Changes in 7.4.x
The alias of the
dsameuserpwd has been removed from the default keystore. The
dsameUser is an internal account that
AM uses to connect to the configuration store. AM now generates the password for this account on startup,
and you can’t read or change it.
If you upgrade to AM 7.4 using the upgrade wizard
and need to roll back the upgrade, you must restore the default keystore. The upgrade wizard removes the
If you try to use a previous version of
You can now disable policy and application data stores until you are ready to use them. This means that you can preconfigure a data store before the directory server is ready. When you want to use the data store configuration, you can enable it, at which point AM verifies that it can connect to the configured store.
All default policy and application data store configurations are enabled. A new custom external data store configuration is disabled by default. When you upgrade to AM 7.4, existing data store configurations are enabled by default.
In the next AM release, the endpoint version will be incremented and the latest version will require the property to be present.
From this release, when you delete an authentication tree, any nodes referenced by that tree are also deleted, provided they aren’t referenced by another tree.
This change eliminates orphaned nodes in the configuration and lets you delete the scripts referenced by those nodes.
The behavior of queries to the
subjectattributes endpoint has changed in this release.
To override the new behavior and revert to the previous behavior, set the
org.forgerock.security.entitlement.enforce.realm advanced server property to
false, then restart AM for the change to
For security reasons you should set this property back to
true when you have updated your scripts.
AM now caches the special secret used to store the password of
amAdmin user. The expiry time of the
cache is 900 seconds (15 minutes) by default. To change the expiry time, set the
advanced server property.
For more information, refer to Store the amAdmin password in a secret store.