Release Notes for Oracle Insurance Gateway Patch 3.21.3.0.4
This document contains the release notes for Oracle Insurance Gateway Patch 3.21.3.0.4.
Version compatibility: Oracle Insurance Gateway Release 3.21.3.x is only compatible with other Oracle Health Insurance applications release version 3.21.3.x unless explicitly stated otherwise. |
In accordance with the OHI error correction policy (Document 1494031.1 on My Oracle Support), error correction support will be provided for this release and the previous two releases. |
Enhancements
ID | Summary | Description | Included in Patch |
---|---|---|---|
NXT-21416 |
Use Vault as alternative secrets store with WebLogic deployments |
Next to Fusion Middleware / WebLogic Oracle Platform Security Services (OPSS), OHI applications also support HashiCorp Vault as alternative secrets store. See the Installation Guide for details. |
|
OIG-2218 |
Reduce the number of REST clients |
With this enhancement, the rest-client ID used for rest destination will be the destination code instead of the <integration_code>-<integration-step-code> leading to more optimal use of costly rest-client objects. |
Upgrade Steps for Installation
To perform the upgrade, perform the following steps:
-
Perform any pre-upgrade steps.
-
Stop all the managed nodes running the .existing version of the application.
-
Perform any pre-undeploy steps.
-
Undeploy the existing version of the application.
-
Back up the database.
-
Perform any post-undeploy steps.
-
Unpack the release bundle into a directory that we refer to as OHI_ROOT from now on.
-
Change Installation Configuration: In
<OHI_ROOT>/util/install
, make a copy ofohi_install.cfg.template
and name itohi_install.cfg
. -
Edit
ohi_install.cfg
to contain your specific database connection data and other configuration settings. The settings are explained in the file itself. -
Make sure NO connections are present to the database using the OHI_xxx_USER account (where xxx is the abbreviation of the application)
-
Run the Upgrade script:
-
Open a command window and browse to
<OHI_ROOT>/util/install
. -
Run the upgrade by executing
./ohi-update.sh .
-
-
Make the required changes to the ohi properties file
-
Perform any post-upgrade steps
-
Start WebLogic application server
-
Deploy the Application
-
Perform any post-deploy steps
Additional Upgrade Steps for Installation
The following phases are defined:
|
Stage: pre-upgrade
Action: execute the following query to find future duplicates
select usrs.login_name
, dupes.alias
from ohi_users usrs
, ohi_user_preferences uspr
, (select uspr_id
, alias
from ohi_bookmarks
group by uspr_id
, alias
having count(*) > 1
) dupes
where uspr.id = dupes.uspr_id
and usrs.id = uspr.usrs_id
This query lists bookmark aliases per user that have more than one occurrence and will violate the new unique contraint. Update the alias of the violations such that there are no more duplicates
Configuration Properties
Ref | Action | Subject | Description |
---|---|---|---|
NXT-21416 |
Added |
ohi.vault.environment.identifier |
To distinguish secrets on a per OHI application instance basis |
NXT-21416 |
Added |
ohi.secure.secrets.store |
The type of store the OHI application uses for secrets |
NXT-21416 |
Added |
ohi.vault.kv.secrets.engine |
By default, OHI applications assume that Vault’s Key-Value secrets engine is enabled at root path "secret" |
NXT-21416 |
Added |
ohi.vault.address |
Vault address. Must use HTTPS |
NXT-21416 |
Added |
ohi.vault.namespace |
OHI specific Vault namespace section, under the path determined by properties ohi.vault.kv.secrets.engine/ohi.vault.namespace to look for secrets |
NXT-21416 |
Added |
ohi.vault.token |
Vault token |
NXT-21416 |
Added |
ohi.vault.clientpem.url |
Resource URL to Vault Client pem |
NXT-21416 |
Added |
ohi.vault.pem.url |
Resource URL to Vault pem |
NXT-21416 |
Added |
ohi.vault.clientkeypem.url |
Resource URL to Vault Client Key pem |
Breaking Changes
Ref | Action | Subject | Description |
---|---|---|---|
OIG-2218 |
Modified |
OAuth Rest Client Configuration |
For an OAuth configuration defined using api/generic/oauthclientcredentialsgrantconfigurations API, the rest client Id should be replaced with the destination code instead of <integration_code>-<integration-step-code>. |
OIG-2218 |
Modified |
Eclipse Integrations for Sending Outbound Requests to the Agency |
For Eclipse integration containing rest destination with PRODA as the authentication feature the audience defined using ohi.integration.australia.eclipse.service.provider.<REST Client ID>.audience and service provider defined using ohi.integration.australia.eclipse.service.provider.<REST Client ID> should be modified to use destination code as the rest client Id. |
Bug Fixes
BugDB | SR | Internal | BP | Summary |
---|---|---|---|---|
33587596 |
OIG-2313 |
BP |
Boilerplate texts are not loading for some of the timestamp formats. |
|
Description: |
Boilerplate texts were not loading when provided timestamp was in different formats. |
|||
Resolution: |
Fix was made to load boilerplate texts for different timestamp formats. |
|||
33641567 |
3-27463122071 |
OIG-2336 |
BP |
Removing column URI from OHI_BOOKMARK_UK1 |
Description: |
In 3.21.3.0.0 unique constraint OHI_BOOKMARK_UK1 was created on the combination of user preferences, alias and URI of the bookmark. The URI column should be removed from the constraint. |
|||
Resolution: |
The attribute URI is removed from the Unique Key on Bookmarks |
|||
33664455 |
OIG-2340 |
BP |
CMT import stops when a Dynamic Logic contains regexp character(s) fails |
|
Description: |
When import of dynamic logic containing regexp character(s) fails (for example if the dynamic logic referenced in that dynamic logic could not be found), then CMT stops importing any other entities and the result is shown as success. |
|||
Resolution: |
CMT import is shown as failure when import of dynamic logic with regexp character(s) fails. And all the other entities are imported. |
|||
33665867 |
OIG-2342 |
GET on "/keystores" immediately after restarting the system did not always show existing key stores |
||
Description: |
In some cases the GET request returned an HTTP 204 No Content response. |
|||
Resolution: |
Timely cache initialization fixed the issue. |