Autonomous Identity 2022.11.9

Changelog

ForgeRock continuously provides updates to Autonomous Identity to introduce new features, fix known bugs and address security issues.

Key fixes

2022.11.9

This release contains a collection of security fixes. This version requires Opensearch and Opensearch Dashboards 1.3.14.

2022.11.8

This release contains a collection of security fixes.

2022.11.7

This release contains a collection of security and bug fixes. Additionally, Autonomous Identity requires Opensearch 1.3.13 in this release.

2022.11.6

This release contains the latest container images.

2022.11.5

This release contains a collection of security and bug fixes.

2022.11.4

This release contains a collection of security and bug fixes.

2022.11.3

The following bugs were fixed in this release as well as other security fixes:

  • AUTOID-3174: Need an assignments API

  • AUTOID-3362: Allow customer to change timeout for API container when run Opensearch query

2022.11.2

The following bugs were fixed in this release:

  • AUTOID-3329: Misspelled http header for kibana conf

  • AUTOID-3331: Elasticsearch keystore and truststore password

2022.11.1

This release contains a collection of important security fixes.

2022.11.0

The following bugs were fixed in this release as well as other security fixes:

Known Issues

2022.11.9

There are no known issues in this release.

2022.11.5

There are no known issues in this release.

2022.11.4

There are no known issues in this release.

2022.11.3
  • Discovered regression

    Autonomous Identity 2022.11.3 was originally released on 04-11-2023.

    We discovered a regression where Apache Livy has log4j1 binaries included with the deployer. If you installed 2022.11.3 before 04/13/2023, run the steps below to upgrade log4j1 to log4j2.

    If you installed 2022.11.3 after 04/13/2023, the binaries are updated, and you do not need to upgrade log4j1 binaries.

    Update log4j1 to log4j2
    1. Stop the Apache Livy server:

      ~/livy/bin/livy-server stop
    2. Back up your old log4j and related jar files:

      cd ~/livy/jars
      mv log4j-1.2.16.jar ~/log4j-1.2.16.jar.bkp
      mv slf4j-log4j12-1.6.1.jar ~/slf4j-log4j12-1.6.1.jar.bkp
      mv slf4j-reload4j-1.7.36.jar ~/slf4j-reload4j-1.7.36.jar.bkp
      mv slf4j-api-1.7.25.jar ~/slf4j-api-1.7.25.jar.bkp
    3. Replace with log4j2 jar and its bridge jars:

    4. Under the conf folder, create a log4j2.properties file:

      cd ~/livy/conf
      vi log4j2.properties
    5. In your log4j2.properties file, adjust the log level and related configuration suited for your requirements:

      status = info
      name= RollingFileLogConfigDemo
      # Log files location
      property.basePath = ./logs
      # RollingFileAppender name, pattern, path and rollover policy
      appender.rolling.type = RollingFile
      appender.rolling.name = fileLogger
      appender.rolling.fileName= ${basePath}/autoid.log
      appender.rolling.filePattern= ${basePath}/autoid_%d{yyyyMMdd}.log.gz
      appender.rolling.layout.type = PatternLayout
      appender.rolling.layout.pattern = %d{yyyy-MM-dd HH:mm:ss.SSS} %level [%t] [%l] - %msg%n
      appender.rolling.policies.type = Policies
      # RollingFileAppender rotation policy
      appender.rolling.policies.size.type = SizeBasedTriggeringPolicy
      appender.rolling.policies.size.size = 10MB
      appender.rolling.policies.time.type = TimeBasedTriggeringPolicy
      appender.rolling.policies.time.interval = 1
      appender.rolling.policies.time.modulate = true
      appender.rolling.strategy.type = DefaultRolloverStrategy
      appender.rolling.strategy.delete.type = Delete
      appender.rolling.strategy.delete.basePath = ${basePath}
      appender.rolling.strategy.delete.maxDepth = 10
      appender.rolling.strategy.delete.ifLastModified.type = IfLastModified
      # Delete all files older than 30 days
      appender.rolling.strategy.delete.ifLastModified.age = 30d
      # Configure root logger
      rootLogger.level = info
      rootLogger.appenderRef.rolling.ref = fileLogger
      log4j1.compatibility = true
    6. Restart Apache Livy:

      cd ~/livy/
      ./bin/livy-server start
    7. Check that Apache Livy is up and running. You can access a log on an analytics jobs. Specific Autonomous Identity logs are at ~/livy/logs/autoid.log.

2022.11.2

There are no known issues in this release.

2022.11.1

There are no known issues in this release.

2022.11.0

There is a known issue with RHEL8/CentOS Stream 8 when Docker swarm overlay network configuration breaks when the outside network maximum transmission unit (mtu) is smaller than the default value. The mtu is the maximum size of the packet that can be transmitted from a network interface.

When deploying a multinode configuration on RHEL 8/CentOS Stream 8, run the following steps:

  1. Check mtu for docker0 and eth0 using ifconfig | grep mtu.

  2. Set the docker0 mtu value to be equal to eth0 using sudo ifconfig eth0 mtu 1500. Make sure to set the command on all nodes and also after each virtual machine reboot.

Deprecated

2022.11.0–2022.11.9

No functionality has been deprecated in these releases.

Removed

2022.11.0–2022.11.9

No functionality has been removed in these releases.