Disclaimer: 

Please note: Although OBSOLETED patches are available on SunSolve, Sun recommends using the most recent patches and the most recent revision of those patches. OBSOLETED patches do not include the latest bug fixes and/or product enhancements, and may require the installation of additional patches as a corrective measure.

Status: OBSOLETE

Patch Id: 141655-02

***********************************************************************
READ THE TERMS OF THE AGREEMENT ("AGREEMENT") IN THE LEGAL_LICENSE.TXT
FILE CAREFULLY BEFORE USING THIS SOFTWARE. BY USING THE SOFTWARE, YOU
AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE
TERMS, PROMPTLY DESTROY THE UNUSED SOFTWARE.
***********************************************************************
For further information on patching best practices and resources, please
see the Big Admin Patching Center, http://www.sun.com/bigadmin/patches/ 
***********************************************************************

Summary: Obsoleted by: 141655-03 OpenSSO Enterprise 8.0 Update1 Patch1

Date:  Jun/17/2009

Installation Requirements:

None

Solaris Release: Note: Solaris 9, Solaris 10, Solaris 9 x86, Solaris 10 x86, RHEL 4.0, RHEL 5.0, Windows Server 2003, Standard/Enterprise/Datacenter Edition, Windows Vista, AIX 5.3

Sun OS Release: Note: Solaris 9, Solaris 10, Solaris 9 x86, Solaris 10 x86, RHEL 4.0, RHEL 5.0, Windows Server 2003, Standard/Enterprise/Datacenter Edition, Windows Vista, AIX 5.3

Unbundled Product: OpenSSO Enterprise

Unbundled Release: 8.0 Update1

Xref: 

Topic: 

OpenSSO Enterprise

Relevant Architecture: all

BugId's fixed with this patch:

6228648 6244578 6386378 6449563 6471046 6476470 6479476 6496155 6545176 6560993 6566294 6566948 6629978 6637600 6638652 6647324 6657102 6657112 6657367 6663135 6697260 6699166 6702797 6703429 6706821 6721606 6722156 6746634 6748117 6756079 6763401 6770231 6775118 6775186 6775189 6775195 6776613 6780863 6781783 6781821 6782529 6785321 6785329 6785389 6785397 6785877 6786610 6786995 6787221 6790187 6790255 6790619 6790793 6791159 6791174 6791180 6791437 6791802 6791821 6791822 6791892 6792181 6792427 6792833 6792938 6794044 6794908 6795095 6795857 6797112 6797399 6797423 6797444 6797448 6797449 6797452 6797454 6797456 6798299 6798303 6798890 6802649 6802697 6805190 6805335 6807272 6810233 6810234 6810296 6810298 6810299 6810336 6811036 6811038 6812396 6813866 6813904 6814564 6814566 6814960 6815654 6815662 6816048 6816086 6816286 6816287 6816343 6816973 6817275 6817344 6817491 6818091 6818423 6818977 6819022 6819240 6819808 6819844 6820291 6820297 6820477 6820484 6821050 6822268 6822388 6822716 6822746 6823254 6824649 6825011 6825084 6827017 6827245 6827557 6827616 6828105 6828120 6828147 6828651 6828681 6829122 6829133 6829135 6829748 6830203 6830547 6830565 6831706 6831726 6832305 6834039 6834637 6834666 6844490

Changes incorporated in this version:

6844490

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch: 

Required Patches:

Obsoleted by:

Files Included in this Patch: 

opensso_enterprise_80U1P1.zip

Problem Description: 

6228648 Attribute iplanet-am-role-managed-container-dn of a filtered role not read with fix for Bug 6217200
6244578 OpenSSO should warn user that the browser cookie support is disabled/not available
6386378 Kerberos auth error using Windows Desktop SSO
6449563 LDAP authentication: Header Replacement does not work
6471046 AuthLoginException message not meaningful when authenticating user is locked
6476470 With 61 cookie domains, uwc fails with IE, with 121 cookie domains amserver/amconsole fails with IE
6479476 Not receiving SAML assertion in return
6496155 Use a restriction token other than the IP address in cookie hijacking feature
6545176 Need Ability to dynamically set redirect urls in authn post process spi
6560993 Need to get remoteclientIPaddress from within custom login module authenticate using AuthContext API
6566294 Exception thrown on HP-UX when calling amclientSDK
6566948 NT users fail to authenticate against OpenSSO if user's password contain an accent character
6629978 AMSDK Client fails to do simple ldap authentication when OpenSSO is deployed on WS 6.1 SP 8.
6637600 psearch connections to directory server not terminating resulting in resource crunch and even crash.
6638652 amconsole breaks while managing custom attributes added to organizationAttributeSchema
6647324 Login page localization does not work with DAUI
6657102 NameCallbacks defaultNames are not available in the dist auth UI
6657112 RedirectCallback not supported in the Remote Auth API
6657367 CDSSO: CDCServlet has JS dependency, enhancement to remove this dependency
6663135 Remote auth API cannot handle special XML characters in callback values
6697260 Add option to allow agent application session to idle timeout
6699166 Session failover testing throws java.lang.ClassCastException error
6702797 Problem with new line chars in authContext during authentication
6703429 Accept-Language property not inherited when request are exchange between OpenSSO servers in a LB env.
6706821 password reset policy in auth chain module(LDAP) causes authentication failure
6721606 Return incorrect cookie domain for method getCookieDomainsForReq
6722156 NullPointerException in post auth plugin
6746634 Policy is created but ineffective until OpenSSO restarted
6748117 Realm context is lost when using the return login link
6756079 Random login failures for some users despite using correct login and password
6763401 Updating "primary ldap server" of policy configuration on amconsole causes two MOD in ldap
6770231 goto URL not validated
6775118 Password Policy Check not adhered.
6775186 Remote console: Version not shown
6775189 ssoadm subcommands would fail if the amadmin password is different from DSEE bind DN's password
6775195 Multiserver setup fails when password for SM config store and amadmin are different
6776613 Session time out page is not displayed when session timed-out.
6780863 TTL for SM does not work and config fails if remote client still making calls to old server.
6781783 Policy client should be able to read lower case property names
6781821 Out of box 'LDAP Follows Referral' should be unchecked/disabled for AD Datastore plugin.
6782529 updateschema.sh script is required to make schema changes after applying a patch
6785321 CRL / OCSP checking should support JSS based logic
6785329 Unable to store CRL to LDAP
6785389 CRL LDAP search base DN doesn't work
6785397 Site configuration requires server restart, before site-url can be used
6785877 Clean up debug files
6786610 Application based idle timeout feature broken when security hole was plugged (with fix for 6503891)
6786995 Server side Session notifications are processed as remote notifications
6787221 ssoadm import-svc-cfg fails when using Sun DS as the configuration datastore.
6790187 IDP initiated defed throws 500 errors sporadically
6790255 Dynamic WSP configuration with endpoint does not take effect
6790619 session tab shows only application sessions
6790793 SP always uses new auth level even when the new auth level is lower
6791159 Agent group error after configuration.
6791174 Slow memory leak in Fedlet and full SP
6791180 Unable to get session properties when session idle timed out
6791437 Distributed Auth UI session timeout re-login URL incorrect
6791802 3.0 JBoss agent related property to be added in j2ee agent profile UI.
6791821 If fips mode is enabled, only fips compliant crypto algorithm is used in runtime
6791822 Error after adding or modifying advanced property
6791892 Bouncing DS after configuring OpenSSO Server causes "Invalid Domain", "No Such Organization" errors.
6792181 Session upgrade (ForceAuth=true) is not working with ignore profile
6792427 ParallelGCThreads related code need to be removed in amtune
6792833 Exceptions are thrown out while deploying opensso.war to oracle weblogic 10.3
6792938 sunIdentityServerDeviceKeyValue attribute value does not have agentRootURL prefix for new agent
6794044 Naming site monitoring should come up even if there is only one site
6794908 Login status displayed is wrong when account is locked out
6795095 Session validation would fail in case of service failover
6795857 sunIdentityServerAuthNServer cookie has value set to the individual server host and port
6797112 A user is not locked out when password reset failure limit is reached.
6797399 Cannot navigate into realms in co-existance mode (Legacy DIT).
6797423 Policy cache causes frequent full gc or out of memory errors.
6797444 The package name in LDAPJDK collides with the library under WebLogic.
6797448 ldapjdk may cause socket leakage when restoring connection.
6797449 ldapjdk may incorrectly swap the sockets when restoring connection.
6797452 ldapcache cleanup mechanism recursively holding a lock causes a serious performance problem.
6797454 ldapjdk code and document introduce the use of instanceof to distinguish the return result.
6797456 ldapjdk will notify all the threads waiting on a particular message queue.
6798299 OpenSSO SAE should support attribute encryption.
6798303 ssoadm subcommands for list, update, remove default server configuration
6798890 Query string double encoded in CDCServlet
6802649 appssotoken session run into a loop to send request to server even if the test is finished.
6802697 SP always does data encryption
6805190 AMTuneDSBase.initialize should catch a case of null return value with a result size of 1
6805335 ssopatch should test revisions before patching
6807272 Distauth throws 500-Internal Error when authenticated user tries to login again
6810233 Need to have a centralized page to show all error conditions in SAML2
6810234 Conflict resolution level doesn't take affect
6810296 The invalid app SSO token error message should not be localized
6810298 Policy client code has bottleneck when processing notifications
6810299 Remote IDRepo causes slow memory leak in OpenSSO
6810336 SAE cannot support data encryption in mixed env
6811036 Cannot login as amadmin in coexistence mode upgrading from JES4 - authentication module is denied
6811038 WSS STS API sample and JAX-WS sample generates excessive session service calls
6812396 Version not updated after applying patch
6813866 Realm session service takes precedence over role session service with AMSDK plugin configuration
6813904 Support AuthnResponse for Fedlet using .NET
6814564 AIX/WAS7: STS client samples are failing
6814566 AIX/WAS7: ssoadm CLI emits FATAL error message but successful execution
6814960 SAML2 SAE sample needs to be updated with data encryption support
6815654 ssopatch command usage should be more end user friendly
6815662 Version attribute in server configuration is lost
6816048 Client sdk causes server hang due to SMS cache update errors.
6816086 Cert based authentication throws 'Internal server Error' when configured in Weblogic 9.2
6816286 Create Fedlet throws error on WebSphere
6816287 Inline help changes to support sae data encryption
6816343 IDP init sso Artifact profile, with assertion failover does not timeout session fast enough
6816973 User matching is not checked in Session Upgrade case
6817275 amtune does not delete -XX:ParallelGCThreads jvm option if it already exists
6817344 DA does not check validity of DA cookie value before rerouting the request
6817491 Support for OpenDS as user store
6818091 Need to bundle latest C-SDK (upgrade of libxml2.so to 2.6.23) in OpenSSO
6818423 Severing LDAP connection cause sporadic login failures
6818977 WSS tests fail in automation test.
6819022 Policy tests are throwing classcast exception
6819240 Client sdk jdk1.4 war is breaking when running SM client sample.
6819808 Multiserver setup broken in embedded config with latest OpenDS.jar (OpenDS-1.0.2-build002).
6819844 SFO : OpenSSO server hangs when MQ queue is full
6820291 SAML2 Artifact profile invokes too many write to MQ
6820297 Basic ssoadm command is taking a long time to exit
6820477 com.sun.identity.sae.api Javadoc needs more info
6820484 .NET Fedlet clean-up and revision to readme
6821050 J2ee agent 3.0 for Tomcat cannot be stopped normally
6822268 Fedlet in .net is not functioning properly
6822388 App session invalid message cannot be handled by web agent
6822716 Default value for com.sun.identity.urlchecker.targeturl in SiteStatusCheckThreadImpl
6822746 TTL tests are failing
6823254 SAE post method does not use POST in all the hops
6824649 amtune should capture different types of exceptions when URLConnections fail
6825011 Windows Desktop SSO Authentication fails with LoginException on WAS 7.0
6825084 updataschema.sh is failing because of ssoadm version check
6827017 Change header.jsp to header.jspf
6827245 SAML2 IDPSession object cleanup not happening with Session timeout.
6827557 IdUtils.java caused an NullPointerException
6827616 SMS cache is disabled by default on clientsdk which causes major performance issue
6828105 WSS/STS README files need to be updated as the OpenSSO Client Cache parameters are changed
6828120 Fedlet in java version doesn't compile on WebLogic 10g3
6828147 Fedlet war created on windows is not readable on solaris
6828651 Role based service assignment is failing with AMSDK configuration
6828681 Could not create a fedlet with name "https://"
6829122 Need to completely remove the dependency on ldapjdk.jar
6829133 Under load FAMHadb process goes into loop when amsfo stop is used to shutdown.
6829135 amsfo script should provide options to start and stop MQ and amsessiondb process independently
6829748 WSS STS API sample and JAX-WS sample generate excessive jaxrpc calls
6830203 Nightly automation: Unix authentication is broken on WAS 7.0 / RHEL 3
6830547 amtune should use only # of cores, not virtual CPU's, to calculate notification and acceptor threads
6830565 amtune should increase # of request-processing thread-count for Glassfish 2/AS 9.1
6831706 Configurator should load updated schema for fresh installs
6831726 opensso.zip should include the createwar scripts for spl war creation
6832305 wsfederation couldn't initialize in WAS7.0
6834039 Can't view entity created by importing SAML 2.0 metadata with no keysize
6834637 createwars.sh is not creating the wars properly
6834666 Error page URL for SAML1 protocols
6844490 Need to bundle in latest C-SDK (upgrade libxml2 to 2.7.3) in OpenSSO

Revision History: 

141655-01

Patch Installation Instructions: 

Please refer to http://wikis.sun.com/x/RgQCBg

Special Install Instructions: 

None.

README -- Last modified date:  Monday, September 21, 2009