...
- Community Implementation support
- Worked with the VA team on their 4.2.1 deployment in their development environment
- Supported several meetings and email exchanges
- Support and testing efforts continued with NIST, discussed several topics and compared interpretations of specifications
- Transport test cases passed from NIST to SUT. Test from SUT to NIST failed, but issue seems to be on the NIST side, NIST does not seem to accept the xsi:type = "CE" attribute value
- Email sent to NIST explaining the issue.
- Worked with the VA team on their 4.2.1 deployment in their development environment
- 4.3 Release
- Bug fixes and other updates this sprint
- Fix secured entity interfaces for Query for Documents and Retrieve Documents services.(CONN-908,CONN-909,CONN-892)
- Fix QD and RD adapters for On Demand and Stable retrieval (CONN-896)
- Tested and validated that the fix for turning off the CXF algorithm when concurrent requests are sent from a 3.x gateway to a 4.x gateway(CONN-910)
- Updated Oracle/SQL scripts for CONNECT
- Collaborating with VA team as they were upgrading to 4.2.1
- Updated regression suite related to PurposeOfUse (CONN-894) and RequestResponseContentTypeTest regression suites (CONN-932)
- Complete install testing on Release 4.3
- Created 4.3 RC2 tag (CONN-883). RC2 tag included two fixes - CONN-891 and CONN-892 related to errors with the secured Entity interfaces for Document Query and Document Retrieve. All the installs were not retested with the latest RC2 tag since these minor updates would not impact installs or installation testing. Release candidate RC3 included some regression script fixes as well as some fixes to code related to the XML External Entity Injection vulnerability based on feedback from DoD. Iinstalls Installs were retested on RC3, during which an issue was uncovered with WebSphere 8.5.0.1 install on IBM JDK 1.6(CONN-792), this issue was fixed in Release Candidate RC4/GA.
- Validated GUIs on GlassFish (CONN-906)
- A list of install testing results can be found here. https://connectopensource.atlassian.net/wiki/x/AYCh
- Release Documentation (CONN-817)
- 4.3 Release Page - /wiki/spaces/CONNECT4/pages/10584072 (CONN-827)
- Release Notes - /wiki/spaces/CONNECT4/pages/11174062
- Installation Instructions - /wiki/spaces/CONNECT4/pages/10584217
- Binaries - /wiki/spaces/CONNECT4/pages/11665502 (CONN-897)
- Source Code - Source Code Information
- Software Architecture Documentation - https://connectopensource.atlassian.net/wiki/x/MICh
- System Implementation and Administration Manual (SIAM) - /wiki/spaces/CONNECT4/pages/11174303 (CONN-872)
- Using CONNECT to support HIE - Using CONNECT to Support Health Information Exchange (HIE) (CONN-874)
- Reviewed design documentation
- /wiki/spaces/CONNECTWIKI/pages/8585647 (CONN-828)
- /wiki/spaces/CONNECTWIKI/pages/8585500 (CONN-900)
- Release Test Plan and Release Testing
- /wiki/spaces/CONNECT4/pages/10584068 (CONN-815)
- /wiki/spaces/CONNECT4/pages/10584069
- /wiki/spaces/CONNECT4/pages/12189710
- /wiki/spaces/CONNECT4/pages/10584065 (CONN-779)
- /wiki/spaces/CONNECT4/pages/10584067 (CONN-797)
- /wiki/spaces/CONNECT4/pages/10190934
- /wiki/spaces/CONNECT4/pages/10584066 (CONN-796)
- /wiki/spaces/CONNECT4/pages/11174298 (CONN-871)
- Bug fixes and other updates this sprint
- Security scan analysis and resolution (CONN-911, CONN-914, CONN-907)
- Fixed issue - Privilege Management: Default Function or Procedure Rights(CONN-936)
- Re-ran Fortify scan on GA to ensure that there were no new issues because of replay attack fix, or XML Entity Injection fixes.
- Reviewed the response from DoD and ensured all items mentioned have been addressed in code or documentation.
- Sent DoD newly created artifacts for the last scan run on GA - FPR file and Fortify scan report.
- Created a ticket for next sprint to follow-up with DoD after they have reviewed the artifacts.
- Fortify scan documentation of all the issues and vulnerabilities addressed can be found here - 4.3 Fortify Scan Documentation (CONN-860)
- Ongoing Custodial Agent Duties
...