Tolven Release Notes

These release notes accompany the Tolven Installation Guides. This document is the primary reference when installing a new version of Tolven. In addition to describing the changes in any given release, these release notes also covers tasks associated with a Tolven Upgrade Installation.

See Alpha release notes for older release notes.

Configuration Directory

A Tolven Configuration directory is created during installation if it doesn't already exist. If the configuration directory does exists, the installation does not touch it. The configuration directory is not "under" the installation directory. This allows you to install new versions of Tolven without having to recreate the configuration information.

Database and LDAP Server

Installing a new release of Tolven should not require any change to the Database server or the LDAP server configurations. In fact, you should be able to leave these servers running during a Tolven upgrade installation.

tolven.properties

The tolven.properties file contains settings used by Tolven at runtime.

To make changes to tolven.properties (requires a jboss restart)

1. Edit tolven/resources/tolven.properties
2. Shutdown JBoss
3. In the Ant view double-click the tolven/deploy-from-stage target (or deploy-jboss-from-stage)
4. Restart JBoss

To make a change to tolven.properties and deploy it without affecting system operations

1. Edit tolven-jboss-4.0.4.GA/server/tolven/conf/props/tolven.properties (the one in tolven/resources is ignored unless you deploy-from-stage again*.
2. Login to the JBoss jmx-console eg: http://localhost:8080/jmx-console (default username/password is admin/admin if asked)
3. Navigate to name=TolvenSystemProperties,type=Service (which is under the jboss group)
4. scroll down to the method: void load( )
5. enter conf/props/tolven.properties into the param field
6. Invoke the load( ) operation

The edited properties are then immediately available to the application.

*Warning: Changing the tolven.properties files in the jboss directory does not change the tolven.properties file in the top-level tolven/resources directory. Ideally, you should maintain the top-level tolven.properties and then copy it to the jboss deployment directory using deploy-from-stage..

† Security Issues

Security and privacy have been designed in "from day one" and we continue to evaluate and improve Tolven security features.

We want to reimind the reader that Tolven and Tolven installations use many layers of protection. One particular security issue is usually not a direct route into the system but rather a vulnerability at "some level." We usually try to make this clear by using terms like "If an attacker were able to get to X point, then...."

We also ask you to understand if we briefly delay release of certain security issues to public forums until a fix is available and trusted sites have had a chance to install them.

Release Notes by Build

The following is in reverse chronological order, the most recent first. These are high-level notes here. For (a lot) more detail, consider adding yourself to the Tolven CVS mailing list. Being on this particular list will cause you to get an email for each checkin (I recommend setting up your mail client to move these to a separate folder upon arrival. Then you can puruse them at your leisure). You can of course unsubscribe if it turns out not to be for you. Also consider adding yourself to the list for email notification when the Tolven forums and trackers are updated.

B20070806-0245

Loading Diagnoses

The diagnosis TRIM represents a

Dynamic Authentication in JBoss

When the Tolven application server runs, it will prompt for the password used to protect the keystore used by application server components. This new feature means that un-encrypted passwords are no longer stored in files.

Configuration Tool

Configuration is now separate from installation.

1. Installation kit is a pure binary kit, source code is no longer compiled during the installation process.
2. The kit contains pre-generated certificates for the "out-of-the-box" configuration. Therefore, during testing, there should be less trouble synchronizing ssl certificates.
3. The configuration directory is separate from the installation directory. Successive installations do not overlay the configuration unless you manually delete the configuration directory.

• Create kit as per usual, and execute it...there's hardly anything to do except make sure that the Configuration Directory is not already there (for a first install test)
• Start the ConfigurationManager from the Start Menu or by the script in tolven installation's bin directory
• Enter:
  • User: admin
  • Password: sysadmin
  • The file locations before you hit enter should be correct
• Credentials should all be uptodate....and a simple first time user (which I know isn't you, and means you'll be calling  me crying out for help from the swamp :-) ), will click the deploy credentials tab, check the directories destinations and deploy
• At this point I start (restart) LDAP and funny I have not restarted PG and it seems to work (I should check that since I don't believe in luck :-) )
• Go through the tabs...I don't think clicking on any can harm you...I don't think any bugs are there in simple usage
• The JBoss panels only have two interesting tabs...I think we could remove the connections tab for now since both LDAP and DB can be tested by doing a refresh on their tabs....it's a side effect, but then they'll know. I do intend to add better functionality to the connections tab, but there's been so much work, and so little time with day work in the way.
• Clicking on the various buttons actually causes no harm when I've done it. Playing with individual password changes in the menu option ShowPasswords might, if bugs remain. But those passwords should all be filled in for the shrinkwrap....it would be nice if Neil's "eager" testers messed with the GUI and complained...I could probably polish it up quite quickly
• Finally....I know how you love to experiment...I would avoid password changes or clearings (verify is fine), until the first smoke tests are done. After that, have at it.

B20070801-0245

Manual schema upgrade

If you get the following error after an upgrade,

javax.ejb.EJBException: javax.persistence.PersistenceException: org.hibernate.PropertyAccessException:   
could not set a field value by reflection setter of   org.tolven.core.entity.AccountType.version

you will need to populate the new version number column in the database table:

core.account_type

This table should only have 2-3 rows in it. Using PgAdminIII, navigate to that table in the display, right mouse > View Data and then enter a 1 into the version column of each row.

If you prefer in SQL:

UPDATE core.account_type SET version=1;