Delegates Are Able To Attest Own Access, Even If Prevent Self-certification Is Enabled (Doc ID 2242392.1)

Last updated on APRIL 25, 2017

Applies to:

Oracle Identity Analytics - Version 11.1.1.5.8 and later
Information in this document applies to any platform.

Symptoms

On : 11.1.1.5.8 version, the delegates are able to attest to their own access, even if “prevent self-certification” is enabled. This happens for delegates/certifiers for whom the rbx_admin are created directly.

The issue can be reproduced at will with the following steps:
- Create a global user - testuser1002
- Create a rbx user - testuser1002
- check the rbx_users table, the user_id field is empty/null.

- Create a global user - testuser5414
- Create a certification and make testuser5414 certifier
- OIA creates new rbx_user testuser5414 and in this case, user_id
field as user_id field filled in with user_key from globaluser table.

- Now create certificate for testuser1002. Make a scenario where testuser1002 is included in the certification and the certifier is also testuser1002 (self-certification use case)
- Here, you will see check box for certifier to certify his/her own access even when self - certification is disabled.


Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms