SSP v2.7.0 General Release Announcement
Release TBD
Release Highlights
v2.7.0 contains a variety of changes that enhance nearly every tool within SSP. The specific issues are noted below, but there are additional resources with information about the changes.
- External Database- new tables were added, and one change was made. Review the external definitions for complete details.
- Message Templates- a number of new message template variables were added to the list of available variables. The message templates were not changed, but implementers can added the new variables to existing templates.
Fresh Installation Instructions
See SSP v2.7.0 Installation Instructions
Upgrade Instructions
Upgrading Source Code Forks
See SSP Source Code Upgrade Process
Additional Upgrade Steps
It is important to first follow the steps in the Release Notes for v2.6.0.
The SSP development team is not aware of any SSP deployments integrated with CAS, but this release includes two security-related patch sets specifically targeted at CAS integrations:
- SSP-2721 - Scrubs certain CAS-specific request parameters. The changes and effects are detailed in the uPortal project. No work should be required to enable the patch, but you may want to review that document to better understand the CAS-related configuration changes included in this release.
- SSP-2724 - Works around what amounts to a CAS-specific session hijacking vulnerability. The changes and effects are detailed in the uPortal project and the
<platform-src>/uportal-war/src/main/resources/properties/security.properties
file includes greatly expanded comments describing recommended configuration changes. You will likely want to review the email thread and changes to that file whether or not you use CAS. The new defaults may interfere with your existing authentication provider integrations, especially AD/LDAP. SSP-specific details below.
1 - Add new permission for customizable csv results export
SSP-3062 adds a feature to customize the csv columns in the Bulk Export to CVS function. This requires a new permission that needs to be imported into SSP-Platform Run the following command from the SSP-Platform directory
ant -Ddir=uportal-war/src/main/data/ssp_entities/patches-SSP-2-7-0/SSP-3062 data-import
2 - Add new permission for administrator items
SSP-2943 adds a feature to grant permissions for the individual administrator folders.. This requires a new permission that needs to be imported into SSP-Platform Run the following command from the SSP-Platform directory
ant -Dmaven.test.skip=true -Dfile=uportal-war/src/main/data/ssp_entities/permission_owner/SSP.permission-owner.xml data-import
3- A constraint was added to the external_catalog table.
If non-unique external_catalog_year.code exists, the liquibase will fail. To correct, the data in the external_catalog table should contain unique year codes values for each row.
SSP v2.7.0 JIRA Issues
Bugs
New Features
Improvements
Improvement Sub-tasks
Tasks