PingAccess

Transcription

PingAccess

Contents iiContentsRelease Notes. 8PingAccess Release Notes. 8Release Notes. 8PingAccess Policy Migration Release Notes. 53Release Notes. 53Ping Identity Automated Deployment for AWS Release Notes. 55Release Notes. 55About PingAccess. 55PingAccess overview.55What is PingAccess?. 56PingAccess for Azure AD.56What can I do with PingAccess?. 57How does PingAccess work?.59WAM session initiation. 59Token mediation. 60What can I configure with PingAccess?. 60Installing PingAccess.64Install PingAccess. 64Installation requirements.64Install PingAccess on Linux. 68Install PingAccess on Red Hat Enterprise Linux. 68Install PingAccess on Windows. 69Start PingAccess. 71Access the admin console for the first time. 71Access the PingAccess administrative API.72Access the interactive administrative API documentation.72Change configuration database passwords. 73Stop PingAccess. 73Run PingAccess as a service. 73Configure PingAccess to run as a Linux systemv service. 74Configure PingAccess to run as a Linux systemd service. 75Configure Multiple Instances of PingAccess as Linux services. 75Remove the PingAccess Linux service. 75Configure PingAccess to run as a Windows service. 76Remove the PingAccess Windows service. 76Uninstall PingAccess. 76Configuring and Customizing PingAccess.77Configure session management.77Configure session management.77Configure server-side session management. 77Configure logging. 79Configure logging.79Security audit logging. 79

Contents iiiLogging. 82Configure log levels. 83Configure a class or package log level.83Enable cookie logging. 83Append log messages to syslog and the console. 84Write logs to other formats.84Customize and localize PingAccess. 88Customization of user-facing pages. 88Localization of user-facing pages.90Upgrading PingAccess. 91Upgrade PingAccess. 91Upgrading your environment. 91Upgrade a PingAccess standalone version. 91Upgrade a PingAccess cluster. 92Upgrade Windows using the installer.93Upgrade RHEL using the installer.94Perform post-upgrade tasks. 95Restore a PingAccess configuration backup.103PingAccess: Zero Downtime Upgrade. 104Introduction. 104Step 1: Disable key rolling. 104Step 2: Upgrade the Admin node. 105Step 3: Upgrade engines. 106Step 4: Enable key rolling. 110Recovering from a failed upgrade.111Reference Guides. 111API Endpoints.111PingAccess endpoints.111Clustering Reference Guide. 114Clustering. 114Configure a PingAccess cluster. 117Configuring the administrative node.118Configure runtime state clustering.119Configuring the replica administrative node. 119Manual fail over to the replica administrative node.120Reinstate a replica administrative node after failing over. 121Configure an engine node.121Editing an engine node. 122Revoke access from an engine node. 122Removing an engine node. 122Configuration File Reference Guide.123Configuration file reference. 123Deployment Reference Guide. 134PingAccess deployment guide. 134Use cases and deployment architecture. 134Configuration by use case.137Web Access Management.140API Access Management proof of concept deployment architecture. 144API Access Management production deployment architecture. 144Auditing and proxying proof of concept deployment architecture.145Auditing and proxying production deployment architecture.145Groovy Development Reference Guide. 146

Contents ivGroovy.146Groovy Scripts. 147Body object. 149Exchange object. 149Headers object.150Identity object.152JsonNode object. 153Logger object. 154MediaType object. 155Method object. 155OAuth Token object.156PolicyContext object. 157Request object.157Response object. 158SslData object.159Groovy script examples. 160Matchers. 161Performance Tuning Reference Guide. 165Performance tuning. 165Java tuning. 165Operating system tuning.166Garbage collector configuration.168Acceptor threads.169Worker threads. 169Backend server connections. 170Logging and Auditing.170Agent tuning.171PingAccess User Interface Reference Guide. 171PingAccess User Interface Reference Guide. 171Applications. 171Sites. 180Agents. 186Rules. 189Access.209Networking. 220Security. 226System. 231Agents and Integrations. 251PingAccess for AWS. 251PingFederate Environment Requirements for PingAccess for AWS. 251Solution Setup Guide for PingAccess for AWS. 258Configure an Application for PingAccess for AWS. 271PingAccess for Azure AD.276Solution overview.276Configure PingAccess to use Azure AD as the token provider.277Configure a PingAccess application.277Getting started with PingAccess for Azure AD. 280PingAccess for Azure AD: Configure dual internal and external secure access. 280PingAccess Agent for Apache (RHEL). 281Introduction. 281System Requirements.282Installation. 282Configuration. 291Troubleshooting. 295

Contents vRelease Notes. 296PingAccess Agent for Apache (SLES).296Introduction. 296System Requirements.298Installation. 298Configuration. 299Troubleshooting.

Release Notes 8 Release Notes PingAccess Release Notes Release Notes PingAccess is a centralized point of s