Removed
The functionality listed here was removed.
AM 7.3
- Removal of CTS worker pool
-
The
org.forgerock.services.cts.async.queue.size
andorg.forgerock.services.cts.async.queue.timeout
advanced configuration properties were removed.For details, refer to: Removal of CTS worker thread pool.
AM 7.0
AM 7.0.1
- SOAP STS service installation
-
Installing instances of the SOAP STS service in AM 7.0.1 is not supported. However, upgrading existing instances is.
AM 7.0.0
- Authentication through
/UI/login
endpoint -
Authentication through the
/UI/login
has been removed. Rewrite your clients to use the/XUI/#login/
endpoint instead. - /openam/cdservlet
-
The
cdservlet
servlet, which was used by Web Agents and Java Agents earlier than version 5 to accomplish CDSSO, was removed from AM 7.As a result, the following were also removed:
-
The classic CDSSO mode.
-
The following AM advanced server properties:
-
com.iplanet.services.cdc.invalidGotoStrings
-
org.forgerock.openam.cdc.validLoginURIs
-
-
The
com.sun.identity.federation.services.idpLoginURL
JVM property.
IDFF
cdservlet
-related legacy audit log events are no longer logged. -
- Support for SAML v1.x
-
Support for SAML v1.x was removed from AM 7. However, AM 7 does support SAML v2.0.
For more information about SAML v2.0, refer to the SAML v2.0 Guide.
- Supported APIs
-
AM 7 removes the following APIs from the
com.sun.identity.authentication.AuthContext
class, to allow AM to support Java 11:-
constructor:
public AuthContext(String orgName, String nickName) throws AuthLoginException
-
constructor:
public AuthContext(String orgName, String nickName, URL url) throws AuthLoginException
-
method:
public static void setCertDBPassword(String password)
The following APIs were also removed:
-
Deprecated
SAE_PARAM_APPID
field removed from the SecureAttrs class. -
Deprecated
SiteAttributeMapper
andPartnerSiteAttributeMapper
interfaces removed.Instead, use the ConsumerSiteAttributeMapper interface.
-
Deprecated
getAttributeMapForFedlet
method removed.Instead, use the getAttributesForFedlet method.
-
- SAML v2.0 service configurations service
-
This service was removed by realm. The metadata and signing aliases were removed from the global service configuration, since the providers now use secret stores.
- CTS Reaper property
org.forgerock.services.cts.reaper.search.pageSize
-
This advanced server property was removed.
- Dashboard wizards
-
The wizards in the Dashboard of the administrative users have been removed. They were using the JATO implementation of the UI, which is not supported with Java 11.
- Advanced server property
org.forgerock.openam.audit.access.attempt.enabled
-
This property was replaced by the
org.forgerock.openam.audit.identity.activity.events.blacklist
advanced server property.For more information, refer to Advanced properties.
AM 6.5
AM 6.5.3
- Advanced server property
org.forgerock.openam.audit.access.attempt.enabled
-
This property was replaced by the
org.forgerock.openam.audit.identity.activity.events.blacklist
advanced server property.For more information, refer to Advanced Properties in the Reference guide.
AM 6.0
- Agents 2.2 XUI pages
-
The XUI pages for the deprecated agents 2.2 have been removed. Use the
Amster
command to configure or modify agent 2.2 instances.
AM 5.5
- JWT as authorization grant bearer type
-
AM has removed support for the JWT authorization grant bearer type as specified in Section 2.1 of RFC 7523, Using JWTs as Authorization Grants.
AM continues to support Section 2.2, Using JWTs for Client Authentication, of RFC 7523. For more information, refer to JWT Bearer Profile in the OAuth 2.0 Guide.
- Crosstalk-related properties
-
The following system configuration properties have been removed from AM:
-
com.iplanet.am.session.failover.cluster.stateCheck.period
-
com.iplanet.am.session.failover.cluster.stateCheck.timeout
-
- UrlAccessAgent
-
The
UrlAccessAgent
user was removed from AM and Amster. - AM SDK
-
The AM SDK was removed. This includes the Java
com.iplanet.am.sdk
package, which has been deprecated since Sun Java System Access Manager 7.1. The client detection service has also been removed.When you upgrade AM software, the following settings are removed:
-
Settings for running in coexistence mode with Sun Access Manager
-
com.iplanet.am.domaincomponent
property settings -
com.iplanet.am.sdk.ldap.debugFileName
property settings -
com.iplanet.am.sdk.userEntryProcessingImpl
property settings -
com.sun.identity.amsdk.cache.enabled
property settings
-
- Client SDK software
-
Deprecated client SDK examples and libraries were removed.
Client applications can use the AM REST APIs instead, as documented in Developing with the REST API in the Development Guide.
- Support for JDK 7
-
AM 5.5.0 supports JDK 8 only. For more information, refer to Java Requirements.
- Support for several data store versions
-
AM 5.5.0 does not support the following data store versions:
-
OpenDJ 2.6.x
-
Oracle Unified Directory 11g
For more information, refer to Data Store Requirements.
-
- Support for Amazon Linux 2016.09
-
AM now supports Amazon Linux AMI 2017.03. For more information, refer to Operating System Requirements.
ssoadm.jsp
-
The deprecated
ssoadm.jsp
page was removed. UrlAccessAgent
-
The default agent,
UrlAccessAgent
, was removed. Therefore, you need only to provide theamAdmin
user password during AM installation.The
--PolicyAgentPwd
option was also removed from thessoadm
command.