PingAccess 7.1.4 (March 2024)
Improved request header security
Security PA-15610
Fixed an issue with connection request header handling. Learn more in SECADV045.
Updated PingAccess client authentication logic
Improved PA-15229
Updated the PingAccess logic that determines which authentication method to use at runtime. This update prevents errors when Private Key JWT and Mutual TLS are the only client authentication methods that a token provider can support.
Fixed replication of rules and rulesets configured on a proxied version of PingFederate
Fixed PA-15136
Because of a misclassification by an optimization that tries to prevent rules and rulesets from being replicated to the engine if they are not in use, PingAccess wasn’t replicating rules and rulesets assigned to a proxied PingFederate configuration unless they were also assigned to other applications or resources. Rules and rulesets assigned to a proxied PingFederate configuration are now classified correctly.
Fixed NullPointerException with the rewrite content rule
Fixed PA-15612
Fixed an issue that caused a NullPointerException error when the rewrite content rule was used on a resource that returned an empty chunked response body.