PingAccess 7.2.1 (April 2023) - PingAccess - 7.2

PingAccess

bundle
pingaccess-72
ft:publication_title
PingAccess
Product_Version_ce
PingAccess 7.2
category
Product
pa-72
pingaccess
ContentType_ce

Added RHEL 9 support to PingAccess

NewPA-15174

Added support for RHEL 9 to version 7.2 of PingAccess, and the most recent versions of the PingAccess agent for NGINX and the PingAccess agent for Apache (RHEL). For more information, see the following topics:

Added UI controls for risk policy configuration

NewPA-15152

Added two new pages in the administrative console, PingOne Connections and Risk Policies, as well as new configuration options on the Application and Application Resource tabs. These UI controls simplify the process of setting up a PingOne Protect integration for web applications. For more information, see the following topics:

PingOne risk policy integration maps user-agent header manually

FixedPA-15153

PingAccess wasn't sending the browser.userAgent parameter to PingOne Protect because PingAccess doesn't currently support device profiling (which would normally collect this parameter). In the absence of device profiling, PingAccess now attempts to map this parameter manually and send it to PingOne Protect.

Redirect and templated authentication challenges now set PingAccess cookies

FixedPA-15154

PingAccess now proactively sets web session cookies for Redirect and Templated authentication challenges when you select the Append Redirect Parameters check box on one of those two challenge generators. Adding web session cookies helps the frontend application to interpret redirect or templated challenge responses and begin the appropriate authentication procedure.

Improved vague error response message when PingOne Credential is blank or null

FixedPA-15165

The response message PingAccess returns for errors generated when an administrator adds or updates a PingOne connection has been improved to specify that the credential must not be null, empty, or blank.

Adjusted agent token cache TTLs to reflect risk policy evaluation intervals

FixedPA-15166

Corrected an issue with token cache time to lives (TTLs) on agent applications that use the PingOne Protect integration. The agent token cache TTLs no longer prioritize an application's web session Idle Timeout over the Risk Check Interval or Authentication Validity Period defined in the application's risk policy.

Fixed default removal of active session state cookies from requests

FixedPA-15167

Corrected an issue where PingAccess would remove active session state cookies from requests by default. If a component relies on the session state cookie, its absence can cause unexpected behavior, so PingAccess now removes session state cookies conditionally.