Release Management
Space shortcuts
Space Tools
Release Management RM


i2b2 Release 1.7.11

Release Date: March 6, 2019


Release Summary

Release 1.7.11 contains several new enhancements to the i2b2 kernel, many of which improve the usability of the i2b2 WebClient. We have included a new Identified Data Plan for PHI data and have a license model.

Highlight of Features

  • Workplace folder of either: 1) ontology terms or 2) individual patients can be dragged to a query panel and all be dropped into the panel.
  • Previous queries panel with a list of patients can have a single patient dragged to a query panel
  • Added to web client
    • Filter List By User
    • Search Previous Queries - already exists
    • Page Through Previous Queries By Date
    • Include Auto refresh for a timed interval
  • Identified Data Plan
  • New license
  • Upgrade to Wildly 14
  • Document full SSL on database and wildfly

Installation Note

The 1.7.11 Release Notes apply to you if you are upgrading your existing i2b2 system from an earlier version of the i2b2 software.

Type of InstallWhere you need to go next

Upgrading an existing i2b2 (currently installed at your site)

Please go to the  Upgrade Notes section for the details about upgrading your i2b2 software.

Upgrading your i2b2 in a SHRINE network

Please read the information in the  SHRINE Networks section before proceeding.

Installing a new instance of i2b2. (Never installed it before)

We recommend you refer to the i2b2 Installation Guide found on the i2b2 Community Wiki
The install guide will take you through the entire installation process.


Upgrade Notes

Information about upgrading i2b2 to version 1.7.11 can be found in this section of the release notes.


i2b2 Components

In release 1.7.11 the following i2b2 components contain changes and therefore need to be updated when upgrading your i2b2 environment.

  • i2b2 Database
  • i2b2 Server (kernel)
  • i2b2 Web Client

Database Drivers

The JDBC drivers were updated to the following versions.

DriverNew Version
ojdbc8.jarOracle 12.2.0.1
postgresql-42.2.5.jarPostgreSQL 42.2.5
mssql-jdbc-7.0.0.jre8.jarMS Sql Server 7.0.0


Upgrade Paths

The i2b2 now provides two options for upgrading your i2b2 server.

  1. Continue to download the source code provided in the zip file released on www.i2b2.org/software
  2. Install the precompiled JAR files onto your existing i2b2 server to upgrade it to 1.7.11.

Both are acceptable paths to upgrade your i2b2 server and depending on which you choose will determine where you need to go to obtain the appropriate files. The location of the upgrade files for each component is outlined below.

Upgrade Software

DescriptionWhere to find itRequirements
Upgrade i2b2 database to 1.7.11

Software page (i2b2 Website)

Download i2b2createdb-1711.zip file under Source Code
Upgrade i2b2 Web Client to 1.7.11

Software page (i2b2 Website)

Download i2b2webclient-1711.zip file under Source Code
Upgrade i2b2 Server to 1.7.11 (Source Code)

Software page (i2b2 Website)

Download i2b2core-src-1711.zip file under Source Code
Upgrade i2b2 Server to 1.7.11 (JAR files) Upgrade to latest version page (Community Wiki) See Technical Details section on the i2b2 Upgrades page and upgrade documentation on Upgrade to latest version page.


Database Changes

Release 1.7.11 involves a few changes to the i2b2 Database. Some are simple an addition to the sample data that is included in the demo data that is delivered with the software while others are changes to the database structure to support new features that are included in 1.7.11

Crcdata Tables

QT_PRIVILEGE

  • Added new entry for the Identity Data Plan

Metadata Taables

TABLE_ACCESS

  • Added new column for the Identity Data Plan


Change Summary - Release 1.7.11

Did you know?

  • Changes to the i2b2 server & database are listed under i2b2 Kernel (Core) Software
  • Changes to the i2b2 Web Client are listed under i2b2 Web Client Software
  • Additional information about the new features can be found in the Feature Details - Release 1.7.11 section located this Change Summary section.


i2b2 Kernel (Core Software)

New Features and Improvements

  • [WEBCLIENT-250] - New Ontology Info Tab in Navigate Terms
  • [WEBCLIENT-251] - Role-based ontology protection
  • [CORE-309] - Add includeHiddens attribute for all calls made to the TABLE_ACCESS table
  • [WEBCLIENT-246] - Enhancements to Previous Queries

Bug Fixes

  • [CORE-278] - GetPDOFromInputList_requestType Fails on Postgresql
  • [CORE-307] - Fix internal key expiration date assigned when changing password
  • [CORE-308] - Full Request XML message is stored in the QT_PDO_QUERY_MASTER table
  • [CORE-313] - CRC-PDO: AverageObservationPageMethod doesnt work
  • [CORE-315] - Idenitified Data Plan- Demo_Oracle- Ontology term with No Protected access- is not visible if User role not Protected
  • [CORE-331] - GetCodeInfo- not finding codes with an '_'
  • [WEBCLIENT-231] - Able to set Date constraint on previous queries/ptset as concept
  • [WEBCLIENT-247] - bad image filename
  • [WEBCLIENT-248] - previousqueries panel-date option-'>' button not dispalying records after the specific date- same with '<' buttton
  • [WEBCLIENT-249] - previous queries panel- date option- datetime stamp not consistent with previous queries date stamp
  • [WEBCLIENT-252] - Ontology Options for Finding Terms- hidden Terms option is not validating hidden Terms
  • [WEBCLIENT-256] - previous queries - pagination by date- buttons don't work after the last pagination
  • [WEBCLIENT-259] - worplacefolder drag&drop- not working at subfolder level contents
  • [WEBCLIENT-260] - Drag and drop of folder with multiple concepts appears stuck on group panel
  • [WEBCLIENT-261] - Querytool- Ontology terms query run with breakdowns erroring out
  • [WEBCLIENT-262] - Querytool- query run with query ( run as patientset)-erroring out
  • [WEBCLIENT-263] - workplace folder drag and drop into simple temporal query events box - cannot drag and drop
  • [WEBCLIENT-264] - worplacefolder drag&drop- query report not displaying individual patient name and subfolder naming and path?
  • [WEBCLIENT-265] - Query run with individual pt is returning 0 results on rerun
  • [WEBCLIENT-266] - Individual pt query run with Timeline option - not drawing the timeline, causing unresponsive webpage
  • [WEBCLIENT-267] - Individual pt in Simple temporal query not working
  • [WEBCLIENT-268] - Query run with a ptset is errorin gout on rerun
  • [WEBCLIENT-269] - Individual Pt drag and drop- After query run, query not displaying the patient in panel
  • [WEBCLIENT-270] - worplacefolder drag&drop- queryname gets '@' by default instead of name of the folder on run
  • [WEBCLIENT-271] - workplace folder with empty contents is checked as zero pt instead of ignoring
  • [WEBCLIENT-272] - temporal query with workplace contents in constraint population panel not running
  • [WEBCLIENT-276] - workplace folder with multiple concepts taking long time to load in the query panel after drag and drop
  • [WEBCLIENT-277] - after workplace is deleted from the query panel Query run successful with empty contents

Feature Details - Release 1.7.11

New Feature: Role-based Ontology Protection

The top-level categories/folders in your ontology can now be optionally protected by one or more i2b2 roles (e.g. DATA_LDS, DATA_PROT, etc.) This feature allows the administrator to define one or more roles for an individual root folder in the ontology, and users without one of these roles will not be able to see the ontology item or use any of the terms in this folder.

To use this new feature and protect a root level folder, follow these steps:

  1. In your TABLE_ACCESS table in your ontology database, set C_PROTECTED_ACCESS to 'Y' for the root level folder you would like to protect.
  2. There is a new column in TABLE_ACCESS called C_ONTOLOGY_PROTECTION. This is where you can define one or more roles in a comma-separated list (e.g. DATA_LDS,DATA_PROT)

Example:

If you wanted to create a root level folder in your ontology called "PHI Demonstration" and only wanted users with the DATA_PROT role to be able to see it, you would make the following changes to your TABLE_ACCESS table:

C_TABLE_CDC_TABLE_NAMEC_PROTECTED_ACCESSC_HLEVELC_FULLNAMEC_NAME...C_ONTOLOGY_PROTECTION
i2b2_DEMOi2b2N1\i2b2\DemographicsDemographics...null
i2b2_DIAGi2b2N1\i2b2\Diagnoses\Diagnoses...null
i2b2_LABSi2b2N1\i2b2\Labtests\Laboratory Tests...null
........................
i2b2_PHIi2b2phiY1\i2b2\PHI\PHI Demonstration...DATA_PROT

New Feature: Workplace Folder drag and drop

Now you can drag a workplace folder to the query tool, the folder can contain sub folders.   All the concepts, previous queries, and individual patients will be displayed in the panel.


Below is the workplace with combination of available items

                    

After the drag and drop to the query panel the list of all the items are displayed


New Feature: Individual Patient drag and drop from Previous Query Panel

Once a patient set is created, that patient can be dragged and dropped to the Query Tool Panel

Below is a patient set with 2 patients

After drag and drop of the individual patient to the query tool panel

New Feature: Previous Queries Upgrade in Web Client

The Previous Queries panel in the web client has been upgraded to accommodate three new options.

  • Filter Previous Queries List by User - Users with the MANAGER role will now see a drop down in the Previous Queries Options menu that allows them to filter previous queries by a specific user in the i2b2 project.
  • Auto Refresh Previous Queries - Users now have the ability to set an auto-refresh timer in the Previous Queries Options menu in which the Previous Queries list will auto-refresh in the specified time period (off, 10 seconds, 30 seconds, or 60 seconds).
  • Page through Previous Queries by Date - Users can navigate Previous Queries by a particular date.

New Feature: Support for WildFly 14

The i2b2 software now officially supports WildFly 14. The primary advantages are the faster install/upgrade of i2b2 as a pre-packaged collection (WAR) and managed data source connections/pooling.

New Feature: Inter-CELL SSL Setup

Create server and client certificates (Wildfly 10 & 14)

The keytool utility stores the keys and certificates in a file termed as keystore, a repository of certificates used for identifying a client or a server. Typically, a keystore contains one client or one server's identity, which are protected by using a password.

Create a Self Signed Certificate

You can create a certificate for your server using the following command:

1

$ keytool -genkey -keyalg RSA -keystore server.keystore -storepass secret -keypass secret -validity 365  -dname "cn=Partners Healtbcare,o=Partners,c=US"

Now let's copy this keystore into the configuration folder of the application server:

1

$ cp server.keystore $JBOSS_HOME/standalone/configuration

Now export the server certificate in a file called server.crt:

1

 

$ keytool -exportcert -keystore server.keystore -storepass secret -keypass secret -file server.crt

Certificate stored in file <server.crt>

Now import the cert into the CA for the Java JRE:

1

$ keytool -import -alias i2b2server -keystore  /usr/java/latest/jre/lib/security/cacerts -file server.crt

 

The password might be changeit

 

In /opt/{wildfly} in bin run add-user.sh to create user and select (a) management user

 

Wildfly 10 Setup

In Wildfly 10 run jboss-cli.sh

 

Connect to the server

1

connect

Start by creating a Security Realm which will contain the keystore and trustore references

1

/core-service=management/security-realm=SSLRealm:add

Next, for one-way SSL, set the path to the keystore, along with the keystore path and password:

1

/core-service=management/security-realm=SSLRealm/server-identity=ssl:adJavathe2d(keystore-path="server.keystore", keystore-relative-to="jboss.server.config.dir", keystore-password="secret")

Finally, set the value of Undertow's https listener to your Security Realm:

1

/subsystem=undertow/server=default-server/https-listener=default-https:write-attribute(name=security-realm,value=SSLRealm)

If the above fails edit the standalone.xml and add right after http-listener

 

                <https-listener name="default-https" security-realm="SSLRealm" socket-binding="https"/>


Wildfly 14 Setup

In Wildfly 14 run jboss.cli.sh

 

Connect to the server

1

connect

Finally, set the value of Undertow's https listener to your Security Realm:

1

/subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=security-realm,value=ApplicationRealm)

 

 

 Both Wildfly 10 and 14

Add the following to the axis2.xml file right after the   <transportReceiver name="http"

               

   <transportReceiver name="https"

                       class="org.apache.axis2.transport.http.AxisServletListener"/>

Change the crc.properties, ontology.properties and workplace.properties files to point to the https://localhost:8443

Database Changes

Change all the pm_cell_data within the PM Database to https://localhost:8443

After all the cells have been updated it should look like below.


Webclient Changes

Webclient, if using self-signed cert add the following to the index.php

        curl_setopt($proxyRequest, CURLOPT_SSL_VERIFYHOST, 0);

        curl_setopt($proxyRequest, CURLOPT_SSL_VERIFYPEER, 0);

 

Also into the index.php add the new url to the whitelist such as:

     

$WHITELIST = array(

        "http" . (($_SERVER['SERVER_PORT'] == '443') ? 's' : '' ) . "://" . $_SERVER['HTTP_HOST'],

        "http://services.i2b2.org",

        "http://127.0.0.1:9090",

        "http://127.0.0.1:8080",

        "http://127.0.0.1",

        "http://localhost:8080",

        "http://localhost:9090",

        "https://localhost:8443",

        "http://localhost"

);


Updated: i2b2 License

The i2b2 software is now made available under the terms of the Mozilla Public License (MPL) version 2.0. i2b2 is also distributed under the terms of the Healthcare Disclaimer addendum.




  • No labels

Release Management RM