Novell

This is Your Open EnterpriseTM

IDM User Application 351 Field Patch W

This document (5040040) is provided subject to the disclaimer at the end of this document.

patches this patch supersedes

FileProductStatusPatch
UA351V-Linux.tar.gzIdentity Manager 3.5.1ObsoleteIDM User Application 351 Field Patch V

patches that supersede this patch

This patch is not superseded by any other patches.

patch attributes

Security patch: Yes
Priority: Mandatory
Distribution Type: Public
http://download.novell.com/Download?buildid=p0rSQ5WmTuY~

document

Revision: 3
Document ID: 5040040
Creation Date: 2008-12-17 10:14:54
Modified Date: 2008-12-17 11:22:34

abstract

Field Patch 351W for Identity Manager User Application 3.5.1

details

Overview: Field Patch 351V for Identity Manager User Application 3.5.1

System Requirements: Windows, SLES, or Solaris

Installation: this is explained in the README.1st and README files within the archive file


Outline of the Patch Installation Steps


1) Stop the Application Server

2) Make a back-up of the User Application war file and place it is a safe folder (outside of your install directory)

3) Extract the contents of the archive to your hard drive

4) Launch PatchUserApp (as the same user who installed the User Application. and make sure to use the correct installer)

4.a) On the second screen you will select the 'Choose' button, navigate, select patch file (For Example: UAPatch351A.zip), then press Open, and then press Next

4.b) On the third screen you will select the 'Choose' button, navigate to your install directory and select the install.properties file, then Press Open, and then press Next

4.c) Take the defaults on the reset of the screens


*If this installation of the User Application is the non-provisioning version, near the end of the Patch process, you will receive errors about not finding jar(s) Please press OK and let the patch install continue. This is expected behavior since you have the non-provisioning Install of the UA. We only create one version of the patch*

**If this installation of the User Application is on Windows, you will receive an informational warning at the end of the patch install that the "openwar" directory may not have been deleted and that you need to check. If the openwar directory (located in \idm\jboss\server\IDM\deploy directory for example) does exist, please delete as the informational warning outlines. **

5) Once the Patch installation has finished, complete the manual steps that are outlined in the README (They are located under "Special Instructions" for the bug that they apply to:

For Example:

**********************************************************
********************Special Instructions******************
**********************************************************

6) Once the above has been completed and the Application Server has been restarted or the war has been re-deployed, you can confirm the patch level. To accomplish this, login to the User Application and press the Help link in the Header you will see the information similar to the following at the bottom of the page:


Identity Manager version 3.5.1 Patch A
Build Revision 23429


NOTE: The Patch level should match the version of the patch you just installed.

Uninstalling: This is explained in the README.1st within the archive file

Problems Resolved:

======================================================================
Patch 351A
======================================================================

*Bug 333154 - A flow with a Timedout link, fails with a DataItemException if the timedout action occurs

*Bug 331927 - ecma expression that worked in 3.01. and 3.5 no longer works in 3.5.1

*Bug 332382 - process.getName() method results is script error

*Bug 334158 - Should receive a confirmation after changing password on Forgotten Password

*Bug 336888 - A collision at the Merger Activity will cause the flow to complete unexpectedly

*Bug 306497 - UserApp webpage not accessable after migration from 3.5.0 to 3.5.1

*Bug 335745 - Incomplete data update during upgrade from 3.5 professional to 3.5.1 provisioning

*Bug 336149 - Hibernate Rollback error upgradrading from 3.5 to 3.5.1, professional to provisioning

*Bug 338557 - Forgot Password link throws a java error when entering a user that does not exist

*Bug 336828 - iChain's Password Management Servlet URL does not work correctly with UA 3.5.x

*Bug 329446 - SOAP Test Web Service page lets you access some methods with being logged in as the prvo administrator

*Bug 307958 - Performance of 3.5.1 Self-Provisioning Approval has degraded since 3.5

*Bug 339362 - Challenge Response Questions are not presented according to defined Locale

*Bug 340456 - How case sensitive works in forgotten password

*Bug 341955 - My Team's Work and Settings do not display options in UA 3.5.0 and 3.5.1 when accessed via a Proxy

*Bug 335324 - If "Login Attribute' not 'cn' then 'Forgot Password' errors with 'User not found' on ForgotPassword.jsf.

======================================================================
Patch 351B
======================================================================

*Bug 342200 - Root, user, and group container DNs do not support the root of the tree or allow multiple container DNs to be selected

*Bug 284870 - Have the Intruder Detection work for incorrect answers to the Challenge Response Questions, not just Login

*Bug 344577 - Sort Order on My Tasks page appear in the wrong order in User App 3.5.x

======================================================================
Patch 351C
======================================================================

*Bug 335402 - error when submitting the workflow using startAsProxy()

======================================================================
Patch 351D
======================================================================

*Bug 346040 - Complete Export of All Configuration and Import Does NOT work

*Bug 345134 - Changepassword under password management displaying "PortletContainerImpl: failed to run the portlet: 'PasswordChangeJsf'"

*Bug 346022 - Each Remote call creates a new Session on JBoss which can cause OutOfMemory in User App 3.5.1

*Bug 332745 - Interop: Logout Message Needs Removed

*Bug 330103 - UserApp LDAP reconnection failing due to NullPointerException

*Bug 344582 - Unable to save URL Post Parameters in the Shortcut Portlet in UA 3.5.x

*Bug 347422 - NetStorage Portlet only works when browser or User local is set to English (US)

*Bug 347834 - User App data export does not include localized page names

======================================================================
Patch 351E
======================================================================

*Bug 347644 - Team Tasks page fails with 'Field userType not found or not instantiated yet' error

*Bug 348324 - Onchange form event gets triggered before onload script is executed

*Bug 346261 - Interop: Logout Message Needs Removed

*Bug 349497 - ForgotPassword displays the incorrect error when a user does not exist

*Bug 333621 - Some serialization issues on forgot password functionality

======================================================================
Patch 351F
======================================================================

*Bug 337773 - New search under Directory search displaying "PortletContainerImpl: failed to run the portlet: 'SearchListPortlet'

*Bug 336842 - Out Memory exceptions during migration with AFCOMMENT table with 500,000+ records

======================================================================
Patch 351G
======================================================================

*Bug 349560 - Database schema upgrade may fail on other databases

*Bug 352737 - team proxy assignments gives error: APWAAccessViolationException: You do not have write right to proxy

*Bug 351131 - Issue with searching on cascading team relationships

======================================================================
Patch 351H
======================================================================

*Bug 354745 - Field Patch: Need to perform Validation on ForgotPassword's Challenge Response Page

*Bug 354062 - Left side task frame do not appear with Request Resource on shared page

*Bug 355411 - Unable to hide any fields that are a Control Type of "Title" in UA 351

*Bug 354633 - SearchListPortlet - Search Fails if browser closed and re-opened for Welcome page guest

*Bug 355423 - A hidden field will maintain its Line Breaks

======================================================================
Patch 351I
======================================================================

*Bug 357485 - Unable to programmatically hide any fields that are a Control Type of "Title"

*Bug 357759 - Form Fields render in not the correct arrangement when using the Div tags with IE

*Re-Spin Bug 355423 - A hidden field will maintain its Line Breaks

*Bug 356661 - A Class Name with an underscore in the Name breaks the Detail Portlet

*Bug 359232 - Query for today does not work correctly on every day of the Month

*Bug 359573 - ForgotPassword fails with a NegativeArraySizeException

*Bug 354472 - A 'Login' portlet registration does not appear a page

*Bug 357461 - Inconsistent relational integrity when updating with entity activities

======================================================================
Patch 351J
======================================================================

*Bug 361929 - Field Patch (351): Any $ sign value in flowdata breaks the flow

======================================================================
Patch 351K
======================================================================

*Bug 363704 - IDM User Application : User Password Sync Status failure depending on Server Time Zone configuration

*Bug 363995 - Query for today does not return any Approval Flows in certain Time Zones before 12noon

*Bug 362240 - User Application : User Password Sync Status : ISO-8859-1 instead of UTF-8

======================================================================
Patch 351L
======================================================================

*Bug 373939 - Forgot Password returns incorrect information if the User has not answered their Challenge Response Questions

======================================================================
Patch 351M
======================================================================


*Bug 379648 - Field Patch (351) - Need to perform Validation on Challenge Response to ensure a User Defined Question has been supplied

*Bug 381923 - DAL Query in UA 3.5.1 takes longer than in version 3.5.0 or 3.6.0

*Bug 380207 - Multiple required Challenge\Response uses only the "User Response Character Length" for first question

*Bug 382303 - Field Patch (351): If an email notification contains a backslash character, the mail is not sent

*Bug 382082 - Field Patch (351): Allow Wild cards in Forgot Password does not work when login attribute is not cn

*Bug 368726 - 3.5.1 Field Patch - Attribute Values not Lookup Values being displayed when selecting 'Print' button on Detail/Profile portlet

======================================================================
Patch 351N
======================================================================

*Bug 383100 - Cannot add additional values to multiple valued attribute in the Detail portlet

*Bug 383806 - The fix for Bug 381923 causes IE to hang

======================================================================
Patch 351O
======================================================================

*Bug 385385 - LocalizedException missing from MigrateObjects.jar file

*Bug 385554 - Directory search export gives java exception on non-ascii characters

*Bug 386680 - Disabled Picklists do not present scrollbars in IE

*Bug 386690 - Picklist loaded via DAL Query that is disabled via props only shows one line

======================================================================
Patch 351P
======================================================================

*Bug 387388 - LDAP connections from ForgotPassword are held onto until UA session time-out

*Bug 389499 - Success page for ForgotPassword only shows cn and not the value of loginAttribute

*Bug 389909 - ForgotPassword notification uses cn and not the value of loginAttribute in the greeting

======================================================================
Patch 351Q
======================================================================

*Bug 387971 - Team Tasks has extra object level search when dealing with Cascading Relationships

*Bug 388737 - After applying UApatch351N team task throws JSONObject ("teamMemberDn")

======================================================================
Patch 351R
======================================================================

*Bug 391587 - Accessing Team Tasks in https mode with IE will present a pop-up about mix content

*Bug 395431 - Field Patch (351): Receive “Missing window.tzServer declaration !” error with DatePicker controls and the Resource Portlet

*Bug 396932 - Field Patch (3.5.1): Allow Wild Cards and Display DN Info automatically set

*Bug 397916 - Field Patch (351): No Buttons will appear of the form if the last Field is hidden and has no Linebreaks

======================================================================
Patch 351S
======================================================================

*Bug 397792 - Unable to select 'Self' under Select Object Entity when using a different Entity other than 'User'

*Bug 399013 - Field Patch (351): ForgotPassword does not complete if the user tries to reset their password before it can be changed

======================================================================
Patch 351T
======================================================================

*Bug 394536 - Export portlet does not resolve DN type attributes

*Bug 401459 - User Activity Approver Type Group - Escalated task displays wrong timeout, some cases leave extra task queued

======================================================================
Patch 351U
======================================================================

*Bug 405209 - Field Patch (351): Themes CSS is Truncating Title on Identity Portlets

*Bug 409236 - Field Patch (351): User App allows 5 tries instead of 3 to answer challenge questions

*Bug 401888 - OrgChartPortlet, click on "Show info" generates error

*Bug 408044 - Cannot see custom themes when using farm deployment in JBoss

======================================================================
Patch 351V
======================================================================

*Bug 409685 - Field Patch (351): Change reset link in SearchListPortlet to button

*Bug 410554 - Canceling a Request will return the user to the last accessed page when executed from the Resource Portlet

*Bug 400887 - 351 Patch: Persistent (stored) XSS vulnerabilities for input fields

*Bug 400897 - 351 Patch: Potential XSS vulnerability in portal

*Bug 413914 - Field Patch (351): PasswordChange.jsf Displays w/o Login

*Bug 412170 - Potential XSS vulnerability in ForgotPassword.jsf

*Bug 413919 - Field Patch (351): After clicking OK on expired pwd warning msg, user goes to default page instead of requested page

*Bug 415213 - Field Patch (351): User does not land on their “default” page when using iChain or Access Manager

======================================================================
Patch 351W
======================================================================

*Bug 416677 - Themes CSS is Truncating Title on Identity Portlets on Linen & IDM Standard Themes

*Bug 417806 - User Application/MS Exchange Email Connection Closed by Exchange - email is lost

*Bug 418727 - Using the back button with ForgotPassword causes a NullPointerException on WebSphere

*Bug 414365 - Having a comma in the cn causes problems with the Detail Portlet

*Bug 420071 - Session time-out is not handled correctly with the Resource Portlet

*Bug 423720 - Field Patch (351): Forgot Password does not work if Return Link is relative

*Bug 424927 - Field Patch (351): Receive NotSerializableException in ForgotPassword when running in a Cluster

*Bug 424903 - Field Patch (351): PasswordChange.jsf gives conflicting msgs: "Logout and close your browser..." and "Return to calling page"

*Bug 424895 - Field Patch (351): Browse to .../jsps/pwdmgt/PasswordChange.jsf behaves differently depending on login (form or auth hdr)

*Bug 423689 - Unable to login to the UA after entering incorrect Password

*Bug 425618 - Login.jsf appears incorrect when switching tabs in IE7

*Bug 425854 - Login.jsf appears incorrect with FireFox3

*Bug 425656 - Customised user app login screen image does not display correctly in Firefox 3

*re-spin Bug 417806 - User Application/MS Exchange Email Connection Closed by Exchange - email is lost

*Bug 425550 - Resource Portlet throws ClassCastException after session time-out

*Bug 424436 - ForgotPassword fails with a NullPointerException when using the Back Button if Users have not set their ChallengeResponse Questions

*Bug 424442 - Using the back button with ForgotPassword displays previous user's questions

*Bug 425442 - Field Patch (351): User App should recover gracefully from LDAP restart or connection issue

*Bug 426260 - Field Patch (351): field.fireEvent("eventname",customdata) does not work and throws incorrect error

*Bug 428646 - Should be able to sort the Network File Portlet

*Bug 432194 - Challenge Set Questions are not saved correctly when running on WebSphere

*Bug 431807 - A failed User Defined Question appears to actually be saved when running on WebSphere

*Bug 431958 - Updating a Challenge Set Questions multiple times throws an error when running on WebSphere

*Bug 436225 - http 404 errors are thrown (behind the scenes) when accessing My Tasks page

*Bug 436501 - Return and Cancel Buttons from the Detail portlet see the wrong entity when modifying self

*Bug 437694 - Potential XSS vulnerability in Page Navigation

*Bug 436911 - Challenge Response Questions are not saved when updating two times in the same session

*Bug 439845 - ForgotPassword is not validating all fields are answered before submitting when running on WebSphere

*Bug 436472 - Field Patch (351): Potential XSS vulnerability with UIQuery

*Bug 441475 - Field Patch (351): linebreaks are not hidden when the CheckboxPicklist field is hidden on a Request or Approval form

*Bug 433576 - No Challenge Response check when using iChain or Access Manager

*Bug 400714 - UA Driver fails to start on NetWare

*Bug 425165 - Field Patch (351): Unable to set availability when locale is set to German

======================================================================



Technical Support Information: If you experience any issues with this Patch, please open a Service Request with the IDM User Application Support Team

security fixes


There is the ability to Post scripts to a page navigation within the User Application
*Bug 437694 - Potential XSS vulnerability in Page Navigation

There is the ability to Post scripts to the UIQuery within the User Application
*Bug 436472 - Field Patch (351): Potential XSS vulnerability with UIQuery

file contents

Files IncludedSizeDate
UA351W-Windows.zip30.0 MB (31561453)2008-12-17 10:06:36
UA351W-Linux.tar.gz35.4 MB (37213446)2008-12-17 10:05:49
readme_5040040.htmlN/A2008-12-17 11:22:37

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

Novell is a registered trademark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG, a Novell business. *All third-party trademarks are the property of their respective owners.

© 2007 Novell, Inc. All Rights Reserved.