H2 database update

The update of the H2 dependency from version 2.1.214 to 2.2.224, does not automatically update the database version. This causes the Runtime to stop working after installing the Blueriq Runtime using the installer.

Note: The following will remove all database contents from your development installation.

To fix this issue, we need to stop the Runtime service and remove all files with extenion .db from the C:\Program Files\Blueriq16\conf folder. After the files have been removed, please restart the Runtime service. The database will be created again with the right structure.

Blueriq SDK

Several interfaces of the Blueriq SDK have been adjusted in support of the debugger functionality. The following APIs are affected:

interface IFlowEngine {
  IFlowState startFlow();
  IFlowState revertToFlow();
  IFlowState continueFlow();
}

interface IMapping {
  void update();
}

Each of these methods has gained an additional IDebugger parameter, which can be obtained from an IPortalContext (and therefore its subclasses IServiceContext  and IActionContext) using IPortalContext#getDebugger(). It is also allowed to pass null if no portal context is available, in which case debugging facilities are not available for that operation.

External Flow data contracts

With external flow data contracts we aim to always be backwards compatible with the previous major release. To do so we have made some changes to the  IExternalFlowStore interface. The old implementation of  IExternalFlowStore used JDK Serialization to serialize and deserialize data, which made it hard to guarantee backwards compatibility.

Modified classes

1. Interface com.blueriq.component.api.store.externalflow.IExternalFlowStore

   1. method <T extends Serializable> T get(String key, Class<T> valueType) was changed into ObjectModelRetrieval get(String key)
   2. method void set(String key, Serializable value) was changed into void set(String key, ObjectModelStorage value)

Custom Authentication Provider

Customers that have implemented a custom bean AuthenticationProvider with a different implementation of the Authentication object other than UsernamePasswordAuthenticationToken, should implement the newly introduced  com.blueriq.component.api.externalflow.data.mapping.AuthenticationMapper. Previously the Authentication object that was sent to the IExternalFlowStore was serialized by JDK Serialization, but with the move away from JDK Serialization to explicit contracts, customers need to implement their own mapping to transfer the Authentication object. More information on how to implement it can be found here: External Flow Custom Authentication Mapper 

Blueriq Gateway Service

Release 0.4.0 of the Blueriq Gateway Service brings the support of Single Sign On. With the support of Single Sign On we have removed a lot of configuration and changed the working of the Gateway.

Removed properties

• blueriq.gateway.oauth2.registration-extensions.keycloak.end-session-endpoint
• blueriq.gateway.post-logout-uri-context-path
• spring.security.oauth2.client.provider.<providername>.token-uri
• spring.security.oauth2.client.provider.<providername>.authorization-uri
• spring.security.oauth2.client.provider.<providername>.jwk-set-uri

Added properties

blueriq.gateway.post-logout-redirect-base-uri

We have migrated post-logout-uri-context-path to be more flexible and give the user more control. The default value of this property is set to {baseScheme}://{baseHost}{basePort}{basePath}. If you have the post-logout-uri-context-path you can set the post-logout-redirect-base-uri like this:

blueriq.gateway.post-logout-redirect-base-uri={baseScheme}://{baseHost}{basePort}{basePath}/context-path

spring.security.oauth2.client.provider.<providername>.issuer-uri

This property should be filled with the external URL of the Keycloak service that is accessible by users.

Route configuration

It is no longer required to provide the Keycloak route and therefor we have removed the BackendForFrontend route filter. 

Keycloak

It is no longer required for Keycloak to be configure behind the reverse proxy of the Blueriq DCM Dashboard Frontend and routed in the Gateway. This is done to make Single Sign On possible, as it relies on session cookies that are created for the domain where Keycloak is running on. This does mean that Keycloak should be made publicly accessible for the user.

Blueriq DCM Dashboard Frontend

 With the release 0.4.0 of the Blueriq Gateway Service you no longer need to configure the following locations:

location /realms/ {
    proxy_pass http://revProxyGateway/realms/;
}  

location /resources/ {
    proxy_pass http://revProxyGateway/resources/;
}  

Multi-tenant filesystem connection properties

For the configuration of the runtime in a multi-tenant setup the filesystem connection properties have been changed:

from: blueriq.connection.<connectionName>.tenants.<tenant>.filesystem.path=<path>
to:     blueriq.connection.<connectionName>.filesystem.tenants.<tenant>.path=<path>

Known issues

For an overview of known issue please refer to: Known issues.