Known issues

There are no known issues.

Known limitations

  • The adapter instance’s Token Name field must be unique within a federation; however this is not enforced in the user interface.
  • If the SP Adapter is set to send extended attributes as cookies, multi-value attributes will fail, because multiple cookies with the same name are not allowed.
  • When running the sample applications in a separate container, the back-channel web-SSO directory service will fail unless the certificate is trusted by the JDK. As a result, the sample applications will not list available partners to SSO into in the drop-down list. To get around this limitation, import the certificate into the JDK or web container’s trusted CA store, or use HTTP instead.
  • Support for UTF-8 encoding is limited to the sample applications and the attributes displayed. UTF-8 encoded usernames, passwords, and token names for the OpenToken configuration, SSO Directory Service configuration, and sample application configuration are not supported.
  • The Java Integration Kit is not compliant with FIPS-140 cryptographic standards. By forcing the Sun JCE to be used in the adapter, keys are not stored in the Hardware Security Module (HSM).