Page created: 24 Jul 2019
|
Page updated: 8 Feb 2022
The following is the change history for the Internet Information Services (IIS) Integration Kit.
IIS Integration Kit 3.5 – March 2021
- Added support for protecting multiples sites under the same domain using one instance of the adapter.
- Fixed an issue that cause the adapter to ignore the token-lifetime and secure-cookie parameters in the agent-config.txt file.
IIS Integration Kit 3.4.2 – December 2020
- Fixed an issue that caused the adapter to ignore the cookie settings in the agent config file.
- Fixed an issue that caused the samesite cookie and legacy cookie to become out of sync.
IIS Integration Kit 3.4.1 – February 2020
- Added support for the SameSite cookie flag in web browsers.
IIS Integration Kit 3.4 – January 2019
- Added compatibility for IIS 8.5 and 10 environments.
IIS Integration Kit 3.3.1 – June 2018
- Addressed compatibility issue with 32-bit application pool
IIS Integration Kit 3.3 – December 2017
- Added support for using the HttpOnly flag on the session cookie (refer to the new HttpOnlyCookie attribute in pfisapi.conf).
- Added support for .NET Framework 4.0
- Bug fixes
IIS Integration Kit 3.2 – June 2014
- Added support for whitelisting in the properties file for IIS (pfisapi.conf )
- Added units to the TokenUpdateWindow field in the pfisapi.conf file
- Added documentation for the IIS limitation regarding HTTP POST issues with managed and native modules
- Added support for IIS 8 - Integrated Mode
IIS Integration Kit 3.1 – December 2012
- Added support for an exclusion resource list in the properties file for IIS ( pfisapi.conf)
- Added support for the 2.5.1 version of the OpenToken Adapter and OpenToken Agent
IIS Integration Kit 3.0 – October 2011
- Upgraded to .NET Framework 4.0
- Requires IIS 7.0 or higher
- Requires integrated pipeline mode for protected applications
- Added support for both 32-and 64-bit application pool in IIS
- Added ability to control logging level
- Replaced ISAPI extension with OpenToken HTTP Module
- Removed OpenToken Exchange application
- Corrected issue with TargetResource URL being truncated in certain situations
- Corrected IIS crashing issue when attribute data is too long
IIS Integration Kit 2.2 – September 2009
- Added OpenToken Exchange service application to handle OpenToken query and POST transport methods
- For performance optimization, added a property (
TokenUpdateWindow
) in the configuration file pfisapi.conf to enable OpenTokens to be reused by the browser for a configurable period of time
IIS Integration Kit 2.1 – June 2009
- Added alternative method for setting session attributes as HTTP headers without a prefix
- Corrected OpenToken timestamp comparisons to prevent the occurrence of intermittent invalid OpenToken errors
- Protected-resource URL filtering is not case-sensitive
IIS Integration Kit 2.0 – December 2008
- Ported the OpenToken IIS Agent to use the OpenToken Adapter and the OpenToken .NET library
- Supports the POST Transport Method from the OpenToken Adapter
- Added URL filtering for protected resources
- Added support to allow IIS web applications to download files
IIS Integration Kit 1.1 – September 2007
- Security patch to write all HTTP standard headers and PFTOKEN custom headers only; any other HTTP custom headers will be removed
- Simplified IIS agent configuration file
IIS Integration Kit 1.0 – June 2007
- Initial Release