Known issues and limitations
Known limitations
-
The OpenToken name given to any one Adapter instance must be unique within the given federation. This however is not enforced in the user interface.
-
SP and IdP Sample applications are bundled with the integration kit only from presentation point of view. There is ability to create more than one unique session under the PingFederate IdP associated with a user using the demo sample applications. The situation should not appear in production environment if you are not using the bundled demo sample application in production.
-
The SP adapter has the ability to send extended attributes through cookies or query parameters along with the OpenToken. So long as these additional attributes have only one value each, this works fine, however, if there are any multi-value attribute only the first value would be sent, partly because we can only set one cookie per value name.
-
After replacing the agent configuration, it is sometimes necessary to disallow and then re-allow IIS write access to the file.