All new source files must begin with the following copyright notice, which should be adapted accordingly for non-Java source code (e.g. XML, properties, etc):
/* * Copyright 20192020 ForgeRock AS. All Rights Reserved * * Use of this code requires a commercial software license with ForgeRock AS. * or with one of its affiliates. All use shall be exclusively subject * to such license between the licensee and ForgeRock AS. */
OPENAM-12345 Adjust LDAP connection settings.
OPENAM-12345 Eliminate XSS in /json/sessions endpoint - mentions a specific vulnerability and/or endpoint
OPENAM-12345 Fix issue reported by customer - customers often report security issues, so this is a red flag
OPENAM-12345 JWT validation - NB even something as simple as this should be avoided as bugs in validation are almost always security issues
If in doubt, leave it out!