PingAM release notes

Requirements

Files to download

PingAM software is available at https://backstage.forgerock.com.

The following table describes the files available for download.

PingAM software
File Description

AM-7.5.0.zip

Cross-platform distribution including all software components.

For a list of the files in the .zip archive, see Download AM.

AM-7.5.0.war

Deployable web application archive file.

AM-SSOAdminTools-5.1.3.26.zip

The .zip file that contains tools to manage AM from the command line.

AM-SSOConfiguratorTools-5.1.3.26.zip

The .zip file that contains tools to configure AM from the command line.

Files for previous versions
File AM 6.5 AM 7.0 AM 7.1 AM 7.2 AM 7.3 AM 7.4

AM ZIP

AM-6.5.5.zip

AM-7.0.2.zip

AM-7.1.4.zip

AM-7.2.2.zip

AM-7.3.1.zip

AM-7.4.1.zip

AM WAR

AM-6.5.5.war

AM-7.0.2.war

AM-7.1.4.war

AM-7.2.2.war

AM-7.3.1.war

AM-7.4.1.war

AM SSO Admin Tools

SSOAdminTools-5.1.2.24.zip

SSOAdminTools-5.1.3.11.zip

SSOAdminTools-5.1.3.19.zip

SSOAdminTools-5.1.3.27.zip

SSOAdminTools-5.1.3.21.zip

SSOAdminTools-5.1.3.27.zip

AM SSO Configurator Tools

SSOConfiguratorTools-5.1.2.24.zip

SSOConfiguratorTools-5.1.3.11.zip

SSOConfiguratorTools-5.1.3.19.zip

SSOConfiguratorTools-5.1.3.27.zip

SSOConfiguratorTools-5.1.3.21.zip

SSOConfiguratorTools-5.1.3.27.zip

Operating systems

PingAM software is supported on the following operating systems:

Operating system AM 6.5 AM 7.0 AM 7.1 AM 7.2 AM 7.3 AM 7.4 AM 7.5

Amazon Linux

2, 2017.09, 2018.03

2018.03

2018.03, 2023

Debian Linux

Not supported

11

Red Hat Enterprise Linux

6, 7

8, 9

Rocky Linux

Not supported

8, 9

Solaris Sparc, Solaris x64

10,11

Not supported

SuSE

12

12, 15

15

Ubuntu

14.04 LTS, 16.04 LTS, 18.04 LTS

16.04 LTS, 18.04 LTS

18.04 LTS, 20.04 LTS

18.04 LTS, 20.04 LTS, 22.04 LTS, 24.04 LTS

Windows Server

2012 R2, 2016

2016, 2019, 2022

Web and Java agents

The following table summarizes the minimum recommended version of web and Java agents:

Minimum agent version recommended
Agent Version

Web agents

5.10.2

Java agents

5.10.2

AM supports several versions of web agents and Java agents. For supported container versions and other platform requirements related to agents, refer to the Web Agents Release Notes and the Java Agents Release Notes.

Java

PingAM software is supported on the following Java environments:

Vendor AM 6.5 AM 7.0 AM 7.1 AM 7.2 AM 7.3 AM 7.4 AM 7.5

IBM SDK, Java Technology Edition (WebSphere only)

8

Not supported

OpenJDK(1)

8, 11(2)

11

11, 17

17

Oracle Java

8, 11(2)

11

11, 17

17

(1) AM supports OpenJDK-based distributions, including:

  • AdoptOpenJDK/Eclipse Temurin Java Development Kit (Adoptium)

  • Amazon Corretto

  • Azul Zulu

  • Red Hat OpenJDK

Ping Identity tests most extensively with AdoptOpenJDK/Eclipse Temurin. Use the HotSpot JVM, if possible.

(2) Federation-related pages do not display when using Java 11 in AM 6.5. Learn more in the Knowledge Base.

Always use a JVM with the latest security fixes.

Application containers

This table summarizes supported web application containers and their required versions:

Container AM 6.5 AM 7.0 AM 7.1 AM 7.2 AM 7.3 AM 7.4 AM 7.5

Apache Tomcat

7(1), 8.5, 9

8.5, 9

IBM WebSphere

8.5.5.8+(2), 9

Not supported

IBM WebSphere Liberty

Not supported

20.0.0.1

22.0.0.4

JBoss Enterprise Application Platform

7.1

7.2

7.3

7.4

Oracle WebLogic Server

12c (12.2.1.3)

Not supported

Wildfly

10.1, 11, 12

12, 19

15, 19

15, 26

26

(1) Don’t use Apache Tomcat 7.0.15+. This version results in a SocketTimeoutException when the application tries to read the request InputStream under high load. This issue affects Apache Tomcat 7.0.15+ only and was fixed in version 8.5. For more information, go to https://github.com/apache/tomcat80/pull/9.

(2) WebSphere 8.5.5.x does not have the JEE libraries required to support WebSockets. This impacts policy agents, which use WebSockets extensively. WebSphere 9.x is not affected by this issue.

The web application container must be able to write to its own home directory, where AM stores configuration files.

Java Agents and Web Agents require the WebSocket protocol to communicate with AM.

Ensure that the container where AM runs, the web server/container where the agents run, and your network infrastructure all support the WebSocket protocol.

Refer to your network infrastructure and web server/container documentation for more information about WebSocket support.

Directory servers

This table lists supported directory servers.

As described in identity stores, you can configure AM to use LDAPv3-compliant directory servers as user data stores. If you have a special request to deploy AM with a user data store not mentioned in the following table, contact info@forgerock.com.

Supported directory servers
Directory server AM 6.5 AM 7.0 AM 7.1 AM 7.2 AM 7.3 AM 7.4 AM 7.5

Embedded DS(1)(2)

6.5.6

7.0

7.1.5

7.2

7.3

7.4

7.5

External DS(2)

Any Ping Identity-supported version

6 and later

File system-based

N/A

Oracle Unified Directory

11g R2

Oracle Directory Server Enterprise Edition

11g

Microsoft Active Directory

2012 R2, 2016

2016, 2019

IBM Tivoli Directory Server

6.3

6.4

(1) Demo and test environments only. (2) PingDS, formerly named ForgeRock Directory Server.

Supported features
Directory server Configuration Apps / policies CTS Identities UMA

Embedded PingDS(1)

External PingDS

File system-based

Oracle Unified Directory

Oracle Directory Server Enterprise Edition

Microsoft Active Directory

IBM Tivoli Directory Server

(1) Demo and test environments only.

Third-party software

Ping Identity supports using the following third-party software when logging Common Audit events:

Third-party logging software
Software AM 6.5 AM 7.0 AM 7.1 AM 7.2 AM 7.3 AM 7.4 AM 7.5

Java Message Service (JMS)

N/A

2.0 API

MySQL JDBC Driver Connector/J

N/A

8 (at least 8.0.19)

Splunk

N/A

8.0 (at least 8.0.2)

Elasticsearch and Splunk have native or third-party tools to collect, transform, and route logs. Examples include Logstash and Fluentd.

Consider using these alternatives as they have advanced, specialized features focused on getting log data into the target system. They decouple the solution from the Ping Identity Platform systems and version, and provide inherent persistence and reliability. You can configure the tools to avoid losing audit messages if a Ping Identity Platform service goes offline, or delivery issues occur.

These tools can work with Common Audit logging:

  • Configure the server to log messages to standard output, and route from there.

  • Configure the server to log to files, and use log collection and routing for the log files.

Ping Identity supports using the following third-party software when monitoring AM servers:

Third-party monitoring software
Software AM 6.5 AM 7.0 AM 7.1 AM 7.2 AM 7.3 AM 7.4 AM 7.5

Grafana

N/A

5 (at least 5.0.2)

Graphite

N/A

1

Prometheus

N/A

2.0

For hardware security module (HSM) support, AM requires a client library that conforms to the PKCS#11 standard v2.20 or later.

Supported clients

The following table summarizes supported clients:

Supported clients
Client Platform Native Apps(1) Chrome(2) Edge(2) Firefox(2) Safari(2) Mobile Safari

Windows 8

Windows 10

Mac OS X 10.11 or later

Ubuntu 14.04 LTS or later

iOS 9 or later

Android 6 or later

(1) Native Apps is a placeholder to indicate the platform is not limited to browser-based technologies. An example of a native app would be something written to use common REST APIs.

(2) Latest stable versions are supported.

Special requests

If you have a special request regarding support for a combination not listed here, contact support.

Copyright © 2010-2024 ForgeRock, all rights reserved.