Enhancements and resolved issues in PingFederate 11.2.1.
OAuth client management
When managing OAuth clients, we've resolved a defect where selecting the Require JWT Secured Authorization Response Mode text toggled the incorrect check box.
Potential security vulnerability
We've resolved a potential security vulnerability that is described in security advisory SECADV033.
Informing adapters of end policy result
When processing policy fragments, all adapters invoked in the fragment now correctly execute their respective post-processing step (if applicable) to inform the adapter of the end policy result.
Managing certificates within Metadata Export
Managing certificates within the Metadata Export flow no longer displays or saves an empty list of certificates, clearing out existing ones in the process. For more information, see Metadata export.
Cluster data replication
We've resolved a defect where cluster data replication could remove keys from engine node's pf.jwk file instead of merging and retaining the keys.
- We also updated the following bundled components and third-party
- PingID Integration Kit 2.23
- PingID Adapter 2.13.2
- PingID PCV (with integrated
RADIUS server) 3.0.2Note:
This version of the PingID PCV has known issues that you should review before upgrading. For more information, see Known issues in PingID RADIUS PCV 3.0.2.