Release Date: February 27, 2019
Release Summary
Release 1.7.11 contains several new enhancements to the i2b2 kernel, many of which improve the usability of the i2b2 WebClient. We have included a new Identified Data Plan for PHI data and have a license model.
The 1.7.11 Release Notes apply to you if you are upgrading your existing i2b2 system from an earlier version of the i2b2 software.
Type of Install | Where you need to go next |
---|---|
Upgrading an existing i2b2 (currently installed at your site) | Please go to the Upgrade Notes section for the details about upgrading your i2b2 software. |
Upgrading your i2b2 in a SHRINE network | Please read the information in the SHRINE Networks section before proceeding. |
Installing a new instance of i2b2. (Never installed it before) | We recommend you refer to the i2b2 Installation Guide found on the i2b2 Community Wiki |
Information about upgrading i2b2 to version 1.7.11 can be found in this section of the release notes.
In release 1.7.11 the following i2b2 components contain changes and therefore need to be updated when upgrading your i2b2 environment.
The JDBC drivers were updated to the following versions.
Driver | New Version |
---|---|
ojdbc8.jar | Oracle 12.2.0.1 |
postgresql-42.2.5.jar | PostgreSQL 42.2.5 |
mssql-jdbc-7.0.0.jre8.jar | MS Sql Server 7.0.0 |
The i2b2 now provides two options for upgrading your i2b2 server.
Both are acceptable paths to upgrade your i2b2 server and depending on which you choose will determine where you need to go to obtain the appropriate files. The location of the upgrade files for each component is outlined below.
Description | Where to find it | Requirements |
---|---|---|
Upgrade i2b2 database to 1.7.11 | Software page (i2b2 Website) | Download i2b2createdb-1711.zip file under Source Code |
Upgrade i2b2 Web Client to 1.7.11 | Software page (i2b2 Website) | Download i2b2webclient-1711.zip file under Source Code |
Upgrade i2b2 Server to 1.7.11 (Source Code) | Software page (i2b2 Website) | Download i2b2core-src-1711.zip file under Source Code |
Upgrade i2b2 Server to 1.7.11 (JAR files) | Upgrade to latest version page (Community Wiki) | See Technical Details section on the i2b2 Upgrades page and upgrade documentation on Upgrade to latest version page. |
Release 1.7.11 involves a few changes to the i2b2 Database. Some are simple an addition to the sample data that is included in the demo data that is delivered with the software while others are changes to the database structure to support new features that are included in 1.7.11
QT_PRIVILEGE
TABLE_ACCESS
Did you know?
The top-level categories/folders in your ontology can now be optionally protected by one or more i2b2 roles (e.g. DATA_LDS, DATA_PROT, etc.) This feature allows the administrator to define one or more roles for an individual root folder in the ontology, and users without one of these roles will not be able to see the ontology item or use any of the terms in this folder.
To use this new feature and protect a root level folder, follow these steps:
Example:
If you wanted to create a root level folder in your ontology called "PHI Demonstration" and only wanted users with the DATA_PROT role to be able to see it, you would make the following changes to your TABLE_ACCESS table:
C_TABLE_CD | C_TABLE_NAME | C_PROTECTED_ACCESS | C_HLEVEL | C_FULLNAME | C_NAME | ... | C_ONTOLOGY_PROTECTION |
---|---|---|---|---|---|---|---|
i2b2_DEMO | i2b2 | N | 1 | \i2b2\Demographics | Demographics | ... | null |
i2b2_DIAG | i2b2 | N | 1 | \i2b2\Diagnoses\ | Diagnoses | ... | null |
i2b2_LABS | i2b2 | N | 1 | \i2b2\Labtests\ | Laboratory Tests | ... | null |
... | ... | ... | ... | ... | ... | ... | ... |
i2b2_PHI | i2b2phi | Y | 1 | \i2b2\PHI\ | PHI Demonstration | ... | DATA_PROT |
Now you can drag a workplace folder to the query tool, the folder can contain sub folders. All the concepts, previous queries, and individual patients will be displayed in the panel.
Below is the workplace with combination of available items
After the drag and drop to the query panel the list of all the items are displayed
Once a patient set is created, that patient can be dragged and dropped to the Query Tool Panel
Below is a patient set with 2 patients
After drag and drop of the individual patient to the query tool panel
The Previous Queries panel in the web client has been upgraded to accommodate three new options.
The i2b2 software now officially supports WildFly 14. The primary advantages are the faster install/upgrade of i2b2 as a pre-packaged collection (WAR) and managed data source connections/pooling.
Create server and client certificates (Wildfly 10 & 14)
The keytool utility stores the keys and certificates in a file termed as keystore, a repository of certificates used for identifying a client or a server. Typically, a keystore contains one client or one server's identity, which are protected by using a password.
You can create a certificate for your server using the following command:
1 | $ keytool -genkey -keyalg RSA -keystore server.keystore -storepass secret -keypass secret -validity 365 -dname "cn=Partners Healtbcare,o=Partners,c=US" |
Now let's copy this keystore into the configuration folder of the application server:
1 | $ cp server.keystore $JBOSS_HOME/standalone/configuration |
Now export the server certificate in a file called server.crt:
1
| $ keytool -exportcert -keystore server.keystore -storepass secret -keypass secret -file server.crt Certificate stored in file <server.crt> |
Now import the cert into the CA for the Java JRE:
1 | $ keytool -import -alias i2b2server -keystore /usr/java/latest/jre/lib/security/cacerts -file server.crt
The password might be changeit |
In /opt/{wildfly} in bin run add-user.sh to create user and select (a) management user
In Wildfly 10 run jboss-cli.sh
Connect to the server
1 | connect |
Start by creating a Security Realm which will contain the keystore and trustore references
1 | /core-service=management/security-realm=SSLRealm:add |
Next, for one-way SSL, set the path to the keystore, along with the keystore path and password:
1 | /core-service=management/security-realm=SSLRealm/server-identity=ssl:adJavathe2d(keystore-path="server.keystore", keystore-relative-to="jboss.server.config.dir", keystore-password="secret") |
Finally, set the value of Undertow's https listener to your Security Realm:
1 | /subsystem=undertow/server=default-server/https-listener=default-https:write-attribute(name=security-realm,value=SSLRealm) |
If the above fails edit the standalone.xml and add right after http-listener
<https-listener name="default-https" security-realm="SSLRealm" socket-binding="https"/>
In Wildfly 14 run jboss.cli.sh
Connect to the server
1 | connect |
Finally, set the value of Undertow's https listener to your Security Realm:
1 | /subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=security-realm,value=ApplicationRealm) |
Add the following to the axis2.xml file right after the <transportReceiver name="http"
<transportReceiver name="https"
class="org.apache.axis2.transport.http.AxisServletListener"/>
Change the crc.properties, ontology.properties and workplace.properties files to point to the https://localhost:8443
Change all the pm_cell_data within the PM Database to https://localhost:8443
After all the cells have been updated it should look like below.
Webclient, if using self-signed cert add the following to the index.php
curl_setopt($proxyRequest, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($proxyRequest, CURLOPT_SSL_VERIFYPEER, 0);
Also into the index.php add the new url to the whitelist such as:
$WHITELIST = array(
"http" . (($_SERVER['SERVER_PORT'] == '443') ? 's' : '' ) . "://" . $_SERVER['HTTP_HOST'],
);
The i2b2 software is now made available under the terms of the Mozilla Public License (MPL) version 2.0. i2b2 is also distributed under the terms of the Healthcare Disclaimer addendum.