Fixes

OPENIG-8432: Config expression doesn’t work in audit service’s event handler configuration

OPENIG-8370: IG standalone 2023.11 and above throws NPE and return response 500

OPENIG-8340: RouterHandler should validate the directory being set in the config

OPENIG-8295: When a trailing header is used in a StaticResponseHandler the HTTP response doesn’t conform to the HTTP spec

OPENIG-7557: Inline named object declarations in IG config interactions with heap objects are misleading

OPENIG-7633: Http endRequest metrics should check if handler is null

OPENIG-7674: Misleading deprecation notice in ClientRegistration without secretsProvider

OPENIG-7680: GzipFlowableTransformer fails when there is empty bytebuffer after actual gzip content

OPENIG-7736: IG drops some bytes during POST and PUT of large data/images

OPENIG-7738: readWithCharset method doesn’t return the content of the file as a plain string.

OPENIG-7790: HTTP Client Active Request Gauge can display negative values

OPENIG-7859: org.forgerock.openig.filter.oauth2.client.ClientRegistration#revokeToken logs incorrect endpoint when revocation fails

OPENIG-7978: PEF should return 401 when no subjects can be found instead of 500

OPENIG-8069: Vertx threads are getting locked on org.forgerock.http.vertx.monitoring.meters.Gauges.get(Tags)

OPENIG-8070: vert.x threads are getting locked on SessionInfoCache$IndexTable

OPENIG-7633: Http endRequest metrics should check if handler is null

OPENIG-7736: IG drops some bytes during POST and PUT of large data/images

OPENIG-7453: SecretsTrustManager fails to load CA-signed certificates due to restrictive KeyUsage

OPENIG-7768: Declaring JwtSession named 'Session' in config.json fails

OPENIG-7774: CorsFilter should handle invalid policies better instead of throwing NPE

OPENIG-5294: Clear Issuer cache on exception

OPENIG-7429: IG cannot handle requests with IPv6 URL

OPENIG-7474: SwitchFilter’s handler fails to send original POST request entity

OPENIG-5913: (UI) Route configuration lost sometime after un-deploy from route list

OPENIG-6911: Failed agent authentication is not clear from the IG logs

OPENIG-6911: Failed agent authentication is not clear from the IG logs

OPENIG-6394: Stack traces are printed twice in the log files

OPENIG-6206: When checking for peer certificates in a request, validate that the SSLSession is available

OPENIG-5872: Stop Tyrus WebSocket connection retry when Websocket Client is closed

OPENIG-5868: WebSocketClientHandshakeException: Invalid subprotocol seen when using IG standalone to proxy WebSocket requests

OPENIG-5805: The notification service should attempt to refresh the caller token when receiving a 401 on WebSocket connections

OPENIG-5793: Unexpected behaviour of EL function matches

OPENIG-5778: sessionInfo requests can lead to a build up of agent tokens being created

OPENIG-5743: Standalone: Possible OOME for large requests

OPENIG-5725: Add SNI configuration

OPENIG-5683: HTTP/2 : set max connections

OPENIG-5610: Null Pointer Exception when using ForwardedRequestFilter with ResourceHandler

OPENIG-5540: PEM secret format fails to decode some EC private keys

OPENIG-5539: The ForwardedRequestFilter should not change original URI parameter values when rebasing

OPENIG-5425: JwkSetHandler: No error displayed when using an invalid configuration such as a public key exported -as jwk- for decryption usage

OPENIG-4956: Inbound WebSocket connection is not closed when outbound connection is closed abruptly

OPENIG-6394: Stack traces are printed twice in the log files

OPENIG-6206: When checking for peer certificates in a request, validate that the SSLSession is available

OPENIG-5872: Stop Tyrus WebSocket connection retry when Websocket Client is closed

OPENIG-5793: Unexpected behaviour of EL function matches

OPENIG-5868: WebSocketClientHandshakeException: Invalid subprotocol seen when using IG standalone to proxy WebSocket requests

OPENIG-5805: The notification service should attempt to refresh the caller token when receiving a 401 on WebSocket connections

OPENIG-5778: sessionInfo requests can lead to a build up of agent tokens being created

OPENIG-5743: Standalone: Possible OOME for large requests

OPENIG-5683: HTTP/2 : set max connections

OPENIG-5610: Null Pointer Exception when using ForwardedRequestFilter with ResourceHandler

OPENIG-5540: PEM secret format fails to decode some EC private keys

OPENIG-5539: The ForwardedRequestFilter should not change original URI parameter values when rebasing

OPENIG-4956: Inbound WebSocket connection is not closed when outbound connection is closed abruptly

OPENIG-5401: Retries on a ReverseProxyHandler not being triggered

OPENIG-5258: IG Standalone must populate the originalUri.port from Host header

OPENIG-5219: Vert.x HTTP Client does not replicate current CHF behaviour when request fails and headers have been received

OPENIG-5084: WebSocket connections are not being proxied when baseURI scheme is wss

OPENIG-4900: AMService cannot connect to AM via TLS with Standalone

OPENIG-4034: AuditService does not delete old files when maxDiskSpaceToUse is reached

OPENIG-5258: IG Standalone must populate the originalUri.port from Host header

OPENIG-5219: Vert.x HTTP Client does not replicate current CHF behaviour when request fails and headers have been received

OPENIG-5084: WebSocket connections are not being proxied when baseURI scheme is wss

OPENIG-4900: AMService cannot connect to AM via TLS with Standalone

OPENIG-4034: AuditService does not delete old files when maxDiskSpaceToUse is reached

OPENIG-4190: A WebSocket Origin header is missing the scheme from the URL

OPENIG-4168: CacheAccessTokenResolver : missing requests to amService (not available in capture)

OPENIG-4037: Global decorators declared in a route cannot refer to decorators declared in the same route

OPENIG-3837: WebSocketAdapter#writeBuffersIfStreamIsReady should check if stream is ready before calling flush

OPENIG-3821: ResourceHandler should create redirect to a relative URI when requests don’t end in /

OPENIG-3819: WebSocket requests should be built using the raw query parameters

OPENIG-3783: ClassCastException in scriptable access token resolver occurs when invalid token is returned by delegated access token resolver

OPENIG-3755: IG’s decodeBase64 function returns null on JWTs generated by IG or AM

OPENIG-3659: SSOFilter logoutEndpoint does not take query parameters into consideration

OPENIG-3579: NullPointerException when calling org.forgerock.openig.handler.router.DirectoryMonitor#createFileChangeSet

OPENIG-3492: Request and response logged in different files when capture:all and global captureDecorator are in config.json

OPENIG-3488: IG fails to stop when started with a config.json with invalid json syntax.

OPENIG-3403: ContentTypeHeader quoted directives should be maintained

OPENIG-3296: UserProfileFilter and usernames with colons

OPENIG-3275: SamlFederationHandler Doesn’t Support Filtering

OPENIG-3221: OpenIG is decoding special character ' while sending to the backend which is causing issues

OPENIG-3219 When using scan feature in logback.xml the ig.instance.dir property is lost on reload

OPENIG-5268: IG 6.5.3 Studio UI Welcome screen has formatting/layout issues

OPENIG-5084: WebSocket connections are not being proxied when baseURI scheme is wss

OPENIG-4034: AuditService does not delete old files when maxDiskSpaceToUse is reached

OPENIG-4190 A WebSocket Origin header is missing the scheme from the URL

OPENIG-4168: CacheAccessTokenResolver : missing requests to amService (not available in capture)

OPENIG-3783: ClassCastException in scriptable access token resolver occurs when invalid token is returned by delegated access token resolver

OPENIG-3837: WebSocketAdapter#writeBuffersIfStreamIsReady should check if stream is ready before calling flush

OPENIG-3819 WebSocket requests should be built using the raw query parameters

OPENIG-3659 SSOFilter logoutEndpoint does not take query parameters into consideration

OPENIG-3492: Request and response logged in different files when capture:all and global captureDecorator are in config.json

OPENIG-3296: UserProfileFilter and usernames with colons

OPENIG-3403: ContentTypeHeader quoted directives should be maintained

OPENIG-3226: StaticFilterRequest: request leak

OPENIG-3219 When using scan feature in logback.xml the ig.instance.dir property is lost on reload

OPENIG-3113: Not possible to use token substitutions within a monitor decorator of a Route

OPENIG-2695: UI: Unable to open Freeform editor on Linux

OPENIG-2634: UI: Uncaught error on route error

OPENIG-2571: OAuth2ResourceServerFilter requireHttps=true applies to rebased request URI

OPENIG-2565: PolicyEnforcementFilter returns 403 instead of 401 when route is accessed with an unauthenticated user

OPENIG-2243: AM 6 default CSRF Protection switch breaks Policy Enforcement Filter

OPENIG-2004: OAuth2ResourceServerFilter cache configuration can lead to unexpected results if tokens expire early

OPENIG-1325: Cannot specify realm in UmaService

OPENIG-816: The UmaResourceServerFilter returns with wrong as_uri

OPENIG-3226: StaticFilterRequest: request leak

OPENIG-3219 When using scan feature in logback.xml the ig.instance.dir property is lost on reload

OPENIG-2571: OAuth2ResourceServerFilter requireHttps=true applies to rebased request URI

OPENIG-2243: AM 6 default CSRF Protection switch breaks Policy Enforcement Filter

OPENIG-2004: OAuth2ResourceServerFilter cache configuration can lead to unexpected results if tokens expire early

OPENIG-1674: UMA examples might not work with Chrome and Safari

OPENIG-1152: Facebook Social Authentication not working when OpenAM is proxied behind OpenIG