Release notes
Amster is a lightweight command-line interface, ideal for use in DevOps processes, such as continuous integration and deployment.
Read these release notes before you install Amster. The information contained in these release notes cover prerequisites for installation, known issues and improvements to the software, changes and deprecated functionality, and other important information.
Ping Identity Platform serves as the basis for our simple and comprehensive Identity and Access Management solution. For more information, visit https://www.pingidentity.com.
Before you install
This page covers software and hardware prerequisites for installing and running Amster.
|
ForgeRock supports customers using the versions specified here. Other versions and alternative environments might work as well. When opening a support ticket for an issue, however, make sure you can also reproduce the problem on a combination covered here. |
| Operating System | Versions |
|---|---|
Red Hat Enterprise Linux, Centos |
8, 9 |
Amazon Linux |
2018.03, 2023 |
SuSE |
15 |
Ubuntu |
18.04 LTS, 20.04 LTS, 22.04 LTS, 24.04 LTS |
Windows Server |
2016, 2019, 2022 |
| Vendor | Versions(1) |
|---|---|
OpenJDK, including OpenJDK-based distributions:
Ping Identity tests most extensively with AdoptOpenJDK/Eclipse Temurin. Use the HotSpot JVM if possible. |
17 |
Oracle Java |
17 |
(1) Always use a JVM with the latest security fixes.
If you have a special request regarding support for a combination not listed here, contact support.
Fixes, limitations, and known issues
Key fixes
The following issues are fixed in this release. For details, refer to the OpenAM issue tracker.
Limitations
Amster 7.5.1 has the following known limitations:
-
No support for load balanced deployments
Amster cannot connect to a load balancer URL. You must connect Amster directly to a single AM instance. Using a load balancer could send sequential commands to different AM instances, and could result in concurrency issues when writing to the underlying configuration store.
-
Bulk import to external application stores with affinity
If affinity is enabled for an external application data store, bulk import intermittently fails with errors similar to the following:
Resource path 'http////////eea87a38e3ca476fa93a3669375ada3a' contains empty path elementsBefore using Amster for a bulk import to an application store, disable data store affinity, or remove the load balancer from the application store deployment. You can re-enable affinity when the import has completed.
-
Importing resources containing slash characters can fail
Some PingAM resources have names that can contain slash characters (/), for example policy names, application names, and SAML v2.0 entities. These slash characters can cause unexpected behavior and failures in Amster when importing into PingAM instances running on Apache Tomcat.
To workaround this issue, configure Apache Tomcat to allow encoded slash characters by updating the
CATALINA_OPTSenvironment variable. For example:On Unix/Linux systems:
$ export CATALINA_OPTS= \ "-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true" $ startup.sh
On Windows systems:
C:\> set CATALINA_OPTS= ^ "-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true" C:\> startup.bat
It’s strongly recommended that you do not enable org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASHwhen running AM in production as it introduces a security risk on Apache Tomcat.For more information, refer to How do I safely enable the org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH setting in AM/OpenAM (All Versions)? in the ForgeRock Knowledge Base.
-
[INFO] messages showing on SuSE on Amster start up
Running Amster on SuSE may produce
[INFO]messages, for example:# ./amster [INFO] Unable to bind key for unsupported operation: up-history [INFO] Unable to bind key for unsupported operation: down-history [INFO] Unable to bind key for unsupported operation: up-history [INFO] Unable to bind key for unsupported operation: down-history OpenAM Shell (version build build, JVM: version) Type ':help' or ':h' for help. ----------------------------------------------------- am>
These messages are caused by the keyboard mappings configured in the
/etc/inputrcfile and can safely be ignored, as they do not affect functionality.
Documentation updates
The following table tracks changes to the documentation set following the release of Amster 7.5.1:
| Date | Description |
|---|---|
2024/12/12 |
Release of Amster 7.5.1. |
2024/04/02 |
Release of Amster 7.5. |
Getting support
Ping Identity provides support services, professional services, training, and partner services to assist you in setting up and maintaining your deployments. For a general overview of these services, see https://www.pingidentity.com.
Ping Identity has staff members around the globe who support our international customers and partners. For details on Ping Identity’s support offering, visit https://www.pingidentity.com/support.
Ping Identity publishes comprehensive documentation online:
-
The Ping Identity Knowledge Base offers a large and increasing number of up-to-date, practical articles that help you deploy and manage Ping Identity Platform software.
While many articles are visible to everyone, Ping Identity customers have access to much more, including advanced information for customers using Ping Identity Platform software in a mission-critical capacity.
-
Ping Identity product documentation, such as this document, aims to be technically accurate and complete with respect to the software documented. It is visible to everyone and covers all product features and examples of how to use them.