Tuesday Jul 22, 2014

[Oracle Identity Manager] Custom Event Handlers

In an Identity Management system, any action performed by a user or system is called an operation. Examples of operations are creating users, modifying roles, and creating password policies. The process of any Oracle Identity Manager operation that goes through a predefined set of stages and executes some business logic in each stage is called an orchestration. The type of object that is changed by the orchestration is called an orchestration target. 

Orchestration is divided into predefined steps called stages. Every operation moves through these stages until it reaches finalization. Orchestration has the following stages:

  • Validation: Stage to perform validation on the orchestration, such as validity of orchestration parameters. Orchestration parameter is the data that is required to carry out the orchestration operation.
  • Preprocess: Stage to perform orchestration parameter manipulations or get approvals or perform Segregation of Duties (SoD) checks.
  • Action: Stage in which the action takes place.
  • Audit: Stage in which the auditing of operation is performed.
  • Postprocess: Stage in which consequent operations related to the current operation takes place. Examples of consequent operations are auto role membership and policy evaluation on a user creation.
  • Finalization: Last stage in the process to perform any clean up.

Oracle Identity Manager allows you to implement Service Provider Interfaces (SPIs) to customize the functionality of orchestration operations. Only customization of preprocess, postprocess, validation, and finalization stages of an operation in an entity orchestration is supported.

In my example, i will explain user enable operation. For example, we may want to change user's end-date when user's status change to enable.

1-) Develop custom event handler Java code.

For our example, I will use Postprocess stage therefore our class must be extended from oracle.iam.platform.kernel.spi.PostProcessHandler.

public class RoleUserEventManagement
  implements PostProcessHandler
{
private RoleUserEventProcessors roleUserEventProcessor;

  private RoleUserEventProcessors getRoleUserEventProcessor()
  {
    if (this.roleUserEventProcessor == null) {
      this.roleUserEventProcessor = new RoleUserEventProcessors();
    }

    return this.roleUserEventProcessor;
  }

  public void initialize(HashMap<String, String> arg0)
  {
  }

  public boolean cancel(long arg0, long arg1, AbstractGenericOrchestration arg2)
  {
    return false;
  }

  public void compensate(long arg0, long arg1, AbstractGenericOrchestration arg2)
  {
  }

  public EventResult execute(long processId, long eventId, Orchestration orchestration)
  {
    Utils.logger.error("[RoleUserEventManagement][execute] : Starting.");

    EventResult eventResult = new EventResult();
    String type = orchestration.getTarget().getType();
    Utils.logger.error("[RoleUserEventManagement][execute] type : " + type);

    if ("RoleUser".equalsIgnoreCase(type)) {
      try {
String operation = orchestration.getOperation();
             User user = getUserManager().getUser(processId, orchestration);
              if (UserManagerConstants.Operations.ENABLE.name().equalsIgnoreCase(operation)) {
                    updateUserEnddate(user);
               }

      } catch (Exception e) {
        eventResult.setFailureReason(e);
      }
    }

    return eventResult;
  }

  public BulkEventResult execute(long arg0, long arg1, BulkOrchestration arg2)
  {
    return null;
  }
}

2-) Create a jar.

Create a jar with custom event handler Java class. Jar must be include the following JAR files in the class path to compile a custom class:

From the OIM_ORACLE_HOME/server/platform/ directory:
  • iam-platform-kernel.jar
  • iam-platform-utils.jar
  • iam-platform-context.jar
  • iam-plaftorm-authz-service.jar
From the OIM_ORACLE_HOME/designconsole/lib/ directory:
  • oimclient.jar
  • xlAPI.jar

3-)  Define a XML file.

<?xml version = '1.0' encoding = 'UTF-8'?>
<xl-ddm-data version="2.0.1.0" user="XELSYSADM" database="jdbc:oracle:thin:@trkist01-odb-01:1521/MIDM" exported-date="1354621487559" description="RoleUserEventManagement">
     <eventhandlers repo-type="MDS" name="RoleUserEventManagement" mds-path="/db" mds-file="RoleUserEventManagement.xml">
          <completeXml>
               <eventhandlers xmlns="http://www.oracle.com/schema/oim/platform/kernel" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.oracle.com/schema/oim/platform/kernel orchestration-handlers.xsd">
                    <action-handler orch-target="oracle.iam.platform.kernel.vo.EntityOrchestration" class="com.mypackage.oim.plugins.events.RoleUserEventManagement" entity-type="RoleUser" operation="CREATE" name="RoleUserEventManagement" stage="postprocess" sync="TRUE" order="FIRST" />
               </eventhandlers>
          </completeXml>
     </eventhandlers>
</xl-ddm-data>

4-)  Create a plug-in zip file

  a.Define a plug-in XML.

<?xml version="1.0" encoding="UTF-8"?>
<oimplugins xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <plugins pluginpoint="oracle.iam.platform.kernel.spi.EventHandler">
         <plugin pluginclass="com.mypackage.oim.plugins.events.RoleUserEventManagement" version="1.0" name="RoleUserEventManagement"/>
     </plugins>
</oimplugins>

b.Package the plug-in XML and the JAR file that contains the custom class or classes into a plug-in ZIP file.

5-) Copy zip file to OIM_HOME/server/plugins directory.
6-) Register plug-in ZIP file.

You can use the Plugin Registration Utility for registering and unregistering plug-ins. The utility uses the following files:

  • pluginregistration.xml
  • ant.properties
These files are located in the OIM_HOME/plugin_utility/ directory.

Before using the utility, perform the following:

  1. Set the values for WLS_HOME and OIM_HOME in ant.properties.
  2. For example:

    WLS_HOME =.../middleware/wlserver_10.3

    OIM_HOME =..../middleware/Oracle_IDM1/server

    In addition, set the path for MW_HOME in the ant.properties file.

  3. Build the wlfullclient.jar in Oracle WebLogic server:
      1. Change directories to WLS_HOME/server/lib.
  4. Run the following command:
java -jar ../../../modules/com.bea.core.jarbuilder_1.3.0.0.jar

To register a plug-in:

  1. Execute the ant target "register":
  2. ant -f  pluginregistration.xml register
  3. This will prompt for the Oracle Identity Manager username and password along with the server information and the location of the plugin zip file. Enter the complete path of the zip file location.

Tuesday Jun 24, 2014

[Oracle Identity Manager] Manage Child Process Forms With API

Oracle Identity Manager allows you to manage roles, responsibility or group membership as an entitlement. An entitlement granted to an account on a target system enables the account user to a specific task or function.In Oracle Identity Manager, there is one process form for each account (resource) provisioned to an OIM User. Entitlement data is stored in child process forms of the process form.

You can manage child form with Oracle Identity Manager api such as remove and add data. For this operations, you can use tcFormOperationsIntf service.

First,you have process instance key for find the right child table. 

    import Thor.API.Operations.tcFormInstanceOperationsIntf;

    private tcFormInstanceOperationsIntf service;

    /**
     * Default constructor.
     */
    public ProcessFormManagerImpl() {
        service = getClient().getService(tcFormInstanceOperationsIntf.class);
    }

    public void addDataChildProcessForm(long processInstanceKey, String columnName,
                                 String columnValue) throws Exception {
//columnName example UD_ADUSRC_GROUPNAME
        long processFormDefinitionKey =
            service.getProcessFormDefinitionKey(processInstanceKey);
        int processParentFormVersion =
            service.getProcessFormVersion(processInstanceKey);
        tcResultSet childFormDef =
            service.getChildFormDefinition(processFormDefinitionKey,
                                           processParentFormVersion);
        long childKey =
            childFormDef.getLongValue("Structure Utility.Child Tables.Child Key");
        HashMap addAttr = new HashMap();
        addAttr.put(columnName, columnValue);
        service.addProcessFormChildData(childKey, processInstanceKey, addAttr);
    }

    public void removeDataChildProcessForm(long processInstanceKey,
                                           String childFormKey,
                                           String columnName,
                                           String columnValue) throws Exception {
        long processFormDefinitionKey =
            service.getProcessFormDefinitionKey(processInstanceKey);
        int processParentFormVersion =
            service.getProcessFormVersion(processInstanceKey);
        tcResultSet childFormDef =
            service.getChildFormDefinition(processFormDefinitionKey,
                                           processParentFormVersion);
        long childKey =
            childFormDef.getLongValue("Structure Utility.Child Tables.Child Key");
        tcResultSet childData =
            service.getProcessFormChildData(childKey, processInstanceKey);
        for (int i = 0; i < childData.getRowCount(); i++) {
            childData.goToRow(i);
            String groupName = childData.getStringValue(columnName);
            if (groupName.equals(columnValue)) {
                long rowKey = childData.getLongValue(childFormKey);
                service.removeProcessFormChildData(childKey, rowKey);
            }
        }
    }

Thursday Apr 24, 2014

[Oracle Identity Manager] Management of Oracle Database Authorization

Oracle Identity Manager projects usually starts with management of user identity life-cycle from trusted resource to target systems. After completed user's identity management in first step second step is entitlement management of user's. For example role management of user's on Oracle Databases or Windows Servers or any custom applications.

I want to share my experience about management of Oracle Database authorization through Oracle Identity Manager in a project on this post.

We used three component for management of Oracle Database Authorization. These are Oracle Database Enterprise User Security(EUS), Oracle Unified Directory(OUD) and Oracle Identity Manager(OIM).  

Enterprise User Security enables you to centrally manage database users across the enterprise. This is a component of Oracle Database.

Oracle Unified Directory is a comprehensive next generation directory service that is designed to address large deployments, to provide high performance, to be highly extensive and to be easy to deploy, manage, and monitor. Oracle Unified Directory is used to role management integrated with Enterprise User Security.Integrating Oracle Unified Directory with Oracle's Enterprise User Security (EUS) enables you to store user identities in Oracle Unified Directory for Oracle Database authentication.

Oracle Identity Manager is used to management of Oracle Unified Directory user's life-cycle with right value and user's group.All of this process stars from Oracle Identity Manager and then insert user to OUD group or delete user from OUD group.So user will have rights via Oracle Unified Directory and Enterprise User Security.


Following steps explain integration of these three tools.

1- Enabling Oracle Unified Directory for Enterprise User Security by using Oracle Directory Services Manager(ODSM).

  • Connect to the directory server from ODSM.
  • Select the Home tab.
  • Under the Configuration menu, select Create Base DN.
  • On the Configuration Wizard, enter the details of the new suffix.
  • Select the EUS Enabled check box.
  • Click Create to add the new, EUS-enabled suffix.

2- After OUD has been enabled for EUS, you must update the realm information in the OUD configuration by performing the following steps:

  • Locate the LDIF template file at install_dir/config/EUS/modifyRealm.ldif.
  • Edit the modifyRealm.ldif file as follows:

-Replace dc=example,dc=com with the correct naming context for your server instance.

-Replace ou=people and ou=groups with the correct location of the user and group entries in your DIT.

  • Use the ldapmodify command to update the configuration with the edited LDIF template file, for example:

- $ ldapmodify -h localhost -p 4444 -D "cn=directory manager" -j pwd-file -v -f modifyRealm.ldif

3- Complete below configuration on Oracle Database

  • Configure your database for directory usage by using NetCA.
  • Register the database with the directory by using DBCA.
  • Creating a shared schema in the database.
  • Mapping enterprise users to the shared schema.

4-Install Oracle Internet Directory Connector to Oracle Identity Manager because of user provisioning to Oracle Unified Directory and manage groups so roles.

When complete all of above steps.First Enterprise User Security enabled on DB,then create DB roles -enterprise role- and map this roles to the Oracle Unified Directory global roles.And last manage user's Oracle database authorization with Oracle Identity Manager through Oracle Unified Directory.

P.S.: if you want to manage Oracle Database 9i you have to use Oracle Internet Directory instead of Oracle Unified Directory.

Sunday Nov 24, 2013

Oracle Identity Manager Architecture

Originally Published on Oracle Fusion Middleware Blog

Oracle Identity Governance includes Oracle Identity Manager,Oracle Identity Analytics and Oracle Privileged Account Manager. I will write about Oracle Identity Manager architecture in this post. 


In basically, Oracle Identity Manager is a n-tier standard  Java EE application that is deployed on Oracle WebLogic Server and uses  a database . 

oracle identity manager architecture


Oracle Identity Manager presentation tier has three different screen. Identity Self Service and Identity System Administration are web-based thin client. Design Console is a Java Swing Client that communicates directly with the Business Service Tier.  Identity Self Service provides end-user operations and delegated administration features. System Administration provides system administration functions. And Design Console mostly use for development management operations such as  create and manage adapter and process form,notification , workflow desing, reconciliation rules etc.

Business service tier is implemented as an Enterprise JavaBeans(EJB) application. So you can extense Oracle Identity Manager capabilities. 
-The SMPL and EJB APIs allow develop custom plug-ins such as management roles or identities. 
-Identity Services allow use core business capabilites of Oracle Identity Manager such as The User provisioning or reconciliation service.
-Integration Services allow develop custom connectors or adapters for various deployment needs.
-Platform Services allow use Entitlement Servers, Scheduler or SOA composites.

The Middleware tier allows you using capabilites ADF Faces,SOA Suites, Scheduler, Entitlement Server and BI Publisher Reports. So OIM allows you to configure workflows uses Oracle SOA Suite or define authorization policies use with Oracle Entitlement Server. Also you can customization of OIM UI without need to write code and using ADF Business Editor  you can extend custom attributes to user,role,catalog and other objects.


Data tiers; Oracle Identity Manager is driven by data and metadata which provides flexibility and adaptability to Oracle Identity Manager functionlities. 
-Database has five schemas these are OIM,SOA,MDS,OPSS and OES. Oracle Identity Manager uses database to store runtime and configuration data. And all of entity, transactional and audit datas are stored in database.
-Metadata Store; customizations and personalizations are stored in file-based repository or database-based repository.And Oracle Identity Manager architecture,the metadata is in Oracle Identity Manager database to take advantage of some of the advanced performance and availability features that this mode provides.
-Identity Store; Oracle Identity Manager provides the ability to integrate an LDAP-based identity store into Oracle Identity Manager architecture. 

Oracle Identity Manager

Oracle Identity Manager uses the human workflow module of Oracle Service Oriented Architecture Suite. OIM connects to SOA using the T3 URL which is front-end URL for the SOA server.Oracle Identity Manager uses embedded Oracle Entitlement Server for authorization checks in OIM engine. 

Several Oracle Identity Manager modules use JMS queues. Each queue is processed by a separate Message Driven Bean (MDB), which is also part of the Oracle Identity Manager application. Message producers are also part of the Oracle Identity Manager application.

Oracle Identity Manager uses a scheduled jobs for some activities in the background.Some of scheduled jobs come with Out-Of-Box such as the disable users after the end date of the users or you can define your custom schedule jobs with Oracle Identity Manager APIs.

You can use Oracle BI Publisher for reporting Oracle Identity Manager transactions or audit data which are in database.

About me:

Mustafa Kaya is a Senior Consultant in Oracle Fusion Middleware Team, living in Istanbul. Before coming to Oracle, he worked in teams developing web applications and backend services at a telco company. He is a Java technology enthusiast, software engineer and addicted to learn new technologies,develop new ideas.

Follow Mustafa on Twitter,Connect on LinkedIn, and visit his site for Oracle Fusion Middleware related tips.

Monday Oct 07, 2013

[Oracle Identity Manager] 11g R2 Bundle Patch 11 is Available!

Oracle Identity Manager Bundle Patch 11 is available now. You can download BP11 from here.

 List of bugs fixed with BP11;

Bug Number Description

13813724

Date format mismatch occurs between various date fields in the manage user forms.

14287934

For the Enable User, Disable User, or Delete User request types, the approver is not able to approve the task by opening the popup for approving the task, and the page refreshes with no result.

14634183

Localization for challenge questions is not upgrade-safe.

14724980

Need to modify the Transformation and Analysis layer of SIL layer to implement SAP GRC (AC) 5.3 and 10.

16102603

On importing users, accounts, user role memberships, or entitlements, the import job fails on Oracle Identity Analytics (OIA) when the user-role memberships option is selected.

16302094

Need to modify the Transformation and Analysis layer of SIL layer to implement SAP GRC (AC) 5.3 and 10, and in SAP UM, UME, and legacy connector.

16400040

Entitlement provision date displays the account provision date.

16737929

Provisioning task status is different in the task list and task details.

16800609

Illegal state exception is thrown when cache is trying to put value to cache or to cancel update

16906076

Exceptions related to the tcDatabase close method are displayed in the logs.

16984573

Duplicate Role Names in different cases are created.

17086833

More than 25 saved request profiles are not displayed.

17179590

Enable pagination in my accounts pages for performance optimization.

17237114

Ad hoc linking does not work.

17254699

Performance issues are encountered while exporting roles by using the Deployment Manager.

Sunday Sep 29, 2013

[Oracle Identity Manager] Provision Account With OIM Api

Oracle Identity Manager allows you to provision account using the OIM api. Sometimes you will need give account from remote operations (webservice or some remote connector).

For this operations , first , you have to find right application instance for provision account. You can use findApplicationInstanceByName method of oracle.iam.provisioning.api.ApplicationInstanceService service for find application instance. Then,you can provision an application instance with OIM api, using  oracle.iam.provisioning.api.ProvisioningService service.

import oracle.iam.provisioning.api.ProvisioningService;

import oracle.iam.provisioning.api.ApplicationInstanceService;

    public void provisionAccount(String userKey) throws ApplicationInstanceNotFoundException,

                                                                        GenericAppInstanceServiceException,

                                                                        UserNotFoundException,

                                                                        GenericProvisioningException {

ProvisioningService service=getClient().getService(ProvisioningService.class); 

ApplicationInstance appInstance=findApplicationInstanceByName("Application Instance Name");

                //serverName example : UD_ADUSER_SERVER

        //itResourceName example : Active Directory

        FormInfo formInfo = appInstance.getAccountForm();

        Map parentData = new HashMap();

        parentData.put(serverName, itResourceName);

        String formKey = String.valueOf(formInfo.getFormKey());

        AccountData accountData = new AccountData(formKey, null, parentData);

        Account account = new Account(appInstance, accountData);

        account.setAccountType(Account.ACCOUNT_TYPE.Primary);

        service.provision(userKey, account);

}


    public ApplicationInstance findApplicationInstanceByName(String applicationInstanceName) throws ApplicationInstanceNotFoundException,

                                                                                                GenericAppInstanceServiceException {

ApplicationInstanceService service=getClient().getService(ApplicationInstanceService.class);

        ApplicationInstance appInstance=service.findApplicationInstanceByName(applicationInstanceName);

        return appInstance;

    }

Wednesday Aug 21, 2013

[Oracle Identity Manager] 11g R2 Basic Performance Tuning

We have to configuration performance tuning changes for optimal performance for Oracle Identity Manager such as application server,database and etc. I'll write some basic tuning settings  recommended by Oracle.

Also, you can read this guide for other tuning settings such as caching and learn how to monitor Oracle Identiy Manager performance. http://docs.oracle.com/cd/E27559_01/doc.1112/e28552/oim.htm

Basic UI Tuning :

Following are the recommended application module settings for OIM. Add these settings under WebLogic ServerAdministration Console>> Servers >> oim_server1>> Server Start >> Arguments and restart the admin server.

-Djbo.ampool.doampooling=true -Djbo.ampool.minavailablesize=1

-Djbo.ampool.maxavailablesize=120 -Djbo.recyclethreshold=60

-Djbo.ampool.timetolive=-1 -Djbo.load.components.lazily=true

-Djbo.doconnectionpooling=true -Djbo.txn.disconnect_level=1

-Djbo.connectfailover=false -Djbo.max.cursors=5

-Doracle.jdbc.implicitStatementCacheSize=5

-Doracle.jdbc.maxCachedBufferSize=19

These recommended settings assume that 100 concurrent users per node. Use the below formula to change

Djbo.ampool.maxavailablesize if your # of concurrent users is different.

Djbo.ampool.maxavailablesize = # of concurrent users + 20%

Basic Server Tuning:

JVM Parameter HotSpot JVM JRockit JVM

Min. Heap Size (Xms) 4GB 4GB

Max Heap Size (Xmx) 4GB 4GB

PermSize (-XX:PermSize) 500m N/A

PermGen size (-XX:MaxPermSize) 1GB N/A

JDBC Connection Pool parameters: 

Parameter name Value

Initial Capacity 50

Minimum Capacity 50

Max. Capacity 150

Inactive Connectiontimeout 30

To increase the capacity of the JDBC connection pools:

Goto WebLogic Server Administration Console and then Click Services=>Data Sources.

OIM also uses DirectDB data source and you can increase its capacity as below.

Go to Enterprise Manager -> Oracle Identity Manager -> System MBean Browser -> Application Defined MBeans -> oracle.iam -

>OIM Server -> Application oim -> XMLConfig -> Config -> XMLConfig.DirectDBConfig.

Set the following values for attributes.

Attribute name Value

MinConnections 50

MaxConnections 150

Friday Aug 02, 2013

[Oracle Identity Manager] 11g R2 Bundle Patch 09 is Available!

Oracle Identity Manager Bundle Patch 09 is available now. You can download BP09 from here.

Also,there is a important recommendation for BP08!

 List of bugs fixed with BP09;

Bug:12699224 : Trusted source reconciliation fails to create users with many reconciliation field mappings.

Bug:14407437 : Provisioning through bulk request inserts null records into child tables.

Bug:14493217 : Target resource reconciliation throws ORA-06512 error when the Descriptive field is mapped to a field that does not have a reconciliation field mapping.

Bug:16044671 : User form customization fails if a UDF contains invalid character.

Bug:16545968 : Modifying any attribute on a service account changes the account type as a primary account.

Bug:16562633 : Oracle Identity Manager throws javax.el.elexceptions while viewing profile under direct report.

Bug:16662834 : User not reprovisoned after user is deleted and created in the target with the same orclguid.

Bug:16662905 : If an LOV field is required on an Application Instance form, no validation is enforced on the LOV field although it is required.

Bug:16701873 : The Members tab of a role displays only enabled users and does not display disabled users.

Bug:16862846 : When a notification is being sent, the mail ID in the Reply To field is set as the recipient's mail ID instead of the sender's mail ID.

Bug:16824062 : When you use API to fetch or delete child data from an account, the child data row value is null. Therefore, child data is not returned.

Bug:16912736 : There is a performance issue when the provisioned application instance details is opened for a user.

Tuesday Jul 16, 2013

[Oracle Identity Manager] Send Notificiation With OIM Api

Oracle Identity Manager notifications used to send information after user create,password reset or your custom operation.

In some case, you need a custom notificaion process such as you can send notification after Active Directory Create User. I want to explain how you can send a notification any time with oim api.

1-) Create a notification template from Oracle Identity Manager.

2-) Develop send notification adapter code. (Add your classpath: oimclient.jar)

  private NotificationService notificationService;

  public NotificationService getNotificationService()
  {
    if (this.notificationService == null) {
      this.notificationService = ((NotificationService)Platform.getService(NotificationService.class));
    }
    return this.notificationService;
  }

  public void sendNotification(String receiverUserId, String templateName, HashMap<String, Object> templateParams)
    throws EventException, UnresolvedNotificationDataException, TemplateNotFoundException, MultipleTemplateException, NotificationResolverNotFoundException, UserDetailsNotFoundException, NotificationException
  {

    NotificationEvent event = new NotificationEvent();
    event.setUserIds(receiverUserId); // set OIM User Login parameter
    event.setTemplateName(templateName); // set OIM Notification template name. 
    event.setSender(null); 

    event.setParams(templateParams); // it's used for set some parameters in template.

    getNotificationService().notify(event); // send notification
  }

Template params use for send some dynamic variable in notificiation template. if you want to send information such as user login,password etc in notification, first you have to add variable with "$" character in notification template ($userLoginId) then set this variable with a HashMap in code.

3-) Create a process task adapter from design console and assign it after "AD User" Process Form, "Create User" task ,"SUCCESS" response.

Tuesday Jul 09, 2013

Oracle Identity Manager 11g R2 Bundle Patch 08 is Available!

Oracle Identity Manager 11g R2 Bundle Patch 08 is available for download. Bundle patch is cumulative and you can apply it directly to the any of previous version of 11.1.2.0.x (BP01,BP02,...,BP07).

You can download from here

List of bugs fixed with this patch;

Bug:12336826 : When an error occurs during the DSML SPML login process, the request is echoed back, but the client does not get the error.
Bug:14352701 : Oracle Identity Manager performance is very slow when running on SPARC T3 server.
Bug:14352701 : Oracle Identity Manager performance is very slow when running on SPARC T3 server.
Bug:14381593 : Delete reconciliation fails when the IT Resource Name is passed in the data map.
Bug:16215306 : User profile history report displays incorrect identity creation date.
Bug:16317298 : NPE error is thrown while saving a Generic Technology Connector (GTC) connector during the Edit operation.
Bug:16545749 : PNG files are intermittently not rendered in Oracle Identity Manager UI when Windows Internet Explorer 8 or FireFox are used and when clients connect via HTTPS.
Bug:16741450 : When the value of the PCQ.NO_OF_CORRECT_ANSWERS system property is set to 2, Oracle Identity Manager does not allow you to retrieve forgotten password by answering the first two challenge questions.
Internal bugs not visible via My Oracle Support:
Unpublished Bug: 13015601: Implement a maximum number of times a AUD_JMS record will be re-processed after a failure occurs. If a message cannot be processed after two tries, then it is skipped so as not to prevent new records from being processed.
Unpublished Bug: 14260898: Date type attribute cannot be returned via a process task adapter.
Unpublished Bug: 15892556: Clicking the User Details link results in primary key error.
Unpublished Bug: 16202621: Organization is not created when organization type is extended.
Unpublished Bug: 16304540: Reconciliation child table column lengths are not in sync with the column lengths of the corresponding child UD table.
Unpublished Bug: 16324315: All the values from one child table is not removed if another child table has some value.
Unpublished Bug: 16438746: Notification from SOA contains incorrect Oracle Identity Manager URL.
Unpublished Bug: 16468431: Manager data is not shown in the selected users list in the user search dialog box.
Unpublished Bug: 16698892: Updating any field with no value on OID provisioning form generates NPE error.
Unpublished Bug: 16922050: Stack overflow errors are thrown in Oracle Identity System Administration.
About

Türkçe versiyon için tıklayınız.

profile image
Welcome to my blog, a space for me to share information on various Oracle middleware technology issues. My day job as a consultant within Oracle Consulting Fusion Middleware Team.I will share some of these issues and solutions here in the hope that it will help you out some day!


Search

Categories
Archives
« August 2015
SunMonTueWedThuFriSat
      
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
     
Today