PingFederate 10.1.2 is a cumulative maintenance release for PingFederate 10.1. For a summary of the features introduced in the 10.1 release, see PingFederate 10.1 - June 2020.
Resolved issues
| Ticket ID | Description |
|---|---|
| PF-27043 | Resolved an issue that could cause a "file does not exist" error to impact user requests when cluster replication is performed while the cluster is under load. |
| PF-27067 | Resolved an issue causing the HTML Form Adapter not to display the custom template that is supposed to be displayed when a user clicks Cancel during the password reset flow. |
| PF-27076 | Updated jackson-databind to version 2.9.10.6. |
| PF-27077 | Resolved an issue preventing the configurations for OAuth clients created by Dynamic Client Registration to be updated after PingFederate was upgraded. An error was displayed stating, "An updated client secret is required because one of the chosen algorithms relies on a shared symmetric secret." |
| PF-27097 | When PingFederate sends a LDAP transaction request to a PingDirectory server, if the request specifies an intermediate client request control, then PingFederate no longer specifies that the control is critical. This change prevents runtime errors when the directory server does not support the control but is behind a proxy server that does support it. |
| PF-27105 | Resolved an issue where some administrative console pages did not render when using Luna in FIPS 140-2 approved operation mode. |
| PF-27297 | When an OAuth client uses the redirectless mode to initiate authorization directly through the authentication API, PingFederate no longer returns an error if the client has multiple redirect URIs or has a redirect URI with a wildcard character. |
| PF-27337 | Enhanced certification revocation list (CRL) processing to prevent concurrent calls to the same CRL endpoint. |
| PF-27356 | PingFederate no longer relies on an externally-hosted CSS library for font styles. |
| PF-27385 | When PingFederate cannot find a grant, now it logs that it did not find the grant instead of logging a null pointer exception and stack trace. |
| PF-27422 | Improved logging for signed request objects that PingFederate ignores and added a config-store flag to always process request objects. |
| PF-27463 | PingFederate now uses defaultForLegacyConfig from the field
descriptor to fill in missing field values in POST and PUT requests
to the administrative API for plugins. This reduces the chance of
validation errors when a new configuration field has been added to
the plugin and a POST or PUT request omits the field. |
| PF-27504 | Resolved an issue that caused the administrative console to fail when PingFederate is configured to use an external datastore for OAuth client storage but the datastore is not available. |
| PF-27541 | PingFederate now respects the PKCE authorization request parameters from the request object. |