PingFederate 12.1.4 (November 2024)
Resolved issues
Disable MaxMaliciousActions parameter
New PF-36298
We’ve made it possible to globally disable the MaxMaliciousActions parameter in the com.pingidentity.common.security.AccountLockingService file.
This will prevent an issue during upgrades where PingFederate unintentionally locks out an OAuth client when it tries to revoke Reference Bearer Access Tokens.
Unexpected error when replicating an active admin console
Fixed PF-35919
We’ve fixed a defect that caused PingFederate to return an unexpected error when replicating on a newly promoted passive admin node after deleting connections or clients on the previously active admin node.
Provisioning character limit
Fixed PF-36035
We’ve fixed a defect that caused outbound provisioning to fail and cease if a source user object exceeded a 255-character limit. In the new behavior, PingFederate will skip user objects that exceed 255 characters and log a warning.
API Datastore sends Content-Type for GET requests
Fixed PF-36194
We’ve fixed a defect that caused the PingFederate REST API Datastore to unnecessarily include a Content-Type value when sending GET requests.
PingDirectory password warning
Fixed PF-36232
We’ve fixed a defect that prevented PingFederate from issuing a password expiration warning when using PingDirectory as a datastore.
Multiple application requests within a browser
Fixed PF-36239
We’ve fixed a defect that could cause inconsistent sessions or authentication errors when starting multiple applications in different browser tabs at the same time.
Incorrect Swagger docs base path
Fixed PF-36241
We’ve fixed a defect that caused PingFederate to set the wrong base path for Swagger docs when the pf.admin.baseurl parameter includes a file path.
OGNL expression variables in datastore attributes
Fixed PF-36257
We’ve fixed a defect that caused PingFederate to ignore defined OGNL expression variables in datastore attributes.
Notification publisher validation error
Fixed PF-36260
We’ve fixed a defect that caused PingFederate to return a validation error when using the /serverSettings endpoint to update the notification settings to LOGGING_ONLY in an environment with no previously-defined notification publisher.
Device authorization grant time zone error
Fixed PF-36261
We’ve fixed a defect that caused device authorization grant flow errors when clustered server nodes are in different time zones.
Bulkhead notification validation error
Fixed PF-36269
We’ve fixed a defect that caused a validation error when sending a valid PUT request to the /serverSettings or /serverSettings/notifications endpoints when the bulkhead notification is active on the default notification publisher.
Replication warning banner
Fixed PF-36546
We’ve fixed a defect that caused the banner message warning that a configuration is out of date to persist after a configuration had been replicated. This defect occurred when running PingFederate as a Windows service.
Provisioning Flag Comparison Value now case-insensitive
info PF-36276
We’ve updated the provisioning Flag Comparison Value attribute to be case-insensitive.
Learn more in Modifying source settings.