PingIDM

Fixed issues

IDM 8.1.1

The following highlighted issues were fixed in this release:

  • OPENIDM-22101: Fixed an issue where the Jetty servlet WebSocket idleTimeout was set with an incorrect duration.

  • OPENIDM-22217: Fixed an issue in the Active Directory password synchronization plugin that could cause the domain controller to restart unexpectedly during consecutive password changes.

  • OPENIDM-22524: Fixed a user enumeration vulnerability in the managed object ?_action=patch endpoint that did not enforce authorization before evaluating query filters. Query authorization on the target resource collection is now required and is granted through access rules or delegated admin rules.

IDM 8.1

The following highlighted bugs were fixed in this release:

  • OPENIDM-20345: Managed objects no longer create a relationship for a valid property when an invalid property is provided.

  • OPENIDM-20533: OpenICF Provisioner Service activation no longer fails permanently if a connector validate operation timeout occurs.

  • OPENIDM-20863: Fixed an issue where non-primitive default values for mapping properties were passed by reference, allowing unintended mutation across sync invocations.

  • OPENIDM-20995: Fixed a large increase in the volume of data fetched for static group patch operations to add a user.

  • OPENIDM-21106: Fixed a task scanner failure on DB2 explicit tables caused by undersized VARCHAR(29) date columns.

  • OPENIDM-21363: The webserver.listener-*.json fields inputBufferSize and outputBufferSize now configure their intended Jetty buffers.

  • OPENIDM-21421: Prevent IllegalStateException when updating provisioner config for inactive provisioners.

  • OPENIDM-21454: Fixed an issue where the sync retry handler could exceed the configured retry limit.

  • OPENIDM-21493: Clustered reconciliation now terminates properly when the connector is unavailable.

  • OPENIDM-21675: Fixed a NullPointerException in ConnectorInfoProviderService during testConnectorServers when an RCS cluster group has an empty serversList.

  • OPENIDM-21776: Fixed "Connection is closed" errors during large reconciliation operations between tenants via IDM external proxy.

  • OPENIDM-21965: By default, the User-Agent header is now PingIdentity. This can be overridden in IDM using the openidm.http.client.userAgent property (for example, in resolver/boot.properties). If a User-Agent header is present in the request, the request-level header takes precedence over both the IDM configuration and the default value.