CONNECT 5.1 Release Notes

Version History

Summary

Release 5.1 continues to build on the functionality and architecture introduced in Release 4.0 through additional features, selected improvements, and bug fixes. We encourage the CONNECT community to upgrade to Release 5.1 to take advantage of these updates. Details can be found in the following subsections:

Enhancements and Announcements

SAML assertions

Several updates were made to enforce the conformant use of SAML assertions as required by the NwHIN messaging and authorization framework. The HOKSAMLAssertionBuilder, in particular, was updated to allow for more configurability while simultaneously increasing the amount of data validations.

Data-less deployment

CONNECT 5.1 can be deployed without creating all the data sources previously required. See /wiki/spaces/CONNECTWIKI/pages/259162119 for more details.

Exchange Manager

CONNECT can now /wiki/spaces/CONNECTWIKI/pages/278528020 from both FHIR and UDDI based directories. An Admin GUI interface has been created to facilitate the addition of exchanges to download organizational data from, view organizational data from each downloaded exchange and refresh data on demand without requiring a server restart. Please read the /wiki/spaces/CONNECTWIKI/pages/278528020 documentation carefully as changes to CONNECT configuration files have been made for CONNECT 5.1.

Certificate Manager

The CONNECT Certificate Manager allows users to manage trust stores locally

Test Data Loader

Test data for the CONNECT reference implementation can now be managed via the Admin GUI

Specification compliance and conformance update

eHealth Exchange Testing

CONNECT 5.1 was successfully tested against the eHealth Exchange test cases for participant and product certification. Details on the testing can be found at /wiki/spaces/CONNECTWIKI/pages/39125109. There are no open CONNECT issues related to participant testing.

Security Scans findings and security update

The CONNECT team as part of the release readiness process in 5.1, identified and addressed findings based on security scans performed on the CONNECT gateway code base. Several tools were used including Fortify, SonarQube, OWASP Dependency Checks and FindBugs as part of the scans executed on the 5.1 code.  All Critical, High, Medium, and Cat 1 Low findings were addressed and the team will continue to work with the federal partners to ensure the code quality meets their implementation requirements. Addressing these security findings will ensure adopters deploy a more secure implementation and will assist in meeting their organization's internal security reviews, as they deploy CONNECT in their preferred environments. 

Release testing

CONNECT 5.1 was install-tested in multiple environments and with multiple operating systems to support the federal partner environments and application servers/configurations used by the community.  As with each release, CONNECT was regression tested as well as integration tested against prior supported versions of CONNECT. Test summary report is /wiki/spaces/CONNECTWIKI/pages/245432325. See below the testing matrix with the application servers/OS that were utilized for release testing.

Testing summary by Operating system and application server for 5.1

Legend:

• S – Source Code Installation and Validation
• B – Binary Installation and Validation
• R – Regression
• IO – Interoperability
• A – Admin GUI (IE v11, Chrome)
• D – Direct Tested

Product Development Notes

Open source application server – WildFly

From a product development perspective, the team uses WildFly as the team-supported open source application server. We are aware of community members using CONNECT on JBoss EAP, the enterprise version of WildFly. We have published instructions for FIPS configurations on /wiki/spaces/CONNECTWIKI/pages/108691466 and /wiki/spaces/CONNECTWIKI/pages/75038722.

Development, installation and new feature testing will be done on WebLogic, WebSphere, JBoss EAP 7 and WildFly only.

 Known Issues