OIM API Allows Simultaneous User Creation Requests Bypassing Validation When Using Platform.getService()
Last updated on JUNE 15, 2017
Applies to:Identity Manager - Version 18.104.22.168.10 and later
Information in this document applies to any platform.
OIM API allows simultaneous user creation requests bypassing validation when Platform.getService is used in custom plugins.
For example: OIM API for user create -> oracle.iam.identity.usermgmt.api.UserManager#create(oracle.iam.identity.usermgmt.vo.User p1) can be called from a separate threads which uses Platform.getService and this results in identical users created in OIM without check for uniqueness validation.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms