Release Notes for Oracle Health Insurance Claims Adjudication Patch 4.25.1.0.17

This document contains the release notes for Oracle Health Insurance Claims Adjudication Patch 4.25.1.0.17.

Version compatibility: Oracle Health Insurance Claims Adjudication Release 4.25.1.x is only compatible with other Oracle Health Insurance applications release version 4.25.1.x unless explicitly stated otherwise.

In accordance with the OHI error correction policy (Document 1494031.1 on My Oracle Support), error correction support will be provided for this release and the previous two releases.

Enhancements

ID	Summary	Patch
CPN-4206	Introduced additional attributes in security logs for enhancing log auditing and parsing capabilities Introduced the following new attributes in security logs: eventCategory: All security events are categorized into distinct categories. This attribute holds the category assigned to the security event being logged. eventType: Brief summary of the security event being logged. eventOutcome: Outcome of the event. Possible values: Success or Failure. eventSeverity: Describes the severity of the event. Possible values: INFO, WARN or ERROR. httpStatusCode: Http response code of the request for which the event is being logged. This will be null whenever the code is not deterministic at the time of event. failureReason: Briefly describes the reason of failure. This attribute will be non-null only where relevant. apiEndpoint: Holds the API endpoint to which the request was sent. session ID: Identifies the session provided by the caller. Applicable to SaaS and UI requests. access token ID: Identifies the access token associated with the request. Applicable to SaaS and non-UI requests Documentation Links: Administration Guide - Application - Security Logs Generated in Oracle Health Insurance Administration Guide - Fetch Security Logs through API
CPN-4207	Enhanced PHI access logs to include access scope, session ID and access token ID Enhanced PHI access logs to include three new attributes: access scope: Indicates whether a single record or multiple records are accessed within a transaction. session ID: Identifies the session provided by the caller. Applicable to SaaS and UI requests. access token ID: Identifies the access token associated with the request. Applicable to SaaS and non-UI requests. Documentation Links: Security Guide - User Access - Resource Auditing
NXT-32471	Improve handling of HTTP error: 401 UnAuthorized in JET UI With this enhancement, OHI uses system property OHI_DEPLOYMENT_TYPE to handle HTTP 401 error. When this property value is set to "CLOUD", this will force a "401" response to re-direct the OHI JET login page when the IDCS OpenID session cookie is missing/expired.

Summary

Patch

CPN-4206

Introduced additional attributes in security logs for enhancing log auditing and parsing capabilities

Introduced the following new attributes in security logs:

eventCategory: All security events are categorized into distinct categories. This attribute holds the category assigned to the security event being logged.
eventType: Brief summary of the security event being logged.
eventOutcome: Outcome of the event. Possible values: Success or Failure.
eventSeverity: Describes the severity of the event. Possible values: INFO, WARN or ERROR.
httpStatusCode: Http response code of the request for which the event is being logged. This will be null whenever the code is not deterministic at the time of event.
failureReason: Briefly describes the reason of failure. This attribute will be non-null only where relevant.
apiEndpoint: Holds the API endpoint to which the request was sent.
session ID: Identifies the session provided by the caller. Applicable to SaaS and UI requests.
access token ID: Identifies the access token associated with the request. Applicable to SaaS and non-UI requests

Documentation Links:
Administration Guide - Application - Security Logs Generated in Oracle Health Insurance
Administration Guide - Fetch Security Logs through API

CPN-4207

Enhanced PHI access logs to include access scope, session ID and access token ID

Enhanced PHI access logs to include three new attributes:

access scope: Indicates whether a single record or multiple records are accessed within a transaction.
session ID: Identifies the session provided by the caller. Applicable to SaaS and UI requests.
access token ID: Identifies the access token associated with the request. Applicable to SaaS and non-UI requests.

Documentation Links:
Security Guide - User Access - Resource Auditing

NXT-32471

Improve handling of HTTP error: 401 UnAuthorized in JET UI

With this enhancement, OHI uses system property OHI_DEPLOYMENT_TYPE to handle HTTP 401 error. When this property value is set to "CLOUD", this will force a "401" response to re-direct the OHI JET login page when the IDCS OpenID session cookie is missing/expired.

Upgrade Steps for Installation

To perform the upgrade, perform the following steps:

Perform any pre-upgrade steps.
Stop all the managed nodes running the existing version of the application.
Perform any pre-undeploy steps.
Undeploy the existing version of the application.
Back up the database.
Perform any post-undeploy steps.
Unpack the release bundle into a directory that we refer to as OHI_ROOT from now on.
Change Installation Configuration: In <OHI_ROOT>/util/install, make a copy of ohi_install.cfg.template and name it ohi_install.cfg.
Edit ohi_install.cfg to contain your specific database connection data and other configuration settings. The settings are explained in the file itself.
Make sure NO connections are present to the database using the OHI_xxx_USER account (where xxx is the abbreviation of the application)
Run the Upgrade script:
1. Open a command window and browse to <OHI_ROOT>/util/install.
2. Run the upgrade by executing ./ohi-update.sh .
Make the required changes to the ohi properties file
Perform any post-upgrade steps
Start WebLogic application server
Deploy the Application
Perform any post-deploy steps

Configuration Properties

This section intentionally left blank.

Web Services

Ref Action Description

Ref	Action	Description
CPN-4206	Modified	logsecurityevents Added eight new attributes: `eventCategory`, `eventType`, `eventOutcome`, `eventSeverity`, `httpStatusCode`, `failureReason`, `apiEndpoint`, `sessionId`, `accessTokenId`.
CPN-4207	Modified	logphievents Added three new attributes: `accessScope`, `sessionId`, and `accessTokenId`.

CPN-4206

Modified

logsecurityevents

Added eight new attributes: eventCategory, eventType, eventOutcome, eventSeverity, httpStatusCode, failureReason, apiEndpoint, sessionId, accessTokenId.

CPN-4207

Modified

logphievents

Added three new attributes: accessScope, sessionId, and accessTokenId.

Data Conversion

This section intentionally left blank.

Dynamic Logic

This section intentionally left blank.

UI Changes

This section intentionally left blank.

Breaking Changes

This section intentionally left blank.

Access Restrictions

This section intentionally left blank.

Bug Fixes

BugDB	SR	Internal	Summary
39216981		NXT-34016	Clicking Re-imbursement Method deeplink redirects the user to search page instead of the specific detail page for a record
Description:	When user opens Applied Pricing (header or at Line) and then clicks on Re-imbursement Method, application opens a blank fee-schedule search page instead of opening the fee-schedule detail page for particular code.
Resolution:	Fix added to open specific detail page on clicking re-imbursement method deeplink for applicable methods. However, table pages require explicit search to see the particular method.
39246265		NXT-34044	Error handling is missing when user triggers build and download action while another is in progress
Description:	When user navigates to config migration sets and triggers build and download, popup closes and reopens for every click. This is observed while another build is still in progress.
Resolution:	Error message is displayed to the user when build and download action is triggered for config migration set while another build is in progress.
38957305		NXT-33604	View Technical Errors : Page is not loading when the user switches between other tabs
Description:	Page is not loading when selecting value from reference field (LOV) on quick search and switch between other tabs after that.
Resolution:	Quick search caching handled on reference field (LOV) and now there is no error switching to other tabs and re-visiting the page
39163804		NXT-33960	Improve resilience for Object Storage file downloads from ohi when long-running data file processing causes HTTP streams to remain open for extended periods, reducing failures from truncated responses.
Description:	File downloads from OCI Object Storage could intermittently fail during long-running reads with truncated-response errors such as ConnectionClosedException (“Premature end of Content-Length delimited message body”). Because OHI ObjectStorageDataFileReader relied on a single InputStream, any mid-transfer interruption caused the CSV reader to receive only a partial payload, resulting in exchange failure. Need implementation to supports retry and byte-range resume for interrupted downloads.
Resolution:	Enhanced Object Storage download handling for scenarios where data files are processed slowly and the HTTP stream remains open for an extended period. Previously, long-running reads could fail with truncated-response errors such as ConnectionClosedException, causing the CSV reader to receive incomplete content and the exchange to fail. The implementation now improves resilience by retrying interrupted downloads and resuming from the last successfully read byte offset, while failing only after 3 consecutive recovery attempts without progress.
39209051		NXT-34007	CtrClaimUnfinalizeReason page does not show any version with Unfinalize reasons
Description:	CTR unfinalize reason details are displayed in the Unfinalize reasons dialog without being filtered based on version selected in Claims Version dropdown.
Resolution:	Ctrclaim unfinalize reasons are displayed based on the selected claim version.
39160101		NXT-33956	Memory exhaustion in Gateway due to dynamic logic creating multiple data files in Object Storage
Description:	A problem was identified where memory was not being properly freed after using writers in dynamic logic to create data files in Object Storage. When many files were created over time, this unused memory built up and could eventually cause the application to run out of memory and fail.
Resolution:	The cleanup process has been improved to ensure that memory and related resources are fully released whenever the writer is closed. By default, the system closes writers at the end of a dynamic logic transaction automatically thereby releasing the memory. However, in case multiple writers are opened within a single dynamic logic, memory exhaustion could still happen at runtime. It is therefore recommended to close readers and writers explicitly in dynamic logic. Please investigate if explicit closure of readers and writers is implemented in the dynamic logics.
39272977		NXT-34096	Flexcodes configured as reftype in sets and labels of Results in Claims Search returns error in console
Description:	When flexcodes are configured as reftype in sets and in labels of results component in claims search page, it results in error and page doesn’t load with quick search and advance search links
Resolution:	Search page works fine with flexcodes configured in the floorplan
38644674		NXT-32966	CMT Import fails when a field definition is updated with extended length
Description:	When doing CMT import, if a flex code is imported with similar datatype but field length that is greater than the target system flex code field length then an error is raised.
Resolution:	CMT import is fixed to allow import of fields with similar datatype but increase length without raising an error message.
38819416	4-0001350333	NXT-33314	Reading large files from object storage fails due to non-configurable read timeout.
Description:	OHI does not provide configurable timeout settings (connection and read timeouts) while reading or streaming files from Object Storage (OS). As a result, file read operations rely on default OCI SDK timeout values, which are not suitable for large files or long-running streaming use cases.
Resolution:	Support for configurable Object Storage timeouts has been added to improve reliability when processing large files and long-running streaming workloads. Two new properties are now available: a. ohi.object.storage.read.timeout.millis b. ohi.object.storage.connect.timeout.millis Both default to 60,000 ms (60 seconds) and can be increased as needed to prevent read timeouts errors during extended Object Storage operations
39250114		NXT-34047	Cleared Value at Service Definition Level are not reflected in Claims after import
Description:	When a configured value such as a procedure group is deleted in PRD service definition, that deletion is not propagated to Claims during data import/sync. As a result, Claims continues to retain and use the stale value, creating a mismatch between PRD master data and Claims runtime data.
Resolution:	The issue is resolved by enhancing the Claims import logic to perform full delta reconciliation against PRD service-definition data, not just insert and update operations. With this change, values removed in PRD, are also removed in Claims during import, keeping both systems consistent.
38814432		NXT-33301	Autoresolve does not work in combination with message group
Description:	Pend reasons are not removed on auto resolve when external intervention rule has condition and message group and the message that caused the claim/claim line to pend is no longer present on them.
Resolution:	Pend reasons are now removed on auto resolve when external intervention rule has condition and message group and the message that caused the claim/claim line to pend is no longer present on them.
39256313		NXT-34080	Activities stuck in Processing due to 'unknown user type' error
Description:	Some activities are stuck in processing due to below error com.tangosol.util.WrapperException: (Wrapped) unknown user type: com.oracle.healthinsurance.activityprocessing.domain.components.StuckActivityCacheClearEvent
Resolution:	The 'unknown user type' error is no more seen in the logs

BugDB

Internal

Summary

39216981

NXT-34016

Clicking Re-imbursement Method deeplink redirects the user to search page instead of the specific detail page for a record

Description:

When user opens Applied Pricing (header or at Line) and then clicks on Re-imbursement Method, application opens a blank fee-schedule search page instead of opening the fee-schedule detail page for particular code.

Resolution:

Fix added to open specific detail page on clicking re-imbursement method deeplink for applicable methods. However, table pages require explicit search to see the particular method.

39246265

NXT-34044

Error handling is missing when user triggers build and download action while another is in progress

Description:

When user navigates to config migration sets and triggers build and download, popup closes and reopens for every click. This is observed while another build is still in progress.

Resolution:

Error message is displayed to the user when build and download action is triggered for config migration set while another build is in progress.

38957305

NXT-33604

View Technical Errors : Page is not loading when the user switches between other tabs

Description:

Page is not loading when selecting value from reference field (LOV) on quick search and switch between other tabs after that.

Resolution:

Quick search caching handled on reference field (LOV) and now there is no error switching to other tabs and re-visiting the page

39163804

NXT-33960

Improve resilience for Object Storage file downloads from ohi when long-running data file processing causes HTTP streams to remain open for extended periods, reducing failures from truncated responses.

Description:

File downloads from OCI Object Storage could intermittently fail during long-running reads with truncated-response errors such as ConnectionClosedException (“Premature end of Content-Length delimited message body”). Because OHI ObjectStorageDataFileReader relied on a single InputStream, any mid-transfer interruption caused the CSV reader to receive only a partial payload, resulting in exchange failure. Need implementation to supports retry and byte-range resume for interrupted downloads.

Resolution:

Enhanced Object Storage download handling for scenarios where data files are processed slowly and the HTTP stream remains open for an extended period. Previously, long-running reads could fail with truncated-response errors such as ConnectionClosedException, causing the CSV reader to receive incomplete content and the exchange to fail. The implementation now improves resilience by retrying interrupted downloads and resuming from the last successfully read byte offset, while failing only after 3 consecutive recovery attempts without progress.

39209051

NXT-34007

CtrClaimUnfinalizeReason page does not show any version with Unfinalize reasons

Description:

CTR unfinalize reason details are displayed in the Unfinalize reasons dialog without being filtered based on version selected in Claims Version dropdown.

Resolution:

Ctrclaim unfinalize reasons are displayed based on the selected claim version.

39160101

NXT-33956

Memory exhaustion in Gateway due to dynamic logic creating multiple data files in Object Storage

Description:

A problem was identified where memory was not being properly freed after using writers in dynamic logic to create data files in Object Storage. When many files were created over time, this unused memory built up and could eventually cause the application to run out of memory and fail.

Resolution:

The cleanup process has been improved to ensure that memory and related resources are fully released whenever the writer is closed. By default, the system closes writers at the end of a dynamic logic transaction automatically thereby releasing the memory. However, in case multiple writers are opened within a single dynamic logic, memory exhaustion could still happen at runtime.

It is therefore recommended to close readers and writers explicitly in dynamic logic. Please investigate if explicit closure of readers and writers is implemented in the dynamic logics.

39272977

NXT-34096

Flexcodes configured as reftype in sets and labels of Results in Claims Search returns error in console

Description:

When flexcodes are configured as reftype in sets and in labels of results component in claims search page, it results in error and page doesn’t load with quick search and advance search links

Resolution:

Search page works fine with flexcodes configured in the floorplan

38644674

NXT-32966

CMT Import fails when a field definition is updated with extended length

Description:

When doing CMT import, if a flex code is imported with similar datatype but field length that is greater than the target system flex code field length then an error is raised.

Resolution:

CMT import is fixed to allow import of fields with similar datatype but increase length without raising an error message.

38819416

4-0001350333

NXT-33314

Reading large files from object storage fails due to non-configurable read timeout.

Description:

OHI does not provide configurable timeout settings (connection and read timeouts) while reading or streaming files from Object Storage (OS). As a result, file read operations rely on default OCI SDK timeout values, which are not suitable for large files or long-running streaming use cases.

Resolution:

Support for configurable Object Storage timeouts has been added to improve reliability when processing large files and long-running streaming workloads. Two new properties are now available: a. ohi.object.storage.read.timeout.millis b. ohi.object.storage.connect.timeout.millis

Both default to 60,000 ms (60 seconds) and can be increased as needed to prevent read timeouts errors during extended Object Storage operations

39250114

NXT-34047

Cleared Value at Service Definition Level are not reflected in Claims after import

Description:

When a configured value such as a procedure group is deleted in PRD service definition, that deletion is not propagated to Claims during data import/sync. As a result, Claims continues to retain and use the stale value, creating a mismatch between PRD master data and Claims runtime data.

Resolution:

The issue is resolved by enhancing the Claims import logic to perform full delta reconciliation against PRD service-definition data, not just insert and update operations. With this change, values removed in PRD, are also removed in Claims during import, keeping both systems consistent.

38814432

NXT-33301

Autoresolve does not work in combination with message group

Description:

Pend reasons are not removed on auto resolve when external intervention rule has condition and message group and the message that caused the claim/claim line to pend is no longer present on them.

Resolution:

Pend reasons are now removed on auto resolve when external intervention rule has condition and message group and the message that caused the claim/claim line to pend is no longer present on them.

39256313

NXT-34080

Activities stuck in Processing due to 'unknown user type' error

Description:

Some activities are stuck in processing due to below error com.tangosol.util.WrapperException: (Wrapped) unknown user type: com.oracle.healthinsurance.activityprocessing.domain.components.StuckActivityCacheClearEvent

Resolution:

The 'unknown user type' error is no more seen in the logs

Issues that were backported in previous Release / Patch

No backports.