Migration notes 3.1
This page explains the changes required to migrate to the stated version of the Atoti Limits.
Migrate to 3.1.0
Upgrading from version 3.0.0, see the Atoti Limits 3.1.0 Release Notes.
Atoti Limits is using Atoti Server 6.0.9 and Atoti UI 5.1.x.
For new features and fixes included in these releases, please see the Atoti UI documentation and Atoti UI Migration Notes, and the release notes for Atoti Server.
Headline announcement
- Modified UI settings : “utilizationDashboards” has been removed. “exceptionAuditTrailNodeColors” has been removed, use “auditTrailNodeColors” instead.
- Custom User Workflow Actions: Any existing custom user workflow actions may need to be modified. Please see Adding Customizing Workflow Tasks for how to do so.
- Upgraded Java version: We have upgraded the Java version used to compile Atoti Limits to 17.
- Spring Security upgrade: We have upgraded Spring Security to version 5.8.7 to resolve vulnerabilities and prepare for the upgrade to Spring Security 6.0 (via Spring Boot 3).
- Common Parent POM: The Atoti Limits module now inherits third-party plugin versions from the Common Parent POM version 1.2.0, in line with other solutions.
- Interface/REST Service method signature changes: We have upgraded the
IAlertTaskManagerandLimitsEvaluationRestServicemethods to provide a cleaner API.
Java Upgrade
We have upgraded the Java version used to compile Atoti Limits from 11 to 17. You will need to upgrade to Java version 17 or higher, and supply the following jvm arguments when running Atoti Limits:
--add-opens=java.base/java.util=ALL-UNNAMED
--add-opens=java.base/java.util.concurrent=ALL-UNNAMED
This is related to the Atoti Server configuration.
Spring Security Upgrade
We have upgraded to Spring Security 5.8.7. To do so, we override the version of Spring Security in Spring Boot by importing the common-dependencies-bom version
1.2.0 into the parent pom file. The common-dependencies-bom overrides the Spring Security version using Spring’s migration guide.
You will eventually need to migrate your own custom security configuration(s) in preparation for Spring Security 6.0. We have upgraded our out-of-the-box security configurations to help in this migration.
note
We recommend using your own custom security configuration(s) and referring to the out-of-the-box security configuration provided only as a sample.
The default security users and roles have not changed, only the way we implement the security. We have done so by making the following changes:
Stop Using WebSecurityConfigurerAdapter
We have replaced instances of WebSecurityConfigurerAdapter with SecurityFilterChain beans.
Use the new requestMatchers methods
In Authorize Http Requests, we have replaced invocations of http.authorizeHttpRequests((authz) -> authz.antMatchers(...)) with http.authorizeHttpRequests((authz) -> authz.requestMatchers(...)).
Use the new securityMatchers methods
We have replaced invocations of http.antMatchers(...) with http.securityMatchers(...).
As an example of the previous changes, the configuration for accessing the endpoint which exposes the JWT token changed from:
@Configuration
@Order(1)
public static abstract class AJwtSecurityConfigurer extends WebSecurityConfigurerAdapter {
@Autowired
protected ApplicationContext context;
@Autowired
@Qualifier(BASIC_AUTH_BEAN_NAME)
protected AuthenticationEntryPoint authenticationEntryPoint;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher(JwtRestServiceConfig.REST_API_URL_PREFIX + "/**")
// As of Spring Security 4.0, CSRF protection is enabled by default.
.csrf().disable()
// Configure CORS
.cors().and()
.authorizeRequests()
.antMatchers("/**").hasAnyAuthority(ROLE_USER)
.and()
.httpBasic().authenticationEntryPoint(authenticationEntryPoint);
}
}
to
@Bean
@Order(1)
public SecurityFilterChain jwtSecurityFilterChain(HttpSecurity http,ApplicationContext applicationContext){
final AuthenticationEntryPoint basicAuthenticationEntryPoint = applicationContext.getBean(BASIC_AUTH_BEAN_NAME,AuthenticationEntryPoint.class);
return http
// As of Spring Security 4.0, CSRF protection is enabled by default.
.csrf(AbstractHttpConfigurer::disable)
// Configure CORS
.cors().and()
.securityMatcher(url(JwtRestServiceConfig.REST_API_URL_PREFIX,WILDCARD))
.authorizeHttpRequests(
auth->auth.requestMatchers(HttpMethod.OPTIONS,url(WILDCARD))
.permitAll()
.anyRequest()
.hasAnyAuthority(ROLE_USER))
.httpBasic(basic->basic.authenticationEntryPoint(basicAuthenticationEntryPoint))
.build();
}
Removed imports of ActivePivotRemotingServicesConfig
This class imports org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter, which may (if used) expose access to CVE-2016-1000027 in the Spring-web project.
Common Parent POM
The Common Parent POM version 1.2.0 is now a parent of the Atoti Limits module. This parent merely defines plugin management and is used by other solutions. The following dependency versions are now managed by this parent instead of by the Atoti Limits module:
| Dependency | Version |
|---|---|
| exec-maven-plugin | 3.1.0 |
| lifecycle-mapping | 1.0.0 |
| maven-assembly-plugin | 3.6.0 |
| maven-clean-plugin | 3.3.1 |
| maven-compiler-plugin | 3.11.0 |
| maven-dependency-plugin | 3.6.0 |
| maven-deploy-plugin | 3.1.1 |
| maven-enforcer-plugin | 3.3.0 |
| maven-jar-plugin | 3.3.0 |
| maven-javadoc-plugin | 3.5.0 |
| maven-resources-plugin | 3.3.1 |
| maven-source-plugin | 3.3.0 |
| maven-surefire-plugin | 3.1.2 |
| maven-war-plugin | 3.4.0 |
| sonar-maven-plugin | 3.9.1.2184 |
| spring-boot-maven-plugin | 2.7.16 |
Interface/REST Service Method Signature Changes
If you implement or override any of the following interfaces/services, you will have to update your method signatures.
IAlertTaskManager
| Modification | Old Value | New Value | Description |
|---|---|---|---|
| Changed value | void addChronFutureJob(KpiAlertTask.KpiTaskKey kpiKey) |
void addChronFutureJob(LimitStructureDTO limitStructureDTO) |
Schedule a limit structure to be evaluated. |
| Changed value | boolean removeChronFutureJob(KpiAlertTask.KpiTaskKey kpiKey) |
boolean removeChronFutureJob(String futureKey) |
Remove a scheduled limit structure to be evaluated from the list of scheduled jobs. |
| Changed value | CsvResult evaluateKpisFor(KpiAlertTask.KpiTaskKey kpiKey, ICondition condition) |
Collection<IncidentDTO> evaluateLimitStructure(LimitStructureDTO limitStructureDTO) |
Evaluate a limit structure. |
| Changed value | void evaluateKpis(Collection<KpiAlertTask> kpiAlertTasks) |
Collection<IncidentDTO> evaluateLimitStructures(Collection<KpiAlertTask> kpiAlertTasks) |
Evaluate multiple limit structures. |
| Changed value | void evaluateLimits(Collection<LimitAlertTask> limitAlertTasks) |
Collection<IncidentDTO> evaluateLimits(Collection<LimitAlertTask> limitAlertTasks) |
Evaluate multiple limits. |
| Changed value | void writeFile(CsvResult csvResults, String fileName, String serverName) |
void writeFile(List<IncidentDTO> results, String fileName, String serverName) |
Write the results of an evaluation to file. |
| Changed value | boolean containsChronFutureJob(KpiAlertTask.KpiTaskKey kpiKey) |
boolean containsChronFutureJob(String futureKey) |
Whether or not a scheduled job exists for the given key. |
| Added | MdxRunner getMdxRunner() |
Return the MdxRunner used to run MDX queries against the business cube. |
|
| Added | IEvaluationErrorHandler getErrorHandler() |
Return the IEvaluationErrroHandler used to handle errors on evaluation. |
|
| Removed | <T extends AAlertTask> CsvResult collectCsvResults(Collection<T> alertTasks) |
Collect and handle the result of an evaluation. |
LimitsEvaluationRestService
| Modification | Old Value | New Value | Description |
|---|---|---|---|
| Changed value | public void unschedule(@RequestBody KpiTaskKey key) |
public boolean unschedule(@RequestBody String kpiName) |
Unschedule a limit structure job for evaluation. |
| Changed value | public List<String> evaluateAll() |
public EvaluationResponseDTO evaluateAll() |
Evaluate all limits and return an EvaluationResponseDTO. |
| Changed value | public List<String> evaluateLimit(@PathVariable("limitKey") int limitKey, @RequestParam(value=PARAM_AS_OF_DATE, required=false) LocalDate asOfDate) |
public EvaluationResponseDTO evaluateLimit(@PathVariable("limitKey") int limitKey, @RequestParam(value=PARAM_AS_OF_DATE, required=false) LocalDate asOfDate) |
Evaluate a limit and return an EvaluationResponseDTO. |
| Changed value | public List<String> evaluateLimits(@RequestBody List<Integer> limitKeys, @RequestParam(value=PARAM_AS_OF_DATE, required=false) LocalDate asOfDate) |
public EvaluationResponseDTO evaluateLimits(@RequestBody List<Integer> limitKeys, @RequestParam(value=PARAM_AS_OF_DATE, required=false) LocalDate asOfDate) |
Evaluate multiple limits and return an EvaluationResponseDTO. |
| Changed value | public List<String> evaluateLimitStructure(@PathVariable("limitStructureKey") int limitStructureKey, @RequestParam(value=PARAM_AS_OF_DATE, required=false) LocalDate asOfDate) |
public EvaluationResponseDTO evaluateLimitStructure(@PathVariable("limitStructureKey") int limitStructureKey, @RequestParam(value=PARAM_AS_OF_DATE, required=false) LocalDate asOfDate) |
Evaluate a limit structure and return an EvaluationResponseDTO. |
| Changed value | public List<String> evaluateLimitStructures(@RequestBody List<Integer> limitStructureKeys, @RequestParam(value=PARAM_AS_OF_DATE, required=false) LocalDate asOfDate) |
public EvaluationResponseDTO evaluateLimitStructures(@RequestBody List<Integer> limitStructureKeys, @RequestParam(value=PARAM_AS_OF_DATE, required=false) LocalDate asOfDate) |
Evaluate multiple limit structures and return an EvaluationResponseDTO. |
| Removed | public List<String> evaluate(@RequestBody KpiDTO kpiDto). |
Evaluate a KpiDTO (now deleted). |
Input file formats
Modified
| Modification | File | Field | Description |
|---|---|---|---|
| Added | limit_structures.csv | Utilization Dashboard ID |
The column Utilization Dashboard ID has been added between the Exception Workflow and User ID columns. |
| Added | legacy_limits.csv | Utilization Dashboard ID |
The column Utilization Dashboard ID has been added between the Exception Workflow and User ID columns. |
For Removal
| File | Details |
|---|---|
| legacy_limits.csv | This file is deprecated and will be removed in version 4.0.0. |
Configuration files
Files Modified
limits.properties
New properties:
| Property Name | Comment | Value |
|---|---|---|
| ap.version.map | Any connected server version is now registered by Atoti Limits. | |
| content.server.name | The name given to the content server used by Atoti Limits. |
application.yml
New properties:
| Property Name | Comment | Value |
|---|---|---|
| limit.evaluation.include-passes | If true, Atoti Limits stores passes (i.e. evaluations that do not result in a breach or warning) in the datastore during limit evaluation. The default value of false prevents a large number of passes from polluting the limit status screen in the UI. |
false |
| limit.evaluation.error.include-stacktrace | true if the stack trace should be available in the evaluation response to the UI. |
false |
Datastores
Modified stores
| Modification | Store | Field | Type | Description |
|---|---|---|---|---|
| Added | Limit Structures | Utilization Dashboard ID | string | The ID of a utilization dashboard that may exist for the limit structure. The ID maps to a dashboard ID in the content server. |
| Added | Incidents | Limit Values | double array | The value of the limit (KPI goal) at the time it was evaluated. Note that this may be the value of a temporary limit. |
| Deleted | Incidents | Breach Count | int | Unused column that previously stored the number of breaches. |
| Updated | Incidents | As of Date | local date | The column is now a key field. This is to ensure that incident workflows are distinct for each as of date. The type has also been updated to a local date. |
Cube schema
Each hierarchy has been given a suitable dimension, as opposed to having single-level hierarchies where the dimension is of the same name. You can view these in Dimensions. The following modifications have also been made:
Added
| Cube | Dimension | Hierarchy | Levels | Datastore fields | Details |
|---|---|---|---|---|---|
| Limits | Evaluation | As Of Date | As Of Date | As Of Date | The cube date for an evaluation. |
| Limits | Evaluation | Evaluation Status | Evaluation Status | Incident Type | The result of an evaluation. |
| Limits | Evaluation | Workflow Status | Workflow Status | Status | The current status of an evaluation result in the workflow. |
| Limits | Evaluation | Evaluation Date | Evaluation Date | N/A | The date of an evaluation. |
| Limits | Evaluation | Evaluation Key | Evaluation Key | incidentKey | Unique key to identify an evaluation. |
Modified
| Cube | Dimension | Hierarchy | Levels | Datastore fields | Details |
|---|---|---|---|---|---|
| Limits | Limit Structure | Limit Structure Name | Limit Structure Name | Name | The Name hierarchy has been renamed to Limit Structure Name |
Measures
Added
| Cube | Measure | Details |
|---|---|---|
| Limits | Utilization | The utilization of a limit on evaluation. |
Modified
| Cube | Measure | Details |
|---|---|---|
| Limits | Exposure | Renamed the measure Measure Value to Exposure |
Removed
| Cube | Measure | Details |
|---|---|---|
| Limits | Breach Count | The number of breaches on evaluation. Removed, as a count is suitable. |
Context values
No changes.