The following issues were fixed in RSA Identity Governance and Lifecycle version 7.1.1 Patch 3.
The review monitor/owner interface loaded slowly, even when no table data was displayed.
Escalation workflows erroneously allowed the assignment of reviews to deleted supervisors.
In an environment using AFX, when deleting review results that had the "Delete pending change requests" option selected, the "ORA-02292: integrity constraint violated" error occurred.
Clarification was required on the review definition user interface to indicate that user selection is not used for rule actions.
A change request in the Pending Submission state could not be canceled from the user interface when 'Allow Cancel in Fulfillment Phase' was set to false in the workflow.
Passwords and encrypted fields with a value starting with the characters "ENC" failed with the following error: "java.lang.IllegalStateException: An issue with handling encryption was encountered".
AFX incorrectly indicated a failure after removing entitlements from deleted accounts in SAP.
After upgrading to 7.1.1, category-based grouping was not working as expected, resulting in entitlements being mapped to the wrong entitlements category.
Unable to update the implementation JAR in a Java code based connector after migrating from 6.9.1 to 7.1.0 due to a due to a JAR-type mismatch.
Parameters in provisioning with a value starting with the characters “ENC” failed with the following error: "java.lang.IllegalStateException: An issue with handling encryption was encountered".
The AFX RESTful web service failed to process responses when the response body was empty.
SF-1304327 SF-1395022 SF-1271598 SF-1353050
Hardened communication between AFX server and ActiveMQ JMX interface.
AFX logs reported that headers were not being used in JMS Message-compliant way.
Change Requests and Workflows
When changing the state of a change request item, the indirect items for that change request did not always have their states changed.
In the Workflow Architect, the node editor displayed a role's raw name in the Resources panel of the node editor, but the Resource drop-down menu in the dialog displayed the role's alt name.
When a change request workflow contained a decision that used the filter "Contains at least one violation", the change request did not go to the True transition when expected.
In a change request with an approval phase that contained two approval activity notes configured to send an email to the approvers, an email was sent only to the first reviewer and not the second.
Email-based rejection of approvals did not cancel all remaining tasks, resulting in inconsistent behavior compared to UI-based approval rejection.
The error "RSA002: Invalid Configuration" was displayed during workflow runtime for a REST node, even though the node was successful.
After attempting to remove the Edit and Cancel buttons for change requests by deselecting options to Edit and Cancel within the request workflow, the buttons were still visible and actionable in certain circumstances.
In a workflow that is configured to group by business source, password resets skipped the workflow and the change request workflow completed with the item still in Pending Action status.
Approval workflows randomly ran simultaneously in a change request.
When entitlements were grouped by category, auto-approve did not work as expected.
After upgrading to 7.1.1, tables in email nodes in workflows were malformed.
Unable to hide the attachments in change requests.
AFX connectors were unable to handle role membership changes, and displayed an error that the command was not supported on the endpoint.
Data Collection Processing and Management
Optimized unification to reduce the use of TEMP tablespace.
Identity collectors created duplicate entries for users after their accounts were terminated, reinstated, and then terminated again.
Unification failed with the “ORA-30926: unable to get a stable set of rows in the source tables” error when a IDC had join attributes change
The system performed slowly after upgrading and using Oracle 12.2.
A database script (ACM-95711.sql) was not able to handle cases when Unicode characters appeared in strings, because the function "LENGTH" counts characters.
Source data tables had Oracle logging disabled, resulting in potential Oracle data file corruption.
Unification cleanup for the User Mapping table took longer than expected due to the table containing excessive data.
Deleted entitlements were referenced when importing a role definition.
When a customer added a custom user-type attribute named Technical Owner, Business Owner, or Exception Manager, an ORA-00904 error occurred during the creation of public views.
The modifynetworksettings.sh script did not modify the /etc/hosts entry and instead added an additional line.
System performance was affected by the report deletion process.
The audit event name for REVIEW_DEFINITION had a typo.
A form element of control type "Drop Down Select with Web Service" received an exception or error string as a value when the "URI from which to get options" is invalid or fails.
When a JSP file was referenced in the Validation URI for a request form, an exception occurred.
After performing an upgrade, an error occurred loading the fields in a request form that had previously worked.
Unable to attach files to forms using Internet Explorer 11.
Unable to attach files to forms if the filename contains spaces.
When localizing the language of request form elements, the prefixes for the localized properties files were not updated to the correct form type when the entire form type was updated.
A provisioning/termination rule did not create change requests to revoke entitlements when there are accounts to disable and delete.
Enhanced security in the Workflow Architect.
An error in pending workflow cleanup resulted in RSA Identity Governance and Lifecycle failing to start with the following error: Initialization operations completed with errors. Please resolve the problem(s) before the application server can accept requests. Unable to start service WorkflowService. java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
Data purging failed with the following error: "ORA-20001: No jobs were found to delete."
After clicking the back button in a web browser, the user interface displayed incorrect breadcrumbs to link back to parent pages.
When account summary table data was saved in CSV format, the data was exported along with HTML tags from the exported table.
A request error occurred after clicking the History tab for any rule.
Nested items in a drop-down menu were capped at a 25 character limit, causing button names in the dashboard to be truncated.
After specifying a sequence of attributes under Admin > Attributes, saving the sequence, and then editing any attribute, the sequence no longer displayed correctly.
The search option for tables did not work if the string began with the special character #.
The reviewer interface did not display dates properly when the user interface was configured to use the Polish language.
Unable to resize SQL data query boxes in the collector configuration screen.
When viewing User > Requests or collection run details from the Collector History tab of a specific collector, the displayed breadcrumbs were incorrect.
Menu tabs in the user interface did not load in certain circumstances.
When the environment name specified under Admin > System contained double quotes, metadata export in Firefox browsers generated an incorrect file name.