PingAccess

Release Notes

These release notes summarize the changes in current and previous PingAccess agent for NGINX updates.

Version History

Version 2.2 - December 2024

Agent SDK for C version 1.4.1

  • Support for RHEL 7 will be deprecated in version 1.5.

  • If you use a Web + API application, the vnd-pi-resource-cache PingAccess agent protocol (PAAP) header now contains an additional path so Web + API applications can cache both cookie and authorization header token-types. Learn more in the Cache multiple token-types for Web + API applications entry in the PingAccess 8.1 release notes, and the agent.cache.defaultTokenType property on the NGINX agent configuration page.

    Existing agent environments ignore the new vnd-pi-token-cache-oauth-ttl header and additional paths in the vnd-pi-resource-cache header.

    To see the performance boost, upgrade to PingAccess 8.1 or later and upgrade to the latest version of the NGINX agent. Otherwise, continue to use an earlier agent version.

  • Configure the PingAccess agent for NGINX to block requests that contain bad characters in the URI, query parameters, form parameters, or request body without reaching out to PingAccess for a decision. Added eight new properties to the agent:

    1. agent.request.block.xss.characters

    2. agent.request.block.uri.characters

    3. agent.request.block.query.characters

    4. agent.request.block.form.characters

    5. agent.request.block.xss.http.status

    6. agent.request.block.uri.http.status

    7. agent.request.block.query.http.status

    8. agent.request.block.form.http.status

    For large scale or more complex blocking decisions, it’s best practice for the agent to reach out to PingAccess for a decision. Learn more in the NGINX agent configuration page.
Version 2.1.1 – November 2020

Agent SDK for C version 1.3

  • Fixed an issue that caused an invalid memory access and sometimes caused crashes after a request header modification by another NGINX module.

Version 2.1 – July 2020

Agent SDK for C version 1.3

  • Added agent inventory callback API

Version 2.0.2 – February 2020

Agent SDK for C version 1.2.1

  • Added a configuration property to set the maximum size of the response header that can be received from a PingAccess policy server

Version 2.0.1 – June 2019

Agent SDK for C version 1.2.0

  • Fixed a potential security issue

Version 2.0 – February 2019

  • The PingAccess Agent for NGINX leverages the built-in, event-driven HTTP stack in NGINX to communicate with PingAccess policy servers. Previously, the agent used its own HTTP client (implemented with libcurl) to communicate with PingAccess policy servers. In certain cases, this architecture lead to poor scalability. By using NGINX’s built-in, event-driven HTTP stack, the agent is able to achieve superior scalability over previous versions.

  • Fixed a potential security issue.

Version 1.1.1 – July 2017

  • Support for starting and stopping NGINX using the systemctl command

  • Resolved issue with SSL connectivity

Version 1.1 – March 2017

Updates to meet NGINX certification requirements

Version 1.0 – January 2017

Initial release