CONNECT 5.3 Release Notes
Disclaimer
All capabilities designed, developed, and tested during the CONNECT 5.3 project time frame are described below. Known defects in the product are listed below as well as in the CONNECT Issue Tracker tool. Defects which may occur within the product may not be limited to these issues. This product and the accompanying written materials are provided "as is" without warranty or guarantee of any kind. Furthermore, no representations made regarding the use, or the results of use, of the product in terms of correctness, accuracy, reliability, currency, or otherwise is warranted or guaranteed. The Federal Health Architecture (FHA) shall not be held liable for any direct, indirect, consequential, or incidental damages arising out of the use of or the inability to use this product.
Version History
Version# | Date | Modified By | Description of Modification |
---|---|---|---|
0.1 | 06/11/2019 | Eric McDonald | Initial Draft |
Summary
Release 5.3 continues to build on the functionality and architecture introduced in Release 4.0 through additional features, selected improvements, and bug fixes.
We encourage the CONNECT community to upgrade to Release 5.3 to take advantage of these updates. Details can be found in the following subsections:
Enhancements and Announcements
Configurable Secure Hash Algorithm (SHA) 256
CONNECT provides a basic feature to more easily select SHA versions to use for initiating and accepting requests. Available SHA versions are based on the versions supported by CXF and OpenSAML.
CONNECT is not yet intended for multi-exchange support
The ability to download, store and process data from multiple healthcare provider directories and the proof of concept to authenticate with multiple certificates on one CONNECT instance have been completed with the release of CONNECT 5.3. However, the messaging and SAML services are still strictly intended for NwHIN exchange. Additional code enhancements are required for complete multi-exchange implementation.
Multi certificates support that includes Server Name Indication (SNI)
An assumption is made that CONNECT implementers participating in multiple exchanges will obtain separate SSL certificates for each exchange, thereby requiring the management of multiple certificates.
Import Wizard in Admin GUI
Import Wizard
When replacing any certificates with certificates provided by a CA, users must exercise caution to ensure they have imported any and all Root, Intermediate, and Leaf certificates to complete the chain of trust.
Import Wizard interface partly automates the process of creating new certificate and importing CA certs into CONNECT configuration.
The Import Wizard can:
- Create a new certificate
- Generate Certificate Signing Request (CSR) for an existing certificate
- Import SSL Certificate
EventLogging updates for Admin GUI
User can search Audit and Failure events through Logging GUI without having to log into the database to track events.
Certificate Manager Updates
- Simplify the import/remove certificate process for the TrustStore.
Common types and Webservices cleanup for improved performance
Common types and Webservices have been cleaned up to minimize resource requirements for CONNECT.
All properties related to SAML have been moved to saml.properties
All SAML properties have been centralized to the saml.properties file.
Release Testing
Release testing for 5.3 consisted of installation testing, interoperability testing, regression testing, and new feature testing.
A full cycle of release testing is performed on each release candidate prior to making it generally available.
When a release candidate passed all testing phases it is designated as ready for release and made generally available to the community.
The table below describes the environments that will be utilized for testing.
Testing summary by Operating system and application server for 5.3
App Server | WebSphere (Version 8.5.5.3) | WebLogic12c (Version 12.2.1) | WildFly (Version 8.2.1) | JBoss (Version EAP 7) | |
---|---|---|---|---|---|
OS | |||||
Windows 64 | B,S,A | ||||
Linux 64 | B, A, IO | B, A, IO | B, S, A, IO, R, P | B, A, IO |
Legend:
- S – Source Code Installation and Validation
- B – Binary Installation and Validation
- R – Regression
- IO – Interoperability
- A – Admin GUI (IE v11, Chrome)
- P – Performance Test
Known Issues
Issue |
---|
Garbage Collection (GC) exceptions may occur if CONNECT is undeployed and re-deployed without a server restart in between |