Fixed Issues

IDM 7.0.1

IDM 7.0.1 introduces important security fixes for current IDM 7.0.0 deployments.

IDM 7.0.0

The following important bugs were fixed in the IDM 7.0.0 release. For details and information on other issues, see the IDM issue tracker:

  • OPENIDM-14771: Managed user property that is userEditable and nullable isn't visible on Enduser UI.

  • OPENIDM-14379: non-unique id: W3C uncompliant coding in Admin UI for multiple linked system

  • OPENIDM-15150: IE11 script error in End-User UI

  • OPENIDM-12131: UI javascript errors when a property does not have a nativeType attribute in a provisioner config file

  • OPENIDM-14082: Admin UI Single Record Reconciliation Find Source Record could result in 400 error

  • OPENIDM-14114: Syslog audit event handler host and port are not automatically populated when editing an existing syslog audit event handler in the admin ui

  • OPENIDM-14046: Duplicates of the same workflow process show within the end user UI

  • OPENIDM-14907: Admin UI displays "ERROR WITH SCRIPT" for any property mapping with transform script

  • OPENIDM-13064: End User admin link broken when Self-Service relative URL is not "/"

  • OPENIDM-12796: jsonstorage "local" self-service with "uuid" option fails in multi-node cluster scenario

  • OPENIDM-14851: Duplicate links may be created with external DS repository

  • OPENIDM-12105: Delegated Admin UI Should Only Display Supported Fields in grid

  • OPENIDM-12170: Delete on managed or internal object does not return the included relationship fields that were included in the request

  • OPENIDM-12109: Able to add managed object property with illegal character via Admin UI

  • OPENIDM-14326: IDM unnecessarily writes to keystore and trustore

  • OPENIDM-13129: PATCH remove a field could result in 500 error: Can not add or remove a 'null' value

  • OPENIDM-13870: Queued sync breaks implicit synchronization

  • OPENIDM-14421: queryFilter boolean handling is inconsistent between JDBC and DS repositories

  • OPENIDM-13096: ConcurrentModificationException when invoking test action on system endpoint

  • OPENIDM-13971: Assigning tasks in enduser UI does not work

  • OPENIDM-13457: UI broken for social auth registration

  • OPENIDM-12698: Custom GitHub end-user UI not working with proxy

  • OPENIDM-13772: End User UI Delegated Administrator search doesn't encode '+' sign properly

  • OPENIDM-13119: UI does not correctly display validation for Password History

  • OPENIDM-12318: Unable to create new contacts because reCaptcha load failure

  • OPENIDM-12613: Missing Admin in the user profile drop down menu for managed object user

  • OPENIDM-13229: 'Sign in' in the registration interface has a broken link due to trailing "/"

  • OPENIDM-13075: Security questions set upon registration are not displayed properly in End User UI profile page

  • OPENIDM-14538: Exception 412 thrown when multiple updates occur on a single managed/user

  • OPENIDM-14554: Missing _NAME_ attribute in a provisioner objectTypes properties throws NPE on create

  • OPENIDM-14324: We need to be able to run Jetty.xml from a Project directory

  • OPENIDM-14519: Generic object properties within map not searchable

  • OPENIDM-14253: Admin UI: Tab key to move to next textbox does nothing after selecting Japanese input

  • OPENIDM-14424: ScriptedREST sample: Update on system endpoint proceeds though Search has no results

  • OPENIDM-11050: Mutual SSL authentication failure with external REST

  • OPENIDM-15000: Rhino: Handlebars.js is not multithreaded

  • OPENIDM-14237: Admin UI: Japanese input not saved when creating new managed object

  • OPENIDM-14184: Self-Service password reset gives no warning/explanation for passwords failing CANNOT_CONTAIN_OTHERS policy

  • OPENIDM-14528: Relationship signal propagation not working for patch operations against singleton relationships

  • OPENIDM-14900: Virtual properties are calculated incorrectly in ManagedObjectSet#handleSignalVertexUpdateFromEdge

  • OPENIDM-14349: Relationship properties not in source object when returnByDefault is true

  • OPENIDM-12964: 'Try resetting your password again' link is not working after entering KBA incorrectly.

  • OPENIDM-13265: reconById fails with sourceQueryFullEntry true on an external source

  • OPENIDM-12695: Slow response time when querying a large dataset

  • OPENIDM-12692: DelegatedAdminFilter does not dissallow relationship attributes

  • OPENIDM-13375: REST2LDAP: Null source on query-all-ids

  • OPENIDM-12513: Two different connector parameters mixed when clicking both in succession in UI

  • OPENIDM-12775: Clustered recon fails if external resource page cookie is non-unique

  • OPENIDM-12550: Workflow forms do not load in Internet Explorer 11

  • OPENIDM-13764: Type Boolean property viewable when creating a new user

  • OPENIDM-13465: Error message on Firefox when validating pattern or min length

  • OPENIDM-12335: Queued sync tasks stuck in PENDING using DS repo, search results cannot be sorted

  • OPENIDM-13314: CLIENT_CERT doesn't concat authzRoles to defaultUserRoles

  • OPENIDM-11838: Foreign language passwords don't work if they are hashed in IDM.

  • OPENIDM-12669: Admin UI Registration Page overwrites customizations in selfservice-registration.json made outside the UI

  • OPENIDM-14314: Performance degradation when using query _fields param and returnByDefault is enabled

  • OPENIDM-14489: PKCS12 keystore in IDM

  • OPENIDM-12379: /openidm/recon endpoint fails on an upgraded repository

  • OPENIDM-12259: New assignment is not reflected in onSync script hook when a new role with its members and assignments is created in one REST call

  • OPENIDM-13241: Sample password history policy results in 500 error when used with SelfService registration/reset

  • OPENIDM-13261: Fix exception in PendingLinkAction.getPendingActionContext

  • OPENIDM-12190: Router authz fails in multiple-passwords sample

  • OPENIDM-13763: Admin UI: Japanese input not working for managed user and role

  • OPENIDM-12309: "require" javascript changes are not picked up by IDM 6.5

  • OPENIDM-12359: Changing "Identity Email Field" in "User Query Form" from "mail" to another managed object property throws an error

  • OPENIDM-12897: Large integers not handled correctly in JavaScript

  • OPENIDM-12517: Adding the triggerSyncProperties in sync.json stops pushing a newly created managed object implicitly to the end resource

  • OPENIDM-13882: Admin UI sends multiple REST requests with opposite values in the payload when disabling a connector

  • OPENIDM-12804: uuid token expiry doesn't work with jdbc repo

  • OPENIDM-12498: UI: Schedule Task Scanner with empty Object Property Field gets unexpected value added

  • OPENIDM-12755: Editing of task in admin console throws validatorErrors in handlebars-4.0.5.js

  • OPENIDM-12904: Sending mail with null "to" field causes IDM to hang

  • OPENIDM-12865: jwt token fails in multi-node cluster scenario

  • OPENIDM-12254: IDM UI doesn't render linked view for SAP R3

  • OPENIDM-12941: Samples: scripted-sql-with-mysql has a syntax error in provisioner

  • OPENIDM-13721: NULL not set correctly when adding users. It is set to string of 'null'

  • OPENIDM-13740: Explicit repo table: validate mapping before CREATE

  • OPENIDM-12969: Assignment of workflow to candidate user/group fails

  • OPENIDM-12680: Reconciliation stuck in ACTIVE_QUERY_ENTRIES (or other ACTIVE_ state) and cannot be cancelled

  • OPENIDM-12376: Error retrieving scheduler jobs and firing triggers after upgrading to 6.5

  • OPENIDM-14398: end-user ui delegated admin loading could degrade with increasing number of entries in managed objects

  • OPENIDM-12206: Invalid filter in Privilege can be created and cannot be fix in UI

  • OPENIDM-12192: Modifying virtual property corrupts managed.json

  • OPENIDM-14290: Internal Server Error reported when entering double quotes into username field

  • OPENIDM-12786: Improve consent service to remove duplicate fields, include fields sourced through transform script

  • OPENIDM-14417: "ActivitiContext class cannot be found" error during queued sync

  • OPENIDM-13993: Access to the old password in a mapping condition should require decrypt()

  • OPENIDM-14535: IDM does not support IBM's PKCS11 provider

  • OPENIDM-12591: authzMembers can have duplicate entries when added using openidm.create() in scripts

  • OPENIDM-12814: Setting returnByDefault for a relationship property to true could cause reconciliation exception with DJ repo explicit mapping managed user

  • OPENIDM-14287: cli.sh keytool export and import causes IDM startup failure with 'Invalid AES key length' error

  • OPENIDM-14099: Queued sync doesn't work for mappings with names longer than 38 characters in JDBC repo

  • OPENIDM-13821: Queued sync event getting stuck in state PENDING

  • OPENIDM-13213: Editing the members property of the managed role object schema breaks conditional provisioning role members

  • OPENIDM-12827: Setting returnByDefault to true on relationship properties in managed objects DJ repo could cause missing attributes in sync.json script hooks

  • OPENIDM-14039: Exception caught marshalling a SynchronizationEvent due to missing serialization in SelfServiceContext

  • OPENIDM-14066: Recon status report showed extra recon was done

  • OPENIDM-14837: When a user has a large number of assignments, every additional assignment added takes an increasing length of time to process

  • OPENIDM-13589: Memory visibility issues dictating persisted sync-token state in the context of live-sync failures

  • OPENIDM-14654: Database creation on Azure Database for PostgreSQL fails with - ERROR: must be member of role "openidm"

  • OPENIDM-10660: User metadata is logged in the audit log when an object is changed

  • OPENIDM-11879: Workflow time zone handling is not consistent and leads to unexpected results

  • OPENIDM-14205: Exception caught marshalling a SynchronizationEvent for requests made with CLIENT_CERT authentication

  • OPENIDM-13983: Unable to delete attribute when it has "scope": "private"

  • OPENIDM-14322: Unable to delete private properties via openidm.update()

  • OPENIDM-12312: UNIQUE policy on properties other than userName not validated during self-registration

  • OPENIDM-14505: ManagedObjectSet handling of patch removal of singleton relationship field will prevent successful calculation of virtual properties based on this field

  • OPENIDM-11921: Errors logged when password-reset email URL is expired and clicked

  • OPENIDM-14501: Reset selfservice stage is checking mail attribute and not identityEmailField

  • OPENIDM-12778: Schedules to execute a file-based script are generated incorrectly via the Admin UI

  • OPENIDM-13787: Workflow filtered-query on task instance with param taskId does not work

  • OPENIDM-12681: Admin GUI: Role condition with attribute type boolean are treated as string

  • OPENIDM-14400: Deletion of roles ignores the userId

  • OPENIDM-12372: A managed object is not capable of handling simultaneous requests from an edge

  • OPENIDM-12304: IDM doesn't add suffix to CAUD transactionId propagated to external DS user store

  • OPENIDM-12332: Unable to register using a managed object other then managed/user

  • OPENIDM-12408: Object properties when set to propertiesToCheck in notification configuration don't work

  • OPENIDM-12330: Notification create date no longer stored by default

  • OPENIDM-12367: Queued sync event processing ignores discard result, possibly discards twice

  • OPENIDM-12465: Managed Object UI forms do not persist all changed fields

  • OPENIDM-12319: Audit Event Handler Port only displays first number in UI

  • OPENIDM-12186: Sample AD LDS Provisioner schema should not include SAMAccountName and is missing uid

  • OPENIDM-12188: Repo init service fails in multiple-password sample

  • OPENIDM-12208: Clustered reconciliation fails due to paging cookie from ldap AD

  • OPENIDM-13633: Enabling password history causes error for existing users when they log into the enduser UI and edit their profile

  • OPENIDM-12017: IDM CAUD syslog product name (APP-NAME) is null

  • OPENIDM-14060: Bug in the at-least-X-capitals policy regex

  • OPENIDM-14548: External REST: Calling endpoints which return a JSON array throws error

  • OPENIDM-13854: REST - Deleting user with a non existent relationship object returns 404

  • OPENIDM-13023: Include an out of the box Oracle specific bnd file in db/oracle/scripts

  • OPENIDM-13130: Viewing roles on a user with empty temporalConstraint array fails

  • OPENIDM-12833: Removing the preferences property causes admin UI mapping/association to stop responding properly

  • OPENIDM-13411: identityServer.getProperty() returns null pointer if property isn't set rather than being handled gracefully

  • OPENIDM-13160: PATCH may succeed although If-Match does not match _rev

  • OPENIDM-13497: /openidm/health/recon data inaccurate

  • OPENIDM-12632: queryFilter on recon audit fails using MSSQL as repo

  • OPENIDM-12383: API descriptor not available after setting relationship-type property to nullable

  • OPENIDM-12200: Uncaught TypeError in JavaScript console when saving reverse relationship

  • OPENIDM-12080: External Email connects to SMTP servers with TLSv1

  • OPENIDM-14520: Admin UI: IDM Recon result failure summary "View Entries" does not display entries

  • OPENIDM-14462: Trailing spaces stripped from input after " in Admin UI

  • OPENIDM-12334: UI: IDM Recon result failure summary doesn't respond to click on "View Entries"

  • OPENIDM-12709: Workflow Processes Completed have "Not Found Error" for managed/user

  • OPENIDM-14193: deletePersistedTargetIds could result in SQL exception: valid column name 'reconId'

  • OPENIDM-13966: Modifying the Display Properties of a relationship within the admin UI causes the notify attribute to be lost

  • OPENIDM-13940: Query workflow via REST with non-string parameter

  • OPENIDM-14432: Restarting IDM cluster generates error message on first node: Scheduled service "scheduler-service-group.liveSync" invocation reported failure:

  • OPENIDM-12691: Scheduler performance in IDM 6.x

  • OPENIDM-7198: Apostrophe (and likely other special HTML characters) do not render properly in the UI in some spots

  • OPENIDM-12877: Exception caught signalling deletion of edge when removing a relationship

  • OPENIDM-12354: Admin UI "Change Source to Target Association" button doesn't respond to click

  • OPENIDM-12425: Uncaught TypeError in Javascript console when editing managed role in admin UI

Read a different version of :