Delegates Are Able To Attest Own Access, Even If Prevent Self-certification Is Enabled
Last updated on APRIL 25, 2017
Applies to:Oracle Identity Analytics - Version 22.214.171.124.8 and later
Information in this document applies to any platform.
On : 126.96.36.199.8 version, the delegates are able to attest to their own access, even if “prevent self-certification” is enabled. This happens for delegates/certifiers for whom the rbx_admin are created directly.
The issue can be reproduced at will with the following steps:
- Create a global user - testuser1002
- Create a rbx user - testuser1002
- check the rbx_users table, the user_id field is empty/null.
- Create a global user - testuser5414
- Create a certification and make testuser5414 certifier
- OIA creates new rbx_user testuser5414 and in this case, user_id
field as user_id field filled in with user_key from globaluser table.
- Now create certificate for testuser1002. Make a scenario where testuser1002 is included in the certification and the certifier is also testuser1002 (self-certification use case)
- Here, you will see check box for certifier to certify his/her own access even when self - certification is disabled.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms