IDM Roles Based Provisioning Module 370 Field Patch D
This document (5085293) is provided subject to the disclaimer at the end of this document.
patches this patch supersedes
| File | Product | Status | Patch |
|---|---|---|---|
| UA370C-Windows.zip | Identity Manager Roles Based Provisioning Module 3.7 | Obsolete | IDM Roles Based Provisioning Module 370 Field Patch C |
patches that supersede this patch
| Product | Status | Next Superceded By | Last Superceded By |
|---|---|---|---|
| Novell Identity Manager Roles Based Provisioning Module 3.7 | Obsolete | IDM Roles Based Provisioning Module 370 Field Patch E | IDM Roles Based Provisioning Module 370 Field Patch E |
patch attributes
document
abstract
Field Patch 370D for Identity Manager Roles Based Provisioning Module 3.7.0 (User Application 3.7.0)
details
Overview: Field Pathc 370D for Identity Manager Roles Based Provisioning Module 3.7.0 (User Application 3.7.0)
System Requirements: Windows, SLES, RHEL, or Solaris
Installation: This is explained in the README.1st and README files withing the achieve file.
Outline of the Patch Installation Steps
1) Stop the Application Server
2) Make a back-up of the User Application war file and place it is a safe folder (outside of your install directory)
3) Extract the contents of the archive to your hard drive
4) Launch PatchUserApp (as the same user who installed the User Application. and make sure to use the correct installer)
4.a) On the second screen you will select the 'Choose' button, navigate, select patch file (For Example: UAPatch370A.zip), then press Open, and then press Next
4.b) On the third screen you will select the 'Choose' button, navigate to your install directory and select the install.properties file, then Press Open, and then press Next
4.c) Take the defaults on the reset of the screens
*If this installation of the User Application is the non-provisioning version, near the end of the Patch process, you will receive errors about not finding jar(s) Please press OK and let the patch install continue. This is expected behavior since you have the non-provisioning Install of the UA. We only create one version of the patch*
**If this installation of the User Application is on Windows, you will receive an informational warning at the end of the patch install that the "openwar" directory may not have been deleted and that you need to check. If the openwar directory (located in \idm\jboss\server\IDM\deploy directory for example) does exist, please delete as the informational warning outlines. **
5) Once the Patch installation has finished, complete the manual steps that are outlined in the README (They are located under "Special Instructions" for the bug that they apply to:
For Example:
**************************************************************
*******************Special Instructions*******************
**************************************************************
6) Once the above has been completed and the Application Server has been restarted or the war has been re-deployed, you can confirm the patch level. To accomplish this, login to the User Application and press the Help link in the Header you will see the information similar to the following at the bottom of the page:
Identity Manager version 3.7.0 Patch A
Build Revision 35233
NOTE: The Patch level should match the version of the patch you just installed.
Uninstalling: This is explained in the README.1st within the archive file
Problems Resolved:
======================================================================
Patch 370A
======================================================================
Bug 443089 - Using special characters with IDVault.globalQuery() causes script error
Bug 471569 - Localization will overwrite Patch Level information
Bug 477961 - DNContainer control: Allow attribute name to be displayed instead of O/OU name
Bug 523810 - Audit: Attestation_Request_Failure event is not logged in Audit
Bug 524831 - User Application NOOP thread can cause a Sendmail server to slow down responses
Bug 528744 - I18N: The tooltips for some buttons in the creating user page always display in language set for browser
Bug 530331 - Filter criteria values in the Filter dialog on the Role Relationship tab is not cleared
Bug 531265 - Label for Value Field is not displaying the correct locale when assigning - always show EN
Bug 531268 - Field Patch (370): User Application and DNContainer control doesn't sort alphabetically
Bug 531882 - IE: seesion timeout warning dialog hide behind lookup window
Bug 532034 - Expiration Date option should not be displayed when the type of assignment is Group or Container
Bug 532092 - All the roles are not listed in the Filter in Administrator Assignment Page
Bug 532270 - Disable revoke resource approval configurations with checked Same as Grant Configuration
Bug 532316 - No way to refresh the result list after 'Rows' value is changed via keyboard
Bug 532448 - Provisioning Admin is not able to see the history comments of 'Provisioning Manager' Role
Bug 532504 - Errors generated when creating a resource in non-EN languages with a space at the end
Bug 532510 - Exception occurs when creating a role in a non-EN language that contains a space at the end
Bug 532576 - Roles should not be added to ACLs when user creating them is role admin and role manager
Bug 532723 - I18N - Resouce name is always displayed as English in "Resource Assignment" process
Bug 533359 - User Application not connecting to metadirectory using non secure port (389)
Bug 533639 - Manage Mode: User selected Role is not selected through Look Ahead support
Bug 533999 - I18N - Resource Description is always English in "Add Resource Association" page
Bug 534355 - L10N (zh_CN,zh_TW) - String "Add Resource To User" is not localized in "Task Notification"
Bug 534679 - I18N - In Role Report, double byte and Russian characters can not be displayed for "Role Name" and "Description" when locale is English
Bug 534682 - I18N - Roles can not be exported completely in the role report when locale is double-byte locale or Russian
Bug 534715 - I18N - Error message is displayed in browser locale language in "Request User Profile Attestation Process" page
Bug 535069 - IE 7, IE 8 only - "Select driver" list can not pop up if "Add Language" list is expanded
Bug 535229 - Doing password management with rest, if User in URI is not the same as logged in user, stacktrace generated
Bug 535520 - I18N - Portlet names are not localized after they are imported
Bug 536381 - icons are not disabled when the first time Resource/Role custom approval is not selected
Bug 536562 - Field Patch (370): Email notification on delegate assignment is not working
Bug 536700 - The Session Timeout Warning is unclickable if shown on top of a GWT dialog
Bug 537042 - EboClusterManager error when logging in to one of the servers in a cluster
Bug 537110 - Using SAP SSO user is not landing on WorkDashboard
Bug 537241 - Modifying a Container Page throws ResourceBundle errors
Bug 537416 - NMAS Timeout causes intruder lockout increment
Bug 538004 - I18N - SoD name is always displayed in English in "Assign Role" window
Bug 538396 - Proper Validation message should be displayed for 'DisplayLabel' in Attestations, if the user does not enter any value
Bug 538437 - Password: User is still allowed to navigate to Workdashboard/Roles tab without changing the password
Bug 538439 - Resource Administrator not able to assign “Configure Resources Settings” Permission to user
Bug 539225 - Manage Mode:Error message displayed when a role/resource team member is selected
Bug 539597 - Red Error Message Escape from incomplete Resource Assignment
Bug 539741 - I18N: The tooltips for two buttons in the Work Dashboard page always display in language set for browser
Bug 539827 - SCRIPT in userid causes XSS attack on user application
Bug 540041 - I18N: error.jsp does not specify UTF-8 encoding
Bug 540219 - Password Hint causing XSS vulnerability in Forgot password page
Bug 540911 - Unable to create/Edit/Delete SoD
Bug 541342 - XSS vulnerability was found in Resource Catalog page
Bug 541346 - No warning is displayed for the wrong user name in look ahead support
Bug 541703 - XSS vulnerability was found in Attestation request process
Bug 541706 - Juice Error is displayed after filtering assignments in Administrator Assignments
Bug 541868 - Workflow XSS blacklist should be consistent on both client and server
Bug 541899 - database migration fails with duplicate key error
Bug 550461 - Duplicate key error updating PORTALPRODUCERS table when changing context name
Bug 551149 - Attestation table foreign key creation fails during migration
Bug 542542 - Incorrect translation for Admin Defined Challenge Questions
Bug 542825 - Field Patch (370): Error message appears in server console when attempting to delete a resource without proper permissions
Bug 542841 - Field Patch (370): identities end point contains broken link to roles
Bug 543360 - Field Patch (370): Focus differently set for IE and FF when selecting the object selector for the DNcontainer control type
Bug 544932 - Help page is not opening on Websphere
Bug 545003 - Field Patch (370): "EboHttpSession; no valid constructor" error on WebSphere intermittently
Bug 545723 - Custom Theme Deploy as Separate WAR not found by User Application
Bug 546886 - Filter does not work for Role Levels and Relationship in Role Relationships
Bug 547631 - Deleted user causes listing of "my requests" to fail
Bug 548779 - Enter Request name Field in the Attestation Save request details prompt should be filled up with the selected template name
Bug 551864 - Field Patch (370): Need to fix the code to save the correlation ID properly when executing the startWithCorrelationId SOAP end point
Bug 554963 - Field Patch (370): DN is case sensitve in PwdMgt using REST
======================================================================
Patch 370B
======================================================================
Bug 552310 - Dynamic Groups are not saved as Team Managers
Bug 554926 - Field Patch (370): If there is an additional cn, Forgot Password fails with 'User not found'
Bug 555059 - Unable to complete Challenge Response enrollement with trace enabled on com.novell.pwdmgt.actions
Bug 555843 - Field Patch (370): User Application allows the same user to open 2 Tabs
Bug 556588 - Need a "healthcheck" page in RIS.war for load balancers to detect that RIS.war is up
Bug 556772 - Field Patch (370): Link in help is not localized
Bug 558449 - Field Patch (370): Login for 15 concurrent users is ~8s to 12s when roles and resource catalogs are "large" (i.e. 20k)
Bug 558484 - Field Patch (370): Help links contain incorrect product version
Bug 560634 - Field Patch (370): Warning should not be displayed for the correct Resource Selected
Bug 557214 - Unable to use Roles when the DriverSet is in a container that start with star ('*')
Bug 550888 - Parameters do not appear if the Resource has an Entitlement
Bug 561686 - Field Patch (370): Approval information is not being stored on nrfResourceHistory
Bug 561865 - Field Patch(370): impossible to remove resource when using advanced entitlement capabilities
Bug 554360 - entitlement results not getting cleaned up
Bug 559128 - Unable to Save search results when 'Display Search criteria with the results' is set to true
Bug 560068 - Field Patch (370): Reassigned workflow approver generates 2 emails
Bug 561761 - Expose NrfResource and Code Map tables in workflow as scriptable objects
Bug 561765 - Expose CRUD resource management as soap endpoint
Bug 563866 - Static resource parameters are missing from the resource assignment request form
Bug 567265 - Threads become blocked when accessing cache during AuthManagerService in 3 server cluster
Bug 567418 - Field Patch(370): Organization Chart - DNLookups, FullName not resolved
Bug 567565 - Field Patch (370): SOAP: createRoleRequest & setRoleLocalizedString endpoint can cause xss vulnerability
Bug 567573 - Field Patch (370): XSS vulnerability for Entitlement value information in Resource page
Bug 567581 - Field Patch (370): XSS: Admin cannot see the content in PageAdmin when a page is created under Uncategorized list
Bug 567602 - Field Patch (370): Create Resource endpoint is causing xss vulnerability
Bug 568014 - Response time for logging in degrades in a cluster scenario, probably due to cache invalidations
Bug 568579 - Need to allow non-Provisioning Admin to run REST Service /wf/processes/filter=Initiator=?
======================================================================
Patch 370C
======================================================================
Bug 572134 - 'Set as Default' on a shared page doesn't work
Bug 574137 - Team Manager error "Not Yet Implemented"
Bug 574144 - Team Manager: Manage User dialog box does not disappear
Bug 578940 - Forgot Password is case sensitive for all login attributes as a result of the fix from Bug 554926
Bug 582639 - Field Patch (370): PRD with double quotes causes bad JSON
Bug 575164 - Paging navigation is not working correctly on the Resource Tab of a Role
Bug 578998 - Messages field cuts letters when Finnish Characters are used
Bug 588956 - Login sporadically stops working when UA is deployed on WebSphere
Bug 589159 - Unknown parameter 'Requests' in the server log
Bug 594330 - Potential XSS vulnerability with Return to Calling Page URL in ForgotPassword.jsp
Bug 595610 - Directory Search Export function takes an extremely long time to complete in IE
Bug 596553 - Potential XSS vulnerability with parameters in forgotUser.do
Bug 596560 - Potential XSS vulnerability with parameters in a Get call to a Portlet
Bug 597172 - Clicking on "Back to work dashboard" causes complete work dashboard to load in form detail
Bug 597312 - Field Patch (370): AFActivityTimerTasks is not properly cleaned up
Bug 597929 - Code Map Engine hardcodes en in entitlement table for AD Groups
Bug 601364 - Unable to submit a workflow via the Resource Request Portlet
Bug 602125 - Unable to submit a WF after database recovery
Bug 602211 - Field Patch (370): Close button on make a request does not work after the second request was submitted
======================================================================
Patch 370D
======================================================================
Bug 598427 - Unable to select multiple values for an Entitlement when assigning a Resource
Bug 606404 - Field Patch (370): Grace Logins are not set after user change password in UA (no matter if Organization has comma)
Bug 608630 - Field Patch (370): ENH: Provide the ability to change the size of the iFrame used for 'Make A Process Request'
Bug 613344 - Field Patch (370): Email notification does work together with Kerberos SSO
Bug 616696 - IE browser throws errors with Kerberos Logout and Login
Bug 583908 - field.setValues with keep-old-values set replaces values instead of adding new ones
Bug 617277 - Request Status always returns oldest requests
Bug 619017 - Field Patch (370): Error "There is a permission issue on some report data" shown in Role Assignement Report
Bug 619240 - Field Patch (370): JBoss cluster failover causes work dashboard access to fail
Bug 620531 - IRemoteResource getCodeMapValues method throws NPE
Bug 622587 - Unable to create a Team with a custom defined Group Entity
Bug 608272 - Finnish locaization display date format incorrectly
Bug 624092 - Group membership >250 assigned to role result in only 250 users getting entitlement
Bug 626048 - Field Patch (370): Incorrect resource removal
Bug 626067 - Field Patch (370): A NPE is thrown if nrfEntitlement or DirXML-EntitlementRef has a empty tags which cause other Resource to not be assigned
Bug 627729 - Field Patch (370): Browser continue to maintain old security context after a cluster Failover
Bug 611066 - ERROR: description not found in ResourceBundle com.novell.afw.portal.artifacts.page
Bug 626097 - Password change does not give confirmation
Bug 626270 - A NPE is thrown when trying to add or remove Resources or Roles
Bug 626430 - Generic Password Policy not working
Bug 629931 - Field Patch (370): Unable to assign a Resource to a User, if the resource has a request form
Bug 571849 - Inconsistent behavior of '&' character in Password Hint
Bug 621352 - Changing password with "&" symbol truncates password
Bug 632488 - Unable to submit a workflow via the Resource Request Portlet with certain non-English languages
Bug 633303 - With new Kerberos filter enabled, unable to access Forgot Password
Bug 633306 - With new Kerberos filter enabled, unable to access SOAP Endpoints
Bug 633774 - Field Patch (370): Newly created User is not able to login after Grace login message
Bug 630733 - A blank Challenge Response page is presented instead of an error message
Bug 606404 - Field Patch (370): Grace Logins are not set after user change password in UA (no matter if Organization has comma)
(re-spin) Bug 611066 - ERROR: description not found in ResourceBundle com.novell.afw.portal.artifacts.page
Bug 636854 - Hitting Password change direct URL skips Challenge Response after changing password
Bug 639622 - Role request - Approval loops between users in a Group
Bug 640360 - Tasks do not appear for the Delegatee if they are Provisioning Manager or Provisioning Administrator
Bug 641187 - Field Patch (370): User is getting created using ASCII charaters (<) of non supported characters(<) in user name
Bug 641216 - Field Patch (370): The UserApp does not work after the user login if the user ID includes character '#' at first
Bug 641357 - Field Patch (370): Invalid characters in passwordPolicy is causing failure to login
Bug 641401 - Field Patch (370): < > in user ID is causing challenge response error (Part 1 & Part 2)
Bug 641741 - Delegation assignment is performing exact case comparison
Bug 641747 - requestResourceGrantRequest soap endpoint does not work with multi-valued Entitlement parameters
Bug 644581 - Field Patch (370): The getDefinitionByID SOAP call must use the current ctx user when the recipient is not passed in
Bug 645087 - process.getName() variable displays always the English name of the provisioning request
Bug 653516 - XSS vulnerability found in Approval Form
Bug 654802 - DNLookup control does not completely hide when 'Use Autocomplete' is enabled
Bug 639563 - Field Patch (370): Old credentials are used after password change
Bug 645980 - WF form not localized for Hebrew
Bug 649286 - Unable to get a user's FullName or directReports via the Identities REST endpoint
Bug 650168 - Field Patch (370): Unable to configure SSO Controller
Bug 655734 - Code Map refresh does update the description column of a valued entitlement
======================================================================
security fixes
Potential XSS vulnerability in the Approval Form
Bug 653516 - XSS vulnerability found in Approval Form
CVE-2010-4324
file contents
| Files Included | Size | Date |
|---|---|---|
| UA370D-Solaris.tar.gz | 43.4 MB (45532877) | 2011-01-04 05:12:11 |
| UA370D-Windows.zip | 267.2 MB (280232850) | 2011-01-04 05:11:22 |
| UA370D-Linux.tar.gz | 43.4 MB (45532845) | 2011-01-04 05:13:00 |
| readme_5085293.html | N/A | 2011-09-27 17:29:43 |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.
Novell is a registered trademark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG, a Novell business. *All third-party trademarks are the property of their respective owners.
© 2007 Novell, Inc. All Rights Reserved.