Content Comparison

Tip
Sprint Review + Planning

Jan 27 - Feb 10, 2014

Executive Summary

Overall Status

Sprint status is excellent. The Product team initially pointed and prioritized the following themes and tasks for Sprint 124 comprising 48 points.

Overall the

The team completed 44 points for this sprint. The team completed all the tickets related to the primary theme for this sprint which was Security Scan Analysis and Resolution.The 4 points that were not completed were additional tickets pulled into the sprint for which the coding was complete but regression tests/QA was not completed.

The team completed all the tickets related to the theme for this sprint which was Security Scan Analysis and Resolution.

Burndown

Image Modified

Sprint Themes and related tickets for Sprint 124:

Partner and Community support

Forum discussions

CMS Production Support

DoD testing

- Continued work with the NIST team(CONN-768)
  - A new CONNECT system was set up for NIST testing to separate it from the machine used for DIL testing, thereby providing the team with greater flexibility as we continue to support both efforts.(CONN-799)
  - Had a follow-up discussion with NIST. Pending issues see CONN-805
Community Implementation support

Continued Testing Improvements

- - - NIST to fix Reply-To so that it will be sent.http://exchange-specifications.wikispaces.com/share/view/65871558
    - Attribute statement nesting. Open question with spec factory. CONNECT has not made any changes yet, we do have a backlog to allow for a single nested attribute statement. At this point it seems that NIST would need to fix to accept both flavors - single attribute statement with all attributes nested as well as support each attribute within its own attribute statement. http://exchange-specifications.wikispaces.com/share/view/65871558
    - hl7:CE vs CE for xsi:type http://exchange-specifications.wikispaces.com/share/view/66017850
- Community Implementation support
  - Release 4.2.1 rebranding.(CONN-798, CONN-783, CONN-772)
    - Sprint 116 rebranded to be Sprint 4.2.1.
    - See wiki page for details and binaries - https://developer.connectopensource.org/x/YABWCg
    - eHealth Exchange Participant test cases were executed successfully
- Confluence update/upgrade (CONN-706)
  - Prepared for migrating COnfluence to Atlassian On Demand. .
  - Updated plugins and pages to remove the unsupported markups and macros/plugins.
  - Attachments moved to ftp site to facilitate migration

Security scan analysis and resolution

- Primary focus in Sprint 124

Direct functional enhancements

Reviewing requirements and future needs analysis

(CONN-669,CONN-760 user story and supporting tasks)

- This was the primary focus in Sprint 124. The team addressed all the Critical and HIgh findings from Fortify.
- Some of the issues identified by the Fortify scan were fixed in code and some were addressed with documentation. See wiki page with details - /wiki/spaces/CONNECTWIKI/pages/10584092
HIEM was removed from the codebase (CONN-771)
- HIEM was not refactored in 4.X and also included many security vulnerabilities in code that were discovered as part of Fortify. Since there is no partner in the Exchange using HIEM this service has been removed.
Testing Improvements
- - <jvm-options>-Dorg.connectopensource.enablejmx=true</jvm-options> has been permanently added to domain.xml template(CONN-775)
Infrastructure improvements
- Ability to tag and generate binaries from any branch specified (CONN-786) which helps simplify the release process for binaries generation.
- Infrastructure migration for Terremark (CONN-778)
  - GFE cleanup of configurations and servers
  - Inventory management and documentation
Direct functional enhancements

- Verify Direct requirements and current approach. Notes from the discussion can be found at - https://developer.connectopensource.org/x/BQB2Cg
Bugs that were fixed
- Extract slots always gets one last value from the slots list (Adapter) (CONN-484)
- SAML Assertion AuthzDecisionStatement resource is passed from the adapters to the external parties 'as is', failing the DIL test MA-1092_AuthzDecisionStatement_Resource(CONN-612)
  - Resource will always be updated to include the URI.
- SAML Attribute PurposeOfUse missing namespace for the @type attribute(CONN-740)