PingFederate 11.1.2 (October 2022)

Resolved issues

Bulk import for IdP connections

Fixed PF-31870

Resolved an issue where bulk import fails for identity provider (IdP) connections that fulfill Persistent Grant Extended Attributes.

Fixed PF-32001

PingFederate now recovers from initial connection failure when logging into the administrative console using external LDAP authentication.

Hiding user information from authentication API responses

Fixed PF-32028

You can now configure the setting IncludeUserInfoInResponses in the <install dir>/server/default/data/config-store/org.sourceid.saml20.domain.mgmt.impl.AuthnApiManagerImpl.xml file to hide user information from authentication API responses.

Errors on policy fragments configured to handle failures locally

Fixed PF-32073

When an error occurs on policies containing fragments and configured to handle failures locally, PingFederate no longer redirects a user to the service provider (SP) error page on SP-initiated single sign-on (SSO).

Outbound TLS connection failures

Fixed PF-32199

The certificate path-building algorithm now uses PingFederate’s custom revocation checker. This fix resolves a bug where outbound TLS connections failed for servers that presented out-of-order certificate chains.

PingDirectory user registration

Fixed PF-32241

During user registration, PingFederate now sends all passwords to PingDirectory, resolving an issue where passwords consisting of only spaces would not properly register a PingDirectory password.

Configurations with no connection type in Kerberos realm

Fixed PF-32274

When reading the pingfederate-kerberos-realms.xml file, PingFederate no longer raises an error for configurations with no connection type in the Kerberos realm.

PingFederate Server