PingAccess

Release Notes

These release notes summarize the changes in current and previous PingAccess agent for Apache (SLES) updates. Updated July 22, 2024.

Version History

Version 1.6.0 – July 2024

Agent SDK for C version 1.4

  • If you use a Web + API application, the vnd-pi-resource-cache PingAccess agent protocol (PAAP) header now contains an additional path so Web + API applications can cache both cookie and authorization header token-types. For more information, see the Cache multiple token-types for Web + API applications entry in the PingAccess 8.1 release notes, and the agent.cache.defaultTokenType property on the SLES agent configuration page.

    Existing agent environments ignore the new vnd-pi-token-cache-oauth-ttl header and additional paths in the vnd-pi-resource-cache header.

    To see the performance boost, upgrade to PingAccess 8.1 and upgrade to the latest version of the SLES agent. Otherwise, continue to use an earlier agent version.

  • Configure a PingAccess Apache agent or the PingAccess agent for IIS to block requests that contain bad characters in the URI, query parameters, form parameters, or request body without having to reach out to PingAccess for a decision. Added eight new properties to each agent:

    1. agent.request.block.xss.characters

    2. agent.request.block.uri.characters

    3. agent.request.block.query.characters

    4. agent.request.block.form.characters

    5. agent.request.block.xss.http.status

    6. agent.request.block.uri.http.status

    7. agent.request.block.query.http.status

    8. agent.request.block.form.http.status

      Learn more in the SLES agent configuration page.

      For large scale or more complex blocking decisions, it’s best practice for the agent to reach out to PingAccess for a decision.

Version 1.5.2 – September 2021

Agent SDK for C version 1.3Added an option to override the default X-Forwarded-Host header with a specified header.

Version 1.5.1 – April 2021

Agent SDK for C version 1.3

  • Fixed an issue that caused large bodies sent through POST preservation in an agent deployment to be corrupted.

Version 1.5 – July 2020

Agent SDK for C version 1.3

  • Added agent inventory callback API

Version 1.4.1 - February 2020

Agent SDK for C version 1.2.1

  • Fixed a potential security issue

Version 1.4 – June 2019

Agent SDK for C version 1.2.0

  • The PAA Enabled directive can now be used inside a directory or location container

  • Added ability to set policy caching mechanism using a property in the agent.properties file

  • Added ability to enable or disable agent processing for a request based on a note field

  • Fixed a potential security issue

Version 1.3.2 – November 2018

Fixed a potential security issue

Version 1.3 – March 2017

Initial release for Apache 2.2 on SUSE Linux Enterprise Server (SLES) 11 and Apache 2.4 on SLES 12

Version is aligned with PingAccess agent for Apache (RHEL)