============================================================================= Run Date: MAR 18, 2026 Designation: XU*8*833 Package : XU - KERNEL Priority: Mandatory Version : 8 SEQ #660 Status: Released Compliance Date: MAR 23, 2026 ============================================================================= Subject: KAAJEE SSOWAP-USE THE SAMLCONNECTIONSPEC FOR USER AUTHENTICATION Category: - Informational Description: ============ Kernel Authentication & Authorization for Java 2 Enterprise Edition Single Sign-On Web Application Plugin (KAAJEE SSSOWAP) patch, addresses an issue with the user authentication being performed over the DuzConnectionSpec. As VA moves towards a zero trust policy, utilizing VistALink's SamlConnectionSpec for user authentication is more appropriate. ************************************************************************** This is an informational only patch that will be released as a Kernel Authentication & Authorization for Java 2 Enterprise Edition Single Sign-On Web Application Plugin (KAAJEE SSSOWAP) component update. Installation will be performed at VA EC on a centralized server. EHRM Impact Statement: -------------------------------- This patch should have no EHRM impact, and can be installed at all sites, including EHRM converted sites. Patch Components: ------------------------- N/A Files & Fields Associated: File Name (Number) Field Name (Number) New/Modified/Deleted -------------------------- ---------------- N/A Forms Associated: Form Name File Number New/Modified/Deleted --------------- ---------------- N/A Mail Groups Associated: Mail Group Name New/Modified/Deleted ---------------------- ----------------------------- N/A Options Associated: Option Name Type New/Modified/Deleted ------------------ ------ N/A Protocols Associated: Protocol Name New/Modified/Deleted ------------------- ----------------------------- N/A Security Keys Associated: Security Key Name ------------------------ N/A Templates Associated: Template Name Type File Name (Number) New/Modified/Deleted --------------------- ------ N/A Remote Procedures Associated: Remote Procedure Name New/Modified/Deleted -------------------------------- ----------------------------- N/A Parameter Definitions Associated: Parameter Name New/Modified/Deleted ---------------------- ----------------------------- N/A Additional Information: ----------------------------- N/A New Service Requests (NSRs): N/A Patient Safety Issues (PSIs) N/A Defect Tracking System Ticket(s) & Overview: INC39536646 - VistALink DUZConnectionSpec Problem: ------------ There has been a formal request to transition from the DUZConnectionSpec to the SamlConnectionSpec. This request has been made to address security concerns identified in the DUZConnectionSpec. Resolution: --------------- A referenced connection specification was updated to a SAML-based one. Test Sites: ------------ Houston VAMC Washington DC VAMC SNOW Change Order #: --------------------------------- N/A Software and Documentation Retrieval Instructions: -------------------------------------------------- User interface patch to be deployed on a centralized application server only. File Title File Name Format --------------------------------------------------------------------- N/A Documentation Title File Name --------------------------------------------------------------------- N/A N/A Patch Installation: ------------------- There is no VistA-side installation for this patch. Austin Information Technology Center (AITC) performs patch installation on a centralized web server. Pre-Installation Instructions: N/A Post-Installation Instructions: N/A Routine Information: ==================== No routines included. ============================================================================= User Information: Entered By : Date Entered : AUG 29, 2025 Completed By: Date Completed: MAR 18, 2026 Released By : Date Released : MAR 18, 2026 ============================================================================= Packman Mail Message: ===================== No routines included