Upgrade SAML Framework to v5.6.3

Starting in MicroStrategy 2021 Update 6, the spring-security-saml2-service-provider framework has been upgraded from v5.5.3 to v5.6.3, and SAML single logout functionality is now supported!

What this means for you:

• If the MicroStrategy environment is configured to use SAML without any customization, the upgrade is completely seamless in MicroStrategy 2021 Update 6 and no additional steps are required.

• This change does not impact SAML on ASP.

• If the MicroStrategy environment is configured to use SAML and there have been additional customizations added to this configuration, additional steps may need to be followed after the upgrade. The steps are simple and often just need a replacement of classes with newer and more secure classes.

Note the following for this upgrade:

• SAML single logout is now supported on Tomcat and Jboss. See Generate SAML Configuration Files to enable single logout for your application. Local logout is used by default.

• In previous releases, you may have performed customizations after a successful login by leveraging the SAMLCredential object. In 2021 Update 6 and newer, you no longer need to use the details property of SAMLAuthentication to locate the necessary information, just SAMLAuthentication itself.