2. OpenSSO 8.0 Update 2 Patch Releases
About OpenSSO 8.0 Update 2 Patch Releases
Bug 12286933: Dist Auth cannot receive session notifications
Bug 12427762: SAML attributes containing a | are not decoded in a SAML attribute
Bug 13361224: SecurID authentication support for WebSphere Application Server 6.1 on AIX 6.1
Known Issues in OpenSSO 8.0 Update 2 Patch 3
Bug 12308272: OpenSSO list-agents command fails with GlassFish v2.1.1 patch 9
Documentation Updates in OpenSSO 8.0 Update 2 Patch 3
Bug 12307986: OpenSSO client SDK caches URL policy decision with correct methods
Bug 12309423: Inconsistent session timeout behavior is fixed
What's New in OpenSSO 8.0 Update 2 Patch 2
CR 7016248: Validation of gotoOnFail URLs
CR 6993122: SAMLv2 implementation of NameIDPolicy interface without SPNameQualifier
Known Issues in OpenSSO 8.0 Update 2 Patch 2
CR 7017520: Missing property in Policy Service causes HTTP status code 500
Documentation Updates in OpenSSO 8.0 Update 2 Patch 2
CR 7013849: Documentation update: WS-Trust certificate must be the same on client and server
Known Issues in OpenSSO 8.0 Update 2 Patch 1
CR 6978018: Running OpenSSO 8.0 in GlassFish 2.1.x using LDAPS with JDK 1.6.x
CR 7002787: OpenSSO 8.0 Update 2 is not working with Active Directory Data Store
CR 6897101: After a login to a non-default realm, user experiences multiple logins after a timeout
CR 6983035: Remote console with OpenSSO server returns errors after a session timeout
3. Installing OpenSSO 8.0 Update 2
4. Using the Security Token Service
5. Using the Oracle OpenSSO Fedlet
6. Integrating the OpenSSO 8.0 Update 2 with Oracle Access Manager
OpenSSO 8.0 Update 2 patch 3 is available as patch ID 141655-07 on the My Oracle Support site. Other information about this patch includes:
Other issues related to this bug include:
Bug 12361318: OpenSSO 8.0 Update 2 patch 1 ssoadm command returns null pointer exception with GlassFish v2.1.1 patch 10
Bug 12305906: Convergence SSO is not working when OpenSSO is deployed with GlassFish v2.1.1 patch 7 and later
These problems occur with GlassFish v2.1.1 patch 7 and later patches because of an incompatibility with the JAX-RPC JAR files.
Workaround. Downgrade to GlassFish v2.1.1 patch 6.
Bug 12307986: OpenSSO client SDK caches URL policy decision with correct methods
Bug 12309423: Inconsistent session timeout behavior is fixed
In patch 3, the OpenSSO client SDK caches the URL policy decision with all correct methods for a policy. Previously, only the URL policy decision for the method being accessed was cached.
For the Policy Service to return the policy actions for a given policy, the following property must be set in the OpenSSO client SDK configuration:
com.sun.identity.policy.client.cache.combine.actionItems.enabled=true
By default, this value is set to false.
Patch 3 fixes an inconsistent session timeout behavior. In some cases, OpenSSO server displayed the Login page rather than the Session Timeout page.
However, for the Session Timeout page to be displayed, the Purge Delay value must be greater than 0 (zero).