Web Agents

Fixes

Fixes in are cumulative chronologically, by release date. An issue fixed in a maintenance release, such as Web Agent 2023.11.1, isn’t included in a major release, such as Web Agent 2024.3, if the major release was issued before the minor release.

Fixed in Web Agent 2024.11

  • AMAGENTS-5958: Invalid error AMConfigurationException generated in the AM log

  • AMAGENTS-6729: Looping after Authentication in session quota mode with -25 / 403 errors

  • AMAGENTS-6885: Closing SSL session logs are at ERROR level and should be at DEBUG

  • AMAGENTS-6906: WPA validator validate_session_profile test always uses auth module (regression)

  • AMAGENTS-6916: userId does not get populated by web agent audit

  • AMAGENTS-6929: NGINX crash in agent_config_cleanup

Fixed in Web Agent 2024.9

  • AMAGENTS-6628: Fragment replay is broken with custom login mode 2

  • AMAGENTS-6527: WPA SSL_shutdown shutdown while in init errors in agent log

Fixed in Web Agent 2024.6

  • AMAGENTS-6557: Segmentation fault in agentadmin --V before install complete or in custom directory

  • AMAGENTS-6494: Agents local policy eval fails. Agent name and policy application name are switched

  • AMAGENTS-6428: Incorrect message formats in task.c

  • AMAGENTS-6289: AM_SYSTEM_LOG_FILES only works for debug.log

  • AMAGENTS-3663: Nginx Agent print absolute build path into debug logs

  • AMAGENTS-3166: The path attribute in agent’s audit log is not the full path

Fixed in Web Agent 2024.3

  • AMAGENTS-6397: If the agent instance isn’t provided for key rotation, agentadmin doesn’t print an error

  • AMAGENTS-6302: NGINX agent PDP fails with HTTP/3 connections

  • AMAGENTS-6172: WPA for IIS does not work when running in 32bit mode on 64bit Windows OS

  • AMAGENTS-6046: convert_request_after_authn_post writes to /tmp instead of configured PDP directory

  • AMAGENTS-5985: Interactive installation using existing agent configuration files duplicate properties which are commented out

  • AMAGENTS-5983: Interactive installer refer to the legacy agent configuration file - OpenSSOAgentBootstrap.properties

  • AMAGENTS-4590: login-fragment-relay page should have charset specified.

  • AMAGENTS-3992: com.forgerock.agents.config.hostmap doesn’t use the IP address

  • AMAGENTS-3506: If there are permissions issues with password file with installation on IIS then the log messages are not helpful

Fixed in Web Agent 2023.11.2

  • AMAGENTS-6527: WPA SSL_shutdown shutdown while in init errors in agent log

Fixed in Web Agent 2023.11.1

  • AMAGENTS-6628: Fragment replay is broken with custom login mode 2

  • AMAGENTS-6494: Agents local policy eval fails. Agent name and policy application name are switched

Fixed in Web Agent 2023.11

  • AMAGENTS-6175: Memory leak in credentials_secure_free

  • AMAGENTS-6133: Improper use of Bcrypt hash handle in JWT password replay module in

  • AMAGENTS-6132: JWT password replay module in IIS should use json parser

  • AMAGENTS-6073: Idle timeout should not update on NEU with SSO Only, neu fetch and

  • AMAGENTS-6057: Incorrect padding mode used in jwtpasswdreplay.h

  • AMAGENTS-5594: Web agent will return 403 errors if OpenSSL libraries aren’t loaded.

Fixed in Web Agent 2023.9

  • AMAGENTS-5995: Don’t extend user session for not enforced url with fetch attributes enabled

  • AMAGENTS-5833: WPA 403 error on /agent/cdsso-oauth2 with invalid jwt.aud.whitelist parameter value

  • AMAGENTS-5495: Web agent validator reports access to OpenSSL v.1.1.x instead of v3.x

Fixed in Web Agent 2023.6

  • AMAGENTS-5678: Custom Login mode 1 doesn’t correctly process composite advice.

  • AMAGENTS-5462: WPA crash when config.redirect.param is not set

  • AMAGENTS-5444: WPA for IIS fails with 0x80090305 error

  • AMAGENTS-5147: Web agent incorrectly escapes UTF-8 when creating JSON for audit

  • AMAGENTS-5127: Internal Server Error (500) when POST is performed without POST data preservation

  • AMAGENTS-4478: Write the Identity used in SSO to the audit logs

  • AMAGENTS-3683: Misleading message in "unsuccessful" Agent login when it is actually successful

  • AMAGENTS-3315: WPA: Runtime properties are ignored if they appear before c.s.i.agents.config.repository.location

Fixed in Web Agent 2023.3

  • AMAGENTS-5341: Installer crashes when checking permissions

Fixed in Web Agent 5.10.3

  • AMAGENTS-5995: Don’t extend user session for not enforced url with fetch attributes enabled

Fixed in Web Agent 5.10.2

No issues were fixed in this release.

Fixed in Web Agent 5.10.1

  • AMAGENTS-5341: crashes in installer when checking permissions

  • AMAGENTS-5219: Nginx agent can crash when configured with not-enforced-url regex option

  • AMAGENTS-5116: Interactive installer loops infinitely when an invalid host is supplied for the am url.

Fixed in Web Agent 5.10

  • AMAGENTS-5068: performance issue in AMAGENTS-4716 fix

  • AMAGENTS-4897: config.fallback.mode doesn’t work for not-enforced url configuration

  • AMAGENTS-4795: POST Data Sticky Load Balancing Cookie Name configuration option isn’t working

  • AMAGENTS-4788: WPA doesn’t delete session tracking cookie when running in accept.sso.token mode

  • AMAGENTS-4737: WPA does not support TLS handshake Server Name Indication extension

  • AMAGENTS-4716: Agent does not handle SSO tracking cookie enclosed in double quotes

  • AMAGENTS-4687: Web Agent 5.9.0 crash if configuration fetch fails.

  • AMAGENTS-4545: nginx agent can crash if graceful restart (reload) is used with load testing.

  • AMAGENTS-4539: IIS Web Agent doesn’t log reason why PDP file deletion fails.