Internet Information Services (IIS) Integration Kit

Changelog

The following is the change history for the IIS Integration Kit.

IIS Integration Kit 3.5 – March 2021

  • Added the ability to protect multiple sites under the same domain using one instance of the adapter.

  • Fixed an issue that caused the adapter to ignore the token-lifetime and secure-cookie parameters in the agent-config.txt file.

IIS Integration Kit 3.4.2 – December 2020

  • Fixed an issue that caused the adapter to ignore the cookie settings in the agent config file.

  • Fixed an issue that caused the samesite cookie and legacy cookie to become out of sync.

IIS Integration Kit 3.4.1 – February 2020

  • Added support for the SameSite cookie flag in web browsers.

IIS Integration Kit 3.4 – January 2019

  • Added compatibility for IIS 8.5 and 10 environments.

IIS Integration Kit 3.3.1 – June 2018

  • Addressed compatibility issue with the 32-bit application pool.

IIS Integration Kit 3.3 – December 2017

  • Added the ability to use the HttpOnly flag on the session cookie. Learn more in the new HttpOnlyCookie attribute in the pfisapi.conf file.

  • Added support for .NET Framework 4.0.

  • Bug fixes.

IIS Integration Kit 3.2 – June 2014

  • Added support for allowlisting in the properties file for IIS (pfisapi.conf).

  • Added units to the TokenUpdateWindow property in the pfisapi.conf file.

  • Added documentation for the IIS limitation about HTTP POST issues with managed and native modules.

  • Added support for IIS 8: Integrated Mode.

IIS Integration Kit 3.1 – December 2012

  • Added support for an exclusion resource list in the properties file for IIS (pfisapi.conf).

  • Added support for version 2.5.1 of the OpenToken Adapter and OpenToken Agent.

IIS Integration Kit 3.0 – October 2011

  • Upgraded to .NET Framework 4.0.

  • Requires IIS 7.0 or higher.

  • Requires integrated pipeline mode for protected applications.

  • Added support for both 32-and 64-bit application pool in IIS.

  • Added the ability to control logging level.

  • Replaced the ISAPI extension with OpenToken HTTP Module.

  • Removed the OpenToken Exchange application.

  • Fixed an issue that caused the TargetResource URL to truncate in certain situations.

  • Fixed an issue with IIS crashing when the attribute data is too long.

IIS Integration Kit 2.2 – September 2009

  • Added the OpenToken Exchange service application to handle OpenToken query and POST transport methods.

  • Added the TokenUpdateWindow property in the pfisapi.conf configuration file to enable browsers to reuse OpenTokens for a configurable period of time. This can optimize performance.

IIS Integration Kit 2.1 – June 2009

  • Added an alternative method for setting session attributes as HTTP headers without a prefix.

  • Corrected OpenToken timestamp comparisons to prevent intermittent invalid OpenToken errors.

  • Protected-resource URL filtering is no longer case-sensitive.

IIS Integration Kit 2.0 – December 2008

  • Ported the OpenToken IIS Agent to use the OpenToken Adapter and the OpenToken .NET library.

  • Added support for the POST Transport Method from the OpenToken Adapter.

  • Added support for URL filtering for protected resources.

  • Added the ability to allow IIS web applications to download files.

IIS Integration Kit 1.1 – September 2007

  • Added a security patch to write all HTTP standard headers and PFTOKEN custom headers only. Any other HTTP custom headers will be removed.

  • Simplified the IIS agent configuration file.

IIS Integration Kit 1.0 – June 2007

  • Initial Release