Manual Upgrade instructions for MultiSSO V2 For CSEIn New York (NY) release we are upgrading MultiSSO plugin to MultiSSOv2 (technically we are upgrading the internal library version of OpenSAML from 2.4.1 to 3.4.1), which addresses the known vulnerabilities of Open SAML Lib 2.4.1, this includes changes to the existing Script includes, Installation Exits etc. Customers installing NY afresh will get a new version MultiSSO with Open SAML Lib V3.4.1, however for existing customers who are upgrading to NY, there will be an upgrade path provided to move them to latest MultiSSO V2 if they have any customization(s) to any of the MultiSSO resources. The Upgrade path will ensure that their customizations are preserved and all the existing SAML flows function as is. Target Audience: Customer Support engineers who will be assisting Customers to upgrade to MultiSSO V2. A customer is upgraded to MultiSSO V2 or not, can be verified as below : Hop to Customer instance.Navigate to 'All Properties'.Search for the Property by name – 'glide.authenticate.multissov2_feature.enabled' If the property is not found or its value is set to false, then customer is not upgraded to MultiSSO V2. Its recommended to go through the for OOB available customization samples, before applying solution on customer instances. Customized Instances : Customized Instances refers to those instances where there is some customization in any of the MultiSSO resources. In order to upgrade from MultiSSO to latest MultiSSO V2, for Customized Instances, customers have to manually perform Upgrade as per the instructions in the Upgrade Doc (provided in this KB Article). If the customers are not able to upgrade to the MultiSSO V2 themselves, due to their customizations, they can reach out to customer support. Customer Support can follow this document to for the customized instances to upgrade to MultiSSO V2. Upgrade Path for Customized Instances : Navigate to the Customization List from Platform Security instance SAML Lib Upgrade Customization Audit ResultsSearch for the Customer in the 'Instance Name' column.Open the record and Search for the 'Analysis' and 'Solution Categories' columns . Read through the 'Analysis' column to get information about the customization, Check If any Solution Category is mapped in 'Solution Categories' column. If No Solution is mapped, then follow the steps mentioned in the 'Analysis' column (if any) and then follow next section - Steps to Upgrade to MultiSSO V2 to upgrade to MultiSSO V2.If there are changes required per the 'Analysis' Column and/or Solution Categories are mapped to the 'Solution Categories' column, search for the each Solution provided as part of the 'Solution Categories'.Navigate to à MultiSSO Customization Solutions in the Platform Security instance and search for the category.Open the customization solution category.In the Request/Response solution for V2 Column, select the code changes for the specific customer (perform a customer instance name search, if the list is too big).Pick the code changes and apply in the customer instance as stated in the top of the Solution category column.Once you apply the code changes, then follow the next section - Steps to Upgrade to MultiSSO V2 to upgrade to MultiSSO V2. Steps to Upgrade to MultiSSO V2 : Verify if the System property 'glide.authenticate.multissov2_feature.enabled' is available. If available, verify if the property is set to true, if NOT then set it to true.If NOT available, then Create a New System property as specified below - Name – glide.authenticate.multissov2_feature.enabledType – true | falseValue – trueExample Screenshot : Next, perform below steps: On 'Multiple Provider SSO Properties' page Disable (or uncheck) and Save the property "Enable multiple provider SSO".On the same page Enable (or check) and Save the property "Enable multiple provider SSO". Post the above two steps, MultiSSO V2 will be enabled and V2 Installation Exits will become active, please refer the screenshot : Navigate to your Identity Provider record, and perform 'Test connection'. If Test Connection is successful, upgrade is MultiSSO V2 is done. Samples : For the instance where Code Changes Required - Instance : compassgroup · Analysis and Solution category (screenshot) : Per the Analysis , Upgrade Path is - Manually Upgrade to MultiSSOv2 and Change Required: apply solution : update_user_loginUser Navigate to à MultiSSO Customization Solutions, Search for the Solution 'update_user_loginUser' and open the record (Screenshot) : Code Changes required for file : MultiSSOv2_SAML2_custom Script IncludeOverride loginUser method in MultiSSOv2_SAML2_custom Script Include.Post making the above changes follow the - Steps to Upgrade to MultiSSO V2 to upgrade to MultiSSO V2. For the instance where Code Changes NOT Required - Instance : gerdau · Analysis and Solution category (screenshot) : Per the Analysis , Upgrade path : Manually Upgrade to MultiSSOv2, No Change Required. In this scenario Just follow the Steps to Upgrade to MultiSSO V2 to upgrade to MultiSSO V2. Important Links : Instance where the Customer Instances are captured/stored : https://platformsecurityteam.service-now.com Customized Instances: Please navigate to this Platform Security instance link for all the customized instances record. Solution Category List : We have categorized the customization into several categories and provided the code changes required for All the Customers falling into those categories. Please navigate to this link for the all the solution category instances.