This section lists the prerequisites and explains how to apply the patch on Windows-based and Linux-based operating systems.
...
- Read and Write permissions on all sub-folders and files of ../AdeptiaSuite-<Version>.
- Stopped Kernel and WebrunnerWebRunner.
- Stopped process flows that are in Running or Queued state.
- Deactivated any running Mail Event.
- Take backup of securityContext.xml file from …<AdeptiaInstallFolder>\AdeptiaServer\ServerKernel\etc\saml location. This backup file will help you replicate the manual changes in case you have done earlier in the securityContext.xml file before applying this patch. Take backup of web.xml file from …<AdeptiaInstallFolder>\AdeptiaServer\ServerKernel\web\WEB-INF location. This backup file will help you replicate the manual changes in case you have done earlier in the web.xml file before applying this patch.
- Taken the backup of a backend database.
- In case, the embedded database is used as the backend database, follow the below steps to take the backup:
...
- In case, any other database is used as the backend database, you need to follow the backup instructions given by that Database Server. To know, which database is used as the back end database, refer to Appendix A: Identify Backend Database.
- Take backup of export.xml and connect_export.xml files from …<AdeptiaInstallFolder>\AdeptiaServer\ServerKernel\MigrationUtility location. These backup files will help you replicate the manual changes in case you have done earlier in these files before applying this patch.
Take backup of connect_export.xml file from …<ConnectServerInstallFolder>\AdeptiaServer\ServerKernel\MigrationUtility location. This backup file will help you replicate the manual changes in case you have done earlier in the connect_export.xml file before applying this patch.In case you have updated export.xml (during Migration of objects), and you wish to keep changes after applying the patch, keep a backup of this file from the path: ...\…<AdeptiaInstallFolder>\AdeptiaServer\ServerKernel\MigrationUtility. After the patch application is complete, merge the changes done in the backed up file with the new file (export.xml) generated.Info title Note Do not replace the backup of export.xml to the newly created export.xml. Only merge the changes from the old file to the new one.
Applying the patch
For Windows
...
Changes in securityContext.xml file
Go
to the downloaded Adeptia Suite zip folder and copy the securityContext.xml file.Replace the existing file with the copied file at the following location:to …<AdeptiaInstallFolder>\AdeptiaServer\ServerKernel\etc\
samlsaml location.
- In case you are using SAML authentication, open the updated
Open securityContext.xml file
and do.
Go to Security for the administration UI section and make the following
changeschange:
Uncomment - Add the
following - below property under the security headers tag:
- below property under the security headers tag:
- Update the URL as required. Where localhost is the IP address and port of the Server. Uncomment the idp.xml property:
- Remove or comment out the existing contextProvider bean
<bean id="contextProvider" class="org.springframework.security.saml.context.SAMLContextProviderImpl"/> - Add the below contextProvider bean
<bean id="contextProvider" class="org.springframework.security.saml.context.SAMLContextProviderLB">
<property name="scheme" value="http"/>
<property name="serverName" value="www.myserver.com"/>
<property name="serverPort" value="8080"/>
<property name="includeServerPortInRequestURL" value="false"/>
<property name="contextPath" value="/adeptia"/>
</bean> - If there were any other changes in the old file, you have to do the same changes manually in the updated securityContext.xml file.
- <security:hsts max-age-seconds="31536000"/>
- <security:hsts max-age-seconds="31536000"/>
- Go to Secured pages with SAML as entry point section and make the following change:
- Add the below property under the security headers tag:
<security:hsts max-age-seconds="31536000"/>
- Add the below property under the security headers tag:
- Save the file.
- Restart the Server.
<!-- <property name="entityBaseURL" value="http://localhost:8080/adeptia"/> -->
If you are using Adeptia Suite with load balancer, follow these steps:
This table explains the each property of contextProvider bean:
Property Name
Description
It will look like:
<bean id="contextProvider" class="org.springframework.security.saml.context.SAMLContextProviderLB">
<property name="scheme" value="http"/>
<property name="serverName" value="www.myserver.com"/>
<property name="serverPort" value="8080"/>
<property name="includeServerPortInRequestURL" value="false"/>
<property name="contextPath" value="/adeptia"/>
</bean>
Changes
...
in connect_export.xml
...
Go to …<AdeptiaInstallFolder>\AdeptiaServer\ServerKernel\
web\WEB-INFMigrationUtility location.
Open
webconnect_export.xml
file.- Do the same manual changes in the file that you have done in your previous web.xml file (that you had saved as a backup).
- Save the file.
Adding certificates in cacerts file
Two new certificates need to be added to the cacerts file in the application. This step is required to update the cacerts file with COMODO renewed certificates as the existing certificates of COMODO have expired.
Follow the steps below to add the certificates:
- Stop the Server.
- Take the backup of cacerts file from the ...
file.
Search for List of all activity types that need to be exported and add the following activity under this section:
<activity type="Email Notification Format" />
Save the file.
Changes in export.xml
Go to …<AdeptiaInstallFolder>\AdeptiaServer\ServerKernel\
etc\truststoreMigrationUtility location.
- Download the following two certificates from this link.
- 1199354.crt
- 1720081.crt
On the command prompt, run the following command to import the two new certificates to the cacerts file:
keytool -import -file "<path_to_Certificate_file>" -keystore "<path_to_application_folder>\ServerKernel\etc\truststore\cacerts" - alias "<alias_name>" - storepass "<cacerts file password>"
Where,
path_to_Certificate_file: The location where you have downloaded the certificates.
path_to_application_folder: Location of the cacerts file in the Connect Server.
alias_name: Alias name for '1199354.crt' and '1720081.crt' are 'USERTrust RSA Certification Authority' and 'COMODO RSA Certification Authority' respectively.
cacerts file password: Password for the cacerts file. By default, the password for the cacerts file is 'changeit'.
Restart the ServerOpen export.xml file.
Search for List of all activity types that need to be exported and add the following activities under this section:
<activity name="KafkaAccount" />
<activity name="KafkaListener" />
<activity name="KafkaTarget" />Save the file.
Once the post patch deployment steps are done, start the services, i.e. Kernel and WebRunner.