New features and improvements in PingFederate 11.0.4.
MasterKeyEncryptor and cluster replication
When PingFederate uses a custom
MasterKeyEncryptor that relies on an SSL call to an external service, cluster
replication no longer causes cascading failures because PingFederate cannot open Java key store
files.
Rule matching for fragment nodes and NullPointerException
When using rule matching for fragment nodes, PingFederate no longer raises a NullPointerException
(NPE) if a fragment fails.
Zero byte archives
Resolved an issue that caused PingFederate to generate a zero byte archive when it
couldn't read a file in the
<pf_install>/pingfederate/server/default/data
directory.
JWT access token lifetimes
When using centralized and dynamically rotating keys for OAuth and
OpenID Connect, PingFederate now prevents you
from setting the JWT access token lifetime to be longer than the
dynamic-rotation-period-in-days specified in
<pf_install>/pingfederate/server/default/data/config-store/jwks-endpoint-configuration.xml.