This section lists the prerequisites and steps for applying and verifying this patch.
Though every release of Adeptia comes with seamless upgrades and bug-free patches, for customer's complex use cases, we recommend applying the patch in a non-production environment first followed by testing. After the use cases run successfully without any errors or warnings, you can apply the patch in the production environment.
Prerequisites
- You have Read and Write permissions on all sub-folders and files of .../AdeptiaConnect-<Version>.
- Services such as Kernel, WebRunner, and AIMap are stopped.
- Take backup of securityContext.xml file from …<ConnectServerInstallFolder>\AdeptiaServer\ServerKernel\etc\saml location. This backup file will help you replicate the manual changes in case you have done earlier in the securityContext.xml file before applying this patch.
- Take backup of web.xml file from …<ConnectServerInstallFolder>\AdeptiaServer\ServerKernel\web\WEB-INF location. This backup file will help you replicate the manual changes in case you have done earlier in the web.xml file before applying this patch.
- Take backup of cacert file from …<ConnectServerInstallFolder>\AdeptiaServer\ServerKernel\etc\truststore location. This backup file will help you replicate the manual changes in case you have done earlier in the cacert file before applying this patch.
- No process flow or transaction should be in running, waiting or queued state.
- Latest License details of Adeptia Connect. You can contact Adeptia Support for more details.
Applying the patch
After you have applied the patch, PatchApplicationLog_<Date>.log file is created inside the logs folder. The logs folder is available in the same folder from where you have applied the patch. PatchApplicationLog_<Date>.log file contains the logs generated during patch application and can be used to troubleshoot any issue related to the patch application.
Patch application may take some time, in case there are a large number of records in the backend and log database.
The patch will automatically rollback, in case of any error during the deployment.
After applying this patch, refer to post patch deployment section for manual changes.
Post patch deployment steps
In this release, some manual changes are required in Connect Server.
Changes in securityContext.xml file
- Go to the downloaded Adeptia Connect zip folder and rename the securityContext.xml_Server file to securityContext.xml.
- Copy the renamed securityContext.xml file.
- Replace the existing file with the copied file at the following location: …<ConnectServerInstallFolder>\AdeptiaServer\ServerKernel\etc\saml.
- Open securityContext.xml file.
- Do the same manual changes in the file in case you have done in your previous securityContext.xml file (that you had saved as a backup).
- Save the file.
In case you are using SAML authentication then open the updated securityContext.xml file and do the following changes:
Uncomment the following property:
<!-- <property name="entityBaseURL" value="http://localhost:8080/adeptia"/> -->
- Update the URL as required. Where localhost is the IP address and port of the Connect Server.
- Uncomment the idp.xml property:
- If you are using Adeptia Connect with load balancer, follow these steps:
- Remove or comment out the existing contextProvider bean
<bean id="contextProvider" class="org.springframework.security.saml.context.SAMLContextProviderImpl"/> - Add the below contextProvider bean
<bean id="contextProvider" class="org.springframework.security.saml.context.SAMLContextProviderLB">
<property name="scheme" value="http"/>
<property name="serverName" value="www.myserver.com"/>
<property name="serverPort" value="8080"/>
<property name="includeServerPortInRequestURL" value="false"/>
<property name="contextPath" value="/adeptia"/>
</bean>
This table explains the each property of contextProvider bean:
scheme Name of the scheme (http or https). serverName Name of the server. serverPort Port number of the server. includeServerPortInRequestURL To include server port number in the URL or not. It must be false. contextPath Prefix of a URL path used to select the context(s) to which an incoming request is passed. A URL is in the format: http://hostname.com/contextPath/, where each of the path elements can be zero or more separated elements. It must be /adeptia. Property Name
Description
It will look like:
<bean id="contextProvider" class="org.springframework.security.saml.context.SAMLContextProviderLB">
<property name="scheme" value="http"/>
<property name="serverName" value="www.myserver.com"/>
<property name="serverPort" value="8080"/>
<property name="includeServerPortInRequestURL" value="false"/>
<property name="contextPath" value="/adeptia"/>
</bean> - Remove or comment out the existing contextProvider bean
- If there were any other changes in the old file, you have to do the same changes manually in the updated securityContext.xml file.
- Save the file.
- Restart Connect Server.
Changes in web.xml file
- Go to …<ConnectServerInstallFolder>\AdeptiaServer\ServerKernel\web\WEB-INF location.
- Go to the downloaded Adeptia Connect zip folder and rename the web.xml_Server file to web.xml.
- Copy the renamed web.xml file.
- Replace the existing file with the copied file at the following location: …<ConnectServerInstallFolder>\AdeptiaServer\ServerKernel\web\WEB-INF.
- Open web.xml file.
- Do the same manual changes in the file that you have done in your previous web.xml file (that you had saved as a backup).
- Save the file.
Adding certificates in cacerts file
Two new certificates need to be added to the cacerts file in the application. This step is required to update the cacerts file with COMODO renewed certificates as the existing certificates of COMODO have expired.
Follow the steps below to add the certificates:
- Stop the Connect Server.
- Download the following two certificates from this link.
- 1199354.crt
- 1720081.crt
On the command prompt, run the following command to import the two new certificates to the cacerts file:
keytool -import -file "<path_to_Certificate_file>" -keystore "<path_to_application_folder>\ServerKernel\etc\truststore\cacerts" - alias "<alias_name>" - storepass "<cacerts file password>"
Where,
path_to_Certificate_file: The location where you have downloaded the certificates.
path_to_application_folder: Location of the cacerts file in the Connect Server.
alias_name: Alias name for '1199354.crt' and '1720081.crt' are 'USERTrust RSA Certification Authority' and 'COMODO RSA Certification Authority' respectively.
cacerts file password: Password for the cacerts file. By default, the password for the cacerts file is 'changeit'.- Restart the Connect Server.
Verifying Connect Server patch
To verify whether the patch is applied successfully:
Open the browser and visit the URL:
http://<hostname>:8080/adeptia/control
where hostname is the name of the server on which Connect Server is running. Developer Studio home page appears.
- Type the username and password in the User Id and Password text boxes respectively.
- Click Login.
- Click Help > About.
- Check the Build Tag. If it is the same you applied, indicates patch is deployed successfully.
Next step