Installation, Upgrades, and Configuration
The following enhancements have been added to the Code Insight installation, upgrade, or configuration experience.
Support for Forcing SSO Authentication
You can now force SSO authentication when users access Code Insight through SSO. This enforcement is enabled through a new property called force.sso.authentication in the PAS_GLOBAL_PROPERTIES table in the Code Insight database.
By default, this option is disabled. However, the option should be enabled if Code Insight is configured for Microsoft Azure SSO and in situations where users receive the message “Error Validating SAML” after attempting to log in through SS0.
For complete information, refer to “Option to Force Authentication with SSO” in the Code Insight Installation & Configuration Guide.
Code Insight Support for Signing SAML Requests
In an SSO environment, Code Insight can now be configured (as the Service Provider) to sign all SAML requests sent to the Identity Provider. In general, this configuration is optional when setting up Code Insight for SSO. However, it might be necessary if your organization’s security policy requires such a signature.
For the steps needed to perform this configuration, refer to “(Optional) Configuring Code Insight to Sign SAML Requests” in the Code Insight Installation & Configuration Guide.
Code Insight has updated its Tomcat version to 9.0.84 to address security vulnerabilities associated with the previous 9.0.80 version used by Code Insight.