Agent SDK for C 1.4 (October 2024)
Cache multiple token-types for Web + API applications
New PA-15516
If you use a Web + API application, the vnd-pi-resource-cache PingAccess agent protocol (PAAP) header now contains an additional path so Web + API applications can cache both cookie and authorization header token-types.
Learn more in the Cache multiple token-types for Web + API applications entry in the PingAccess 8.1 release notes.
Block bad characters
New PAA-251
Configure an agent to block requests that contain bad characters in the URI, query parameters, form parameters, or request body without having to reach out to PingAccess for a decision.
Added eight new properties to each agent:
-
agent.request.block.xss.characters -
agent.request.block.uri.characters -
agent.request.block.query.characters -
agent.request.block.form.characters -
agent.request.block.xss.http.status -
agent.request.block.uri.http.status -
agent.request.block.query.http.status -
agent.request.block.form.http.status
|
For large scale or more complex blocking decisions, it’s best practice for the agent to reach out to PingAccess for a decision. |
Ignore CRL checking if revocation server is unresponsive
Improved PAA-265
Added a new configuration option to give protected applications better reliability without giving up the ability to perform CRL checking when the server is available: the agent.engine.configuration.checkCertRevocation.bestEffort property.
This change provides better alignment between PingAccess, PingFederate, and PingAccess policy server CRL checking.
|
To use the |