Upgrading 10.0 to 10.1

Database schemas for the infrastructure features must be checked with each new Cadenza version and updated if necessary. The Database Migration Tool is available for this purpose.
It is strongly recommended to make a backup before using this tool, as the structures of the schemas may change!

Remediation of a Security Vulnerabilitiy in the Use of Environment Variables and System Properties

This upgrade note is only relevant if none of the security upgrades 9.3.284, 9.4.225, or 10.0.185 has been performed to date.

Cadenza had a potential security vulnerability in the Management Center, which will be fixed with this upgrade. Affected are

Cadenza data sources that do not use a data source template and instead use system properties or environment variables when manually entering connection parameters.
Static data restrictions for objecttypes that use system properties or environment variables when defining the condition.

Affected content must be migrated.

Before migrating the affected content, Cadenza must be upgraded, including the usual schema migration of the databases. The affected data sources and static data restrictions can then be determined and migrated.

Migration of Affected Cadenza Data Sources

For the definition of data sources in the Management Center, environment variables and system properties are no longer supported when manually entering the connection parameters. Cadenza variables can also no longer be used. If environment $SYSTEM/$VAR properties are required, the connection parameters must now be defined using a template in the repositorydatasourcetemplates-config.xml configuration file. The configuration file has been extended accordingly so that $SYSTEM/$VAR properties can also be used for the authentication data.

The following steps are necessary to identify and migrate data sources affected by this change:

Step 1: Checking whether data sources are affected by the change

Each repository database configured in your repositoryList.xml file must be checked. The following script can be used:

select ds.repository_name, ds.name, ds.print_name, ds.template_id, ds.url,
       ds.driver_name, ds.user_name, ds.identified_by
  from data_source ds
  where ds.url           like '%$VAR{%'  or ds.url           like '%$SYSTEM{%'
     or ds.driver_name   like '%$VAR{%'  or ds.driver_name   like '%$SYSTEM{%'
     or ds.user_name     like '%$VAR{%'  or ds.user_name     like '%$SYSTEM{%'
     or ds.identified_by like '%$VAR{%'  or ds.identified_by like '%$SYSTEM{%'

If the script returns no results, no data sources are affected.

Step 2 (if data sources are affected): Migrating of the data sources

In repositorydatasourcetemplates-config.xml file: A template with the connection parameters must be defined for each affected data source.
In the Cadenza Management Center: Each affected data source must be converted from the manual to the template-based definition with the associated template.

Do not change the IDs of existing templates that are already in use! Instead, you can create a new template with the new ID and assign it to the data sources in the Management Center. Before you remove an obsolete template from the configuration file, make sure in the Management Center that this template is not used by any data source.

Warning Data source uses unknown templateId: To resolve this error, add a template for each unknown ID in repositorydatasourcetemplates-config.xml file. You can then assign a new template to the affected data sources in the Management Center and delete the obsolete templates from the configuration file.

For WMS, WMTS, or Vector Tile data sources, we also recommend:

Do not use any environment variables or system properties that refer to sensitive information, as this information is automatically visible to users of these layers when accessing the geodata server directly. Geodata servers without authentication are currently always accessed directly. In this case, $SYSTEM/$VAR properties that are used in the URL are resolved and their values are automatically visible to the users of these layers. For geodata servers with authentication, access is not direct, but always via Cadenza. In this case, sensitive information in the URL remains hidden from the users of these layers.

Migration of Affected of Static Data Restrictions for Objecttypes

Environment variables and system properties are no longer supported for the definition of static data restrictions for an objecttype in the Management Center. The use of Cadenza variables is still possible.

To determine and migrate static data restrictions that are affected by this change, the following steps are necessary:

Step 1: Checking whether static data restrictions are affected by the change.

Each repository database configured in your repositoryList.xml file must be checked. The following script can be used:

select ot.repository_name, ot.name, ot.print_name, otm.print_name
  from objecttype_restriction otr
    inner join objecttype_member otm on otr.referenced_member_id = otm.objecttype_member_id
    inner join objecttype ot on otm.objecttype_id = ot.objecttype_id
  where otr.restriction_value like '%$SYSTEM{%'

If the script returns no results, no static data restrictions are affected.

Step 2 (if static data restrictions are affected): Migrating of the data restrictions

In the variables.xml file: A variable ($VAR) must be added for each required environment variables or system properties ($SYSTEM).
In the Cadenza Management Center: For each affected static data restriction, the environment variables or system properties ($SYSTEM) must be replaced by the corresponding Cadenza variable ($VAR).

Configuration File Changes

`sketcheditors-config.xml`

<createUrl> and <editUrl> must now be defined absolutely.

Unused Plugins Removed From `plugins.xml`

The following plugins must be removed, if present (otherwise Cadenza will not start):

Gis_MediaAttachments
Integration_Application_Framework
Gis_DataSource_ArcGisRest_Edit
Gis_DataSource_Shapefile_Edit
Gis_DataSource_PostGis_Edit
Gis_DataSource_Wfs_Edit
Gis_DataSource_SpatiaLite_Edit
Gis_DataSource_Oracle_Edit
LUBW_Rips
Gis_TileCache
Gis_OsmRawData
Gis_DataSource_CartoDB
Gis_DataSource_MapBox

`jobs-config.xml`

The plugin JobScheduling is now mandatory. Therefore, the configuration file jobs-config.xml must be provided.

Change the URL to the online help in the file `basicweb-config.xml`

The path to the online help has been changed. Therefore, in the configuration file basicweb-config.xml the line

<url>/help-learning/index.html</url>

must be changed so that it reads

<url>/learning/index.html</url>

Unused Options Removed From `cadenza-config-web.xml`

In the cadenza-config-web.xml file, the following options must be removed, if present. Most of them configure features that are relevant to Cadenza Classic Web or Cadenza Desktop only, some were already deprecated and had no effect.

Under basicWebConfiguration the following elements should be removed:
- rmiServer
- rmiRegistryPort
- rmiServicePort
- rmiSslConfiguration
- logicalInstallationName
- module (officially deprecated since Cadenza 9.4, but already unsupported since Cadenza 7.0)
- features
- help (was used in Cadenza Desktop only, the corresponding configuration for Cadenza Web is in basicweb-config.xml)
- preferences
- tableAnalyzer
- navigatorTree
- databaseConfiguration
Under basicWebConfiguration → view the following elements should be removed:
- initialView
- initialNavigationNodeGlobalId
- lookAndFeel
- applicationView
- title
- homePage
- infoPage
- cadenzaFilter
- showResultHome
- extraFrameForThemeNavigator
- invalidTableEntries
- openNodeInfoInExternalBrowser
- behaviorOnCriticalError
- customErrorMessage
Under basicWebConfiguration → exportSettings remove the following element:
- clipboard

Unused Auditors Removed From `auditlogging-config.xml`

In auditlogging-config.xml, the following auditors are no longer supported and must be removed:

Chart
Map
NavigatorEvent
Permalink
TableProcessing

Removed Configuration Files

The following configuration file can be removed, if present:

attachmentmanager-config.xml
webapplicationconfiguration-config.xml: this is a configuration that can be part of the Integration_Application_Framework plugin which has been removed

Import

For string values in the import file, leading and trailing spaces are now automatically removed by default before the data is imported (trim function). This is especially interesting for CSV and EXCEL files, as these files often generated several similar values “A”, “ A” and “A ”, which had to be filtered explicitly. If you do not want to trim whitespace before importing, you can disable the new feature in the selfserviceimport-config.xml configuration file by setting the new dataPreparation/trimWhitespace element to "false".

Runtime Configuration

We no longer set the Java System Property file.encoding in our startup scripts and the property is no longer part of the default configuration options in cadenza_settings.bat/sh. This property controls the default character encoding to use when writing or reading text files. Cadenza should not have any remaining places where this is relevant because we either fix the encoding to UTF-8 (for example when reading XML or doing ReST communication,) or we explicitly ask the user for an encoding when we can not determine it (for example in CSV import). You can remove this system property from your startup scripts as well.

Monitoring

The workqueue SelectorQueryExecution was renamed to QueryExecution. This workqueue now uses Java Virtual Threads and is therefore unlimited in size and tasks do not have to wait until a worker thread is available to be started. The metrics cadenza_workqueue_max_workers, cadenza_workqueue_max_waiting_time_seconds, cadenza_workqueue_waiting_time_measurements_total, cadenza_workqueue_waiting_time_seconds_total and cadenza_workqueue_waiting_jobs do not provide any monitor-able information for this kind of workqueue.

Miscellaneous

Non-Workbook sketch layers in database repositories, after becoming inaccessible with Cadenza 10.0, will be deleted by the database migration to Cadenza 10.1.