If you are running SSP version 2.0.0 or 2.0.0-b3, you are strongly encouraged to upgrade to 2.0.1 or 2.1.0 or 2.2.0 or later versions or otherwise apply the Confidentiality Level-related patches for the Student Documents tool as described by SSP-1917.

1)  External Table Database update- The external_student_test table has a new column named discriminator and included in the primary key definition.  When deploying 2.1, the new column will be added regardless of the values of db_liquibase_external_apply_natural_keys.  The default value of 'discriminator' is '1'. The application does not care what values are set.  It is intended to be a completely opaque value used exclusively to distinguish between multiple completion of the same test on the same date.  The application will fail to start if duplicate data exists in the table.  In those cases, follow the steps below:

• Deploy and start up the 2.1 code with db_liquibase_external_apply_natural_keys=false. This will create the new column and fill in default values (1).
• Adjust or reload the external_student_test table with discriminator values to eliminate duplicate keys
• Restart the application with db_liquibase_external_apply_natural_keys=true. This will attempt to add a primary key to this table, including the discriminator column.

2)  Remove unused permissions with SQL

• delete from up_permission where activity in ('PERSON_TEST_READ','PERSON_TRANSCRIPT_READ');
• delete from up_permission_activity where activity_fname in ('PERSON_TEST_READ','PERSON_TRANSCRIPT_READ');

3)  Add new permissions for configurable Confidentiality Levels

• ant -Dmaven.test.skip=true -Ddir=uportal-war/src/main/data/ssp_entities/patches-SSP-2-1-0/SSP-1466 data-import

4)  Add new bulk reassign permission for the Caseload Reassignment tool

• ant -Dmaven.test.skip=true -Ddir=uportal-war/src/main/data/ssp_entities/patches-SSP-2-1-0/SSP-1762 data-import

5)  Add SSP adminsitrators to the uPortal administrators group

• ant -Dmaven.test.skip=true -Dfile=uportal-war/src/main/data/ssp_entities/group_membership/Portal_Administrators.group-membership.xml data-import

6)  Correct the DATA_ENGLISH_SECOND_LANGAGE permission

• update up_permission set activity = 'DATA_ENGLISH_SECOND_LANGUAGE' where activity = 'DATA_ENGLISH_SECOND_LANGAGE'
• update up_permission_activity set activity_fname = 'DATA_ENGLISH_SECOND_LANGUAGE', activity_name = 'DATA_ENGLISH_SECOND_LANGUAGE' where activity_fname = 'DATA_ENGLISH_SECOND_LANGAGE'

7)  SSP-1668 represent a fix for case-insensitive user searches in uPortal.  The personDirectoryContext.xml has been modified in upstream versions including 2.1.0.  Any existing implementation should review the changes and appropriately configure.  The details of the change are described in the uPortal pull request.

8)  A new config option in portal.properties was added to exclude certain uP-local attributes from automatic wildcarding. The default exclusion list is SSP_ROLES, which is desired forSSP because searches on that attribute almost always include the list of current coaches in which case exact matches only are desired. See https://github.com/Jasig/uPortal/commit/d530d7abc94a20c051c43a010708f4979f233456 for where that config lives (portal.properties). The commit includes detailed comments in that file.

Deployers shouldn't need to do anything as a result of the new exclusion list config option unless there are scenarios where search on SSP_ROLES with wildcards is desired.  In that case, the following steps should be taken.

1. Add those wildcards explicitly to their search terms (which will not work if also querying against multi-valued LDAP attributes), or
2. Remove SSP_ROLES from the exclusion list (which will potentially results in non-exact uP-local matches)

Also, keep in mind that per its traditional behavior, uP searches on non-username attributes are automatically wildcarded by default. In non-uP local PD DAOs you need to explicitly enable that behavior.  The notes in #7 referred to above explain how to do this.