...
Highlight of Features
Top New Features
Description |
|
---|
SAML Authentication | Image Modified |
User Account Registration Tool | Image Modified |
ACT Ontology v4 | Image Modified |
Improved patient counting scripts ("totalnum") | Image Modified |
Synthea SyntheticMass dataset in i2b2 format | Image Modified |
Simplified database upgrade method | Image Modified |
log4J upgrade (to address security concerns) | Image Modified |
Code changes to address security vulnerabilities | Image Modified |
Bugfixes | Image Modified |
Contribution | Contributor |
|
SAML Authentication | Kevin Bui Michelle Morris University of Pittsburgh
Justin Prosser University of Washington
Mike Mendis Jeff Klann Reeta Metta Mass General Brigham | i2b2 now includes support for SAML-based enterprise authentication via an institutional Identity Provider. See more information below. |
Ability to specify user parameter defaults | Michael Horvath Wake Forest University | This change is meant to allowing user params to take precedence over hive params. Currently, it's the other way around.
Particularly, if you have the situation where you have a large number of users who use an authentication method other than the default basic, but your service account (AGG_SERVICE_ACCOUNT) is using basic then you need to specify a user param for each of your users.
With this change, you can set default authentication params in pm_hive_params for all users, and then set your service account specifically to be authentication_method = 'BASIC'. May seem like a small change, but it would be very welcome not to need to assign params for each new user at our institution.
In the process of making this change, I re-organized basic authentication into its own package and removed some code duplication. |
LDAP UPN Support | Michael Horvath Wake Forest University | Active Directory enables other methods of binding which are more flexible besides just using the distinguished name. https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/6a5891b8-928e-4b75-a4a5-0e3b77eaca52. This change is to enable binding the the User Principle Name form, which is very convenient when the distinguished names for users is not easily available (OU by department, etc.). |
API to get all children of an ontology node | Kevin Bui Michelle Morris University of Pittsburgh
| The metadata GetChildren API call, which returns information on the children of an ontology node, can now be configured to return multiple levels of children (e.g., children, children's children, etc.). This is done by specifying the numLevel parameters. By default, the function assumes numLevel = 1 and will return the direct descendants of the concept, which is one level of children. When the numLevel = -1 the function will return ALL descendants of the concept, otherwise the function will return up to and including the number of levels specified by numLevel (eg. numlevel=2 returns two levels of descendants, numLevel=4 returns four levels of descendants). |
Totalnum Counter Performance Improvements | Darren Henderson University of Kentucky | Performance enhancements on SQL Server totalnum counting to not unnecessarily recompute temp tables. |
ACT v4 Postgres bugfixes | Ambreen Zaver University of Colorado | Bugfixes in time interval calculation (for age and age-at-visit) in ACT v4 ontology for Postgres. |
Detailed Documentation on New Features
...
There are two paths: SAML and local
registrationMethod | Y | String | NEW 1.7.13! Defines an information source for the new user registration tool. (If showRegistration is true, this parameter must be present.) - "SAML" = The tool will register users based on SAML EPPNs.
- Any other value = The tool will register users with information entered in the registration form that pops up. If the value is non-empty, new users will be created with a corresponding entry in PM_user_params.
|
SAML Authentication
i2b2 now includes support for SAML-based enterprise authentication via an institutional Identity Provider. To configure this, you need to do the following:
...
The JDBC drivers were updated to the following versions.
Driver | ojdbc8.jar | postgresql-42.2.5.jar | mssql-jdbc-7.0.0.jre8.jar |
---|
New Version | Oracle 21.5 | PostgreSQL 42.3.2 | MS Sql Server 9.2 |
---|
Supported Db Server versions
...
Supported software versions
Application Type | Java | Wildfly | Apache HTD | Apache Ant | Apache Axis2 | PHP |
---|
Supported Version/s | 8 or 11 | 17.0.0 | 2.4.17 or higher | 1.9.6 | 1.7.1 | 7.2.27 or higher |
---|
Supported Operating Systems
...
New Features and Improvements
Webclient | Core-server |
---|
- WEBCLIENT-334 Provide tabs for major plugins and temporal query (
|
READY TO TEST- CLOSED)
- WEBCLIENT-344 Cleanup Analysis Tools list of Plugins to only Supported Items (
|
READY TO TEST- CLOSED)
- WEBCLIENT-325 Wayne's improvements to hierarchical find-by-name (READY TO TEST)
- WEBCLIENT-353 SAML and user registration tool (client side) (
|
READY TO TESTRESOLVED- CLOSED)
- CORE-382 Username / password errors should not specify which had the problem (
|
RESOLVED- CLOSED)
- CORE-402 Fix Veracode identified Security flaws in i2b2 Server-Side Code (
|
RESOLVED- CLOSED)
- CORE-404 Adding support for JDK 11. Now including the gensrc due to jaxb has been removed. (
|
RESOLVEDRESOLVEDREADY TO TEST- CLOSED)
- CORE-415 Log4j upgraded to v2 (RESOLVED)
- CORE-416 User parameter precedence change (contributed by Michael Horvath) (
|
RESOLVED- CLOSED)
- CORE-417 LDAP UPN support (contributed by Michael Horvath) (
|
RESOLVEDBug Fixes
Webclient | Core-server |
---|
- WEBCLIENT-351 Obfuscated User Not Showing Graph (RESOLVED)
- WEBCLIENT-342 switch response status check from "OK" to 200 to handle lab value pop up in http/2 protocols (READY TO TEST)
- WEBCLIENT-335 temporal query in webclient with no anchoring events not running (RESOLVED)
- WEBCLIENT-350 Unable to drag items in workplace (READY TO TEST)
- WEBCLIENT-325 Wayne's improvements to hierarchical find-by-name (READY TO TEST)
- WEBCLIENT-319 FindTerms- exceeding more than 200(default) return count - displaying server error (READY TO TEST)
- WEBCLIENT-294 Webclient Reports "QUERY CANCELLED" While Query Is Still Running (CLOSED)
- WEBCLIENT-354 Removed broken context menu in Find Previous Queries (READY TO TEST)
| - CORE-418 Local timestamps in sessions on Oracle - appserver /db server in diff time zones (READY TO TEST)
- CORE-282 Error returned when obfuscated user is locked out (READY TO TEST)
- CORE-281 Query continues to run after user receives lockout message (READY TO TEST)
- CORE-412 Disable login to agg service account (RESOLVED)
- CORE-405 Upgrade JDBC Drivers (RESOLVED)
- CORE-399 use alias for index hint (RESOLVED)
|
i2b2 Database Changes
New Features and Improvements
Database updates |
---|
- DATA-7 QT_PATIENT_SET_ENC_COLLECTION should be a bigint (DONE)
- DATA-14 Synthea i2b2 data (READY TO TEST)
- DATA-6 improve i2b2 db upgrade process (READY TO TEST)
- DATA-12 Stored procedure to update concept dimension (DONE)
- DATA-11 Age in years updater during demodata install (RESOLVED)
- DATA-9 ACT v4 ontology (RESOLVED)
- DATA-13 Postgres time interval corrections in ACT v4 demographics ontology (RESOLVED)
- CORE-389 Totalnum performance improvements (RESOLVED)
- CORE-394 Obfuscated totalnum reporting tables (RESOLVED)
- CORE-398 Multifact support for totalnums (READY TO TEST)
- CORE-400 Show totalnums in top level folders (RESOLVED)
|
Notes for Developers
For Java 11 install, if you change the xsd (REST API message definitions), then you will need to regenerate gensrc via JAXB in Java 8. In the i2b2-core cell directory for which you're regenerating the XSD-Java, run the ant target "jaxb_gen" on Java 8 and then build as usual using Java 11.
...