The following Web SQL functions have changed their internal implementation. This may cause unexpected behavior in custom components that rely on details of the old implementation.
Due to security considerations, it is not recommended to execute arbitrary SQL statements from the web application layer. When the web application is installed on top of the new application server, execution of arbitrary SQL statements generates an exception.
This change affects all "Database query" type collections defined in Web Designer components.
All SQL statements must be encapsulated as "predefined SQL statements" (QBMLimitedSQL-type objects) and stored in the database. Refer to the One Identity Manager Configuration Guide for more information on how to define predefined SQL statements.
For additional security, predefined SQL statements must be assigned to permission groups. Execution of predefined SQL statements always occurs with the permissions of the user who is logged in to the web application can.
Note that WHERE clauses, as well as the WebSQL functions Exists and GetSingleProperty, are not considered "arbitrary SQL statements" and may be used as before.