PingDataSync Server 7.2.0.0 Release Notes - PingDataSync - PingDirectory - 8.1

Added support for a file-retention task that can identify files in an indicated directory that match a given pattern, and can remove matching files that fall outside the specified retention criteria. You can specify the minimum number, age, and aggregate size of the files to retain. Files that match the pattern are sorted by timestamp. If any files are removed, the most recent files are retained, and the oldest files are deleted.

The file-retention task can be scheduled as a standalone or recurring task. The following instances of the file-retention recurring task are defined in the default configuration:

• Cleans up old, expensive operation dump files
• Cleans up old, work-queue backlog thread dump files

In each case, the recurring task is configured to retain at least the 100 most recent files. No files that are younger than 30 days old are removed. Although these recurring tasks are defined in the default configuration, they are not part of a recurring task chain. Consequently, they are not invoked unless they are configured as part of a chain.

The default configurations of PingDirectory Server and PingDirectoryProxy Server also include recurring tasks that clean up old, expensive operation dump log files or work-queue backlog thread dump log files if too many of them have collected in the server logs directory. For each file type, if more than 100 files are present in the server logs directory, remaining files that are older than 30 days are candidates for removal. A recurring task chain performs this cleanup every day at 12:05 a.m. in the JVM's default time zone.

A header that contains a correlation ID has been added to outgoing HTTP servlet responses, allowing the correlation of HTTP responses with log messages across server instances. The name of the correlation ID response header defaults to "Correlation-Id" but can be changed by setting the HTTP Connection Handler's correlation-id-response-header property. By default, the server generates a globally unique correlation ID automatically, but the correlation-id-request-header configuration property can optionally be used to specify one or more request headers that provide an existing correlation ID value from the requesting client. The correlation ID header can be disabled on a per-HTTP Connection Handler basis by using the use-correlation-id-header configuration property.

For Server SDK extensions that have access to the current HttpServletRequest, the correlation ID can be retrieved as a string by using the HttpServletRequest's com.pingidentity.pingdata.correlation_id attribute, as follows:

(String)request.getAttribute("com.pingidentity.pingdata.correlation_id")

Added a Mock Access Token Validator that uses a trusted authorization server or signing certificate to accept access tokens without validating their authenticity. When enabled, the Mock Access Token Validator accepts bearer tokens in the form of a plain text JSON object that contains an arbitrary set of claims.

Added Change Detectors as a new type of Server SDK extension. A Change Detector can be used to customize the manner in which a Sync Source detects changes to entries in a source server.

As an example, a developer could build a Change Detector that reads messages from a Kafka topic and uses them as the source of changes for an OpenLDAP server that is configured as the Sync Source.

Change Detectors are available only for use with the new Generic LDAP Sync Source.