IDM Roles Based Provisioning Module 361 Field Patch B

This document (5040042) is provided subject to the disclaimer at the end of this document.

patches this patch supersedes

File	Product	Status	Patch
UA361A-Linux.tar.gz	Identity Manager Roles Based Provisioning Module 3.6.1	Obsolete	IDM Roles Based Provisioning Module 361 Field Patch A

patches that supersede this patch

This patch is not superseded by any other patches.

patch attributes

Security patch: Yes

Priority: Mandatory

Distribution Type: Public

http://download.novell.com/Download?buildid=EIs4bLe2kY4~

document

Revision: 2

Document ID: 5040042

Creation Date: 2008-12-17 10:58:33

Modified Date: 2008-12-17 11:19:20

abstract

Field Patch 361B for Identity Manager Roles Based Provisioning Module 3.6.1 (User Application 3.6.1)

details

Overview: Field Patch 361B for Identity Manager Roles Based Provisioning Module 3.6.1 (User Application 3.6.1)

System Requirements: Windows, SLES, RHEL or Solaris

Installation: This is explained in the README.1st and README files within the archive file

Outline of the Patch Installation Steps

1) Stop the Application Server

2) Make a back-up of the User Application war file and place it is a safe folder (outside of your install directory)

3) Extract the contents of the archive to your hard drive

4) Launch PatchUserApp (as the same user who installed the User Application. and make sure to use the correct installer)

4.a) On the second screen you will select the 'Choose' button, navigate, select patch file (For Example: UAPatch361A.zip), then press Open, and then press Next

4.b) On the third screen you will select the 'Choose' button, navigate to your install directory and select the install.properties file, then Press Open, and then press Next

4.c) Take the defaults on the reset of the screens

*If this installation of the User Application is the non-provisioning version, near the end of the Patch process, you will receive errors about not finding jar(s) Please press OK and let the patch install continue. This is expected behavior since you have the non-provisioning Install of the UA. We only create one version of the patch*

**If this installation of the User Application is on Windows, you will receive an informational warning at the end of the patch install that the "openwar" directory may not have been deleted and that you need to check. If the openwar directory (located in \idm\jboss\server\IDM\deploy directory for example) does exist, please delete as the informational warning outlines. **

5) Once the Patch installation has finished, complete the manual steps that are outlined in the README (They are located under "Special Instructions" for the bug that they apply to:

For Example:

**********************************************************
*******************Special Instructions******************
**********************************************************

6) Once the above has been completed and the Application Server has been restarted or the war has been re-deployed, you can confirm the patch level. To accomplish this, login to the User Application and press the Help link in the Header you will see the information similar to the following at the bottom of the page:

Identity Manager version 3.6.1 Patch A
Build Revision 28588

NOTE: The Patch level should match the version of the patch you just installed.

Uninstalling: This is explained in the README.1st within the archive file

Problems Resolved:

======================================================================
Patch 361A
======================================================================

*Bug 401456 - User Activity Approver Type Group - Escalated task displays wrong timeout, some cases leave extra task queued

*Bug 402322 - Blank role assignment report with special character role name

*Bug 409238 - Field Patch (361): User App allows 5 tries instead of 3 to answer challenge questions

*Bug 401766 - Role Display Name is not used in Role Assignment UI

*Bug 409327 - Field Patch (361): Cannot see custom themes when using farm deployment in JBoss

*Bug 394584 - (361): Export portlet does not resolve DN type attributes

*Bug 411286 - Field Patch (361): Canceling a Request will return the user to the last accessed page when executed from the Resource Portlet

*Bug 413912 - Field Patch (361): PasswordChange.jsf Displays w/o Login

*Bug 412737 - Field Patch (361): Change reset link in SearchListPortlet to button

*Bug 401928 - 361: OrgChartPortlet, click on "Show info" generates error

*Bug 415028 - Field Patch (361): Potential XSS vulnerability in ForgotPassword.jsf

*Bug 413917 - Field Patch (361): After clicking OK on expired pwd warning msg, user goes to default page instead of requested page

*Bug 415021 - User does not land on their default page when using iChain or Access Manager

*Bug 410052 - Hitting "Too many open files" when a lot of role requests exist that require workflow

*Bug 405374 - Sort by Request Date and Deadline does not sort the Display Label as the secondary sort on View Request Status

======================================================================
Patch 361B
======================================================================

*Bug 416966 - Field Patch (361): Themes CSS is Truncating Title on Identity Portlets on Linen & IDM Standard Themes

*Bug 418733 - Field Patch (361): Using the back button with ForgotPassword causes a NullPointerException on WebSphere

*Bug 420075 - Field Patch (361): Session time-out is not handled correctly with the Resource Portlet

*Bug 405516 - Role assignment report: Null value for Role name and Role category with role that doesn't have assignment

*Bug 423722 - Field Patch (361): Forgot Password does not work if Return Link is relative

*Bug 419324 - Browse to .../jsps/pwdmgt/PasswordChange.jsf behaves differently depending on login (form or auth hdr)

*Bug 424906 - Field Patch (361): PasswordChange.jsf gives conflicting msgs: "Logout and close your browser..." and "Return to calling page"

*Bug 423696 - Field Patch (361): Unable to login to the UA after entering incorrect Password

*Bug 424732 - Resource Portlet is not using the correct Locale

*Bug 414368 - Field Patch (361): Having a comma in the cn causes problems with the Detail Portlet

*Bug 425868 - Field Patch (361): Login.jsf appears incorrect when switching tabs in IE7

*Bug 426025 - Field Patch (361): Customised user app login screen image does not display correctly in Firefox 3

*Bug 425872 - Field Patch (361): Login.jsf appears incorrect with FireFox3

*Bug 425552 - Field Patch (361): Resource Portlet throws ClassCastException after session time-out

*Bug 425843 - Field Patch (361): User Application/MS Exchange Email Connection Closed by Exchange - email is lost

*Bug 424438 - Field Patch (361): ForgotPassword fails with a NullPointerException when using the Back Button if Users have not set their ChallengeResponse Questions

*Bug 426258 - field.fireEvent("eventname",customdata) does not work and throws incorrect error

*Bug 425164 - Unable to set availability when locale is set to German

*Bug 431707 - Field Patch (361): A flow with a Timedout link, fails with a DataItemException if the timedout action occurs

*Bug 428220 - "Requested By" fields on the approval need to be meaningful

*Bug 431595 - Role Approver Workflow terminates with error if Approval Activity times-out

*Bug 427794 - Field Patch (361): Custom settings on the delagation proxy cache holders not recognized by the user application

*Bug 438900 - DN controls do not render correctly with non-standard naming attributes

*Bug 397664 - Potential XSS vulnerability with UIQuery

*Bug 432196 - Field Patch (361): Challenge Set Questions are not saved correctly when running on WebSphere

*Bug 431809 - Field Patch (361): A failed User Defined Question appears to actually be saved when running on WebSphere

*Bug 433820 - Field Patch (361): Should be able to sort the Network File Portlet

*Bug 431719 - Role Request Activity in a workflow results in nrfrequest requester problem

*Bug 437704 - Field Patch (361): Potential XSS vulnerability in Page Navigation

*Bug 436593 - Field Patch (361): Return and Cancel Buttons from the Detail portlet see the wrong entity when modifying self

*Bug 436914 - Field Patch (361): Challenge Response Questions are not saved when updating two times in the same session

*Bug 439848 - Field Patch (361): ForgotPassword is not validating all fields are answered before submitting when running on WebSphere

*Bug 435693 - Roles Reports Throw Exception with Patch A2

*Bug 431960 - Field Patch (361): Updating a Challenge Set Questions multiple times throws an error when running on WebSphere

*Bug 441083 - linebreaks are not hidden when the CheckboxPicklist field is hidden on a Request or Approval form

*Bug 439825 - Field Patch (361): Compliance Tab is not using the correct Locale

*Bug 441199 - Field Patch (361): UA logs off while running a User / Roles or SOD report

*Bug 442096 - Field Patch (361): No Challenge Response check when using iChain or Access Manager

*Bug 431581 - Pressing on a User's Name in the Org Chart Portlet causes IE to hang

======================================================================

Technical Support Information: If you experience any issues with this Patch, please open a Service Request with the IDM User Application Support Team

security fixes

There is the ability to Post scripts to a page navigation within the User Application
*Bug 437704 - Field Patch (361): Potential XSS vulnerability in Page Navigation

There is the ability to Post scripts to the UIQuery within the User Application
*Bug 397664 - Potential XSS vulnerability with UIQuery

file contents

Files Included	Size	Date
UA361B-Windows.zip	26.8 MB (28119898)	2008-12-17 10:52:19
UA361B-Linux.tar.gz	32.6 MB (34276837)	2008-12-17 10:51:39
readme_5040042.html	N/A	2008-12-17 11:19:21

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

Novell is a registered trademark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG, a Novell business. *All third-party trademarks are the property of their respective owners.