NOTE: Trivore ID Documentation has moved to https://trivoreid.com

The content on this site IS OUT OF DATE!

This space has been archived!

Please go ahead to the new site!

TIS 3.24

Owned by Antti Kallio, created
Last updated: 2021-08-13 by Miika Vesti
3 min read

Initial release

Released 2021-08-04.

Notable changes

Environment variable JAVA_HOME has been removed from /etc/sysconfig/oneportal and added directly to systemd unit file. Usually there is no need to change its value and this modification makes upgrades easier even if sysconfig file has been locally modified. If you have this variable in sysconfig file, recommendation is to remove it. Use trivore-jetty version 4.4 or later to ensure that JAVA_HOME works as expected.

Bugs fixed

ONEP-2312 User was left signed in after using Change Password pages

ONEP-2309 Customer specific bugfix

ONEP-2307 Update to latest jackson and fix related dependency conflicts

ONEP-2301 Fix customer module dependencies

Improvements made

ONEP-2313 Move JAVA_HOME to systemd service file

ONEP-2311 Parse Basic authorization headers without using regex

ONEP-2306 Update to latest Ignite (2.10.0)

ONEP-2308 Make personal identity code parsing more lenient

ONEP-2304 Remove any javascript usage from ant build.xml

ONEP-2303 Remove maven install target from ant build.xml

ONEP-2302 Use exact version/release numbers for rpm dependency definitions

ONEP-2300 Refactor database credential configuration

ONEP-2298 Support ID-token parameter in changePassword form

ONEP-2297 Add webtheme support for changePassword form

ONEP-2296 Add logos to changePassword form

Tasks

ONEP-2291 Improve docker build

ONEP-2288 Replace maven ant tasks with maven artifact resolver

Database configuration

This version has new database configuration properties. New configuration is backwards compatible and therefore no changes are required. Future versions may drop deprecated properties so it is recommended not to use those anymore.

Property

Description

Default value

Property

Description

Default value

mongo.addr

Primary MongoDB database URI. Full MongoDB URI recommended. Legacy <host>:<port> still supported for backwards compatibility. Uses replica set oneportal by default when legacy mode is used. Use full URI without replica set parameter if connecting to single node MongoDB which does not have replica set defined.

mongodb://localhost:28017/?replicaSet=oneportal

mongo.dbname

Primary database name. Defaults to oneportal.

oneportal

mongo.dbname.aux

Auxiliary database name. Deprecated in favour of mongo.aux.dbname.

oneportal_aux

mongo.writeconcern

Primary database write concern.

ACKNOWLEDGED

mongo.readpreference

Primary database read preference.

PRIMARY_PREFERRED

mongo.timeout

MongoDB server selection timeout value in milliseconds. Applies to all databases.

30000

mongo.cluster.key

Pointer to a file which contains cluster-wide cryptographic key material. Must have same value on all server nodes in the cluster. If file does exist, this option is ignored.

/etc/oneportal/cluster_key

mongo.auth.enabled

Primary database authentication enabled/disabled. Value is either true or false.

false

mongo.auth.provider.enabled*

If true, uses legacy authentication credential computation for primary database. Value is either true or false. Legacy mechanism always uses username oneportal and password computed from salt material (see properties below). Legacy mode authentication database (source) is the same as primary database (mongo.dbname)

true

mongo.auth.salt.file

Input material for credential computation when legacy authentication mechanism is used. Must point to a file.

/var/lib/oneportal/node_salt

mongo.auth.salt.url

Input material for credential computation when legacy authentication mechanism is used. Must point to an URL.

https://keymgmt.t5.fi/.suolaa

mongo.auth.source*

Authentication database (source) when connecting to primary database. Not used when legacy authentication mode is enabled.

oneportal

mongo.auth.username*

Primary database authentication username. Not used when legacy authentication mode is enabled.

oneportal

mongo.auth.password*

Primary database authentication password. Not used when legacy authentication mode is enabled.

Undefined

mongo.aux.addr*

Auxiliary MongoDB database URI.

Undefined (defaults to mongo.addr)

mongo.aux.dbname*

Auxiliary database name.

Undefined (defaults to mongo.dbname.aux)

mongo.aux.writeconcern*

Auxiliary database write concern.

Undefined (defaults to mongo.writeconcern)

mongo.aux.readpreference*

Auxiliary database read preference.

Undefined (defaults to mongo.readpreference)

mongo.aux.auth.enabled*

Auxiliary database authentication enabled/disabled.

Undefined (defaults to mongo.auth.enabled)

mongo.aux.auth.provider.enabled*

If true, uses legacy authentication credential computation for auxiliary database. Legacy mode always uses auxiliary database itself as authentication source.

Undefined (defaults to mongo.auth.provider.enabled)

mongo.aux.auth.source*

Authentication database (source) when connecting to auxiliary database. Not used when legacy authentication mode is enabled.

Undefined (defaults to mongo.auth.source)

mongo.aux.auth.username*

Auxiliary database authentication username. Not used when legacy authentication mode is enabled.

Undefined (defaults to mongo.auth.username)

mongo.aux.auth.password*

Auxiliary database authentication password. Not used when legacy authentication mode is enabled.

Undefined (defaults to mongo.auth.password)

mongo.log.addr

Logging MongoDB database URI.

Undefined (defaults to mongo.aux.addr)

mongo.log.dbname

Logging database name.

Undefined (defaults to mongo.aux.dbname)

mongo.log.writeconcern

Logging database write concern.

W1 (defaults to mongo.aux.writeconcern)

mongo.log.readpreference

Logging database read preference.

NEAREST (defaults to mongo.aux.readpreference)

mongo.log.auth.enabled

Logging database authentication enabled/disabled.

Undefined (defaults to mongo.aux.auth.enabled)

mongo.log.auth.provider.enabled*

If true, uses legacy authentication credential computation for logging database. Legacy mode always uses logging database itself as authentication source.

Undefined (defaults to mongo.aux.auth.provider.enabled)

mongo.log.auth.source*

Authentication database (source) when connecting to logging database. Not used when legacy authentication mode is enabled.

Undefined (defaults to mongo.aux.auth.source)

mongo.log.auth.username*

Logging database authentication username. Not used when legacy authentication mode is enabled.

Undefined (defaults to mongo.aux.auth.username)

mongo.log.auth.password*

Logging database authentication password. Not used when legacy authentication mode is enabled.

Undefined (defaults to mongo.aux.auth.password)

NOTE: Trivore ID Documentation has moved to https://trivoreid.com

The content on this site IS OUT OF DATE!

This space has been archived!