Changelog

Verified that the CoreBlox IdP Adapter is compliant with US Federal Information Processing Standards (FIPS). Learn more about usage in Integrating with Bouncy Castle FIPS provider in the PingFederate documentation.

Updated internal components to better support certificate revocation checks in PingFederate 11.0 and later.

Fixed an issue that could cause a query string to be encoded incorrectly.

Fixed an issue that could sometimes cause a redirect loop.

Added the Session Cookie Prefix and Remove Session Cookie Prefix settings to accommodate a change in the way the CoreBlox Token Service provides tokens.

Fixed an issue that occurred when a user left the sign-on page, then tried to open the sign-on page again elsewhere.

Improved PingFederate node reliability when making REST calls to the the CoreBlox Token Service by changing to a bundled HTTP client.

Added the ability to ignore session cookies from inbound requests to the PingFederate SP server. Refer to the Ignore Session Cookie field on the CoreBlox SP Adapter Instance Configuration page.

Added the Send Session Attributes field to the SP adapter. Use this field to send attribute contract to the the CoreBlox Token Service (CTS) for inclusion in the created session.

PingFederate 8.4 compatibility updates.

Optionally, prevent an update to the session cookie after sign on.

User is redirected for authentication if the session is invalid.

Session cookie is retained and set to the logged off value after SLO.

Session cookie isn’t modified on SLO error.

Made the Login URL field optional to support multiple CoreBlox environments.

Improved error logging in both the IdP and SP adapters.

Added support for cookie provider functionality

Added support for authentication context in the SP Adapter.

Added the ability to download a configuration file for the OpenToken agent in the CoreBlox SP adapter.

Bug fixes.

Added additional UI configuration validation, notably for the fields required for authorization and for the Cookie Domain field in the SP adapter.

Fixed an issue that caused the adapter to use userId-qualifier as the attribute to link accounts instead of the usesrId attribute.

Added the ability to specify an Authentication Context for the IdP adapter. Anything entered into this field is included in the SAML assertion. Learn more in the CoreBlox IdP Adapter settings reference.

You can now configure both the IdP and SP adapters to authorize a user before redirecting them to the target resource.

You can now use the keyword token to add the token attribute returned in the JSON object from the CTS to the extended contract.

Added support for authorization functionality, enabling review of users’ authorization level before they can access a protected resource.

Initial release.