You are viewing the documentation for Blueriq 15. Documentation for other versions is available in our documentation directory.
Before you upgrade make sure to read the General Upgrade instructions as well as the Upgrade instructions for previous versions.
The changes are color coded. Orange elements have been changed, Green elements have been added and Red elements have been removed compared to the 14.11 release.
Table of contents
SDK changes
DateValue
The DateValue.parseDate
method no longer accepts strings with a time component. Use DateTimeValue.parseDateTime
instead.
Removal of R8 export format
In release 15 the ability to read R8 exports have been removed and resulted into the following SDK changeset.
- Removed package com.aquima.interactions.ds.export.r8
Removed package com.aquima.interactions.ds.xml.r8
- Removed class com.aquima.interactions.test.templates.ApplicationR8ExportTemplate
- Use com.aquima.interactions.test.templates.ApplicationR12ExportTemplate instead
Package rename of R8 datasources
In release 15 the r8 package name has been removed from the datasource packages in the SDK and resulted into the following SDK changeset.
- com.aquima.interactions.communication.ds.xml.r8
- moved classes and subpackages to com.aquima.interactions.communication.ds.xml
- com.aquima.interactions.composer.ds.xml.r8
- moved classes and subpackages to com.aquima.interactions.composer.ds.xml
- com.aquima.interactions.ds.r8
- moved classes and subpackages to com.aquima.interactions.ds
- com.aquima.interactions.ds.studio.r8
- moved classes and subpackages to com.aquima.interactions.ds.studio.r12
- com.aquima.interactions.flow.ds.xml.r8
- moved classes and subpackages to com.aquima.interactions.flow.ds.xml
- com.aquima.interactions.dtree.ds.xml.r8
- moved classes and subpackages to com.aquima.interactions.dtree.ds.xml
- com.aquima.interactions.foundation.ds.r8.IXmlGlobalsR8
- moved and renamed class to com.aquima.interactions.foundation.ds.IXmlGlobals
- com.aquima.interactions.foundation.ds.r8.XmlGlobalsR8
- moved and renamed class to com.aquima.interactions.foundation.ds.XmlGlobals
- com.aquima.interactions.mapping.ds.xml.r8
- moved classes and subpackages to com.aquima.interactions.mapping.ds.xml
- com.aquima.interactions.metamodel.ds.xml.r8
- moved classes and subpackages to com.aquima.interactions.metamodel.ds.xml
- com.aquima.interactions.portal.ds.xml.r8
- moved classes and subpackages to com.aquima.interactions.portal.ds.xml
- com.aquima.interactions.process.ds.xml.r8
- moved classes and subpackages to com.aquima.interactions.process.ds.xml
- com.aquima.interactions.project.ds.xml.r8
- moved classes and subpackages to com.aquima.interactions.project.ds.xml
- com.aquima.interactions.rule.ds.xml.r8
- moved classes and subpackages to com.aquima.interactions.rule.ds.xml
Removed classes
- com.aquima.interactions.framework.documents.DefaultRendererFactory
- com.aquima.interactions.framework.documents.ibex.IBexLogger
- com.aquima.interactions.framework.documents.ibex.IBexRenderer
- com.aquima.interactions.framework.documents.ibex.IBexRendererBase
- com.aquima.interactions.framework.documents.ibex.IFODocumentHandler
- com.aquima.interactions.framework.documents.ibex.XmlFoFileLogger
- com.aquima.interactions.framework.documents.IDocumentsProperties
- com.aquima.interactions.framework.documents.XmlFoRendererBase
Modified classes
- com.aquima.interactions.framework.DefaultFactoryManager
- Removed constructor: DefaultFactoryManager(com.aquima.interactions.portal.documents.IRendererFactory)
- Removed constructor: DefaultFactoryManager(com.aquima.interactions.portal.documents.IRendererFactory, boolean)
- Added constructor: DefaultFactoryManager()
- Added constructor: DefaultFactoryManager(boolean)
- com.aquima.interactions.foundation.connectivity.IHttpConnection
- Removed method: getHeaderNames()
- com.aquima.interactions.foundation.connectivity.impl.HttpConnection
- Removed method: getHeaderNames()
- Removed method: setHeaderNames(java.util.List)
Removal of SDK ibex rendering
In release 15 we have removed the ibex renderer from the SDK, which was deprecated in release 14.11, in favor of the document renderer client component and service. If you haven't migrated to the new document rendering service in release 14.11, please follow the migration guide to able to render pdf documents again.
Removal of R8 project exports
In release 12 we introduced a new export format and to maintain backwards compatibility we added an extra set of properties to still be able to read the R8 exports. In release 15 we have removed the deprecated R8 exports altogether, when using an R8 export the Runtime will log an error stating that exports older than version 12 cannot be read anymore.
You can check if your exports are valid by opening the export's zip and verifying that it contains a file called .projectmetadata.xml. If the file is not present, the export was generated before release 12 and must be re-exported using a Blueriq Studio version 12 or higher.
Trace and Timeline SQL Store component
In release 14.6, the the Timeline SQL Store component was introduced. This allows to store timeline information separate from, or even without, trace information. To ease migration, we allowed the default trace configuration to work for both trace and timeline information. With this release, the timeline and trace components require their own configuration. Also, we changed the timeline database tables to express that they no longer belong to the trace component.
If you require trace information...
you need to configure the Trace SQL Store component. Note that this configuration probably already is in place. The trace-sql-store-without-timeline
profile, which existed to ease migration, is no longer available, as the trace component does not store timeline information anymore.
If you require timeline information...
you need to configure the Timeline SQL Store component, if you have not already done so. Note that this component now requires its own datasource and no longer relies on the datasource of the trace component.
If you have an existing database with trace and timeline tables...
you need to upgrade the database tables to the new timeline tables. Use the scripts for your database in the Blueriq release zip: Runtime\Java\Webapp\DBScripts\blueriq-component-trace-sql-store\upgrades\15.0.0
. Note that this scripts assumes the trace and timeline tables reside in the same database.
Trace event publisher
The Trace Event model version 1.0, which was deprecated in release 14.10, is removed. Only version 2.0 of the Trace Event model remains available. As a consequence, the property that allowed to still use the deprecated version, blueriq.trace.event.publisher.channel.amqp.version=1.0
is also removed.
Secure session cookie
We removed support for the BLUERIQ_SECURE_SESSION_COOKIE
environment variable, which was deprecated in Blueriq 14.6.1. You should set a property to enable this behavior, as explained in Security: Blueriq session and cookie.
More secure defaults
To improve the default security configuration of the runtime this release has changed various configuration defaults to enable best practices by default.
redirect-url-whitelist
It has been made mandatory to configure a redirect URL whitelist for use with OpenId Connect's redirect_uri
and the error-redirect
query parameter of several API endpoints. Previously, any redirect URL would be honoured when no whitelist had been configured, but this allowed open redirects to malicious URLs. The blueriq.security.redirect-url-whitelist
must now be configured with a comma-separated list of allowed redirect prefixes.
Content Security Policy
Starting with Blueriq 15.0, the default value for the Content-Security-Policy
header in Runtime HTTP-responses has been changed. The default for all flags has been set to 'self'
. This provides additional security to end users, by not allowing inlined resources or resources that are hosted on a different domain than the Runtime to be parsed by the user's browser. This may include images, fonts and third party scripts. To change these defaults, please refer to: Security: Clickjacking protection.
For users of the Material Theme: a profile named material-theme
has been added which configures the CSP directives script-src
and style-src
to be compatible with the Material Theme. This profile is enabled by default, but you may have to add the profile if a custom bootstrap.properties
is present. When changing these CSP directives, disable the material-theme
profile to ensure that your own properties defined in application.properties
are not overwritten by this profile.
For users of alternative themes: the profile named material-theme
may be disabled in bootstrap.properties
.
Runtime API authentication
The endpoints of the runtime backend APIs have changed their authentication scheme from being OAuth2 based to just Basic authentication. This has been done as you could only use OAuth tokens requested from the runtime itself using a password
grant, such that using OAuth did not achieve an additional level of security compared to using Basic authentication nor was it possible to use external authorization servers.
The primary effect of this change is that the /api/v1/oauth/token
endpoint is no longer available. Requests to this endpoint have to be removed, and the usage of the access_token
that was extracted from its response as a Bearer
token in the Authentication
header of subsequent requests has to be replaced with a Basic
authentication token with the username/password that used to be used when requesting a token.
Another difference you may encounter is that unauthorized requests will now respond with a 401 Unauthorized HTTP status code instead of 403 Forbidden.
AQ_SoapServiceClient security configuration
The security configuration for AQ_SoapServiceClient has changed. The blueriq.soap.security.* and blueriq.connection.[name].soap.security.implementations properties have been dropped in favor of the blueriq.soap.interceptors.security.* and blueriq.connection.[name].soap.interceptors properties. With these changes, the security can be configured for both the BAAS and the AQ_SoapServiceClient in a similar way. For more information on how to configure AQ_SoapServiceClient security with the new properties, please refer to WS-Security.
One aspect of these changes mean that a timestamp is no longer automatically added when a signature interceptor is configured that signs the {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp
element. Previously, Blueriq would automatically detect that the timestamp element was being signed, implicitly activating the creation of the Timestamp
element. With the new configuration, it is now required to explicitly enable the timestamp
action in the configuration yourself.
Please note that with these changes, we dropped support for the UsernameToken WS-Security profile in AQ_SoapServiceClient.
Support for the UsernameToken profile has been reintroduced for AQ_SoapServiceClient in Blueriq 15.11.
Renamed properties
In Blueriq 15.0, some properties have been renamed:
- blueriq.user.headers has been renamed to blueriq.session.headers
- blueriq.connection.headers has been renamed to blueriq.connection.sessionHeaders
- blueriq.connection.[name].http.headerNames to blueriq.connection.[name].http.sessionHeaders
- blueriq.connection.[name].soap.headers has been renamed to blueriq.connection.[name].soap.sessionHeaders
Removed properties
in Blueriq 15.0, some properties have been removed:
- blueriq.exports-r8 properties have been removed.
blueriq.legacy.single-field-instance-list-pagination
- blueriq.migrate.displaynames.endpoint
- blueriq.scheduler-quartz.enableTaskMigration
Known issues
For an overview of known issue please refer to: Known issues.