Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-14832

triggerSyncProperties does not work when using an encrypted password

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 6.5.0.2, 6.5.0.3
    • Fix Version/s: 7.1.0, 6.5.1.0
    • Environment:
      Current customer environment 6.5.0.2. I have test 6.5.0.3 issue occurs there as well
    • Target Version/s:
    • Verified Version/s:
    • Story Points:
      1
    • Sprint:
      2020.11 - IDM, 2020.12 - IDM, 2020.13 - IDM
    • Support Ticket IDs:

      Description

      Set up the following to reproduce the issue:

      When specifying an encrypted attribute in the JSON array (i.e. password), any change made to any other attribute (i.e. title, address1, address2, city, etc.) which are not specified in the JSON array cause a synchronization to occur. If I remove the encrypted attribute, the behavior performs as expected.

      Sample sync.json:

       

      "target" : "system/userStore/account",
      "source" : "managed/user",
      "name" : "managedUser_systemUserstoreAccount",
      "displayName" : "managedUser_systemUserstoreAccount",
      "triggerSyncProperties" : [
      "/givenName",
      "/sn",
      "/password"
      ],
      

       

       

      {
      "source": "password",
      "target": "userPassword",
      "transform": {
      "type": "text/javascript",
      "globals": { },
      "source": "openidm.decrypt(source);"
      }
      },
      

       

      A change to ANY property in the managed/user schema causes a synchronization to occur to DS.

      If I remove the password attribute from the JSON array as follows:

       

      {
      "target" : "system/userStore/account",
      "source" : "managed/user",
      "name" : "managedUser_systemUserstoreAccount",
      "displayName" : "managedUser_systemUserstoreAccount",
      "triggerSyncProperties" : [
      "/givenName",
      "/sn"
      ],
      

       

      Synchronization occurs ONLY if the givenName or sn attributes change.  I have attached a sync.json that I used to reproduce the issue.

        Attachments

          Activity

            People

            • Assignee:
              travis.haagen Travis Haagen
              Reporter:
              jesse.ontiveros Jesse Ontiveros
            • Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: