use keyspace_name;
where keyspace_name
is the name of the keyspace that you are upgrading. i.e. If you have multiple instances of Kinetic Request CE running on the same database cluster, you would add use kinetic_core_prod;
to the top of the schema filecqlsh -e "SOURCE '/full/path/to/schema.cql';"
** If upgrading from a version after 2.0.1: **
%BACKUP%/kinetic/app to %TOMCAT%/webapps/kinetic/app
%BACKUP%/kinetic/WEB-INF/config to %TOMCAT%/webapps/kinetic/WEB-INF
** If upgrading from a version before 2.0.1: **
%BACKUP%/kinetic/app/bundles to %TOMCAT%/webapps/kinetic/app
%BACKUP%/kinetic/app/root-bundle to %TOMCAT%/webapps/kinetic/app
%BACKUP%/kinetic/app/shared-bundles to %TOMCAT%/webapps/kinetic/app
%BACKUP%/kinetic/WEB-INF/config to %TOMCAT%/webapps/kinetic/WEB-INF
(* Optional *) If you've installed any non-standard .jar files to the tomcat shared lib (this is not common)
%BACKUP%/kinetic/WEB-INF/lib/... to %TOMCAT%/lib
(* Optional *) If SAML is being used:
security.saml.idp.filebased.url
value in the %BACKUP%/kinetic/WEB-INF/classes/security.%SPACE_SLUG%.properties file(s)
%BACKUP%/kinetic/WEB-INF/classes/...
to %TOMCAT%/webapps/kinetic/WEB-INF/config
Once the steps outlined in the General Upgrade Instructions have been completed, no specific post-upgrade steps are required.
Once the steps outlined in the General Upgrade Instructions have been completed, please review the steps below as they may be applicable to your implementation.
The default behavior for previous versions of Request CE was to allow pages to be displayed in iFrames on any website, and to allow AJAX calls from JavaScript on any website. Starting in v2.2, the default will be to prevent websites that don’t share the same domain from embedding iFrames or sending AJAX calls.
If your implementation is relying on embedding iFrames to Request CE from a different domain (ie, https://www.acme.com
has an iFrame that is displaying https://acme.com/kinetic/acme/catalog/ipad-request
), you will need to add a Trusted Frame Domain for each of the trusted domains (ie https://www.acme.com
).
If your implementation is relying on making AJAX calls to Request CE from a different domain (ie https://www.acme.com
has a custom HTML form that POSTs data to the Request CE API at https://acme.com/kinetic/acme/app/api/v1/kapps/catalog/forms/ipad-request
), you will need to add a Trusted Resource Domain for each of the trusted domains (ie https://www.acme.com
).
An example configuration is shown below. In this case, the “Kinetic Data” space wants to allow https://kineticdata.com
to make JavaScript AJAX calls to the Request CE instance, and to allow any subdomain of kineticdata.com or kinops.io to embed iFrames to the Request CE instance.
If you are using a legacy bundle (ie one that defines pages in JSP pages instead of React) that has an HTML form that makes a non-AJAX PUT, POST, or DELETE, you will need to add a CSRF token field. Most of the bundles provided by Kinetic Data will already have the CSRF token included (such as for the login.jsp
or the resetPassword.jsp
).
The CSRF token can be easily added as a field to the form with the following JSP snippet:
<!-- CSRF field -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
If you a form that requires CSRF does not properly have this set, the wall will result in a 403 Forbidden response with the following message:
"Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-XSRF-TOKEN'."
Follow the steps in General Upgrade Instructions
No specific post-upgrade steps required
Follow the steps in General Upgrade Instructions
No specific post-upgrade steps required
Follow the steps in General Upgrade Instructions
No specific post-upgrade steps required
Follow the steps in General Upgrade Instructions
No specific post-upgrade steps require
Follow the steps in General Upgrade Instructions
No specific post-upgrade steps require
Follow the steps in General Upgrade Instructions
No specific post-upgrade steps require
Follow the steps in General Upgrade Instructions
No specific post-upgrade steps require
Follow the steps in General Upgrade Instructions
No specific post-upgrade steps require
Follow the steps in General Upgrade Instructions
No specific post-upgrade steps require