SafeNet App Gateway
Version Number: 1.3.0
Customer Release Notes (CRN) - This document describes capabilities, resolved issues, limitations, and known issues for different product releases.
Product Description
The SafeNet App Gateway is designed to enable integration with unauthenticated applications that do not follow standard methods of communication, such as SAML 2.0 or OIDC protocols. Customers would benefit with availability of a generic way to integrate with their non-standard apps. With this agent, the users can utilize the inbuilt features of STA like Two-Factor Authentication (2FA), adaptive access and SSO, and bring them to their native application platforms.
Release Description
Release Summary – SafeNet App Gateway v1.3.0
The following release has been issued for SafeNet App Gateway v1.3.0:
General Availability Release - July, 2024
The SafeNet App Gateway v1.3.0 release introduces the following new features and resolves a customer-reported issue:
Single-Sign-On
The agent now supports Single-Sign-On (SSO) for all the sub-applications configured in STA. With this feature, multiple applications can be accessed by entering the credentials only once, allowing access to subsequent sub-applications, without re-entering the credentials.
Click here to see the detailed SSO behavior for different authentication schemes.
Cross-Site Request Forgery token
The Cross-Site Request Forgery (CSRF) token serves as a security measure that safeguards web applications from DOS attacks and unauthorized actions. With this release, the applications supporting CSRF tokens will now be protected with Two-Factor Authentication (2FA), adaptive access, and Single Sign-On (SSO) using the agent.
For more details, refer to this section.
Resolved Issues
| Issue | Synopsis |
|---|---|
| AINT-9332 | While accessing: > multiple form-based applications > combination of basic and form-based applications from the same browser, the SSO session did not work. This issue is now resolved by the introduction of the Single-Sign-On feature. |
Release Summary – SafeNet App Gateway v1.2.0
The SafeNet App Gateway v1.2.0 introduces the following features:
Form based authentication
The agent now allows the administrators to protect applications on the basis of form based authentication. With form based authentication, a logon form is presented to the end-users. The user attributes can be mapped to the form field on the STA application configuration screen.
Query Parameter based authentication
The agent now allows the administrators to send user attributes in the form of a query string to the protected application. The user attributes can be mapped to the form field on the STA application configuration screen.
Support of Plugin Model
The administrators can now implement the custom logic to modify the request before sending it to the protected application. It provides an interface that can be implemented to modify header, cookie, params and form type before sending request to the protected application.
For more information on how to use the plugin model, refer to the Plugin Model section.
Support for High Availability (HA) Setup
The agent now supports installation to meet High Availability (HA) requirements. For more information, refer to the Installing the Agent section.
Known Issues
The following table provides a list of known issues as of the latest release.
| Issue | Synopsis |
|---|---|
| AINT-8655 | Summary: Under form-based authentication, for every login attempt using correct credentials, the IDP session is not cleared and multi-factor authentication (MFA) is bypassed, resulting successful user login. Workaround: None, it will be fixed in a future release. The user can close the current browser session and open the App Gateway agent URL in a new browser session. |
Release Summary – SafeNet App Gateway v1.1.0
The SafeNet App Gateway v1.0.0 is the first general availability release of the product.
Known Issues
The following table provides a list of known issues as of the latest release.
| Issue | Synopsis |
|---|---|
| SASNOI-13250 | Summary: After saving changes in the local gateway configurations, the current session terminates in the background, but the UI does not reflect that. Workaround: None, it will be fixed in a future release. |
| SASNOI-12924 | Summary: On the Ubuntu machine, the GUI is not getting displayed properly on the Mozilla Firefox web browser. Workaround: Use a different browser like Chrome to view the GUI correctly on Ubuntu. |
| SASNOI-15685 | Summary: While creating an application using HTTP Basic Authentication Scheme and configuring the PUBLIC URI starting with "/", the protected sites are not accessible and after AD authentication, the login page does not get redirected for the second-factor authentication. Workaround: The Public URI must be in lowercase and should not start with "/". |
