Running a form incorrectly filters on raw name when filtering on the Application Name attribute in RSA Identity Governance & Lifecycle
3 years ago
Originally Published: 2018-11-08
Article Number
000040530
Applies To
RSA Product Set: Identity Governance & Lifecycle
RSA Version/Condition: 7.0.1, 7.0.2, 7.1.0
 
Issue
When running a form, if a field filters on Application Name, the form incorrectly filters on the application raw name instead of the application name. However, editing the field in the form to filter on Application Name correctly filters on the application name.


Steps to Reproduce

  1. Navigate to Resources > Directories
  2. Select any directory.  Active Directory is being used in  he example below.
  3. Select General > Edit.
  4. Change Directory Raw Name to Active Directory Raw Name.
  5. Click OK.
User-added image

User-added image

  1. After saving the changes, note that the Directory name is changed to the Directory Raw Name.

User-added image

  1. Edit the directory again and change the Directory name back to what it was. In this case, Active Directory.

User-added image

  1. Note the entry in T_APPLICATIONS

User-added image

  1. Verify that NAME (Directory Raw name, also the application name) and ALT_NAME are different.
  2. Go to Requests > Configuration > Request Forms > Default Password Form > Fields and click Edit next to the Account variable name.

User-added image

  1. Click on the Account filter.
  2. From the drop down options choose Application Name, one of, and Active Directory Raw Name then click OK.

User-added image

 

  1. Verify the information is correct in the Modify Question: Account page.

User-added image

  1. Refresh and note that no accounts show under Select account because you have no applications with a display or alt_name of Active Directory Raw Name. This is expected.

User-added image

  1. Click Cancel.
  2. Find a user with an account in Resources > Directories > Active Directory > Accounts.

User-added image

  1. Run the form and choose the AD user (Requests > Configuration > Request Forms > Default Password Form > Fields > Run Form).
User-added image
User-added image
 

Expected Behavior

There is no Active Directory showing under Application Name because there is no Application Name called Active Directory Raw Name, which is the filter. Active Directory Raw Name is the Business Source Raw Name. This would also be consistent with the behavior in step 6.


Observed Behavior

The Active Directory directory is displayed on the form. Note when editing the form field, accounts in this directory were not shown. Now they get shown because the filter is now filtering on the alt_name field. So when you edit the field, it filters on name and when you run the form, it filters on alt_name. So when you design a form it acts one way and when you run the form it acts another way. You cannot trust your design as a result.

User-added image

Resolution
This is a known defect that has been addressed in 7.0.2 P11 and 7.1.0 P05.
Workaround
Filter on Business Source Raw Name instead. This attribute consistently filters on the same value regardless of whether you are editing a field in a form or running a form.

Related Articles

Trending Articles

Don't see what you're looking for?