PingIDM

Fixed issues

IDM 8.0.2

The following highlighted bugs were fixed in this release:

  • OPENIDM-20345: Fixed an issue where a managed alpha_application silently created a relationship using a different valid property when an incorrect property name was provided, instead of returning an error.

  • OPENIDM-21106: Fixed a task scanner failure on db2_explicit_table caused by a varchar(29) column definition.

  • OPENIDM-21454: Fixed an issue where the SyncRetryHandler could exceed its retry limit unexpectedly.

  • OPENIDM-21493: Fixed an issue where a clustered reconciliation had no termination path when the connector was unavailable.

  • OPENIDM-21776: Fixed an issue where reconciling a large number of users through an external IDM proxy resulted in Connection is closed errors with inconsistent timing.

  • OPENIDM-21966: By default, the User-Agent header is now PingIdentity. This can be overridden in IDM using the openidm.http.client.userAgent property (for example, in resolver/boot.properties). If a User-Agent header is present in the request, the request-level header takes precedence over both the IDM configuration and the default value.

  • OPENIDM-22101: Fixed an issue where the Jetty servlet WebSocket idleTimeout was set with an incorrect duration.

  • OPENIDM-22523: Fixed a user enumeration vulnerability in the managed object ?_action=patch endpoint that did not enforce authorization before evaluating query filters. Query authorization on the target resource collection is now required and is granted through access rules or delegated admin rules.

IDM 8.0.1

The following highlighted bugs were fixed in this release:

  • OPENIDM-20533: OpenICF Provisioner Service activation fails if connector validate operation timeout occurs.

  • OPENIDM-20863: Fixed an issue where multivalued default mapping values were mutable and could change during runtime.

  • OPENIDM-20995: Fixed an issue that prevented error reports during certain operations on groups or users. For example, trying to remove a non-existing attribute or null value now correctly results in an exception message to the client if these operations are not supported by the target system.

  • OPENIDM-21363: The webserver.listener-*.json fields inputBufferSize and outputBufferSize now configure their intended buffers.

  • OPENIDM-21421: Prevent IllegalStateException when updating provisioner config for inactive provisioners.

IDM 8.0.0

The following highlighted bugs were fixed in this release:

  • OPENIDM-18495: Connector Data tab is sending a queryFilter with bad sortKeys

  • OPENIDM-19829: Time spent in authentication service is not included in access audit elapsed time

  • OPENIDM-19918: Order-agnostic comparison of array fields in sync must be optional

  • OPENIDM-20063: Syncing ldap object containing // does not work

  • OPENIDM-20142: Permanent failure caused by transient connector validation failure during provisioner service activation

  • OPENIDM-20238: Clustered reconciliation may fail with Expecting a Map or List under certain circumstances

  • OPENIDM-20337: Provisioner createCoreConfig action should omit poolConfigOption properties for non-poolable connectors