github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Updated Upgrading to 1.2 (markdown)

master
Justin Richer 2017-04-15 13:53:45 -04:00
parent 78134d5209
commit 6db2e12fb1
2 changed files with 29 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
Upgrading-to-1.2.md

@ -1,33 +0,0 @@
The **1.2** version of MITREid Connect contains several changes from previous version series that will require a manual upgrade process.
## Spring Versions
The Spring and Spring security version dependencies have changed. This necessitates changes to the schema references for any overlayed configuration files. See the default configuration files in the main project for examples of the proper references.
## Project Layout
The project now contains six submodules instead of four. To access the new (experimental) UMA functionality, use the `uma-server` and `uma-server-webapp` modules instead of their `openid-connect-server` and `openid-connect-server-webapp` counterparts.
## Data Model
The underlying data model has changed between 1.0/1.1 and 1.2, and updates to the database are required. As such, existing data must be exported and re-imported during an upgrade if it is desired to be retained.
### Data Import/Export
As of version **1.0.20** and **1.1.16**, the data export API supports exporting into a format that is readable by 1.2.
To access this API, log in as an administrator and send a `GET` request to `/api/data` to return the JSON object representing the server's current state. **NOTE WELL:** this export includes information including tokens, authentication objects, client secrets, and other sensitive security information. Therefore, the data export must be protected.
To re-import this data, log in as an administrator on a newly-installed server and send a `POST` request to `/api/data` with a content type of `application/json` and the fully-formed JSON document exported from the API. This import MUST be done on an empty database with full schema or else you risk newly imported objects conflicting with existing objects.
The recommended process is as follows:
1. Log into the 1.0/1.1 server as an administrator
1. Export the server state by performing a `GET` request on `/api/data`, save as a JSON file
1. Shut down the 1.0/1.1 server
1. Connect to the MySQL or HSQL database as a user with appropriate rights
1. Clear the database, remove all tables related to OIDC
1. Initialize the database with the empty schema
1. Deploy the version 1.2 server
1. Log into the 1.2 server as an administrator
1. Import the server state from the saved JSON file by performing a `POST` request with the data

29
Upgrading.md Normal file

@ -0,0 +1,29 @@
MITREid Connect strives to keep data schemas and most major dependencies steady within a release stream. Upgrades within a stream can usually be accomplished by simply replacing the component with its new version.
## Spring Versions
The Spring and Spring security version dependencies often change between version streams. This necessitates changes to the schema references for any configuration files. See the default configuration files in the main project for examples of the proper references.
## Data Model
The underlying data model changes between version streams, and updates to the database are required. As such, existing data must be exported and re-imported during an upgrade if it is desired to be retained. There are no supported means for modifying the database directly.
### Data Import/Export
MITREid Connect's data API can be used to support backup/restore and upgrades. Each version stream of MITREid Connect can import data exports from previous versions, but not from future versions. For example, a `1.3` server can import data from `1.2` or `1.1`, but `1.2` can't import from `1.3`.
To access this API, log in as an administrator and send a `GET` request to `/api/data` to return the JSON object representing the server's current state. **NOTE WELL:** this export includes information including tokens, authentication objects, client secrets, and other sensitive security information. Therefore, the data export must be protected.
To re-import this data, log in as an administrator on a newly-installed server and send a `POST` request to `/api/data` with a content type of `application/json` and the fully-formed JSON document exported from the API. This import MUST be done on an empty database with full schema or else you risk newly imported objects conflicting with existing objects.
The recommended process is as follows:
1. Log into the old server as an administrator
1. Export the server state by performing a `GET` request on `/api/data`, save as a JSON file
1. Shut down the old server
1. Connect to the MySQL or HSQL database as a user with appropriate rights
1. Clear the database, remove all tables related to OIDC
1. Initialize the database with the empty schema
1. Deploy the version new server
1. Log into the new server as an administrator
1. Import the server state from the saved JSON file by performing a `POST` request to `/api/data` with the data exported