New features and improvements in PingFederate 11.0.4.
MasterKeyEncryptor and cluster replication
When PingFederate uses a custom MasterKeyEncryptor that relies on an SSL call to an external service, cluster replication no longer causes cascading failures because PingFederate cannot open Java key store files.
Rule matching for fragment nodes and NullPointerException
When using rule matching for fragment nodes, PingFederate no longer raises a NullPointerException (NPE) if a fragment fails.
Zero byte archives
Resolved an issue that caused PingFederate to generate a zero byte archive when it couldn't read a file in the <pf_install>/pingfederate/server/default/data directory.
JWT access token lifetimes
When using centralized and dynamically rotating keys for OAuth and OpenID Connect, PingFederate now prevents you from setting the JWT access token lifetime to be longer than the
dynamic-rotation-period-in-daysspecified in <pf_install>/pingfederate/server/default/data/config-store/jwks-endpoint-configuration.xml.