ForgeRock Identity Gateway

Removed

The listed features and properties have been removed, as defined in ForgeRock product stability labels.

Removed in IG 2023.9

No features or properties were removed in this release.

Removed in IG 2023.6

No features or properties were removed in this release.

Removed in IG 2023.4

No features or properties were removed in this release.

Removed in IG 2023.2

Feature or property Setting Replacement setting Deprecated in

IG delivery

.war file

.zip file

6

Environment variable and system property

OPENIG_BASE
openig.base

IG_INSTANCE_DIR
ig.instance.dir

6

PolicyEnforcementFilter

executor

cache subproperty executor

6

ClientHandler and ReverseProxyHandler

keyManager
sslCipherSuites
sslContextAlgorithm
sslEnabledProtocols
trustManager

tls property to define a ClientTlsOptions object

6.5

UserProfileFilter

ssoToken

username

6.5

profileAttributes

userProfileService subproperty profileAttributes

6.5

amService

userProfileService subproperty amService

6.5

StatelessAccessTokenResolver

signatureSecretId

verificationSecretId

6.5.1

encryptionSecretId

decryptionSecretId

6.5.1

Removed in IG 7.2

Feature or property Setting Replacement setting Deprecated in

StaticResponseHandler

version

Not replaced

Not deprecated

Removed in IG 7.1

Feature or property Setting Replacement setting Deprecated in

Route

monitor

Prometheus Scrape Endpoint and Common REST Monitoring Endpoint

6

Removed in IG 7

Feature or property Setting Replacement setting Deprecated in

Support for AM Policy Agents

Use of AM policy agents in password capture and replay

CapturedUserPasswordFilter

6

ClientRegistration

keyStore

keystore

6.1

OAuth2ResourceServerFilter

cacheExpiration, and the values of zero and unlimited are not supported

cache and its subproperties

5.5.1

PolicyEnforcementFilter

cache subproperty maxTimeout

cache subproperty maximumTimeToCache

6

Removed in IG 6.5

Feature or property Setting Replacement setting Deprecated in

PolicyEnforcementFilter

pepUsername, pepPassword

AmService properties agent

6.5

amHandler, openamUrl, realm, ssoTokenHeader

AmService properties amHandler, url, realm, ssoTokenHeader

6

SingleSignOnFilter

amHandler, openamUrl, realm, and cookieName

AmService properties amHandler, url, realm, and ssoTokenHeader

6

TokenTransformationFilter

amHandler, openamUrl, realm, ssoTokenHeader

AmService properties amHandler, url, realm, ssoTokenHeader

6

username, password

AmService property agent

6.1

ReverseProxyHandler

websocket subproperties:

  • keyManager

  • sslCipherSuites

  • sslContextAlgorithm

  • sslEnabledProtocols

  • trustManager

tls property to define a ClientTlsOptions object

6.1

Removed in IG 6.1

No features or properties were removed in this release.

Removed in IG 6

Feature or property Setting Replacement setting Deprecated in

HeapClientRegistrationRepository

Whole object

AuthorizationCodeOAuth2ClientFilter property registrations

5.5.1

Jetty support

8

9

-

ClientRegistration

tokenEndpointUseBasicAuth

tokenEndpointAuthMethod

5.5.1

OAuth2ResourceServerFilter

tokenInfoEndpoint, providerHandler

Configuration properties of OpenAmAccessTokenResolver, TokenIntrospectionAccessTokenResolver, and ScriptableAccessTokenResolver

5.5.1

OpenAmAccessTokenResolver

endpoint

AmService property url

6

UmaService

authorizationServerUri

wellKnownEndpoint and the AmService property url

Not deprecated

Removed in IG 5.5

Feature or property Setting Replacement setting Deprecated in

Finalize Method

Finalize Method for HTTP messages

Alternate approach(1)

Not deprecated

UMA support

UMA 1.x

UMA 2.x

OpenIG 14

UmaService

clientId and clientSecret

Not replaced. IG uses the PAT to create an UMA resource.

OpenIG 14

(1)Consider the following points on compatibility for the Finalize method:

  • After creating a new request object, explicitly close it after use. For example, the following Java code was used in a previous release:

    ThrottlingRate rate = datasource.lookup(new RootContext(), new Request()).get();

    Here the equivalent Java code includes a final close operation:

    ThrottlingRate rate = datasource.lookup(new RootContext(), request)
      .thenAlways(request::close)
      .get();
  • In scripts, the client binding automatically closes the request that is provided as a parameter. Therefore, it is not necessary to manually close the request for scripts.

    After the request is automatically closed, the request entity is empty and can’t be accessed. Response callbacks that try to access the request entity will fail.

    Work around this behavior in the following ways:

    • Keep the request open by using the client.sendNoClose() method instead of client.send(). This method to prevents closure of requests after send. If you use this method, remember to manually close the request.

    • Access the request entity before the request is closed, for example by including the request.entity.string assignment before calling the client.send() with the request.

Copyright © 2010-2023 ForgeRock, all rights reserved.