Versions Compared

Version Old Version 1 New Version Current
Changes made by

Akash Kumar Jaiswal

Akash Kumar Jaiswal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Corrected links that should have been relative instead of absolute.

...

Anchor
Prerequisites
Prerequisites
Prerequisites

  • Read and Write permissions on all sub-folders and files of .../AdeptiaConnect-<Version>
  • Take backup of launcher.properties file from from …<ConnectPoratlInstallFolder>\conf location. This backup file will help you replicate the manual changes in case you have done earlier in the launcher.properties file before applying this patch.  Take backup of server.xml file from …<ConnectPortalInstallFolder>\conf locationconf location. This backup file will help you replicate the manual changes in case you have done earlier in the serverlauncher.xmlproperties file before applying this patch.  
  • Take backup of securityContext.xml file from …<ConnectPortalInstallFolder>\resources_config\saml location. This backup file will help you replicate the manual changes in case you have done earlier in the securityContext.xml file before applying this patch.  
  • Take backup of apps.properties file from …<ConnectPortalInstallFolder>\resources_config location. This backup file will help you replicate the manual changes in case you have done earlier in the apps.properties file before applying this patch.    
  • Connect Server services are running.
  • Connect Portal service is stopped.
  • Ensure that you have followed the Prerequisites' instructions given on the Upgrade page.

Anchor
Applying the patch
Applying the patch
Applying the patch

...

Changes in launcher.properties file

  1. Go to to …<ConnectPoratlInstallFolder>\conf location.
  2. Open launcher.properties file.
  3. Do the same manual changes in the file that you have done in your previous launcher.properties file (that you had saved as a backup). For example, you may need to update the JVM settings and Truststore location as they are there in the backup file.
  4. Save the file.

Changes in

...

securityContext.xml file

  1. Go

    to …<ConnectPortalInstallFolder>\conf 

    to …<ConnectPortalInstallFolder>\resources_config\saml location.

  2. Open server.xml file and do the following changes:
    Add parameter secretRequired="false" in Connector tag for AJP.
    Image Removed

    Expand the section below to copy the "ciphers" parameters with its values and paste it just after the "server="Adeptia" xpoweredby="false" clientauth="true" text in the <Connector> tag of  server.xml file.

    Code Block
    themeMidnight
    collapsetrue
    ciphers="TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
			TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
			TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
			TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
			TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
			TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
			TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
			TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
			TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
			TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
			TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
			TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
			TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
			TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
			TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
			TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
			TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
			TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
			TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
			TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
			TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
			TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
			TLS_ECDH_RSA_WITH_RC4_128_SHA,
			TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
			TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
			TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
			TLS_RSA_WITH_AES_256_GCM_SHA384,
			TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
			TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
			TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,
			TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
			TLS_RSA_WITH_AES_128_GCM_SHA256,
			TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
			TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
			TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
			TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
			TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
			TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
			TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
			TLS_EMPTY_RENEGOTIATION_INFO_SCSVF"

  3. Expand the section below to copy the code and paste it just after the last </Service> tag in the server.xml file.

    Code Block
    themeMidnight
    collapsetrue
    <Service name="SoapService">
	
			<!-- 
			<Connector port="80" protocol="HTTP/1.1" connectionTimeout="20000"
			redirectPort="443" compression="on" noCompressionUserAgents="gozilla, 
			traviata" compressableMimeType="text/html,text/xml,text/css,application/javascript,application/json" 
			useSendfile="false" server="Adeptia" xpoweredby="false" />
			 -->
			
			<!-- 
			<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="5000" 
			scheme="https" secure="true" compressionMinSize="128" connectionTimeout="20000" 
			maxConnections="10000" clientAuth="false" sslProtocol="TLSv1.2" sslEnabledProtocols="TLSv1.2" keystoreFile="./keystore/adeptiaBPM.keystore" 
			keystoreType="JKS" keystorePass="password" compression="on" noCompressionUserAgents="gozilla, 
			traviata" compressableMimeType="text/html,text/xml,text/css,application/javascript,application/json" 
			useSendfile="false" server="Adeptia" xpoweredby="false" />
			-->
			
			<Engine defaultHost="localhost" name="soapwebapps">
			
				<Realm className="org.apache.catalina.realm.LockOutRealm">
					<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
				</Realm>
				
				<Host appBase="soapwebapps/wars" autoDeploy="true" name="localhost" unpackWARs="true">
					<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" pattern="%h %l %u %t &quot;%r&quot; %s %b" prefix="localhost_access_log" suffix=".txt"/>
					<Valve className="org.apache.catalina.valves.ErrorReportValve" showReport="false" showServerInfo="false"/>
				</Host>
				
			</Engine>
	</Service>
	
	  <Service name="RestService">
	
			<!-- 
			<Connector port="80" protocol="HTTP/1.1" connectionTimeout="20000"
			redirectPort="443" compression="on" noCompressionUserAgents="gozilla, 
			traviata" compressableMimeType="text/html,text/xml,text/css,application/javascript,application/json" 
			useSendfile="false" server="Adeptia" xpoweredby="false" />
			-->
			
			<!-- 
			<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="5000" 
			scheme="https" secure="true" compressionMinSize="128" connectionTimeout="20000" 
			maxConnections="10000" clientAuth="false" sslProtocol="TLSv1.2" sslEnabledProtocols="TLSv1.2" keystoreFile="./keystore/adeptiaBPM.keystore" 
			keystoreType="JKS" keystorePass="password" compression="on" noCompressionUserAgents="gozilla, 
			traviata" compressableMimeType="text/html,text/xml,text/css,application/javascript,application/json" 
			useSendfile="false" server="Adeptia" xpoweredby="false" />
			-->
			
			<Engine defaultHost="localhost" name="restwebapps">
			
				<Realm className="org.apache.catalina.realm.LockOutRealm">
					<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
				</Realm>
				
				<Host appBase="restwebapps/wars" autoDeploy="true" name="localhost" unpackWARs="true">
					<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" pattern="%h %l %u %t &quot;%r&quot; %s %b" prefix="localhost_access_log" suffix=".txt"/>
					<Valve className="org.apache.catalina.valves.ErrorReportValve" showReport="false" showServerInfo="false"/>
				</Host>
				
			</Engine>
	</Service>
  4. Save the file.

Changes in securityContext.xml file

...

Uncomment the following property:

<!-- <property name="entityBaseURL" value="http://localhost:8080/adeptia"/> -->

...

  • Remove or comment out the existing contextProvider bean
    <bean id="contextProvider" class="org.springframework.security.saml.context.SAMLContextProviderImpl"/>
  • Add the below contextProvider bean
    <bean id="contextProvider" class="org.springframework.security.saml.context.SAMLContextProviderLB">
     <property name="scheme" value="http"/>
     <property name="serverName" value="www.myserver.com"/>
     <property name="serverPort" value="8080"/>
     <property name="includeServerPortInRequestURL" value="false"/>
     <property name="contextPath" value="/adeptia"/>
    </bean>

This table explains the each property of contextProvider bean:

...

Property Name

...

Description

It will look like:

<bean id="contextProvider" class="org.springframework.security.saml.context.SAMLContextProviderLB">
 <property name="scheme" value="http"/>
 <property name="serverName" value="www.myserver.com"/>
 <property name="serverPort" value="8080"/>
 <property name="includeServerPortInRequestURL" value="false"/>
 <property name="contextPath" value="/adeptia"/>
</bean>

...

Restart the Connect Portal.

Changes in apps.properties file

  1. Go to …<ConnectPortalInstallFolder>\resources_config location.
  2. Open apps.properties file.

  3. Replace the details for Microsoft SharePoint by the details given below:

    Code Block
    microsoftsharepoint.oauthVersion=2.0
microsoftsharepoint.oauth20.authorize={baseUrl}/_layouts/15/OAuthAuthorize.aspx
microsoftsharepoint.oauth20.accessToken=https://accounts.accesscontrol.windows.net/{realmId}/tokens/OAuth/2
microsoftsharepoint.scope=Site.Manage List.Manage Web.Manage Web.Write AllSites.Manage AllProfiles.Manage
microsoftsharepoint.AccessTokenValueMap=resource$00000003-0000-0ff1-ce00-000000000000/{domain}.sharepoint.com@{realmId}
  4. Save the file.

...

  1. securityContext.xml file.

  2. Go to Security for the administration UI section and make the following change:

    1. Add the below property under the security headers tag:
      <security:hsts max-age-seconds="31536000"/>

      Image Added

  3. Go to Secured pages with SAML as entry point section and make the following change:
    1. Add the below property under the security headers tag:
      <security:hsts max-age-seconds="31536000"/>

      Image Added

  4. Save the file.

Changes in apps.properties file

  1. Go to …<ConnectPortalInstallFolder>\resources_config location.

  2. Open apps.properties file.

  3. Search for QuickBooks app section and replace the existing code block with the one given below:

    Code Block
    titleQuickBooks
    quickbooks.appKey=
quickbooks.appKeySecret=
quickbooks.oauthVersion=2.0
quickbooks.oauth20.accessToken=https://oauth.platform.intuit.com/oauth2/v1/tokens/bearer
quickbooks.oauth20.authorize=https://appcenter.intuit.com/connect/oauth2
quickbooks.oauth10.requestToken=https://oauth.intuit.com/oauth/v1/get_request_token
quickbooks.oauth10.authorize=https://appcenter.intuit.com/Connect/Begin
quickbooks.oauth10.accessToken=https://oauth.intuit.com/oauth/v1/get_access_token
quickbooks.openId.provider=https://openid.intuit.com/OpenId/Provider
quickbooks.openId.identity=http://specs.openid.net/auth/2.0/identifier_select
quickbooks.scope=com.intuit.quickbooks.accounting
quickbooks.enableProduction=true


  4. Search for Xero app section and replace the existing code block with the one given below:

    Code Block
    titleXero
    xero.appKey=
xero.appKeySecret=
xero.oauthVersion=2.0
xero.oauth.signatureMethod=RSA-SHA1
xero.oauth20.accessToken=https://identity.xero.com/connect/token
xero.oauth20.authorize=https://login.xero.com/identity/connect/authorize
xero.oauth10.requestToken=https://api.xero.com/oauth/RequestToken
xero.oauth10.accessToken=https://api.xero.com/oauth/AccessToken
xero.oauth10.authorize=https://api.xero.com/oauth/Authorize
xero.refreshToken=https://api.xero.com/oauth/AccessToken
xero.clientAuthentication=true
xero.clientKeystore=xeroapps.p12
xero.clientKeystoreType=PKCS12
xero.clientKeystorePassword=
xero.clientKeystorePrivateKeyPassword=
xero.privateKey=
xero.scope=offline_access accounting.transactions accounting.settings accounting.contacts payroll.employees
xero.enableProduction=true


  5. Save the file.
  6. Restart the Connect Portal.

Anchor
Verifying Connect Portal patch
Verifying Connect Portal patch
Verifying Connect Portal patch

To verify if the Connect Portal has been deployed successfully, login to the portal and check the build tag of the Connect Portal.

Follow the steps below to check the build tag:

  1. Click Help > About.
  2. On the About screen, check the Connect Portal tag. 
    If the build tag matches the tag of the Connect Portal, it indicates that the Connect Portal patch

...

  1. is deployed successfully.

Additionally, to verify if the user interface of the Connect Server is working as expected, follow the steps below:

  • Click Configure > Developer Studio > Proceed.
    If you are able to interact with the Connect Server interface, it indicates that the Connect Server is updated.