IDM Roles Based Provisioning Module 360 Field Patch D
This document (5040041) is provided subject to the disclaimer at the end of this document.
patches this patch supersedes
| File | Product | Status | Patch |
|---|---|---|---|
| UA360C-Linux.tar.gz | Identity Manager Roles Based Provisioning Module 3.6 | Obsolete | IDM Roles Based Provisioning Module 360 Field Patch C |
patches that supersede this patch
patch attributes
document
abstract
Field Patch 360D for Identity Manager Roles Based Provisioning Module 3.6.0 (User Application 3.6.0)
details
Overview: Field Patch 360D for Identity Manager Roles Based Provisioning Module 3.6.0 (User Application 3.6.0)
System Requirements: Windows, SLES, or Solaris
Installation: This is explained in the README.1st and README files within the archive file
Outline of the Patch Installation Steps
1) Stop the Application Server
2) Make a back-up of the User Application war file and place it is a safe folder (outside of your install directory)
3) Extract the contents of the archive to your hard drive
4) Launch PatchUserApp (as the same user who installed the User Application. and make sure to use the correct installer)
4.a) On the second screen you will select the 'Choose' button, navigate, select patch file (For Example: UAPatch360A.zip), then press Open, and then press Next
4.b) On the third screen you will select the 'Choose' button, navigate to your install directory and select the install.properties file, then Press Open, and then press Next
4.c) Take the defaults on the reset of the screens
*If this installation of the User Application is the non-provisioning version, near the end of the Patch process, you will receive errors about not finding jar(s) Please press OK and let the patch install continue. This is expected behavior since you have the non-provisioning Install of the UA. We only create one version of the patch*
**If this installation of the User Application is on Windows, you will receive an informational warning at the end of the patch install that the "openwar" directory may not have been deleted and that you need to check. If the openwar directory (located in \idm\jboss\server\IDM\deploy directory for example) does exist, please delete as the informational warning outlines. **
5) Once the Patch installation has finished, complete the manual steps that are outlined in the README (They are located under "Special Instructions" for the bug that they apply to:
For Example:
**********************************************************
********************Special Instructions******************
**********************************************************
6) Once the above has been completed and the Application Server has been restarted or the war has been re-deployed, you can confirm the patch level. To accomplish this, login to the User Application and press the Help link in the Header you will see the information similar to the following at the bottom of the page:
Identity Manager version 3.6.0 Patch A
Build Revision 25199
NOTE: The Patch level should match the version of the patch you just installed.
Uninstalling: This is explained in the README.1st within the archive file
Problems Resolved:
======================================================================
Patch 360A
======================================================================
* Bug 353117 - Clicking Reset or Filter in 'View Role Status' after toggling Recipient/Requester buttons clears the result set
* Bug 353097 - Trying to sort role assignments by column takes a very long time
* Bug 348369 - Loc_Roles - UA UI: Incorrect translation of "*- indicates required"
* Bug 352370 - Role Assignment List - Deep linking from User to Container
* Bug 353060 - No Assignment Details display when role assignment is viewed by Group
* Bug 335907 - SessionWarning localized text not imported into portal
* Bug 352705 - Manage Roles: Create New Role NPE when no subcontainer specified and debug
* Bug 352428 - Incorrectly defined BestLocaleServletFilter_roles-resgrp
* Bug 352058 - Login Portlet is not shown on welcome page
* Bug 354220 - Left side task frame do not appear with Request Resource on shared page
* Bug 354747 - Field Patch: Need to perform Validation on ForgotPassword's Challenge Response Page
* Bug 356661 - A Class Name with an underscore in the Name breaks the Detail Portlet
======================================================================
Patch 360B
======================================================================
*Bug 359951 - Inconsistent relational integrity when updating with entity activities
*Bug 359575 - ForgotPassword fails with a NegativeArraySizeException
*Bug 359291 - Query for today does not work correctly on every day of the Month
*Bug 361930 - Field Patch (360): Any $ sign value in flowdata breaks the flow
*Bug 363996 - Query for today does not return any Approval Flows in certain Time Zones before 12noon
*Bug 364565 - Field Patch (360) Request Resource Complex preference portlet not working with Default Locale
*Bug 364954 - NPE in LocalizedException when driver is not found in eDir
*Bug 360236 - Role Manager should ONLY be able to see Role Assignment request status for groups and roles that he has trustee rights on
*Bug 363263 - Field Patch (360): Unable to hide any fields that are a Control Type of "Title"
*Bug 363265 - Field Patch (360): A hidden field will maintain its Line Breaks
*Bug 363268 - Field Patch (360): Unable to programmatically hide any fields that are a Control Type of "Title"
*Bug 367087 - Field Patch (360): User Application : User Password Sync Status : ISO-8859-1 instead of UTF-8
*Bug 367089 - Field Patch (360): IDM User Application : User Password Sync Statusfailure depending on Server Time Zone configuration
*Bug 369993 - Upgrade from 3.5.1 Prov to 3.6 Prov with context change fails
*Bug 373959 - 3.6.0 Field Patch - Forgot Password returns incorrect information if the User has not answered their Challenge Response Questions
*Bug 374138 - Field Patch (360): If "Login Attribute' not 'cn' then 'Forgot Password' errors with 'User not found' on ForgotPassword.jsf
*Bug 377172 - Upgrade from 3.5.1 Prov to 3.6 Prov with context change using MySQL 5.0.27 fails
======================================================================
Patch 360C
======================================================================
*Bug 379555 - Need to perform Validation on Challenge Response to ensure a User Defined Question has been supplied
*Bug 380518 - Field Patch (360): SearchListPortlet - Search Fails if browser closed and re-opened for Welcome page guest
*Bug 381380 - Field Patch (360): Multiple required Challenge\Response uses only the "User Response Character Length" for first question
*Bug 382073 - UA 360 is case sensitive with ForgotPassword when login attribute is not cn
*Bug 382304 - Field Patch (360): If an email notification contains a backslash character, the mail is not sent
*Bug 382081 - Allow Wild cards in Forgot Password does not work when login attribute is not cn
*Bug 374890 - User Application does not look at all of the attributes in the configuration for RoleConfig in dealing with SoD
*Bug 368723 - 3.6.0 Field Patch - Attribute Values not Lookup Values being displayed when selecting 'Print' button on Detail Portlet
*Bug 374955 - Roles Service Driver throws an exception when a SoD Conflict Approval completes
*Bug 386695 - Picklist loaded via DAL Query that is disabled via code only shows one line in UA360 with IE
*Bug 385387 - LocalizedException missing from MigrateObjects.jar file
*Bug 385557 - Field Patch (360): Directory search export gives java exception on non-ascii characters
*Bug 387957 - Field Patch (360): LDAP connections from ForgotPassword are held onto until UA session time-out
*Bug 389074 - DNLookUp control mapped to an Automatically Queried Entity fails at runtime
*Bug 389773 - Field Patch (360): Success page for ForgotPassword only shows cn and not the value of loginAttribute
*Bug 389910 - Field Patch (360): ForgotPassword notification uses cn and not the value of loginAttribute in the greeting
*Bug 387971 - Team Tasks has extra object level search when dealing with Cascading Relationships
*Bug 388996 - 3.6.0 field patch: Getting annoying dialogs on IE/SP2 with ssl
*Bug 391598 - Accessing Roles Area in https mode with IE will present a pop-up about mix content
*Bug 393074 - Receive NotSerializableException in ForgotPassword when running in a Cluster
*Bug 391589 - Field Patch (360): Accessing Team Tasks in https mode with IE will present a pop-up about mix content
*Bug 395420 - Receive Missing window.tzServer declaration ! error with DatePicker controls and the Resource Portlet
*Bug 397915 - No Buttons will appear of the form if the last Field is hidden and has no Linebreaks
*Bug 398528 - Field Patch (360): Unable to select 'Self' under Select Object Entity when using a different Entity other than 'User'
*Bug 399012 - ForgotPassword does not complete if the user tries to reset their password before it can be changed
*Bug 394583 - Field Patch (360): Export portlet does not resolve DN type attributes
*Bug 401458 - User Activity Approver Type Group - Escalated task displays wrong timeout, some cases leave extra task queued
*Bug 407988 - Field Patch (360): Themes CSS is Truncating Title on Identity Portlets
*Bug 405951 - User App allows 5 tries instead of 3 to answer challenge questions
*Bug 411284 - Field Patch (360): Canceling a Request will return the user to the last accessed page when executed from the Resource Portlet
*Bug 409326 - Field Patch (360): Cannot see custom themes when using farm deployment in JBoss
*Bug 400678 - Patch: Persistent (stored) XSS vulnerabilities for input fields
*Bug 400679 - Patch: Potential XSS vulnerability in portal
*Bug 413913 - Field Patch (360): PasswordChange.jsf Displays w/o Login
*Bug 412736 - Field Patch (360): Change reset link in SearchListPortlet to button
*Bug 401938 - 360: OrgChartPortlet, click on "Show info" generates error
*Bug 408380 - Requests & Approvals area does not stay localized in UA 360
*Bug 415029 - Field Patch (360): Potential XSS vulnerability in ForgotPassword.jsf
*Bug 413918 - Field Patch (360): After clicking OK on expired pwd warning msg, user goes to default page instead of requested page
*Bug 415212 - Field Patch (360): User does not land on their default page when using iChain or Access Manager
======================================================================
Patch 360D
======================================================================
*Bug 416965 - Field Patch (360): Themes CSS is Truncating Title on Identity Portlets on Linen & IDM Standard Themes
*Bug 418730 - Field Patch (360): Using the back button with ForgotPassword causes a NullPointerException on WebSphere
*Bug 420073 - Field Patch (360): Session time-out is not handled correctly with the Resource Portlet
*Bug 422872 - Forgot Password does not work if Return Link is relative
*Bug 424905 - Field Patch (360): PasswordChange.jsf gives conflicting msgs: "Logout and close your browser..." and "Return to calling page"
*Bug 424898 - Field Patch (360): Browse to .../jsps/pwdmgt/PasswordChange.jsf behaves differently depending on login (form or auth hdr)
*Bug 423694 - Field Patch (36): Unable to login to the UA after entering incorrect Password
*Bug 424733 - Field Patch (360): Resource Portlet is not using the correct Locale
*Bug 414366 - Field Patch (360): Having a comma in the cn causes problems with the Detail Portlet
*Bug 425867 - Field Patch (360): Login.jsf appears incorrect when switching tabs in IE7
*Bug 426026 - Field Patch(360): Customised user app login screen image does not display correctly in Firefox 3
*Bug 425870 - Field Patch (360): Login.jsf appears incorrect with FireFox3
*Bug 425551 - Field Patch (360): Resource Portlet throws ClassCastException after session time-out
*Bug 425841 - Field Patch (360): User Application/MS Exchange Email Connection Closed by Exchange - email is lost
*Bug 424437 - Field Patch (360): ForgotPassword fails with a NullPointerException when using the Back Button if Users have not set their ChallengeResponse Questions
*Bug 426261 - Field Patch (360): field.fireEvent("eventname",customdata) does not work and throws incorrect error
*Bug 425499 - Field Patch (360): User App should recover gracefully from LDAP restart or connection issue
*Bug 431705 - Field Patch (360): A flow with a Timedout link, fails with a DataItemException if the timedout action occurs
*Bug 430731 - Field Patch (360): "Requested By" fields on the approval need to be meaningful
*Bug 431808 - Field Patch (360): A failed User Defined Question appears to actually be saved when running on WebSphere
*Bug 431959 - Field Patch (360): Updating a Challenge Set Questions multiple times throws an error when running on WebSphere
*Bug 432195 - Field Patch (360): Challenge Set Questions are not saved correctly when running on WebSphere
*Bug 433819 - Field Patch (360): Should be able to sort the Network File Portlet
*Bug 436228 - Field Patch (360): http 404 errors are thrown (behind the scenes) when accessing My Tasks page
*Bug 437702 - Field Patch (360): Potential XSS vulnerability in Page Navigation
*Bug 436588 - Field Patch (360): Return and Cancel Buttons from the Detail portlet see the wrong entity when modifying self
*Bug 436913 - Field Patch (360): Challenge Response Questions are not saved when updating two times in the same session
*Bug 439847 - Field Patch (360): ForgotPassword is not validating all fields are answered before submitting when running on WebSphere
*Bug 436473 - Field Patch (360): Potential XSS vulnerability with UIQuery
*Bug 400875 - Field Patch (360): UA Driver fails to start on NetWare
*Bug 431638 - Field Patch (360): Role Approver Workflow terminates with error if Approval Activity times-out
*Bug 441476 - Field Patch (360): linebreaks are not hidden when the CheckboxPicklist field is hidden on a Request or Approval form
*Bug 442097 - Field Patch (360): No Challenge Response check when using iChain or Access Manager
*Bug 425166 - Field Patch (360): Unable to set availability when locale is set to German
======================================================================
Technical Support Information: If you experience any issues with this Patch, please open a Service Request with the IDM User Application Support Team
security fixes
There is the ability to Post scripts to a page navigation within the User Application
*Bug 437702 - Field Patch (360): Potential XSS vulnerability in Page Navigation
There is the ability to Post scripts to the UIQuery within the User Application
*Bug 436473 - Field Patch (360): Potential XSS vulnerability with UIQuery
file contents
| Files Included | Size | Date |
|---|---|---|
| UA360D-Windows.zip | 28.5 MB (29980226) | 2008-12-17 10:31:59 |
| UA360D-Linux.tar.gz | 34.0 MB (35700978) | 2008-12-17 10:30:56 |
| readme_5040041.html | N/A | 2008-12-17 11:33:46 |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.
Novell is a registered trademark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG, a Novell business. *All third-party trademarks are the property of their respective owners.
© 2007 Novell, Inc. All Rights Reserved.