Versions Compared

Old Version 4

changes.mady.by.user Jason Elwood

Saved on

compared with

New Version 5

changes.mady.by.user Jason Elwood

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Warning

It is important to first follow the steps in the Release Notes for v2.5.1 when upgrading to v2.5.2.

 

 1.  New permissions and functionality were created to remove the Main Tool from individual users or groups/role.

...

 

The intent of this feature add is to remove the display of protected information from users who should not have access.  For example, the application can be configured such that faculty members who do not need to view academic history for any student will not have the Main Tool available in the UI.  Instructions to manage the permissions are described in the User Guide.

 

Code Block
titleImport New Permissions
SSP_CONFIGDIR=/path/to/your/config/dir ant -Dmaven.test.skip=true -Ddir=uportal-war/src/main/data/ssp_entities/permission_set/SSP_FACULTY__PERSON_FILTERED_READ__SSP.permission-set.xml data-import

 

2

...

.  CAS security integration patch.

SSP-2721 is a patch for implementers who integrate SSP with CAS for security authentication and authorization.  Details of the changes and effects are detailed in the uPortal project.  

 

3.  Review security.properties Changes

This release includes a large patch to <platform-src>/uportal-war/src/main/resources/properties/security.properties for SSP-2724. These changes may result in merge conflicts, especially if you are already integrated with other authentication providers, e.g. AD/LDAP. For resolving merge conflicts in general, see SSP Source Code Upgrade Process. For this particular patch, understand that the primary goal was to change this:

No Format
principalToken.root=userName
credentialToken.root=password

To this:

No Format
principalToken.root=
credentialToken.root=

Once you're able to sort out the conflict so everything is as it was before, but with expanded comments and the unset of the "root" token config as shown above, you'll need to make sure your existing authentication provider configuration still works. In almost all SSP deployments this entails creating a token config pair for each configured LDAP security context. I.e. for every row in security.properties of the form:

No Format
root.<suffix>=org.jasig.portal.security.provider.SimpleLdapSecurityContextFactory

You will need a corresponding:

No Format
principalToken.root.<suffix>=userName
credentialToken.root.<suffix>=password

For example, if your configuration currently includes:

No Format
root.ldap_student=org.jasig.portal.security.provider.SimpleLdapSecurityContextFactory
root.ldap=org.jasig.portal.security.provider.SimpleLdapSecurityContextFactory

Then you need to add the following:

No Format
principalToken.root.ldap=userName
credentialToken.root.ldap=password
 
principalToken.root.ldap_student=userName
credentialToken.root.ldap_student=password

4.  Review Maven settings.xml

Historically you might have configured a Maven repository "blacklist" in <USER_HOME>/.m2/settings.xml to work around broken dependency downloads (ehcache especially). SSP-2634 should obviate such blacklisting, so if you haven't added it already, there should be no reason to do so. If you've already created a blacklist, it is entirely up to you whether or not to leave it in place.

v2.5.2 JIRA Issues

Bugs

  • [SSP-2623] - Navigating to Early Alert tool decrements EA count in caseload/search results
  • [SSP-2636] - STRENGTHS Permissions not implemented in UI
  • [SSP-2648] - Caseload/Watch/Search navigation broken for users having access to search only
  • [SSP-2650] - LTI Provider - Default timestamp expiry is too short
  • [SSP-2651] - LTI Provider - Live launch error messages rendered in browser as raw HTML
  • [SSP-2654] - DOB search results incorrect before 01/01/1970
  • [SSP-2656] - Missing 'enter' keypress handlers on most search filter fields
  • [SSP-2657] - DOB field validation doesn't prevent search execution
  • [SSP-2660] - Print action plan button does not respond
  • [SSP-2663] - Tools except Main Tool Do Not have currentPerson Loaded
  • [SSP-2667] - person_filtered perms should not have access to Coaching History report
  • [SSP-2668] - 404 error when school id not found in add student
  • [SSP-2669] - Email coach link inactive for person_filtered perms
  • [SSP-2670] - Exception Thrown On Instant Caseload Save
  • [SSP-2671] - Instant Caseload Does not Initialize Tool
  • [SSP-2672] - SearchPerson.js Model Potential Improper Update of Name
  • [SSP-2673] - Tool Not removed if External Student Selected but not Assigned
  • [SSP-2676] - Console error after adding a student via quick add
  • [SSP-2677] - Email Student failure for person_filtered
  • [SSP-2678] - Selected student header bar not populated after canceling Caseload Add/Edit form
  • [SSP-2680] - LtiSspUserFieldNames.js loaded out of band
  • [SSP-2686] - MAP plan edit locked
  • [SSP-2687] - Caseload column-data alignment problem
  • [SSP-2688] - Program Status Name not updated after Quick Add
  • [SSP-2693] - Journal Steps are missing from the Student view
  • [SSP-2694] - external person sync not completing
  • [SSP-2695] - Liquibase for add refresh_mv_directory_person/blue on SQL Server
  • [SSP-2697] - Inactive CL appear in Action Plan custom task
  • [SSP-2698] - SSP portlets disabled if http://www.tuckey.org unavailable
  • [SSP-2702] - Program status name not reflected in Main after student Quick Add
  • [SSP-2703] - Search Results returns records with inactive associations
  • [SSP-2704] - Hard-coded dbo schema references
  • [SSP-2710] - Program status transitions error out with invalid subquery result
  • [SSP-2712] - Bulk coach reassign errors out if more than one student selected
  • [SSP-2713] - Add student not in external data via UI doesn't add to directory
  • [SSP-2714] - Directory update triggers break on bulk writes to some tables
  • [SSP-2716] - Coaching History doesn't work unless in Main
  • [SSP-2718] - Directory search queries scroll entire result set to get result set size
  • [SSP-2721] - Integrate patched CAS filter
  • [SSP-2724] - Improved default security.properties configuration
  • [SSP-2726] - Unit tests do not compile

Improvements and New Features

  • [SSP-2428] - Liquibase error dropping default constraints on SQLServer 2012
  • [SSP-2461] - LTI Provider - Expose Platform SSO Ticket Issuing Service in platform-java-api
  • [SSP-2470] - LTI Provider - Expose Platform Permissions Lookup Service to non-portlet requests
  • [SSP-2473] - LTI Provider - Allow Platform user lookup by schoolId
  • [SSP-2474] - LTI Provider - Better end-user facing Early Alert portlet errors
  • [SSP-2475] - LTI Provider - EA portlet roster selection via render param
  • [SSP-2631] - Permissions-driven Main tool show/hide
  • [SSP-2634] - Integrate uPortal Maven dependency download fix
  • [SSP-2644] - Document LTI Provider
  • [SSP-2647] - Document new permissions for hiding main tool
  • [SSP-2649] - Display Early Alerts created by current user when submitting new Early Alert
  • [SSP-2661] - Caseload "Quick Add" dialog should be modal
  • [SSP-2679] - Mark nav and tool panels 'loading' while selected person record loads
  • [SSP-2701] - Document SQLServer stored proc permissions config recommendations
  • [SSP-2725] - Filter external-only students from bulk caseload reassign UI