Release Notes for Oracle Insurance Gateway Patch 4.25.1.0.9

Version compatibility: Oracle Insurance Gateway Release 4.25.1.x is only compatible with other Oracle Health Insurance applications release version 4.25.1.x unless explicitly stated otherwise.

In accordance with the OHI error correction policy (Document 1494031.1 on My Oracle Support), error correction support will be provided for this release and the previous two releases.

Enhancements

ID	Summary	Patch
CPN-3775	Allow purging of data with a 7-day retention period in non-production environments The data purge process previously required a minimum retention period of 30 days. This enhancement allows to configure a lower retention period (eg: 7 days) specifically in non-production environments, while production environments maintain the 30-day policy. This change will help optimize disk space in non-production environments. Documentation Links: Administration Guide - Database - Purging - Auto Purge Installation Guide - Release Installation - Install Database Objects
CPN-4206	Introduced additional attributes in security logs for enhancing log auditing and parsing capabilities Introduced the following new attributes in security logs: eventCategory: All security events are categorized into distinct categories. This attribute holds the category assigned to the security event being logged. eventType: Brief summary of the security event being logged. eventOutcome: Outcome of the event. Possible values: Success or Failure. eventSeverity: Describes the severity of the event. Possible values: INFO, WARN or ERROR. httpStatusCode: Http response code of the request for which the event is being logged. This will be null whenever the code is not deterministic at the time of event. failureReason: Briefly describes the reason of failure. This attribute will be non-null only where relevant. apiEndpoint: Holds the API endpoint to which the request was sent. session ID: Identifies the session provided by the caller. Applicable to SaaS and UI requests. access token ID: Identifies the access token associated with the request. Applicable to SaaS and non-UI requests Documentation Links: Administration Guide - Application - Security Logs Generated in Oracle Health Insurance Administration Guide - Fetch Security Logs through API
CPN-4207	Enhanced PHI access logs to include access scope, session ID and access token ID Enhanced PHI access logs to include three new attributes: access scope: Indicates whether a single record or multiple records are accessed within a transaction. session ID: Identifies the session provided by the caller. Applicable to SaaS and UI requests. access token ID: Identifies the access token associated with the request. Applicable to SaaS and non-UI requests. Documentation Links: Security Guide - User Access - Resource Auditing
NXT-26542	Exposed generic API for deployment metadata and extended User Preferences to support switching between customer and browser timezones Exposed generic API for deployment metadata to retrieve the customer timezone information. Introduced a new browserTimeZone flag in the User Preferences API, with a default value of false. When browserTimeZone is set to true, timestamps are displayed in the end userâ€™s browser timezone. When browserTimeZone is set to false, timestamps are displayed in the configured customer timezone.
NXT-32471	Improve handling of HTTP error: 401 UnAuthorized in JET UI With this enhancement, OHI uses system property OHI_DEPLOYMENT_TYPE to handle HTTP 401 error. When this property value is set to "CLOUD", this will force a "401" response to re-direct the OHI JET login page when the IDCS OpenID session cookie is missing/expired.
NXT-33659	Disable user location based time conversion JET UI no longer relies only on the userâ€™s browser timezone for datetime display. This helps prevent incorrect time conversion for customers operating across different geographic locations. The customerTimeZone, configured in the deployment metadata table during application installation, is used by default by JET UI. Users can override this through the "Use Browser Timezone?" option in the Preferences dialog, after which the UI will use the browser timezone. If customerTimeZone is not configured or is invalid/unsupported by JET, the UI falls back to the browser timezone. Documentation Links: Developer Guide - JET UI - References - Properties - Properties Security Guide - User Access - Function Access Restriction (JET)
NXT-33718	Extended user preference - Reorder and Auto-commit With this enhancement it is now possible to reorder table columns as per user’s preference. Also, the save button to store preference is replaced by auto commit feature. This feature is available for all pages based based on the following floor plan template : * View and Edit List table * List View - Table This feature is also available for select pages which are not floorplan based: Common Pages like Reference sheets Claims page claim line tab In Policies application, pages like Premium schedule lines, Adjustment lines, Fee schedule lines
OIG-4977	Tracing Support for OHI Agent Delegation Flows This enhancement improves trace continuity and observability reliability within delegation patterns, enabling Application Performance Monitoring (APM) tools such as Dynatrace to accurately capture and monitor outbound spans from the OHI Agent.

Summary

Patch

CPN-3775

Allow purging of data with a 7-day retention period in non-production environments

The data purge process previously required a minimum retention period of 30 days. This enhancement allows to configure a lower retention period (eg: 7 days) specifically in non-production environments, while production environments maintain the 30-day policy. This change will help optimize disk space in non-production environments.

Documentation Links:
Administration Guide - Database - Purging - Auto Purge
Installation Guide - Release Installation - Install Database Objects

CPN-4206

Introduced additional attributes in security logs for enhancing log auditing and parsing capabilities

Introduced the following new attributes in security logs:

eventCategory: All security events are categorized into distinct categories. This attribute holds the category assigned to the security event being logged.
eventType: Brief summary of the security event being logged.
eventOutcome: Outcome of the event. Possible values: Success or Failure.
eventSeverity: Describes the severity of the event. Possible values: INFO, WARN or ERROR.
httpStatusCode: Http response code of the request for which the event is being logged. This will be null whenever the code is not deterministic at the time of event.
failureReason: Briefly describes the reason of failure. This attribute will be non-null only where relevant.
apiEndpoint: Holds the API endpoint to which the request was sent.
session ID: Identifies the session provided by the caller. Applicable to SaaS and UI requests.
access token ID: Identifies the access token associated with the request. Applicable to SaaS and non-UI requests

Documentation Links:
Administration Guide - Application - Security Logs Generated in Oracle Health Insurance
Administration Guide - Fetch Security Logs through API

CPN-4207

Enhanced PHI access logs to include access scope, session ID and access token ID

Enhanced PHI access logs to include three new attributes:

access scope: Indicates whether a single record or multiple records are accessed within a transaction.
session ID: Identifies the session provided by the caller. Applicable to SaaS and UI requests.
access token ID: Identifies the access token associated with the request. Applicable to SaaS and non-UI requests.

Documentation Links:
Security Guide - User Access - Resource Auditing

NXT-26542

Exposed generic API for deployment metadata and extended User Preferences to support switching between customer and browser timezones

Exposed generic API for deployment metadata to retrieve the customer timezone information. Introduced a new browserTimeZone flag in the User Preferences API, with a default value of false. When browserTimeZone is set to true, timestamps are displayed in the end userâ€™s browser timezone. When browserTimeZone is set to false, timestamps are displayed in the configured customer timezone.

NXT-32471

Improve handling of HTTP error: 401 UnAuthorized in JET UI

With this enhancement, OHI uses system property OHI_DEPLOYMENT_TYPE to handle HTTP 401 error. When this property value is set to "CLOUD", this will force a "401" response to re-direct the OHI JET login page when the IDCS OpenID session cookie is missing/expired.

NXT-33659

Disable user location based time conversion

JET UI no longer relies only on the userâ€™s browser timezone for datetime display. This helps prevent incorrect time conversion for customers operating across different geographic locations. The customerTimeZone, configured in the deployment metadata table during application installation, is used by default by JET UI. Users can override this through the "Use Browser Timezone?" option in the Preferences dialog, after which the UI will use the browser timezone. If customerTimeZone is not configured or is invalid/unsupported by JET, the UI falls back to the browser timezone.

Documentation Links:
Developer Guide - JET UI - References - Properties - Properties
Security Guide - User Access - Function Access Restriction (JET)

NXT-33718

Extended user preference - Reorder and Auto-commit

With this enhancement it is now possible to reorder table columns as per user’s preference. Also, the save button to store preference is replaced by auto commit feature.

This feature is available for all pages based based on the following floor plan template : * View and Edit List table * List View - Table

This feature is also available for select pages which are not floorplan based:

Common Pages like Reference sheets

Claims page claim line tab

In Policies application, pages like Premium schedule lines, Adjustment lines, Fee schedule lines

OIG-4977

Tracing Support for OHI Agent Delegation Flows

This enhancement improves trace continuity and observability reliability within delegation patterns, enabling Application Performance Monitoring (APM) tools such as Dynatrace to accurately capture and monitor outbound spans from the OHI Agent.

Additional Upgrade Steps

Post-Deploy Phase

1) OHI Agent upgrade

Upgrade OHI Agent: Refer to Downloading and Running Oracle Health Insurance Agent for steps to perform the Agent upgrade.

Upgrade Steps for Installation

To perform the upgrade, perform the following steps:

Perform any pre-upgrade steps.
Stop all the managed nodes running the existing version of the application.
Perform any pre-undeploy steps.
Undeploy the existing version of the application.
Back up the database.
Perform any post-undeploy steps.
Unpack the release bundle into a directory that we refer to as OHI_ROOT from now on.
Change Installation Configuration: In <OHI_ROOT>/util/install, make a copy of ohi_install.cfg.template and name it ohi_install.cfg.
Edit ohi_install.cfg to contain your specific database connection data and other configuration settings. The settings are explained in the file itself.
Make sure NO connections are present to the database using the OHI_xxx_USER account (where xxx is the abbreviation of the application)
Run the Upgrade script:
1. Open a command window and browse to <OHI_ROOT>/util/install.
2. Run the upgrade by executing ./ohi-update.sh .
Make the required changes to the ohi properties file
Perform any post-upgrade steps
Start WebLogic application server
Deploy the Application
Perform any post-deploy steps

Configuration Properties

This section intentionally left blank.

Web Services

Ref Action Description

Ref	Action	Description
CPN-4206	Modified	logsecurityevents Added eight new attributes: `eventCategory`, `eventType`, `eventOutcome`, `eventSeverity`, `httpStatusCode`, `failureReason`, `apiEndpoint`, `sessionId`, `accessTokenId`.
CPN-4207	Modified	logphievents Added three new attributes: `accessScope`, `sessionId`, and `accessTokenId`.
NXT-26542	Added	deploymentmetadata API New read-only generic API is added.
NXT-26542	Modified	userpreferences API Added a new attribute browserTimeZone to the user preferences API.

CPN-4206

Modified

logsecurityevents

Added eight new attributes: eventCategory, eventType, eventOutcome, eventSeverity, httpStatusCode, failureReason, apiEndpoint, sessionId, accessTokenId.

CPN-4207

Modified

logphievents

Added three new attributes: accessScope, sessionId, and accessTokenId.

NXT-26542

Added

deploymentmetadata API

New read-only generic API is added.

NXT-26542

Modified

userpreferences API

Added a new attribute browserTimeZone to the user preferences API.

Data Conversion

This section intentionally left blank.

Dynamic Logic

This section intentionally left blank.

UI Changes

Ref	Action	Description
NXT-33659	Modified	Preferences Dialog A new checkbox - "Use Browser Timezone?" has been introduced in Preferences which can be used to override the customerâ€™s configured timezone.

Ref

Action

Description

NXT-33659

Modified

Preferences Dialog

A new checkbox - "Use Browser Timezone?" has been introduced in Preferences which can be used to override the customerâ€™s configured timezone.

Breaking Changes

Ref Action Description

Ref	Action	Description
CPN-3775	Modified	Installer The installer is enhanced to automatically create or update deployment metadata in the OHI$DEPLOYMENT_METADATA database table during installation or upgrade operations. As part of this enhancement, the `ohi_install.cfg` template now includes the following new configuration parameters: timeZoneOverride deploymentType isEnvironmentProduction

CPN-3775

Modified

Installer

The installer is enhanced to automatically create or update deployment metadata in the OHI$DEPLOYMENT_METADATA database table during installation or upgrade operations. As part of this enhancement, the ohi_install.cfg template now includes the following new configuration parameters:

timeZoneOverride
deploymentType
isEnvironmentProduction

Access Restrictions

Ref	Action	Description
NXT-33659	Modified	CO0019 The 'deploymentmetadata API' access restriction has been added to function code CO0019.

Ref

Action

Description

NXT-33659

Modified

CO0019

The 'deploymentmetadata API' access restriction has been added to function code CO0019.

Bug Fixes

BugDB	SR	Internal	Summary
39378078		OIG-5136	Successful transformation logic in the Delivery by Agent step re-executes during failed exchange recovery
Description:	If the Exchange fails at the Delivery by Agent step after the transformation logic of the Delivery has completed successfully, the same is re-executed during exchange recovery. This re-execution is unnecessary and should be skipped.
Resolution:	The successful transformation logic of Delivery step does not re-execute during the failed exchange recovery.
39349804	4-0002679067	OIG-5125	Function API access mapping is missing for User View Preferences API
Description:	A user who has the ALL_FUNCTIONS_ACCESS_ROLE gets an error while using Exchanges page. User View Preferences API access is missing in JET login access role - CO0019 which leads to Not Authorized error.
Resolution:	User View Preferences API access is added to CO0019 function access so that there is no access error

BugDB

Internal

Summary

39378078

OIG-5136

Successful transformation logic in the Delivery by Agent step re-executes during failed exchange recovery

Description:

If the Exchange fails at the Delivery by Agent step after the transformation logic of the Delivery has completed successfully, the same is re-executed during exchange recovery. This re-execution is unnecessary and should be skipped.

Resolution:

The successful transformation logic of Delivery step does not re-execute during the failed exchange recovery.

39349804

4-0002679067

OIG-5125

Function API access mapping is missing for User View Preferences API

Description:

A user who has the ALL_FUNCTIONS_ACCESS_ROLE gets an error while using Exchanges page. User View Preferences API access is missing in JET login access role - CO0019 which leads to Not Authorized error.

Resolution:

User View Preferences API access is added to CO0019 function access so that there is no access error

Issues that were backported in previous Release / Patch

No backports.