Release 4.2.1.3
The log below describes the changes in v4.2.1.3
| Issue key | Summary |
|---|---|
| OE-1642 | Resolve New container vulnerabilities |
| OE-1624 | Issues when calculation business rules when request came from web service |
| OE-1622 | 4.2.1.3 vulnerabilities |
| OE-1621 | UI container vulnerabilities |
| OE-1613 | Self-registration - improved Sponsored Accounts support so that sponsored accounts can Be Sponsors |
| OE-1609 | Apply protocol changes for provisioning operations on .NET/PS connectors |
| OE-1608 | Change SEARCH request parameter in all .NET/PS connector |
| OE-1600 | After run uninstall and then install again |
| OE-1597 | Vulnerabilities in Cassandra and Activiti |
| OE-1595 | Make changes in conf files behind the scenes |
| OE-1592 | Add column of last login into User_report |
| OE-1591 | Improve doc for oracle connector |
| OE-1589 | Rename label in business rule |
| OE-1573 | Authentication Provider page broken as Scopes not getting searched due to change in BR screen |
| OE-1572 | [SysConf] 'Show the Area Code on Phone Numbers' flag status as false is not working |
| OE-1571 | [SysConf] Are Challenge Response Questions Secured? flag status change to true does not hide answers on the page |
| OE-1570 | Selecting the date calendar UI issue |
| OE-1557 | Introduce rest API to search oAuth client by client ID |
| OE-1555 | Support for automated deployments |
| OE-1554 | SPS Improvements: RabbitMQ Parallel Booting |
| OE-1551 | SPS Improvements: Update stash |
| OE-1550 | Add ability to configure additional JavaOpts in terraform.tfvars or values.yaml |
| OE-1547 | Improve default resource limits |
| OE-1544 | Validate smoothness of openiam-cli init |
| OE-1533 | Update mod_openiam C libs to use openssl 3.0 |
| OE-1532 | Update lib-ssl to v3.0 in the rProxy |
| OE-1530 | Fixing broken umlauts characters for .net connectors. |
| OE-1529 | Describe dev CI using |
| OE-1528 | ADPowerShellValidation.groovy Improvements |
| OE-1527 | ADValidation.groovy classname update |
| OE-1525 | ADGroupSyncAttributes.groovy class name update |
| OE-1524 | Internal Error on saving role with description more that 400 characters |
| OE-1522 | Modify RPM Installation for ElasticSearch Curation |
| OE-1520 | Curate ElasticSearch documents which Don't need to be kept |
| OE-1518 | Log4j vulnerabilities |
| OE-1517 | Upgrade Apache web server and JDK to resolve security vulnerabilities |
| OE-1516 | Add support for Rancher deployments |
| OE-1515 | Resolve vulnerability in the RabbitMQ-K8 container |
| OE-1511 | Fixing memory traffic for SEARCH operation with multipart responses in .net connectors |
| OE-1509 | Can't instantiate GroovyScriptEngineIntegration in groovy for script connector |
| OE-1507 | Fix call of pre/post processor for class DeleteGroupProvisionOperation |
| OE-1506 | Problems on authentication policy page |
| OE-1504 | Clone Managed system is broken |
| OE-1502 | ESB get error on start with custom VAULT_SECRET_PATH |
| OE-1498 | [User Bulk Operations] Search Resource - Search by resource type is not working |
| OE-1497 | [User Bulk Operations] Reset Password - For auto generate password selection, checkbox for Send password via email should be disabled and checked |
| OE-1496 | [User Bulk Operations] Search Group - Search by managed system is not working |
| OE-1495 | [User Bulk Operations] Items displayed per page shouldn't be empty by default |
| OE-1494 | Synchronization configuration list is empty in webconsole. |
| OE-1489 | The business rules filter by status does not work. |
| OE-1483 | Managed systems are not being saved as part of the business rule target |
| OE-1482 | Error in the preview of business rules |
| OE-1480 | ManSystem attribute table - remove metadata element dropdown, it's not applicable for ms attributes |
| OE-1479 | Merge SOAP and REST Workday connectors |
| OE-1467 | Can't add child/parent organization to an organization |
| OE-1458 | Openiam-cli shows incorrect status of services |
| OE-1450 | Workday Connector changes for Company Attribute |
| OE-1445 | Improve Workday Rest Connector |
| OE-1444 | Resolve container vulnerabilities in rProxy and Janus Graph |
| OE-1441 | Create a workday connector documentation |
| OE-1436 | Implement rest API to create audit logs from third-party systems |
| OE-1431 | Improve synchronization configuration list |
| OE-1430 | Role manager summary view should also show the description |
| OE-1426 | Need a filter query to syncing certain number of records from Workday API Connector instead of all the records |
| OE-1425 | CSV sync groovy issues |
| OE-1422 | UI Issue: Complete Button text not displayed on User Entitlement screen |
| OE-1421 | Issue with role search on Role Screen |
| OE-1411 | Error message is displayed on screen if MAILBOX CONFIGURATION template Mandatory fields is left blank |
| OE-1405 | user report is blank for supervisor filter |
| OE-1401 | Optimize performance and memory when import from target to OpenIAM |
| OE-1394 | Large dataset can't be pulled when using RDBMS sync adapter |
| OE-1393 | user termination is not reflecting in AD on moving user form normal Ou to disabled ou |
| OE-1391 | User is provisioning to AD with out group as a Member Of |
| OE-1388 | Allow to customize email templates in user workflows |
| OE-1352 | Fixing showing SSO application icons for App Launcher macOS version |
| OE-1347 | Synchronization Page Not loading |
| OE-1345 | Group search does not work if there is "-" hyphen in group name on role entitlement screen |
| OE-1344 | Error is displayed on screen if MAILBOX CONFIGURATION template field is left blank |
| OE-1343 | Message is not clear on UI when we tried to save MAILBOX CONFIGURATION |
| OE-1342 | Business rule: dropdown to select groovy script must be autocompleted with groovy scripts in suggestions |
| OE-1338 | Cant' submit self-registration form |
| OE-1337 | Show email/phone on webconsole user search result regardless of published status of these objects |
| OE-1329 | Report showing reconciliation failures |
| OE-1327 | Additional User Search Criteria -No result found Issue |
| OE-1325 | Create User Template Supervisor search is not accurate |
| OE-1322 | Gluster alternative for Redhat Linux |
| OE-1321 | Add support for pipe deliminated files |
| OE-1319 | User superior selection pop up appears while selecting subordinates |
| OE-1317 | User history - pagination disappears after closing event details |
| OE-1316 | User Entitlement - Items per page display is messed up on Resource entitlement table |
| OE-1315 | User History - current date as a start date selection filter is not working |
| OE-1314 | Reset password in webconsole doesn't save password for non default managed system in DB |
| OE-1313 | [IT Policy] - User unable to login when IT policy is activated |
| OE-1307 | Distorted web elements on system sysconfig page |
| OE-1274 | Uploading file with not supported extension doesn't show an error |
| OE-1271 | [User Search] Additional User Search 'Role' added from config is NOT reflecting on User search page |
| OE-1270 | [User Search][Enhancement] Support to clear individual search criteria selected during user search |
| OE-1269 | [User Search][Enhancement] Add 'view items per page' (10,30,50) to User Search results |
| OE-1267 | [User Search] Search text appearing as a reference to the search criteria is messed up |
| OE-1266 | [User Search] 'Clear' button should clear search results along with search criteria |
| OE-1265 | Improve audit logging for sync and upload comments in request |
| OE-1263 | Business rules interface - show the managed system for entitlements |
| OE-1257 | [User Admin] Email type resets to null while editing user |
| OE-1254 | [User Admin] User should be blocked from using future date as birth date while creating new user - add validation |
| OE-1253 | [User Admin] Can not clear user selection for 'copy existing user accesses' while creating new user |
| OE-1252 | [User Admin] Can not clear Supervisor once selected |
| OE-1250 | Bug searching names with accents |
| OE-1246 | Not receiving credentials mail on user sync from AD to openiam |
| OE-1238 | Button Overlap on Delete managed system confirmation pop-up |
| OE-1237 | No able to add principal name and employee id in create request self-service portal |
| OE-1233 | [Selfservice] Directory Lookup is missing from the UI |
| OE-1227 | Put validation of verification of email/phone on server side |
| OE-1224 | User Approver association is not working |
| OE-1219 | request reminder NPE |
| OE-1218 | disable user from UI (direct reports screen) by manager should not initiate workflow |
| OE-1211 | problem with newly created roles/groups/resources/users and integrity with Graph/Elasticsearch during update |
| OE-1210 | add comment in email when auto delegate |
| OE-1195 | Entitlement report |
| OE-1194 | Improve the USER_REPORT to allow extracting either "all" users and by multiple status'. Additional attributes also need to be added |
| OE-1170 | Improving filtering in SAP |
| OE-1164 | Access Rights for all the configured applications to be made accessible |
| OE-1156 | Test case #10 A user submitted an access request on behalf of another user. Email was not sent to the user that made the request. |
| OE-1135 | Problem with business rules |
| OE-1116 | Workday connector |
| OE-1099 | Manage passwords of related account when primary user changes its own password |
| OE-1081 | SafeNet Authentication Service (SAS) |
| OE-1078 | Entitlements are not being deprovisioned on the end date |
| OE-1074 | Regression issue - call to start workflow no longer compiles. |
| OE-1071 | Create default configuration for SAP Successfactors connector |
| OE-1059 | If User has banded symbols(like space) in last /first/name or email or login sync can't save user |
| OE-1058 | Hide private key body from the public access from REST API |
| OE-1051 | Business rules Groovy are not running. |
| OE-1043 | Request-approval flow does not process the start date |
| OE-1018 | User can change email address after validation |
| OE-1008 | Apache webserver vulnerabilities |
| OE-1006 | Task that must be claimed can be approved from approve list |
| OE-994 | Implementing custom unlock screen for macOS credential provider |
| OE-986 | Allow user to select manager(sponsor) when doing self registration |
| OE-985 | preview users by application throws internal error |
| OE-979 | Newly created metadata element is displayed by ID not by name |
| OE-978 | Task administration throws error when trying to open any task |
| OE-975 | If the only one option for OTP enabled, end users sees error |
| OE-974 | resave of auth provider erases resource properties |
| OE-963 | Increase name and description column of table ROLE and GRP |
| OE-956 | Position change activiti requests don't appear in list of requests to approve for approver |
| OE-953 | Can't create revoke access request |
| OE-950 | Mail Sender - can't send some email (NO_ACTIVE_EMAIL_CONFIGS) |
| OE-948 | Group Entitlements changes - doesn't trigger group provision |
| OE-940 | Access certification campaign fails to run due to issue with scope report |
| OE-935 | Term "Default approver" in an approval flow is not intuitive |
| OE-934 | Request approval computes the wrong dates if a duration has been selected |
| OE-933 | Web Authentication - Internal error |
| OE-927 | [Self Registration Config] Issues found with template fields addition |
| OE-916 | Update UI issues with the my approvals screen based on details provided |
| OE-913 | If the only one option for OTP enabled, end users sees error |
| OE-911 | QA Findings [release 4.2.1.1 - 4.2.1.2] |
| OE-908 | When manual managed system don't have connectors then its entitlements can't be displayed in certification task |
| OE-898 | Edit user workflow should follow same model of approver associations |
| OE-897 | UI improvements for View Direct reports and My Access screen |
| OE-896 | Week of Sept 20th |
| OE-891 | API getUserBetweenLastDate ignores actual date range |
| OE-885 | Delegate Request email - incorrect link in email |
| OE-882 | Self-registration flow improvements |
| OE-881 | Unique series generator impl |
| OE-876 | add support of AD fileShare provisioning |
| OE-871 | Provision / synchronizaion user groups for linux not correct for few groups |
| OE-870 | new version of spring has bug in AbstractJackson2HttpMessageConverter (sslRestTemplate ) |
| OE-868 | Migration from v3 to v4 supposed to erase activiti data |
| OE-865 | Introduce Apple ID single sign on |
| OE-864 | Migrate View My Access selfservice page to React framework |
| OE-862 | Improve review my access page in selfservice |
| OE-861 | Dynamic combobox doesn't work as expected |
| OE-860 | IPA connector: add support for group provisioning |
| OE-859 | BCC sending email functionality has error |
| OE-857 | Improve service account selection in our access review process |
| OE-842 | Migrate View Direct reports selfservice page to React framework |
| OE-838 | Social Login for Apple |
| OE-832 | PostbackUrl management for login again after reset account or forgot username and etc.. |
| OE-831 | request administration is unable to open request if number is duplicated |
| OE-829 | Unable to login to Selfservice for a new user when multiple auth methods are set |
| OE-820 | Kronos - implement add operation |
| OE-819 | Business Rules - performedActions are null |
| OE-818 | Improve Policy Map for membership attributes |
| OE-817 | Business Rules - can't change target for existing business rules |
| OE-816 | Provide the option to renew access (via a email notification) |
| OE-815 | Revoke access when access expires |
| OE-814 | Send notification n days before access is going to expire |
| OE-810 | Request / approval improvements |
| OE-794 | Forgot username |
| OE-793 | Refresh token |
| OE-792 | Get token |
| OE-789 | logout |
| OE-787 | Improve swagger documentation for essential services |
| OE-772 | Add managed system information to connector related events |
| OE-768 | Ldap connector doesn't delete membership for Active Directory. |
| OE-765 | Google connector - can't sync user-group memberships |
| OE-741 | social registration does not populate fields of selfreg form |
| OE-740 | when error on social login then returned login page is empty |
| OE-732 | [UI Theme] Uploaded Login Selfregistration and application logo doesn't appear on Chrome and Edge |
| OE-722 | Kronos - implement incremental sync |
| OE-699 | Internal Error appears while adding Self Registration Workflow step when only Name field is entered |
| OE-692 | Business rules: improvements/bug fixes |
| OE-689 | Business rules: put name of the target in title of popup window |
| OE-688 | if business rule is modified then un_do target got cleaned up |
| OE-670 | [OTP Provider] Cancel OTP provider gives 404 error |
| OE-667 | Misc issues (audit improvements and others) |
| OE-662 | Create User from Webconsole |
| OE-656 | Implementing custom credential provider for Windows using (.Net) |
| OE-547 | Internal Error when delete user who is a UAR manager |
| OE-530 | Credential provider for MacOS |
| OE-513 | Automatic Provider Failover with a Primary and Secondary config; - Primary/Secondary support for Out-of-band delivery (OTP - SMS, Mail, Voice etc) |
| OE-494 | OIDC Certification test - related findings |
| OE-80 | Migrate upload storage volume to k8 |
| OE-134 | Fix and enable CreateUserRequestSeparateWorkflowTest.approveWithDefaultResource |
| OE-118 | Ldap connector doesn't work on clean install unless you force to save it from UI |
| OE-145 | Fix json parser in r-proxy |