Affects Version/s: 13.5.0, 13.5.1, 14.0.0, 14.1.0, 14.1.1
SmsServerPropertiesResource removes password when unchanged.
1. run ldapsearch to check "org.forgerock.services.cts.store.password" exists :
2. login to admin console
3. click [Configure] -> [Server Defaults] -> [Advanced] tab
4. scroll down and change "org.forgerock.services.cts.store.max.connections" to 11.
5. click [Save Changes]
6. run ldapsearch again to check "org.forgerock.services.cts.store.password" still exists :
NOTE: if you've already configured session failover and CTS store per instance, then you might see more than one "org.forgerock.services.cts.store.password" so you need to check the value under server-default
Always specify org.forgerock.services.cts.store.password when making a change on server default advanced tab.
Fix to OPENAM-11850 has made SmsServerPropertiesResource to remove "org.forgerock.services.cts.store.password" from "newValues" lists. This tricked removeUnusedAdvancedAttributes() method that "org.forgerock.services.cts.store.password" is no longer needed and therefore need to be removed.
The fix would be to skip removing attributes that are listed in "PASSWORD_ATTRIBUTES". The downside is that this way, users wouldn't be able to remove "PASSWORD_ATTRIBUTES" from XUI Advanced tab.