Release Notes for Oracle Insurance Gateway Patch 3.21.3.0.4

This document contains the release notes for Oracle Insurance Gateway Patch 3.21.3.0.4.

Version compatibility: Oracle Insurance Gateway Release 3.21.3.x is only compatible with other Oracle Health Insurance applications release version 3.21.3.x unless explicitly stated otherwise.
In accordance with the OHI error correction policy (Document 1494031.1 on My Oracle Support), error correction support will be provided for this release and the previous two releases.

Enhancements

ID Summary Description Included in Patch

NXT-21416

Use Vault as alternative secrets store with WebLogic deployments

Next to Fusion Middleware / WebLogic Oracle Platform Security Services (OPSS), OHI applications also support HashiCorp Vault as alternative secrets store. See the Installation Guide for details.

OIG-2218

Reduce the number of REST clients

With this enhancement, the rest-client ID used for rest destination will be the destination code instead of the <integration_code>-<integration-step-code> leading to more optimal use of costly rest-client objects.

Upgrade Steps for Installation

To perform the upgrade, perform the following steps:

  1. Perform any pre-upgrade steps.

  2. Stop all the managed nodes running the .existing version of the application.

  3. Perform any pre-undeploy steps.

  4. Undeploy the existing version of the application.

  5. Back up the database.

  6. Perform any post-undeploy steps.

  7. Unpack the release bundle into a directory that we refer to as OHI_ROOT from now on.

  8. Change Installation Configuration: In <OHI_ROOT>/util/install, make a copy of ohi_install.cfg.template and name it ohi_install.cfg.

  9. Edit ohi_install.cfg to contain your specific database connection data and other configuration settings. The settings are explained in the file itself.

  10. Make sure NO connections are present to the database using the OHI_xxx_USER account (where xxx is the abbreviation of the application)

  11. Run the Upgrade script:

    1. Open a command window and browse to <OHI_ROOT>/util/install.

    2. Run the upgrade by executing ./ohi-update.sh .

  12. Make the required changes to the ohi properties file

  13. Perform any post-upgrade steps

  14. Start WebLogic application server

  15. Deploy the Application

  16. Perform any post-deploy steps

Additional Upgrade Steps for Installation

The following phases are defined:

  1. pre-upgrade: Application is still running

  2. pre-undeploy: Application is stopped, but not undeployed.

  3. post-undeploy: Application is undeployed. Database is backed up

  4. post-upgrade: Released upgrade script has run.

  5. post-deploy: New application is deployed and is up and running.

Stage: pre-upgrade

Action: execute the following query to find future duplicates

select usrs.login_name
,      dupes.alias
from   ohi_users usrs
,      ohi_user_preferences uspr
,      (select uspr_id
        ,      alias
        from   ohi_bookmarks
        group  by uspr_id
        ,      alias
        having count(*) > 1
       ) dupes
where  uspr.id = dupes.uspr_id
and    usrs.id = uspr.usrs_id

This query lists bookmark aliases per user that have more than one occurrence and will violate the new unique contraint. Update the alias of the violations such that there are no more duplicates

Configuration Properties

Ref Action Subject Description

NXT-21416

Added

ohi.vault.environment.identifier

To distinguish secrets on a per OHI application instance basis

NXT-21416

Added

ohi.secure.secrets.store

The type of store the OHI application uses for secrets

NXT-21416

Added

ohi.vault.kv.secrets.engine

By default, OHI applications assume that Vault’s Key-Value secrets engine is enabled at root path "secret"

NXT-21416

Added

ohi.vault.address

Vault address. Must use HTTPS

NXT-21416

Added

ohi.vault.namespace

OHI specific Vault namespace section, under the path determined by properties ohi.vault.kv.secrets.engine/ohi.vault.namespace to look for secrets

NXT-21416

Added

ohi.vault.token

Vault token

NXT-21416

Added

ohi.vault.clientpem.url

Resource URL to Vault Client pem

NXT-21416

Added

ohi.vault.pem.url

Resource URL to Vault pem

NXT-21416

Added

ohi.vault.clientkeypem.url

Resource URL to Vault Client Key pem

Web Services

This section intentionally left blank.

Data Conversion

This section intentionally left blank.

Dynamic Logic

This section intentionally left blank.

UI Changes

This section intentionally left blank.

Deprecated items (to be removed in future release)

This section intentionally left blank.

Breaking Changes

Ref Action Subject Description

OIG-2218

Modified

OAuth Rest Client Configuration

For an OAuth configuration defined using api/generic/oauthclientcredentialsgrantconfigurations API, the rest client Id should be replaced with the destination code instead of <integration_code>-<integration-step-code>.

OIG-2218

Modified

Eclipse Integrations for Sending Outbound Requests to the Agency

For Eclipse integration containing rest destination with PRODA as the authentication feature the audience defined using ohi.integration.australia.eclipse.service.provider.<REST Client ID>.audience and service provider defined using ohi.integration.australia.eclipse.service.provider.<REST Client ID> should be modified to use destination code as the rest client Id.

Bug Fixes

BugDB SR Internal BP Summary

33587596

OIG-2313

BP

Boilerplate texts are not loading for some of the timestamp formats.

Description:

Boilerplate texts were not loading when provided timestamp was in different formats.

Resolution:

Fix was made to load boilerplate texts for different timestamp formats.

33641567

3-27463122071

OIG-2336

BP

Removing column URI from OHI_BOOKMARK_UK1

Description:

In 3.21.3.0.0 unique constraint OHI_BOOKMARK_UK1 was created on the combination of user preferences, alias and URI of the bookmark. The URI column should be removed from the constraint.

Resolution:

The attribute URI is removed from the Unique Key on Bookmarks

33664455

OIG-2340

BP

CMT import stops when a Dynamic Logic contains regexp character(s) fails

Description:

When import of dynamic logic containing regexp character(s) fails (for example if the dynamic logic referenced in that dynamic logic could not be found), then CMT stops importing any other entities and the result is shown as success.

Resolution:

CMT import is shown as failure when import of dynamic logic with regexp character(s) fails. And all the other entities are imported.

33665867

OIG-2342

GET on "/keystores" immediately after restarting the system did not always show existing key stores

Description:

In some cases the GET request returned an HTTP 204 No Content response.

Resolution:

Timely cache initialization fixed the issue.

Issues that were backported in previous Release / Patch

No backports.