Dec 1, 2017 — Enterprise Application Access updates

The Enterprise Application Access (EAA) November software release includes new features, performance improvements, and EAA component bug fixes.

New features

  • SAML IdP (Beta only). EAA can communicate with the native application directly as the SAML IdP source. This feature is available for preview only.

  • Connector troubleshooting tools. From the EAA Management Portal, administrators can test connectivity between the connector and its associated applications using common networking tools such as dig, Ping, Traceroute, LFT, and cURL.

  • Service/debug mode. If you are working with support, professional services, or an ​Akamai​ representative to resolve an EAA issue, you can enable service/debug mode to allow ​Akamai​ to remotely troubleshoot the issue.

  • Active Directory (AD) password reset. A workflow for administrators to configure the Active Directory (AD) from the EAA Management Portal to allow EAA to manage password complexity and reset requirements for the end user Login Portal.

  • AD LDS support. Lightweight Directory Services (AD LDS) support for the user-facing authentication mechanism for applications.

  • OCSP - On-premise CA. Online Certificate Status Protocol (OCSP) support is now available with the on-premise configuration to validate certificates.

  • Time-based access control rules. EAA administrators can configure time based access control restrictions for applications.

  • Additional language support. The EAA Login Portal is now available in French, Chinese, German, and Spanish languages.

Bug fixes

  • RemoteSpark time zone menu now includes additional common time zones.

  • When more than 20 identity providers (IdPs) are configured in the EAA Management Portal, the UI now displays all of them.

  • EAA now validates the IdP hostname before creating the IdP.

  • The SAN extensions are now included in self-signed certificates.

  • SSH audit reports now appear in the EAA Management Portal.

  • EAA NGINX now retains the ETag header.

  • The EAA Login Portal no longer redirects to a lock screen when the authStatus is 200.

  • EAA applications configured with a custom domain that is switched to an ​Akamai​ domain now delete the certificate-to-application mapping so that the old certificate may be deleted.

  • EAA administrators can upload their own certificates for the SAML request signature.

  • EAA OPTIONS requests with redirect-based flow no longer result in cookie build up.

Known issues

We have planned improvements for the following issues in the EAA Management Portal:

  • Time-based access control rules only support HTTP applications.

  • Password reset is not supported for the AD LDS.

  • Language support is not available for the password change page.