Upgrade considerations
When upgrading, you must consider factors such as the scope of the update, the PingAuthorize or PingDataGovernance version from which you are upgrading, and if you are not using Docker, your installed version of Java.
The 8.3.0.0 release is the first release of PingAuthorize. Previously, the product was known as PingDataGovernance. |
General considerations
For Docker deployments, the upgrade process involves downloading and deploying the latest containers.
For manual installations, the upgrade process involves downloading and extracting a new version of the PingAuthorize Server .zip
file on the server and running the update utility with the --serverRoot
or -R
option value from the new root server pointing to the installation.
Consider the following when upgrading:
-
If you are upgrading from a PingAuthorize Early Access release to a PingAuthorize General Availability release, you must upgrade both the PingAuthorize Server and the Policy Editor before you use the Policy Decision Service in external mode. Upgrading only one component results in this error:
Please upgrade to PingAuthorize Policy Editor version <X.X.X.X>
. -
The update affects only the server being upgraded. The process does not alter the configuration of other servers, so you must update those servers separately.
-
The update tool verifies that the installed version of Java meets the new server requirements. To simplify the process, install the version of Java that is supported by the new server before running the tool.
-
Upgrades for PingDataGovernance Server are only supported from versions 7.0.0.0 or later. If upgrading from a version of PingDataGovernance prior to 7.3.0.0, configuration loss will occur. The update tool has a warning message about this.
For additional considerations, see Planning your upgrade. |
For information about important fixes made over several releases, see Critical Fixes. |
Considerations introduced in PingAuthorize 9.0.0.0
Keep in mind the following important upgrade considerations introduced in this version of PingAuthorize Server.
- General
-
Peer server setup has been removed. To manage server configuration, use server profiles instead of peer setup. Server profiles support deployment best practices such as automation and Infrastructure-as-Code (IaC). For more information about server profiles, see Deployment automation and server profiles.
- Spring compatibility
-
Spring configuration properties in PingAuthorize administrative console configuration files prior to version 9.0.0.0 are not compatible with the administrative console bundled with PingAuthorize 9.0.0.0 and later. This incompatibility is caused by major updates to Spring dependencies. Attempting to use these older configuration files will result in the administrative console failing to start.
If you are using older PingAuthorize administrative console configuration files, these should be updated. Replace the following excerpt in the old application.yml
file:
spring: profiles.active: default main.show-banner: false thymeleaf.cache: true thymeleaf.prefix: classpath:/public/app/
with the following:
spring: profiles.active: default web.resources: # 1 year. Update the corresponding value in MvcConfig if this changes. cache.period: 31536000 add-mappings: false # use our custom mappings instead of the defaults main: banner-mode: "OFF" thymeleaf: prefix: classpath:/public/app/