Kinetic Community

CE Upgrade Guide

James Davies

General Upgrade Instructions (All Releases)

  1. Find and download the Web Application and cooresponding Datasbase Schema file (not all upgrades require a Database Schema file -- see version specific upgrade notes for more information)
  2. Backup the existing web application directory (%TOMCAT%/webapps/kinetic).
  3. (* Version Specific*) If the version you are upgrading to requires a database schema change:
  4. Open the Database Schema file (schema.cql) downloaded from the Releases page
  5. Edit the first line of the file to use keyspace_name; where keyspace_name is the name of the keyspace that you are upgrading. i.e. If you have multiple instances of Kinetic Request CE running on the same database cluster, you would add use kinetic_core_prod; to the top of the schema file
  6. Login to a machine that has cqlsh installed and has access to the cassandra cluster you are upgrading.
  7. Run the schema.cql file with the cqlsh program: cqlsh -e "SOURCE '/full/path/to/schema.cql';"
  8. Deploy the Kinetic Request CE web archive (.war) file downloaded in step 1
  9. Copy backed up configrations to newly deployed web application

  10. ** If upgrading from a version after 2.0.1: **

    • %BACKUP%/kinetic/app to %TOMCAT%/webapps/kinetic/app
    • %BACKUP%/kinetic/WEB-INF/config to %TOMCAT%/webapps/kinetic/WEB-INF

  11. ** If upgrading from a version before 2.0.1: **

    • %BACKUP%/kinetic/app/bundles to %TOMCAT%/webapps/kinetic/app
    • %BACKUP%/kinetic/app/root-bundle to %TOMCAT%/webapps/kinetic/app
    • %BACKUP%/kinetic/app/shared-bundles to %TOMCAT%/webapps/kinetic/app
    • %BACKUP%/kinetic/WEB-INF/config to %TOMCAT%/webapps/kinetic/WEB-INF

    • (* Optional *) If you've installed any non-standard .jar files to the tomcat shared lib (this is not common)

      • %BACKUP%/kinetic/WEB-INF/lib/... to %TOMCAT%/lib

    • (* Optional *) If SAML is being used:

      • Find the name of the IDP file by looking for the security.saml.idp.filebased.url value in the %BACKUP%/kinetic/WEB-INF/classes/security.%SPACE_SLUG%.properties file(s)
      • Copy the IDP files from %BACKUP%/kinetic/WEB-INF/classes/... to %TOMCAT%/webapps/kinetic/WEB-INF/config
  12. Restart Tomcat

Version Specific Upgrade Notes

v2.2.0 Upgrade Guide

Prerequisates

  • This release requires Database Schema changes. Ensure you download the Database Schema file from the releases page before continuing.
  • Follow the steps in General Upgrade Instructions

Post-Upgrade Instructions

Once the steps outlined in the General Upgrade Instructions have been completed, please review the steps below as they may be applicable to your implementation.

Setting Trusted Domains

The default behavior for previous versions of Request CE was to allow pages to be displayed in iFrames on any website, and to allow AJAX calls from JavaScript on any website. Starting in v2.2, the default will be to prevent websites that don’t share the same domain from embedding iFrames or sending AJAX calls.

If your implementation is relying on embedding iFrames to Request CE from a different domain (ie, https://www.acme.com has an iFrame that is displaying https://acme.com/kinetic/acme/catalog/ipad-request), you will need to add a Trusted Frame Domain for each of the trusted domains (ie https://www.acme.com).

If your implementation is relying on making AJAX calls to Request CE from a different domain (ie https://www.acme.com has a custom HTML form that POSTs data to the Request CE API at https://acme.com/kinetic/acme/app/api/v1/kapps/catalog/forms/ipad-request), you will need to add a Trusted Resource Domain for each of the trusted domains (ie https://www.acme.com).

An example configuration is shown below. In this case, the “Kinetic Data” space wants to allow https://kineticdata.com to make JavaScript AJAX calls to the Request CE instance, and to allow any subdomain of kineticdata.com or kinops.io to embed iFrames to the Request CE instance.

2.2.0-TrustedResources

Adding CSRF token fields to Legacy JSP-based Bundles

If you are using a legacy bundle (ie one that defines pages in JSP pages instead of React) that has an HTML form that makes a non-AJAX PUT, POST, or DELETE, you will need to add a CSRF token field. Most of the bundles provided by Kinetic Data will already have the CSRF token included (such as for the login.jsp or the resetPassword.jsp).

The CSRF token can be easily added as a field to the form with the following JSP snippet:

   <!-- CSRF field -->
   <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>

If you a form that requires CSRF does not properly have this set, the wall will result in a 403 Forbidden response with the following message:

"Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-XSRF-TOKEN'."

v2.1.1 Upgrade Guide

Prerequisates

  • If you are upgrading from a version before v2.1.0, please follow the 2.1.0 Upgrade Instructions before proceeding as that version included Database Schema changes which need to be made.

  • Follow the steps in General Upgrade Instructions

    Post-Upgrade Instructions

    No specific post-upgrade steps required

v2.1.0 Upgrade Guide

Prerequisates

  • This release requires Database Schema changes. Ensure you download the Database Schema file from the releases page before continuing.

  • Follow the steps in General Upgrade Instructions

    Post-Upgrade Instructions

    No specific post-upgrade steps required

v2.0.4 Upgrade Guide

Prerequisates

  • This release requires Database Schema changes. Ensure you download the Database Schema file from the releases page before continuing.

  • Follow the steps in General Upgrade Instructions

    Post-Upgrade Instructions

    No specific post-upgrade steps required

v2.0.3 Upgrade Guide

Prerequisates

  • If you are upgrading from a version before v2.0.2, please follow the 2.0.2 Upgrade Instructions before proceeding as that version included Database Schema changes which need to be made.

  • Follow the steps in General Upgrade Instructions

    Post-Upgrade Instructions

    No specific post-upgrade steps require

v2.0.2 Upgrade Guide

Prerequisates

  • This release requires Database Schema changes. Ensure you download the Database Schema file from the releases page before continuing.

  • Follow the steps in General Upgrade Instructions

    Post-Upgrade Instructions

    No specific post-upgrade steps require

v2.0.1 Upgrade Guide

Prerequisates

  • This release requires Database Schema changes. Ensure you download the Database Schema file from the releases page before continuing.

  • Follow the steps in General Upgrade Instructions

    Post-Upgrade Instructions

    No specific post-upgrade steps require

v2.0.0 Upgrade Guide

Prerequisates

  • This release requires Database Schema changes. Ensure you download the Database Schema file from the releases page before continuing.

  • Follow the steps in General Upgrade Instructions

    Post-Upgrade Instructions

    No specific post-upgrade steps require

v1.1.1 Upgrade Guide

Prerequisates

  • This release requires Database Schema changes. Ensure you download the Database Schema file from the releases page before continuing.

  • Follow the steps in General Upgrade Instructions

    Post-Upgrade Instructions

    No specific post-upgrade steps require

v1.1.0 Upgrade Guide

Prerequisates

  • This release requires Database Schema changes. Ensure you download the Database Schema file from the releases page before continuing.

  • Follow the steps in General Upgrade Instructions

    Post-Upgrade Instructions

    No specific post-upgrade steps require