Skip Headers
Oracle® OpenSSO 8.0 Update 2 Release Notes
Release 8.0

Part Number E28339-03
Go to Documentation Home
Go to Table of Contents
Go to Feedback page
Contact Us

Go to previous page
View PDF

7 Documentation Errata

This chapter describes errata for documentation in the Oracle OpenSSO Enterprise 8.0 library:

This chapter includes these sections:

7.1 Bug 12271951: OpenSSO server and agents must be restarted after patch installation

The OpenSSO documentation does not mention that after you upgrade (or downgrade) an OpenSSO installation by installing an OpenSSO patch, you must restart the OpenSSO server and all policy agents that you have deployed.

7.2 Bug 12654373: script generates harmless errors

The Sun OpenSSO Enterprise 8.0 Administration Guide does not mention that if you upgrade from an OpenSSO 8.0 Update 1 patch to an OpenSSO 8.0 Update 2 patch and the user store and configuration store use the same LDAP directory server, errors can be generated when you run the script. (These errors do not occur if the user store and configuration store use different LDAP directory servers.)

Check the script logs to determine if the upgrade is successful and the schema is applied correctly. If there are no fatal errors in the log, you can ignore the the script errors.

7.3 Bug 14310764: Camel case required for parameter

References in the OpenSSO 8.0 documentation (and the Access Manager 7.1 file) show this parameter with all lowercase letters, but that format does not set the idle timeout value for agent sessions.


When you set the idle timeout value, specify the parameter as follows:

7.4 Bug 12289903: nsRoleDN attribute is not fetched by default

In OpenSSO, the nsRoleDN attribute is not fetched by default. (In previous releases such as Access Manager 7.1, nsRoleDN was fetched by default.)


In the OpenSSO Administration Console, add the nsRoleDN attribute to the LDAP User Attributes list, as follows:

  1. In the OpenSSO Administration Console, click Access Control, /(Top Level Realm), Data Stores, and then the Sun DS With OpenSSO Schema data store.

  2. In the LDAP User Attributes section, add the nsrole and nsRoleDN attributes.

  3. Click Save.

  4. Restart the OpenSSO server.

7.5 Bug 14695234: Documentation needed for property

The OpenSSO documentation does not fully describe the property.

The property is used for the Network Security Services for Java (JSS). When the property is enabled (set to true), OpenSSO checks if the IP address of the OpenSSO server resolves to the host name in the request.

If the IP address resolves to the host name, OpenSSO continues the request. If the IP address does not resolve to the host name, the request fails and is not completed.

The default value for is false.

See Also:

"JSS Certificate Database Properties" in the OpenSSO Enterprise 8.0 Developer's Guide:

7.6 Bug 12260633: OpenSSO support on Red Hat Enterprise Linux 4 and 5 is clarified

The Sun OpenSSO Enterprise 8.0 Release Notes state that OpenSSO Enterprise 8.0 is supported on these platforms:

However, for both versions, "on AMD servers" should be removed.

See Also:

Section 1.2, "Hardware and Software Requirements For OpenSSO 8.0 Update 2" for the current list of supported platforms.

7.7 Bug 12273592: OpenSSO 8.0 online help servers and sites documentation is inconsistent

The Oracle OpenSSO Admin Console online help has an incorrect definition for the Secondary URL under Configuration, Servers and Sites. This incorrect definition actually applies to an OpenSSO session failover configuration.

In OpenSSO 8.0, you cannot associate the same OpenSSO server instance with multiple sites, which you could do with Access Manager 7.x. For example, in Access Manager 7.x, you could assign the server to multiple sites. For example:


In OpenSSO 8.0, to associate the same server with multiple sites, follow these steps in the OpenSSO Admin Console:

  1. Define the main load balancer host and port as the primary site. For example:
  2. Assign the relevant OpenSSO server instances to this site. To use a second load balancer:

    1. Select the site that you defined in the previous step.

    2. Under Secondary URL, add the URL for the second load balancer. For example:
  3. Under Access Control, realm-name, and then General, add the relevant hostname for both load balancers to the Realm/DNS Aliases, where realm-name is the realm under which you want action taken for the load balancers. Otherwise, you might get errors when you try to access OpenSSO via the load balancer.

7.8 Bug 12335605: Documentation has incorrect references to site

Several of the OpenSSO Policy Agent 3.0 guides include references to the site to download the file.

However, the file based on JAX-WS is not supported in OpenSSO Enterprise 8.0 releases. Therefore, it is recommended that you do not download and use this file in your deployment. If you need the comparable files, contact Oracle Support.