked account, password modification attempt, repository item modifications...). It is also possible to log custom events for your application in the repository log.
- Improved performance and scalability in ASP.Net environment.
- Concurrency access management is improved.
- Visual Guard Membership API now supports the creation of role.
- A new event 'DefaultRuntimeInitialized' is added to the VGSecurityManager class. This event can be used to change the default security settings of the application.
- New methods 'CreateRuntimeForFile', 'CreateRuntimeForOracle', 'CreateRuntimeForSQLServer' are added to the VGSecurityRuntime class. These methods allow to specify security settings (database connection string, supported authentication mode,...) without using Visual Guard configuration files.
- A new event 'SecurityLoaded' is added to the VGHttpModule class. This event is raised after loading the security of the current user in ASP.Net environment.
- A new property VGMembershipUser.MustChangePasswordAtNexLogon is added and allows to force the user to change password at next logon.
- A new value VGAuthenticationState.MustChangePasswordAtNextLogon is added and allows to indicate that the authentication process has failed because the user must change his password at next logon.
- A new flag VGAuthenticationStatus.MustChangePasswordAtNextLogon is added and allows to indicate that the authentication process has failed because the user must change his password at next logon.
- Fix: the trace file generated by default is now located in the system's temporary folder. In previous versions, the default trace file was generated in the folder of the Novalys.VisualGuard.Secutiry.dll and caused problem in web application.
- Fix: the arguments firstName and lastName are not taken into account when the method VGMembership.CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, string comment, string firstName, string lastName, out VGMembershipCreateStatus status) is used to create a new user.
- Fix: VGMembershipUser.UnlockUser does not unlock the user when the property RequiresUniqueEmail is not set to true. Fix: the arguments firstName and lastName are not taken into account when the method VGMembership.CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, string comment, string firstName, string lastName, out VGMembershipCreateStatus status) is used to create a new user.
- Fix: VGMembershipUser.IsApproved is not updated when the property RequiresUniqueEmail is not set to true.
- Fix: VGMembershipUser.IsDirty is not updated after calling the method VGMembership.Update.
- Fix: the VGMembership.FindUsersByName and VGMembership.FindUsersByMail method returns sometimes an incomplete result for Oracle and SQLServer.
- Fix: the method VGMembership.AddWindowsAccount throw an invalid exception when the repository license allows Windows Account.
- Fix: the method VGMembership.UpdateUser allows to modify the email of a user with a duplicate email.
- Fix: the property VGMembership.MaxInvalidPasswordAttempt returns an invalid value.
- Fix: the event VGMembershipProvider.ValidatingPassword passes the old password as arg in place of the new password.
Visual Guard Console
- All user activities (item creation, deletion or modification) are logged in the log of the repository.
- It is now possible for a master administrator to display the events log of a repository and clear this log.
- It is now possible to force the user to change the password at next logon.
- It is now possible to specify that the deployment process will refresh the content of an application or will replace the content of an application. When the option is set to 'Refresh', the process keeps all the items of the application in the target repository and replaces existing items by the items of the source repository and adds new items. When the option is set to 'Replace', the process deletes all items of the application in the target repository before deploying the items of the source application.
- Performances are improved during the initial loading of data.
- A new role 'Restricted User Administrator' is added to the Visual Guard console. This role has same permissions as 'User Administrator' role but allows to manage only the applications for which the user is a member of 'Membership manager' role.
- The 'Select Windows Accounts' dialog box keeps its last setting after closing the dialog box.
- Fix: The option 'Clear All' of the log view does not remove the items from the list.
- Fix: The password answer stored in the repository is not valid during the creation of a Visual Guard account.
- Fix: The list of classes used as targets in the security action designer does not display all assemblies referenced by the main assembly.
- Fix: In some cases it is possible to assign more than one permission sets to a role.
Visual Guard .NET - Version 2.5.708.06
Visual Guard Console
- The 'Property action' creation wizard allows to add a condition on a security action. Before executing a security action , Visual Guard evaluates the value of the condition and executes the action only when the value is true.
- Performance improved during the loading of big repository.
- It is now possible to enable anonymous session and default role in the application creation wizard.
- A new property "Membership Permission Enabled" allows to enable Membership permission in an application.
- A new special role "Membership Manager" allows to grant to a user the permission to use Membership API in the application.
- Fix: The stored procedure 'vg_GetDatabaseAccounts' returns the error 'Cannot resolve the collation conflict between "SQL_Latin1_General_CP1_CI_AI" and "SQL_Latin1_General_CP1_CI_AS" in the equal to operation' when the master database and the Visual Guard database do not use the same collation
Visual Guard Runtime
- It is now possible to change the value of a permission argument at runtime. The property VGIPermissionAttribute.Value allows to change this value.
- The properties VGMembershipUser.PasswordExpirationDate, VGMembershipUser.IsPasswordExpired and VGMembershipUser.GraceLoginRemaining are added and allow to check the state of the password of an user.
- The properties VGMembershipUser.FirstName, VGMembership.LastName are added and allow to get or set the first name and the last name of a membership user.
- A new property VGIPrincipal.MembershipPermission is added and allows to check whether the user can use Membership API in the application.
- A new event VGSecurity.ValidatingPassword is added and allows to cancel the password modification when the password is not valid.
- The method VGMembership.CreateUser allows now to specify the first name and the last name.
- Improved performance for VGMemberShip API
- Improved support of generic types
- Fix: The values of UserName, UserId, RoleName are not valid when security action expressions are used in web application context.
- Fix: The value of formatted expressions used in security action expression is not automatically converted.
- Fix: The id of permissions of a new version of an application is not valid. The id is not equal to the id of the original version of the permission.
- Fix: the security of Master Pages is not automatically loaded.
- Fix: the security actions defined on class based on generic type are never executed.
Installation
- Fix: the Visual Guard shortcuts launch an installation process when the installation is done by an administrator and the Visual Guard program is launched by another user.
- The installation can now be launched by a 'Power User'.
- Visual Guard can now be used by all type of users (not only Administrator or Power User)
Visual Guard .NET - Version 2.5.705.30
Visual Guard Console
- Fix the problem of Secured assembly loading when the same application is loaded for two different repositories in the same time.
- A "Deploy Application" option is added in the menu of the applications.
- It is now allowed to request a license key for a repository via the web.
- Fix the problem of crash when the name of an item is modified in the treeview and the item has been modified by another user
- A new property "AllowsToRenameUsers" is added to repositories. This property allows a master administrator to disable the ability to change the name of the user in the console.
- A new property "UseUpdateMethod" is added to repositories. This property allows a master administrator to indicate if a user is delete then insert when a user is renamed or if the update method is used.
- Allows to indicate the name of the Oracle database schema in which the repository tables will be created.
- A new option in the deployment wizard allows to grant roles of a new version of an application in same manner as roles are granted to in the previous version.
- Fix a problem of crash during the disconnection of a repository
Visual Guard Runtime
- Fix the problem of the value VGAuthenticationState.IsPasswordSecure when a password is expired
Visual Guard .NET - Version 2.5.704.23
Visual Guard Console
- Allows to deploy the repository or the application in another repository or to generate deployment files.
- Allows to create multiple versions of an application in a same repository.
- Allows to add more than one Windows account at the same time.
- Display a warning in the log view when the Visual Guard configuration file must be regenerated for an application.
- Fix a problem that occurs when the password policy is changed.
- Fix a problem that occurs during the creation of tables containing the repository in Oracle
- Fix a problem that occurs during the creation of tables containing the repository in SQLServer
- Fix a problem that occurs when the path of the WebSite project is modified.
- Fix a problem that occurs during the verification of unique email of Visual Guard account when Windows accounts already exist in the repository.
Visual Guard Runtime
- New API allowing to deploy a repository or an application by program.
- New command line tool (vg_deployment.exe) allowing to deploy a repository or an application.
- Membership API allows to create and delete Windows Account.
- New parameter allowing to define the number of seconds before expiration of an item in a cache.
ASP .NET
- Performances are improved during the loading of the security for ASP.Net application.
- Fix a crash (OutOfMemory exception) when Windows authentication is used
Visual Guard .NET - Version 2.1.702.19
Runtime Visual Guard
- Allows to specify the name of the schema containing database objects for Oracle repository
Console Visual Guard
- Allows to select more than one Windows account in the "Windows Account creation" dialog box.
- Fix a problem with search in big repositories.
- Performance improved during the navigation in big repositories.
- Fix a problem of repository creation in Oracle database
Visual Guard .NET - Version 2.1.701.10
Runtime Visual Guard
- "Properties Action" can now use parameters defined in permissions. For example, it is possible to create a permission with a parameter "Country" and create an action using this parameter to filter data in the application.
- New property "VGSecurityManager.GenerateDebugInformation" allowing to indicate if debug information are generated for "Script Action".
- All messages are now translated in French.
ASP.Net
- The permission cache is improved.
Sample & Documentation
- The ASP.Net sample is fully rewritten.
- New roles and permissions are created. These roles allow to display application data only for a country.
- New demo displaying how to integrate Visual Giard in an application.
Console Visual Guard
- It is now possible to look for an item in a repository.
- Generation of a technical documentation for a repository (format PDF.
- Take into account the ASP.Net WebApplication projects (the new type of project supported in VS2005 SP1).
- Performance improved for secured application data loading.
- The problem of reloading ASP.Net secured application data is fixed.
- New toolbar and menu with office 2003 style.
- It is now possible to check the security action of one permission.
- "Properties Action" wizard is improved. It is now possible to display only modified properties and a new field displays all modifications.
- The GUI is now translated in French.
- The contextual help is improved.
Visual Guard .NET - Version 2.0.60915
Runtime Visual Guard
- Support of Oracle 8i or higher to store a repository.
- Support of MS SQLServer 2000 or higher to store a repository.
- Support of authentication based on Windows Account.
- Support of authentication based on Database Account.
- Support of Shared Roles. Shared roles allow to share a role between multiple applications defined in the same repository.
- New event VGSecurityManager.CheckVersion. This event allows to check if the version of permissions stored in the repository are compatible with the application.
ASP.Net
- Performance improved for authentication and authorization process.
- New event VGHttpModule.PermissionLoading. This event allows to filter roles granted to a user during the authorization process.
- New event VGHttpModule.Initialized. This event allows to change the default configuration file.
Windows Form
- Take into account the new authentication mode (Windows, Visual Guard and database).
Console Visual Guard
- Take into account the new repository types (SQLServer and Oracle).
- Take into account the new authentication mode (Windows, Visual Guard and database).
- Take into account the Shared Roles.
- You can now duplicate a permission with all its actions.
- You can now delete the default Master administrator.
- The console now generates by default the configuration file in the 'Bin' directory for ASP.Net 2.0 applications
- The problem of refresh during concurrency data update is fixed.
- Visual Guard for .NET - Version 1.2.60601
- Visual Guard for .NET - Version 1.1.60426
- Visual Guard for .NET - Version 1.1.60329
Visual Guard .NET - Version 1.2.60601
ASP.Net
- Full Support of .Net 2.0
- Fully compatible with Membership API
Windows Form
- Full Support of .Net 2.0
- New Membership API allowing to create or edit users and to grant roles.
Console Visual Guard
- The password policy editor has been redesigned to simplify the edition of the policy.
- You can now specify an email address and a password question/answer for a user.
- It is possible to configure a repository to require a unique email address for each user.
- It is possible to configure a repository to require a password question/answer for each user.
- It is possible to configure a repository to allow users to reset their passwords by randomly regenerating a new password.
- It is possible to define a default role for an application. This default role will be granted by default to each new user.
- Performance improved during the loading of data for large repository.
Runtime Visual Guard
- Support of password reset feature (this feature allows ASP.Net application to replace the current password for a user by a new, randomly generated password).
- Support of Password Question and Answer feature.
- New Membership API. This API allows to directly create or edit users and to grant roles in your application. These API are similar to ASP.Net Membership API but are enabled for all types of applications supported by Visual Guard (Winform, WebForm, .Net 1.1, .Net 2.0).
- The support of concurrent access for repositories based on files is improved.
Visual Guard .NET - Version 1.1.60426
ASP.Net
- The installation of the Web sample application is improved and fixes the problem of permission on the repository.
- The messages displayed when an error occurs during the access to the repository or the configuration file are improved.
Console Visual Guard
- The problem of refresh during concurrency data update is fixed.
- You can now edit the default name of the repository.
- The deletion of the repository requires now a password confirmation.
Visual Guard .NET - Version 1.1.60329
ASP.Net
- Full Support of ASP.Net application.
- Integration is easier by using Web.config file configuration.
- Compatibility with Forms, Windows and Passport authentication module.
- Compatibility with URL authorization module.
Console Visual Guard
You can now:- Edit the password policy in the Visual Guard console (Select a repository item, right-click and choose the option "Edit password policy..."). The password policy allows you to check: the number of days a password is valid, the strength of the password, the number of consecutive bad login allowed, etc.- Edit the user used as anonymous account by the application (Select an application item and change the value of the property "Anonymous user").
- Grant a role to a list of users directly from the role (Select the role item, right-click then choose the option "Edit granted users list...").
Windows Form
- Support of the anonymous session in the default Visual Guard Login form (Novalys.VisualGuard.Security.WinForm.VGLoginForm class).
Runtime Visual Guard
- Improvement of performance to dynamic script compilation.
- Support of anonymous sessions allowing to use the application without authentication.