PingFederate 11.0.1 (January 2022) - PingFederate - 11.2

PingFederate Server

bundle
pingfederate-112
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 11.2
category
Administrator
Administratorguide
Audience
Capability
ContentType
DeploymentMethod
Guide
Product
Productdocumentation
SingleSignonSSO
Software
SystemAdministrator
pf-112
pingfederate
ContentType_ce
Product documentation
Guide
Guide > Administrator Guide

New features and improvements in PingFederate 11.0.1.

Rolling grace period for refresh tokens

Improved
When PingFederate rotates a refresh token, if the client fails to get the new token, now PingFederate can accept the previous token for the short period that you specify with the Refresh Token Rolling Grace Period setting.

Performance improvement

Info
Improved performance of the administrative console when a large number of OAuth clients are stored in LDAP or JDBC datastores.

URL region of the PingOne home button

PingOne
Info
When configuring the URL of the PingOne home button in the PingFederate administrative console, now pf.pingone.admin.url.region in run.properties supports Canada as a region.

AWS CloudHSM client

Info
PingFederate can be successfully integrated with AWS CloudHSM client version 3.4.4.

Resolved a potential security vulnerability

SecurityPF-30450
Resolved a potential security vulnerability that is described in security bulletin SECBL021.

Updated Apache Log4j2

SecurityPF-30536
Resolved a potential security vulnerability by updating Apache Log4j2 to version 2.17.1.

Authenticating PingDirectory users

PingDirectory
FixedPF-30557
Resolved an issue that allowed PingDirectory users to authenticate with expired passwords.

Certificate revocation list checks

FixedPF-30637
Resolved an issue that caused certificate revocation list (CRL) checks to return "issuer not found in trusted CAs store" even though the issuer certificate is present.