Java Integration Kit 2.8.0 – October 2023

  • Added a new OpenToken agent that uses Jakarta EE 9
  • Added new sample applications that use Jakarta EE 9

Java Integration Kit 2.7.3 – December 2022

  • Improved security by updating the bundled Apache Log4j2 component in the sample applications.

Java Integration Kit 2.7.2 – December 2021

  • Improved security by updating the bundled Apache Log4j2 component. See security bulletin CVE-2021-44228.
  • Added support for reading and writing OpenTokens with the Java native multimap method. For details, see Reading and writing OpenTokens. There is no change to encoding or decoding attributes.

    The commons-beanutils.jar and commons-collections-3.2.2.jar libraries are not required for this method.

Java Integration Kit 2.7.1 – September 2021

Java Integration Kit 2.7 – March 2021

  • Added a new method for reading tokens as an alternate to the Apache Commons Multimap.

Java Integration Kit 2.6.2 – February 2020

  • Fixed an issue that could cause cross-site single logout to stop working after upgrading the adapter.

Java Integration Kit 2.6.1 – February 2020

  • Fixed an issue that caused session cookies to expire at the wrong time.

Java Integration Kit 2.6 – January 2020

  • Added the SameSite Cookie field to support the SameSite cookie flag in web browsers.

Java Integration Kit 2.5.9 – January 2020

  • Resolved an issue that caused an error in the sample application in PingFederate 9.1 and earlier.
  • Resolved an issue in the sample application sign on button that could cause an error in an authentication policy tree.

Java Integration Kit 2.5.8 – August 2019

  • Added support for RFC 6265 compliance to the OpenToken SP adapter when extended attributes are sent as cookies.
  • Added support to do SLO without external logout service configuration.
  • Fixed minor bugs in the sample applications.

Java Integration Kit 2.5.7 – November 2018

  • Modernized the look and feel of the Java sample applications.
  • Removed the preceding dot requirement in the Cookie Domain setting of the OpenToken Adapter IdP Adapter screen.

Java Integration Kit 2.5.6 – April 2017

  • Expanded character support for entity id.

Java Integration Kit 2.5.5 – August 2016

  • Update for compatibility with PingFederate 8.2.

Java Integration Kit 2.5.4 – May 2016

  • Added an HttpOnly field.

Java Integration Kit 2.5.3 – June 2015

  • Added support for log4j2.

Java Integration Kit 2.5.2 – June 2014

  • Added logging to the OpenToken Agent to log the name of the token and its value at the debug level.
  • Added support to validate the resume path for the IdP sample application, only enabling redirection along a relative path.
  • Updated Ping Identity logos for the sample applications.
  • Added support for configuring a context path for the sample applications.

Java Integration Kit 2.5.1 – November 2012

  • Address a security issue in the previous release.
  • Added support for OpenToken 2.5.1 Adapter and the OpenToken 2.5.1 Agent.

Java Integration Kit 2.5 – May 2012

  • Fixed several minor defects in the IdP and SP sample applications.
  • Corrected the spelling of AgentConfiguration.setObfuscatePasword() method name to AgentConfiguration.setObfuscatePassword() and deprecated the misspelled method.
  • Improved Javadoc documentation for several areas of the API.

Java Integration Kit 2.4.2 – October 2010

  • Removed extraneous configuration from the IdP and SP sample application data archive (data.zip).
  • Added support for UTF-8 encoding in the IdP and SP sample applications for attributes.

Java Integration Kit 2.4.1 – August 2010

  • Rewrote the IdP and SP sample applications to provide reference OpenToken integration for Java web applications.
  • Added buildable source code for IdP and SP sample applications.

Java Integration Kit 2.4 – February 2010

  • Added token Replay Prevention to the OpenToken IdP Adapter advanced settings.

Java Integration Kit 2.3 – November 2008

  • Added POST transport method for OpenToken when used by an SP.
  • Added an option to specify session vs. persistent cookie.
  • Added an option to set the Secure attribute on an OpenToken when a cookie is used.
  • Added ability to bypass password obfuscation and strength enforcement for backward compatibility with previous Java OpenToken agents.
  • Improved handling of null parameters for single logout via the back-channel (SOAP).
  • Empty query string (?) is not automatically appended to the URL when redirecting to the Target Resource.
  • Target Resource URL is URL-encoded.

Java Integration Kit 2.2 – June 2008

  • Added support for SAML 2.0 isPassive and ForceAuthn.
  • Enforced UTF-8 encoding within OpenToken.
  • Extended Force Sun JCE Provider option in the OpenToken Adapter to allow compatibility with SafeNet Luna HSM.
  • Symmetric key in the OpenToken agent configuration file is encrypted.
  • Combined the OpenToken Adapter and OpenToken Java library jar files into a single adapter file for easier deployment to PingFederate.

Java Integration Kit 2.1 – April 2008

  • Added AgentConfiguration class to simplify Agent instantiation.
  • Added Agent Toolkit API Javadoc.

Java Integration Kit 2.0 – December 2007

Modified to use an open-standard, secure token called OpenToken to pass user information between an application and PingFederate. The OpenToken is passed through the user’s browser as a URL query parameter or an HTTP cookie. The data within the OpenToken is a set of key/value pairs, and the data is encrypted using common encryption algorithms.

Java Integration Kit 1.3 – November 2007

  • Added option to force the use of the Sun Java Cryptography Extension (JCE) on the agent JDK (when necessary to support the SafeNet Luna SA Hardware Security Module) If this option is not selected, the default JCE provider is used, either SunJCE or IBMJCE.
  • Modified salt-value generation to correct PFTOKEN creation delay on Linux operating systems
  • Added support for setting and retrieving multi-value attributes in the SAML assertion
  • Added Secure Cookie option which ensures the PFTOKEN cookie is sent only on a secure channel
  • Added Session Lifetime option to specify the duration (in seconds) for which the token may be re-issued without authentication (added for other purposes—has no effect for the Java Integration Kit)

Java Integration Kit 1.2.1 – August 2007

  • Bundled Java sample application with distribution.
  • Modified to allow backward compatibility of the Standard Adapter 1.2.1 with PingFederate 4.0.

Java Integration Kit 1.2 – May 2007

  • Added option to encode PFTOKEN for handling special characters.
  • Added additional constructor to allow PFTOKEN to use default properties for all configuration options except password, holder name, and max age.
  • Added PFTOKEN time stamp information in the log file.