Squiz Matrix Newsletter #394
07 SepLast week, Brisbane hosted the 2012 Squiz and Funnelback International User Conference (30-31st August). View the User Conference Twitter highlights. This year's conference covered a range of topics and announcements, including the release of Squiz Roadmap and the launch of Funnelback Version 12.
One of our favourite presentations was John-Paul Syriatowicz's discussion on 5 of the most important things that are happening to Squiz Matrix this year. If you missed the conference, here is a summary of the most exciting Matrix developments:
Single Sign-On in Matrix
Our newest releases of Matrix support single sign-on solutions via SAML authentication. By supporting this open standard for communicating identity information between organisations across Internet domains, users can use one username and password to log into multiple systems and even websites.
Enhanced Security
Squiz has embarked on a journey to become I-RAP certified and that means heavy investment into anything to do with security. Expect more regular security hardened releases of Matrix and range of new business practices to ensure your systems stays safe.
Content Migration Tools
Squiz are developing a new content migration tool set that allows us to provide fixed price quotes for migrating large amounts of content into Squiz Matrix. With the inclusion of the setup fee, Squiz has been able to migrate sites of around 50,000 for nearly $1 page.
Selective Asset Replication for Matrix
Squiz Labs have started to work on a tool that will allow portions of the Matrix asset tree to be exported and imported to another system. This means users will be able to develop new functionality on a test environment and push it out selectively to a production environment. We expect this system to form the basis of a foundation for sharing implementation and bringing down the cost of ownership of a Matrix system.
Squiz Matrix iOS Application
Nic Hubbard of Zed Said Studio has developed a mobile application that allows users to manage their Squiz Matrix system while on the go using their iPad and iPhone. The app is launching soon! For more information, visit the Squiz Matrix iOS App website.
~
This week kicked off with our September releases of Squiz Matrix. Versions 4.8.6 and 4.10.2 both contained a range of new functionality, including SAML federated access management, new keyword modifiers to evaluate xpath expressions and to return a JSON encoded string, and a new No Results bodycopy on Rolling Calendar Page assets.
Both of these releases are available for download via the public CVS repository (http://public-cvs.squiz.net/) and our 4.10.2 release is available as a VM image on the Squiz Matrix site.
View the release blog post for further information on these new versions of Matrix, including release notes and download links.
~
New updates are available today for Edit+ for Squiz Matrix and the Easy Edit Suite.
Our Edit+ for Squiz Matrix release introduces a number of enhancements to the Viper WYSIWYG editor (37 bug fixes) and the Accessibility Auditor (7 bug fixes).
Edit+ for Squiz Matrix is available to customers with an appropriate service level agreement. Please contact Squiz for additional information.
Our Easy Edit Suite release contains a handful of bug fixes and is currently available for users on the Squiz Matrix site.
Existing users of EES v1707 will need to merely replace their EES folder on their installation while those on earlier versions should consult the EES Upgrade and Compatibility Guide for upgrade information. New users can refer to the EES Installation Guide for install and configuration steps for the Easy Edit Suite.
~
This week we have two new features to report, including additional options for our new SAML Account Manager asset. Continue reading below for more information on all this week's developments.
Additional SAML Options for User Linking and Creation
Due for release in version 4.12.0 (November 5th 2012)
In this month's releases of Matrix, we unveiled federated access management single sign-on and identity verification through our new SAML Account Manager asset. This feature adds further options to this asset, allowing you to set the linking settings for users (automated in current release), as well as allow Matrix to automatically create linked local users during the authentication process.
The Allow Linking to Existing Users and Automatic Creation options are available on the Details screen of the SAML Account Manager.
By default, linking to existing users is enabled. This means that is a user is logged in to Squiz Matrix and their account is SAML authenticated, the SAML Account Manager will prompt the user to link their accounts, if they have not yet been. This linking allows for federated access to the system, automatically signing the user into their account as part of the SAML authentication process.
The Automatic Creation option handles the creation of linked local users when a user is not logged into Matrix. By default, this is a manual process, with users being allowed to create a new user account during SAML authentication. Enabling this option will automate this creation, skipping this manual process.
This feature has been added to provide users with more options for configuring SAML federated access management on their systems.
OAuth Session: Redirect to Authorise, Store Access Token
Due for release in version 4.12.0 (November 5th 2012)
Squiz Matrix's REST Resource OAuth assets allow you to define the parameters for OAuth authentication when communicating with an OAuth secure REST web service. This feature introduces additional parameters, allowing you to redirect users to an external authorisation page and providing the option of permanently store the access token.
The Redirect to Authorise and Store Access Token options are available on the Details screen of REST Resource OAuth assets.
By default, neither of these options will be enabled.
Enabling the Redirect to Authorise option will redirect a user to the service provider's authorisation page to authorise the request token instead of simply nesting the authorisation form within Squiz Matrix.
The Store Access Token option allows you to permanently store the access token. By default, this token is stored in the session, meaning that when a user logs out, the token will be lost. Permanently storing this token will prevent users from having to reauthorise in each user session. Disabling this option will remove any permanently stored tokens.
These features have been added to bring Squiz Matrix OAuth more in line with established authentication standards.