PingFederate 11.2.8 (December 2023) - PingFederate - 12.0

PingFederate Server
bundle
pingfederate-120
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 12.0 (Latest)
category
Administrator
Administratorguide
Audience
Capability
ContentType
DeploymentMethod
Guide
Product
Productdocumentation
SingleSignonSSO
Software
SystemAdministrator
pf-120
pingfederate
ContentType_ce
Product documentation
Guide
Guide > Administrator Guide

Enhancements and resolved issues in PingFederate 11.2.8.

Configurable option to turn on/off plugin creation and initialization during PingFederate startup.

NewPF-34640

Added the ConfigurePluginsOnStartup variable to the config-store file.

Default value of true creates and initializes plugins during startup. false prevents creation and initialization of plugins, which can reduce startup time.

Improved OGNL expression logging

ImprovedPF-34050

The administrator audit log file (admin.log) now logs any OGNL expression tests performed and the expression variables used with an event type of TEST_EXPRESSION.

For more information, see Administrator audit logging

Resolved a vulnerability in the Initial Setup Wizard

SecurityPF-34646

Fixed a Server-Side Request Forgery vulnerability in the Initial Setup Wizard described in security advisory SECADV041.

PingFederate systematically adds server-side sort control

FixedPF-33466

You can now turn off server-side sorting using a configuration option.

Updating OAuth clients with dynamic client registration

FixedPF-34146

Fixed a defect where an OAuth client created with dynamic client registration (DCR) couldn't be updated with DCR after it was modified with the administrative console.

Unable to deobfuscate chunked grant value with character length of 682

FixedPF-34839

Fixed a defect where PingFederate was unable to deobfuscate grant attributes for a small group of users in OAuth flows.