Lowercasing metamodel data

Working together with our customers, we found that some parts that we store in the process database which are queried and indexed using a LOWER()  function, do not perform well over time with (very) large data volumes. Since this particular data is only used in queries and not displayed to the user or advertised to other systems, we found that we can improve by storing this data lowercased, which eliminates the need to index and query using a LOWER() function, which results in better performance.

From release 16 we will lowercase all this data. This will require a data migration using database scripts to convert existing data to lowercase and to update indexes accordingly.

Data

The following process data is lowercased. Note that all this information is for querying only and is not displayed to the user (as opposed to for instance the attribute or entity value)

• instanceattributes.attributename
• instances.entityName
• case.status (always lowercase: com.aquima.interactions.process.dao.CaseStatusType)
• events.status (always lowercase com.aquima.interactions.process.dao.CaseEventStatusType)
• events.type (always lowercase com.aquima.interactions.process.dao.CaseEventType)
• task.status (always lowercase com.aquima.interactions.process.TaskStatusType)
• tasks.type (always lowercase com.aquima.interactions.process.dao.TaskType)

Feature toggle

We introduced a feature toggle in release 15 which allowed to already switch to the behavior which is now the default. If this feature toggle was already turned on and the required migration was already performed, no action is needed now.

If you are unsure, know that the migration scripts can be executed regardless of the feature toggle migration already happened or not. So when in doubt, execute the migration scripts.

Migration

Execute the scripts corresponding to your database inside the dbscripts/upgrades/16.0 folder of the blueriq-component-process-sql-store.

Secure Cookie & HSTS header

With the release of Blueriq 15.13 we changed the default behavior of the Secure cookie flag and HTTP Strict Transport Security header.

In previous releases, both properties where disabled by default. To make Blueriq more secure, these two properties are now enabled by default. 

If you access the runtime with HTTP instead of HTTPS, you can disable the properties individually by setting the following values:

blueriq.session.cookie.secure=false

blueriq.security.strict-transport-security.enabled=false

For more information, you can refer to Security: Blueriq session and cookie and Security: HTTP Strict Transport Security

V1 API removal

The UI REST API V1 endpoints have been removed. The Blueriq 11 documentation contains an overview of changes to migrate to the V2 endpoints.

Studio connection

The authentication methods for connecting with the studio management service have changed. NTLM and Kerberos are removed. This means that currently only BASIC is supported.

When you have a connection from the runtime to studio configured with:

blueriq.studio.authentication= KERBEROS | KERBEROS_CUSTOM | NTLM | NTLM_CUSTOM.

Then you need to change this to BASIC. See blueriq.studio.* properties on: Development Properties

Sorting with ValueList attributes on AQ_Worklist and AQ_CaseList fails on Oracle

Using an Attribute of type String with a ValueList on a Worklist or Tasklist leads to an error when a user tries to sort the list on this column. This only applies when Oracle is used as database.

This means that sorting a Work/Tasklist where the sortorder is defined in a ValueList will not work. There is no workaround. Only alternative is to remove the ValueList from the Work/Tasklist column.

Does not apply when sorting a column Ascending or descending, this work as before.

Spring Boot 3 related upgrades

All of our Java components have been updated to use Spring Boot 3 and Spring Cloud 2022.0. Spring Boot 3 introduces support for Jakarta EE 10, which may impact custom Runtime plugins.

Jakarta EE 10

Classes that are provided by the Jakarta EE library, such as the Servlet, JPA and JTA APIs now use jakarta as their package namespace instead of javax. Custom code should be updated to reflect this. 

JBoss deployment

JBoss by itself includes jakarta modules, these modules are excluded by default just like the previous javax modules where. Custom deployment-structure.xml should be updated to reflect this. 

Trailing slashes in URLs

With Spring WebMVC 6.0, which is required for Spring Boot 3, trailing slashes in a URL are no longer allowed. When a path ends in a trailing slash, a 404 status code is returned.

Redis properties name change

The Redis properties for the Key-Value Redis Store Component and the Blueriq Gateway Service have been renamed:

Please update them in your setup if you use the Key-Value Redis Store Component or the Blueriq Gateway Service.

Kerberos authentication

Kerberos authentication has been removed. As an alternative, you can use OpenID Connect with Keycloak and set Keycloak up to federate authentication to a Kerberos server.

Atomikos Transaction Manager

The Atomikos Transaction Manager has been removed, because it is no longer supported in Spring Boot. This library was only required when using the Advanced Scheduler.

Conversation API

The Conversation API V2 will now return HTTP status code 415 (Unsupported Media Type) when the request's content type was set to application/xml. Only JSON is supported and this is now reflected in the response when trying to use XML.

Hibernate 6.2

The Hibernate database library has been updater to version 6.2. In this version, is is no longer needed to add a version number to your Hibernate dialect. If you do, log entries will be printed to state that adding the version number is deprecated.

Audit Component Logback (new DCM architecture)

With Spring Boot 3 a new Logback version is introduced. This version does not support substituting Spring properties directly. Therefore Spring properties need to be offloaded into a system variable.

A different inclusion should be set in the logback.xml of the case-engine and runtime component. An example can be found here.

Further information

If you have custom code, please refer to the upgrade guides from Spring to see if you need to change the custom code:

• Spring Boot: https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.0-Migration-Guide
• Spring Framework: https://github.com/spring-projects/spring-framework/wiki/Upgrading-to-Spring-Framework-6.x
• Spring Cloud: https://github.com/spring-cloud/spring-cloud-release/wiki/Spring-Cloud-2022.0-Release-Notes

Removed properties

in Blueriq 16.0, some properties have been removed:

• blueriq.legacy.use-legacy-case-unlocking

• blueriq.legacy.readonly-inherit-from-parent

Studio Server security modes

With Blueriq 16.0 we have removed several security modes from the Studio Server as Blueriq Encore is unable to support them in their current state. The supported security modes will be OIDC and OIDC Custom.

Removed security modes

• NTLM
• Kerberos
• Custom

Management Service 

As only the OIDC security mode is supported all requests to the management service should use Basic authentication.

Migration

To migration away from the NTLM, Kerberos, or Custom security modes please follow this guide.

R8 export format removal

With Blueriq 16.0, we removed support for the R8 export format. If you still have any R8 exports, you should import the source project in a Blueriq Studio 12 or newer and create an export again.

If you still have any exports-r8 related properties, these will no longer be considered. They can be removed form your configuration files.

Known issues

For an overview of known issue please refer to: Known issues.