OpenSSO Enterprise 8.0 Update1 patch2 |
Status: RELEASED
Patch Id: 141655-03
***********************************************************************
READ THE TERMS OF THE AGREEMENT ("AGREEMENT") IN THE LEGAL_LICENSE.TXT
FILE CAREFULLY BEFORE USING THIS SOFTWARE. BY USING THE SOFTWARE, YOU
AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE
TERMS, PROMPTLY DESTROY THE UNUSED SOFTWARE.
***********************************************************************
For further information on patching best practices and resources, please
see the Big Admin Patching Center, http://www.sun.com/bigadmin/patches/
***********************************************************************Summary: OpenSSO Enterprise 8.0 Update1 patch2
Date: Sep/21/2009
Installation Requirements:
None
Solaris Release: Note: Solaris 9, Solaris 10, Solaris 9 x86, Solaris 10 x86, RHEL 4.0, RHEL 5.0, Windows Server 2003, Standard/Enterprise/Datacenter Edition, Windows Vista, AIX 5.3
Sun OS Release: Note: Solaris 9, Solaris 10, Solaris 9 x86, Solaris 10 x86, RHEL 4.0, RHEL 5.0, Windows Server 2003, Standard/Enterprise/Datacenter Edition, Windows Vista, AIX 5.3
Unbundled Product: OpenSSO Enterprise
Unbundled Release: 8.0 Update1
Xref:
Topic:
OpenSSO Enterprise 8.0 Update1 patch2
Relevant Architecture: all
BugId's fixed with this patch:
6228648 6244578 6386378 6449563 6471046 6476470 6479476 6496155 6545176 6560993 6566294 6566948 6629978 6637600 6638652 6647324 6657102 6657112 6657367 6663135 6697260 6699166 6702797 6703429 6706821 6721606 6722156 6728227 6746634 6748117 6754852 6756079 6759484 6763401 6770231 6775118 6775186 6775189 6775195 6776613 6780863 6781783 6781821 6782529 6785321 6785324 6785329 6785389 6785397 6785877 6786610 6786995 6787221 6790187 6790255 6790619 6790793 6791159 6791174 6791180 6791437 6791802 6791821 6791822 6791892 6792181 6792427 6792833 6792938 6794044 6794908 6795095 6795857 6796939 6797112 6797399 6797423 6797444 6797448 6797449 6797452 6797454 6797456 6797935 6798299 6798303 6798890 6802649 6802697 6805190 6805335 6807272 6810233 6810234 6810296 6810298 6810299 6810336 6811036 6811038 6812396 6813866 6813904 6814564 6814566 6814960 6815654 6815662 6816048 6816086 6816286 6816287 6816343 6816973 6817275 6817344 6817491 6818091 6818423 6818685 6818977 6819022 6819240 6819808 6819844 6820291 6820297 6820477 6820484 6821050 6822268 6822388 6822716 6822746 6823254 6824649 6825011 6825084 6827017 6827245 6827557 6827616 6828105 6828120 6828147 6828651 6828681 6829122 6829133 6829135 6829748 6830203 6830547 6830565 6831706 6831726 6832305 6833362 6833644 6834039 6834637 6834666 6835816 6841551 6844490 6850059 6850423 6851743 6852213 6853138 6853440 6854191 6856747 6857043 6859276 6860541 6861548 6861575 6861920 6862240 6862315 6864381 6864922 6867261 6867442 6867944 6868845 6871071 6871072 6871181 6871604 6872718
Changes incorporated in this version:
6862315 6864381 6864922 6867261 6867442 6868845 6867944 6862240 6871604 6872718 6871071 6871072 6871181 6861920 6785324 6797935 6833362 6833644 6835816 6841551 6818685 6850059 6850423 6759484 6851743 6852213 6754852 6728227 6853138 6853440 6854191 6856747 6857043 6859276 6860541 6861548 6861575 6796939
Patches accumulated and obsoleted by this patch:
Patches which conflict with this patch:
Required Patches:
Obsoleted by:
Files Included in this Patch:
opensso_enterprise_80U1_patch2.zip
Problem Description:
6862315 Memory leak in authn objects in OpenSSO
6864381 Open SSO 8.0 update 1 is dropping a '/' from a URL in the AgentRootURL attribute
6864922 OpenSSO8.0u1p1:Upgrade:permissions not preserved on upgrade scripts
6867261 Unable To View J2EE Agent Advanced Properties After upgrade to OpenSSO 8.0 update1
6867442 AMURLStreamHandlerFactory can not create URLStreamHandler for WL
6868845 Deadlock found during long duration testing for SAML2
6867944 Method encodeUrlPath does not handle simple path properly
6862240 Fix for 6816973 causes anonymous login to fail : Session Upgrade fails since user Id's do not match
6871604 Slow memory leak found in SAML 2 during performance testing
6872718 Persistent XSS scripting issue in OpenSSO
6871071 ssoadm.jsp should validate output
6871072 Validation needs to be done for console/ajax/AjaxProxy.jsp
6871181 ssoadm CLI and ssoadm.jsp should use authorized APIs for federation
6861920 XSS Vulnerability
6785324 Improve debug messages for LDAP checking for Certificate Auth
6797935 Some fields in create-metadata-templ option of ssoadm.jsp should be text box instead of textarea
6833362 SAMLv2 tests failing on WL10 with SOAP binding
6833644 User name appears twice on top banner
6835816 After FIPS configuration, bootstrap information can not be decrypted
6841551 OpenSSO: Using a browser set to German Language the user can not login
6818685 During session upgrade 'Return to Login page' link is breaking
6850059 SMAuth Module introduced extra character while traversing from Site Mind
er protected apps to OpenSSO
6850423 alt-text for more info on the tasks in Common Tasks page need to be added
6759484 Fail to login using HTTP Basic auth module when backend module is set to anonymous
6851743 DSConfigMgr does not close ldap connections when getting ldap connection exception
6852213 Global logout request logs out only the most recent SP with custom authenticated use
6754852 DAUI does not work with basic auth
6728227 Policy evaluation fails when the policy definition's subject include Chinese characters
6853138 End user password change should be done as end user not as datastore config user
6853440 Error when using + in mail attribute when used as LDAP Users Search Attribute
6854191 Invalid length of the primaryKey(sessionid) in read request to BDB in SFO causes MQ connection leak
6856747 ssoadm fails for setting unidentifier system configuration property
6857043 opensso keeps setting its version to null & cant run ssoadm
6859276 OCSP checker is not working if the responder is working in Delegated Trust Model(DTM) mode
6860541 ssoadm create-agent needs to support the -s and -g options for adding SERVER_URL and AGENT_URL param
6861548 OpenSSO server loses agent cache causing agents to be unable to start
6861575 SAML2 SSO fails at the IDP when the protocol binding parameter is not found in the AuthnRequest
6796939 Application based session time out is not working via Dist. Auth
(from 141655-02)
6844490 Need to bundle in latest C-SDK (upgrade libxml2 to 2.7.3) in OpenSSO
(from 141655-01)
6228648 Attribute iplanet-am-role-managed-container-dn of a filtered role not read with fix for Bug 6217200
6244578 OpenSSO should warn user that the browser cookie support is disabled/not available
6386378 Kerberos auth error using Windows Desktop SSO
6449563 LDAP authentication: Header Replacement does not work
6471046 AuthLoginException message not meaningful when authenticating user is locked
6476470 With 61 cookie domains, uwc fails with IE, with 121 cookie domains amserver/amconsole fails with IE
6479476 Not receiving SAML assertion in return
6496155 Use a restriction token other than the IP address in cookie hijacking feature
6545176 Need Ability to dynamically set redirect urls in authn post process spi
6560993 Need to get remoteclientIPaddress from within custom login module authenticate using AuthContext API
6566294 Exception thrown on HP-UX when calling amclientSDK
6566948 NT users fail to authenticate against OpenSSO if user's password contain an accent character
6629978 AMSDK Client fails to do simple ldap authentication when OpenSSO is deployed on WS 6.1 SP 8.
6637600 psearch connections to directory server not terminating resulting in resource crunch and even crash.
6638652 amconsole breaks while managing custom attributes added to organizationAttributeSchema
6647324 Login page localization does not work with DAUI
6657102 NameCallbacks defaultNames are not available in the dist auth UI
6657112 RedirectCallback not supported in the Remote Auth API
6657367 CDSSO: CDCServlet has JS dependency, enhancement to remove this dependency
6663135 Remote auth API cannot handle special XML characters in callback values
6697260 Add option to allow agent application session to idle timeout
6699166 Session failover testing throws java.lang.ClassCastException error
6702797 Problem with new line chars in authContext during authentication
6703429 Accept-Language property not inherited when request are exchange between OpenSSO servers in a LB env.
6706821 password reset policy in auth chain module(LDAP) causes authentication failure
6721606 Return incorrect cookie domain for method getCookieDomainsForReq
6722156 NullPointerException in post auth plugin
6746634 Policy is created but ineffective until OpenSSO restarted
6748117 Realm context is lost when using the return login link
6756079 Random login failures for some users despite using correct login and password
6763401 Updating "primary ldap server" of policy configuration on amconsole causes two MOD in ldap
6770231 goto URL not validated
6775118 Password Policy Check not adhered.
6775186 Remote console: Version not shown
6775189 ssoadm subcommands would fail if the amadmin password is different from DSEE bind DN's password
6775195 Multiserver setup fails when password for SM config store and amadmin are different
6776613 Session time out page is not displayed when session timed-out.
6780863 TTL for SM does not work and config fails if remote client still making calls to old server.
6781783 Policy client should be able to read lower case property names
6781821 Out of box 'LDAP Follows Referral' should be unchecked/disabled for AD Datastore plugin.
6782529 updateschema.sh script is required to make schema changes after applying a patch
6785321 CRL / OCSP checking should support JSS based logic
6785329 Unable to store CRL to LDAP
6785389 CRL LDAP search base DN doesn't work
6785397 Site configuration requires server restart, before site-url can be used
6785877 Clean up debug files
6786610 Application based idle timeout feature broken when security hole was plugged (with fix for 6503891)
6786995 Server side Session notifications are processed as remote notifications
6787221 ssoadm import-svc-cfg fails when using Sun DS as the configuration datastore.
6790187 IDP initiated defed throws 500 errors sporadically
6790255 Dynamic WSP configuration with endpoint does not take effect
6790619 session tab shows only application sessions
6790793 SP always uses new auth level even when the new auth level is lower
6791159 Agent group error after configuration.
6791174 Slow memory leak in Fedlet and full SP
6791180 Unable to get session properties when session idle timed out
6791437 Distributed Auth UI session timeout re-login URL incorrect
6791802 3.0 JBoss agent related property to be added in j2ee agent profile UI.
6791821 If fips mode is enabled, only fips compliant crypto algorithm is used in runtime
6791822 Error after adding or modifying advanced property
6791892 Bouncing DS after configuring OpenSSO Server causes "Invalid Domain", "No Such Organization" errors.
6792181 Session upgrade (ForceAuth=true) is not working with ignore profile
6792427 ParallelGCThreads related code need to be removed in amtune
6792833 Exceptions are thrown out while deploying opensso.war to oracle weblogic 10.3
6792938 sunIdentityServerDeviceKeyValue attribute value does not have agentRootURL prefix for new agent
6794044 Naming site monitoring should come up even if there is only one site
6794908 Login status displayed is wrong when account is locked out
6795095 Session validation would fail in case of service failover
6795857 sunIdentityServerAuthNServer cookie has value set to the individual server host and port
6797112 A user is not locked out when password reset failure limit is reached.
6797399 Cannot navigate into realms in co-existance mode (Legacy DIT).
6797423 Policy cache causes frequent full gc or out of memory errors.
6797444 The package name in LDAPJDK collides with the library under WebLogic.
6797448 ldapjdk may cause socket leakage when restoring connection.
6797449 ldapjdk may incorrectly swap the sockets when restoring connection.
6797452 ldapcache cleanup mechanism recursively holding a lock causes a serious performance problem.
6797454 ldapjdk code and document introduce the use of instanceof to distinguish the return result.
6797456 ldapjdk will notify all the threads waiting on a particular message queue.
6798299 OpenSSO SAE should support attribute encryption.
6798303 ssoadm subcommands for list, update, remove default server configuration
6798890 Query string double encoded in CDCServlet
6802649 appssotoken session run into a loop to send request to server even if the test is finished.
6802697 SP always does data encryption
6805190 AMTuneDSBase.initialize should catch a case of null return value with a result size of 1
6805335 ssopatch should test revisions before patching
6807272 Distauth throws 500-Internal Error when authenticated user tries to login again
6810233 Need to have a centralized page to show all error conditions in SAML2
6810234 Conflict resolution level doesn't take affect
6810296 The invalid app SSO token error message should not be localized
6810298 Policy client code has bottleneck when processing notifications
6810299 Remote IDRepo causes slow memory leak in OpenSSO
6810336 SAE cannot support data encryption in mixed env
6811036 Cannot login as amadmin in coexistence mode upgrading from JES4 - authentication module is denied
6811038 WSS STS API sample and JAX-WS sample generates excessive session service calls
6812396 Version not updated after applying patch
6813866 Realm session service takes precedence over role session service with AMSDK plugin configuration
6813904 Support AuthnResponse for Fedlet using .NET
6814564 AIX/WAS7: STS client samples are failing
6814566 AIX/WAS7: ssoadm CLI emits FATAL error message but successful execution
6814960 SAML2 SAE sample needs to be updated with data encryption support
6815654 ssopatch command usage should be more end user friendly
6815662 Version attribute in server configuration is lost
6816048 Client sdk causes server hang due to SMS cache update errors.
6816086 Cert based authentication throws 'Internal server Error' when configured in Weblogic 9.2
6816286 Create Fedlet throws error on WebSphere
6816287 Inline help changes to support sae data encryption
6816343 IDP init sso Artifact profile, with assertion failover does not timeout session fast enough
6816973 User matching is not checked in Session Upgrade case
6817275 amtune does not delete -XX:ParallelGCThreads jvm option if it already exists
6817344 DA does not check validity of DA cookie value before rerouting the request
6817491 Support for OpenDS as user store
6818091 Need to bundle latest C-SDK (upgrade of libxml2.so to 2.6.23) in OpenSSO
6818423 Severing LDAP connection cause sporadic login failures
6818977 WSS tests fail in automation test.
6819022 Policy tests are throwing classcast exception
6819240 Client sdk jdk1.4 war is breaking when running SM client sample.
6819808 Multiserver setup broken in embedded config with latest OpenDS.jar (OpenDS-1.0.2-build002).
6819844 SFO : OpenSSO server hangs when MQ queue is full
6820291 SAML2 Artifact profile invokes too many write to MQ
6820297 Basic ssoadm command is taking a long time to exit
6820477 com.sun.identity.sae.api Javadoc needs more info
6820484 .NET Fedlet clean-up and revision to readme
6821050 J2ee agent 3.0 for Tomcat cannot be stopped normally
6822268 Fedlet in .net is not functioning properly
6822388 App session invalid message cannot be handled by web agent
6822716 Default value for com.sun.identity.urlchecker.targeturl in SiteStatusCheckThreadImpl
6822746 TTL tests are failing
6823254 SAE post method does not use POST in all the hops
6824649 amtune should capture different types of exceptions when URLConnections fail
6825011 Windows Desktop SSO Authentication fails with LoginException on WAS 7.0
6825084 updataschema.sh is failing because of ssoadm version check
6827017 Change header.jsp to header.jspf
6827245 SAML2 IDPSession object cleanup not happening with Session timeout.
6827557 IdUtils.java caused an NullPointerException
6827616 SMS cache is disabled by default on clientsdk which causes major performance issue
6828105 WSS/STS README files need to be updated as the OpenSSO Client Cache parameters are changed
6828120 Fedlet in java version doesn't compile on WebLogic 10g3
6828147 Fedlet war created on windows is not readable on solaris
6828651 Role based service assignment is failing with AMSDK configuration
6828681 Could not create a fedlet with name "https://"
6829122 Need to completely remove the dependency on ldapjdk.jar
6829133 Under load FAMHadb process goes into loop when amsfo stop is used to shutdown.
6829135 amsfo script should provide options to start and stop MQ and amsessiondb process independently
6829748 WSS STS API sample and JAX-WS sample generate excessive jaxrpc calls
6830203 Nightly automation: Unix authentication is broken on WAS 7.0 / RHEL 3
6830547 amtune should use only # of cores, not virtual CPU's, to calculate notification and acceptor threads
6830565 amtune should increase # of request-processing thread-count for Glassfish 2/AS 9.1
6831706 Configurator should load updated schema for fresh installs
6831726 opensso.zip should include the createwar scripts for spl war creation
6832305 wsfederation couldn't initialize in WAS7.0
6834039 Can't view entity created by importing SAML 2.0 metadata with no keysize
6834637 createwars.sh is not creating the wars properly
6834666 Error page URL for SAML1 protocols
Revision History:
141655-02 141655-01
Patch Installation Instructions:
Please refer to http://wikis.sun.com/x/RgQCBg
Special Install Instructions:
None.
README -- Last modified date: Monday, September 21, 2009
Sun Contracted Content
Sun Contracted Feature
