============================================================================= Run Date: JAN 24, 2022 Designation: XU*8*747 Package : XU - KERNEL Priority: Mandatory Version : 8 SEQ #600 Status: Released Compliance Date: FEB 24, 2022 ============================================================================= Subject: KAAJEE SSOWAP WebLogic 12.2 compatibility upgrades Category: - Informational Description: ============ Kernel Authentication & Authorization for Java 2 Enterprise Edition (KAAJEE) patch, XU*8.0*747, addresses Technical Reference Model (TRM) compliance changes and upgrades/certification of a KAAJEE Single Sign-On Web Application Plugin (SSOWAP) component for the WebLogic 12.2/Java 1.8 platform and above. This patch also includes changes to the distributable jar file, as well as sample jsp code changes, Fortify induced compliance changes, upgrades to the TRM-approved libraries and come in the following form: - Dependency file upgrades - log4j2-api-2.17.1.jar, log4j2-core-2.17.1.jar, vha-stddata-basic-19.0.jar, vha-stddata-client-19.0.jar - Changes to a Sample Application - login.jsp, loginCookieInfo.htm ************************************************************************** This is an informational only patch that will be released alongside Kernel Authentication & Authorization for Java 2 Enterprise Edition Security Service Provider Interface (KAAJEE) patch, XU*8.0*748, and Veterans Personal Finance System (VPFS) patch PRPF*4*6. Installation will be performed by Martinsburg on a centralized server. There is no action for VHA sites required by this patch. There is no server side (VistA PackMan or KIDS) part to the patch. There are no client side (Windows executable) programs for VHA production workstations. ************************************************************************** Patch Components ----------------- Files & Fields Associated: File Name (Number) Field Name (Number) New/Modified/Deleted ------------------ ------------------- -------------------- N/A Forms Associated: Form Name File Number New/Modified/Deleted --------- ----------- -------------------- N/A Mail Groups Associated: Mail Group Name New/Modified/Deleted --------------- -------------------- N/A Options Associated: Option Name Type New/Modified/Deleted ----------- ---- -------------------- N/A Protocols Associated: Protocol Name New/Modified/Deleted ------------- -------------------- N/A Security Keys Associated: Security Key Name ----------------- N/A Templates Associated: Template Name Type File Name (Number) New/Modified/Deleted ------------- ---- ------------------ -------------------- N/A Remote Procedures Associated: Remote Procedure Name New/Modified/Deleted --------------------- -------------------- N/A Parameter Definitions Associated: Parameter Name New/Modified/Deleted -------------- -------------------- N/A Additional Information: ----------------------- N/A Blood Bank Team Coordination: N/A New Service Requests (NSRs): N/A Patient Safety Issues (PSIs): N/A Defect Tracking System Ticket(s) & Overview: 1. JIRA - KAAJEE-11, Conformance to WebLogic 12.2/Java 8 platform for KAAJEE Classic Problem: -------- KAAJEE SSOWAP jar dependencies were not TRM-compliant, due to restrictions of cookie handling by the VA browsers which result in an error while running the KAAJEE Sample App. This patch also discontinues client-side cookie use and support, due to VA-configured browser cookie handling restrictions. Persistent settings driven functionality will be inhibited. Login Institution list sorting is supported for a duration of a user session only. Due to dependency file upgrades, this release will deploy and run only on WebLogic 12.2/Java 8 and above. Resolution: ----------- Installed TRM-compliant libraries, re-compiled on Java 8 and removed persistent cookie reliance and support. Test Sites: ----------- Chillicothe VA Medical Center Orlando VA Medical Center Software and Documentation Retrieval Instructions: -------------------------------------------------- N/A Other Software Files: The software for this patch is being released via a zip file and can be obtained at location: /srv/vista/patches/SOFTWARE Other software files can also be obtained by accessing the URL: https://download.vista.domain.ext/index.html/SOFTWARE File Title File Name Format --------------------------------------------------------------------- KAAJEE SSOWAP 8.0.747 bundle XU_8.0_747.ZIP Binary Documentation describing the new functionality is included in this release. Documentation can be found on the VA Software Documentation Library at: https://www.domain.ext/vdl/. Documentation can also be obtained at https://download.vista.domain.ext/index.html/SOFTWARE. Documentation Title File Name --------------------------------------------------------------------- KAAJEE SSOWAP Deploy Guide KAAJEE_SSOWAP_8_DEPL.PDF (WebLogic 12.2) KAAJEE SSOWAP Installation Guide KAAJEE_SSOWAP_8_IG.PDF (WebLogic 12.2) KAAJEE SSOWAP Release Notes KAAJEE_XU_8_747_RN.PDF Patch Installation: ------------------- ****************************************************************** ** PLEASE NOTE: THERE IS NO INSTALLATION FOR THIS PATCH. ** ****************************************************************** Installation for KAAJEE patch, XU*8.0*747, is performed by Martinsburg on a centralized WebLogic server. Post-Installation Instructions: N/A Back-Out/Roll Back Plan: ------------------------ The back-out plan is found in the KAAJEE SSOWAP Installation Guide and will be sent to Martinsburg. Routine Information: ==================== No routines included. ============================================================================= User Information: Entered By : Date Entered : JAN 21, 2021 Completed By: Date Completed: JAN 24, 2022 Released By : Date Released : JAN 24, 2022 ============================================================================= Packman Mail Message: ===================== No routines included