Migrating to the integrated Username Token Processor - PingFederate - 10.2

PingFederate Server

bundle
pingfederate-102
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 10.2
category
Product
pf-102
pingfederate
ContentType_ce

As of PingFederate 7.2, the Username Token Translator has been deprecated and replaced with an integrated Username Token Processor. While the integrated Username Token Processor and the deprecated Username Token Translator may be simultaneously deployed, it is recommended to migrate to the new token processor.

  1. Go to the Identity Provider > Token Processors screen.
  2. Click Create New Instance to create an instance of the integrated Username Token Processor.
    Important:

    In the Type screen, select Username Token Processor from the list.

    Tip:

    If you have multiple WS-Trust STS SP connections, you may reuse the same Username Token Processor instance or create additional instances of the token processors as needed.

  3. Map the new token processor instance to the applicable WS-Trust STS SP connection on the IdP Token Processor Mapping screen.
    Repeat this step if you have multiple WS-Trust STS SP connections.
  4. Test your WS-Trust STS SP connections using the instance of the integrated Username Token Processor.
  5. Remove the token processor instance of the deprecated Username Token Translator from all WS-Trust STS SP connections in the IdP Token Processor Mapping screen.
  6. If you have set up token translator mappings, create new entries to replace those using instances of the deprecated Username Token Translator, test the new mapping entries, and delete the entries that use instances of the deprecated Username Token Translator.
  7. Delete all token processor instances of the deprecated Username Token Translator in the Identity Provider > Token Processors screen.
  8. Remove the pf-username-token-translator-<version>.jar file from the <pf_install>/pingfederate/server/default/deploy directory on all PingFederate servers.
  9. Restart PingFederate on all PingFederate servers.