Updated commons-codec to address a security issue
Updated Jackson Databind to address a security vulnerability
Updated Google Guava to address a security vulnerability
Added conditional effects for policy rules
true
or false
. Previous rule conditions are now set as targeting conditions in the Applies To section.
Added the ability to configure attribute logging for the Policy Decision Service
Added the ability to sanitize error logging to protect sensitive data
Updated the administrative console browser support
Deprecated Apache Camel for PIP connections
Made it easier to present a custom SSL certificate to the Policy Editor
Improved UI performance in the Policy Editor
Added a command-line configuration tool for PingAuthorize Docker containers
Added and updated PingAuthorize Server profile command-line tools
Added a --skipValidation
argument for the
manage-profile replace-profile
command. This argument allows
skipping the final server validation step when running on an offline server.
Added an --excludeSetupArguments
argument for the
manage-profile generate-profile
command. This argument
allows generating a server profile that does not include a
setup-arguments.txt file.
Updated the setup and replace-profile subcommands to fail when a server profile includes an encryption-settings-db file in the profile's server-root/pre-setup/ directory.
Enhanced advice logging
Removed the OIDC
offline_access
scope requirement for the Policy Editor
offline_access
scope when configured in OpenID
Connect mode using the Authorization Code with PKCE
grant
type.Fixed the Policy
Editor issue rejecting bearer tokens with array-type
aud
claims
aud
claim was an array of strings.Enabled the Policy Editor to decode JWTs with underscores
Enhanced HTTP performance
Fixed alert consistency for cleared alarms
Updated the API gateway behavior for handling trailing zeros
Fixed the Policy Editor UI tab switching error
Fixed the Policy Editor error that occurs when updating entities concurrently
Fixed an issue where concurrent updates to the same entities in the Policy Editor could sometimes produce an error.
Fixed an issue
resolving JSONPath expressions that contain the keys()
function
keys()
in a JSONPath
expression did not return the object’s keys.Fixed the PIN retrieval issues with third-party passphrase providers
Fixed erroneous certificate expiration warnings
Fixed the PingAuthorize name and version in collect-support-data
Updated the incorrect version information for collect-support-data
Updated to LDAP SDK version 6.0.5
Recovering from a failed setup on Windows
An unexpected error occurred while attempting to copy the non-FIPS Bouncy Castle jar file into the server's classpath:
FileSystemException:
lib\bcprov-jdk15to18-1.71.jar:
The process cannot access the file because it is being used by another process.
A temporary workaround is to delete the JAR files that begin with
bc from the lib directory before
attempting to run setup again.