User Community Service Desk Downloads
If you can't find the product or version you're looking for, visit support.ataccama.com/downloads

RDM 14.5.1 Upgrade Notes

Spring Boot 3 upgrade

ONE Runtime Server now uses Spring Boot 3. As a result, the security architecture had to be reworked, leading to the following configuration changes.

Change in the online services prefix

The /rdm/** prefix on the RDM server is now used only for communication using internal JWT authentication. Before the upgrade, follow these steps:

  1. Determine if there are any online services deployed within the /rdm/** prefix that use Keycloak authentication and need to be accessed from locations other than the RDM Web App.

  2. If such services exist, relocate them to different prefixes to maintain their original authentication method based on Keycloak.

If you skip this step, calling online services that are authenticated using Keycloak and deployed to /rdm/ prefix results in a 401 error.

New properties added

The following applies to PaaS and self-managed, on-premise deployments. After the upgrade, make sure these properties are configured.

Furthermore, if you are using Keycloak Security or Spring Security, additional configuration changes are needed in the HTTP Dispatcher configuration or the Spring Security XML file respectively. For more details, see ONE Runtime Server 14.5.1 Upgrade Notes.

  • A new property ataccama.authentication.internal.jwt.generator.key was introduced. The value is <jwt-key|base64>.

  • A new section defining PlatformDeploymentContributor was added to the rdm.runtimeConfig file. A sample definition looks as follows:

    rdm.runtimeConfig
    <config class="com.ataccama.server.platform.PlatformDeploymentContributor">
       <platformDeployments>
          <platformDeployment name="rdm">
             <properties>
                <property name="[ataccama.one.platform.deployments.rdm-dev.security.jwt-keys.rdm.name](http://ataccama.one.platform.deployments.rdm-dev.security.jwt-keys.rdm.name/)" value="rdm"/>
                <property name="ataccama.one.platform.deployments.rdm-dev.security.jwt-keys.rdm.fingerprint" value="<jwt-fingerprint>"/>
                <property name="ataccama.one.platform.deployments.rdm-dev.module" value="rdm"/>
                <property name="ataccama.one.platform.deployments.rdm-dev.security.jwt-keys.rdm.content" value="<jwt-content|base64"/>
                <property name="ataccama.one.platform.deployments.rdm-dev.security.jwt-keys.rdm.isRevoked" value="false"/>
                <property name="ataccama.one.platform.deployments.rdm-dev.security.roles" value="IMPERSONATION"/>
                <property name="ataccama.one.platform.deployments.rdm-dev.security.url-patterns" value="/rdm/**,** /server-management/, /rdmOnPublishHandler"/>
             </properties>
          </platformDeployment>
       </platformDeployments>
    </config>
  • A new element <usePlatformDeployment> referencing PlatformDeploymentContributor was added to the HttpDispatcher component in the rdm.serverConfig file. A sample definition looks as follows:

    rdm.serverConfig
    <component disabled="false" class="com.ataccama.dqc.web.HttpDispatcher">
       ...
          <listeners>
             <listenerBean ...>
                ...
                   <contexts>
                      <listenerContext ...>
                         ...
                         <securityFilter ...>
                            <identityProviders>
                                ...
                            </identityProviders>
                            <interceptUrls>
                                ...
                            </interceptUrls>
                            <usePlatformDeployment>rdm</usePlatformDeployment>  <- new definition
                         </securityFilter>
                      </listenerContext>
                   </contexts>
                ...
             </listenerBean>
             ...

Optimize PostgreSQL database performance

To optimize the performance of the PostgreSQL database and improve the speed at which RDM is able to import tables, apply the following settings to your PostgreSQL instance:

ALTER DATABASE rdm SET work_mem = '50MB';
ALTER DATABASE rdm SET enable_nestloop to 'off';
ALTER DATABASE rdm SET maintenance_work_mem to '500MB';

This applies to self-managed deployments. No action is required for cloud environments.

Configure service endpoints for reading or writing data

Internal communication between RDM and online services is authenticated using a dedicated service client defined in Keycloak. However, any externally exposed services require a different type of authentication, which must be additionally configured.

For instructions about how to set this up, see Step 3 Configure service endpoints in Preparing Web Service Configurations for Reading Data and Preparing Web Service Configurations for Writing Data.

Enrichment and validation services rely on internal JWT authentication and therefore no additional changes are required.

Configuration changelog

This section provides the information about the changes in the configuration files that need to be taken into account when upgrading the solution. In certain cases, the newly introduced default is used or some configuration is required.

The following table lists the changes in the files: added, changed, and removed properties.

Configuration file Added properties Changed properties Removed properties

application.properties

  • ataccama.authentication.internal.jwt.generator.key - The value is <jwt-key|base64>.

  • ataccama.one.rdm.max.config.file.size.kb - The maximum size of the project configuration file that can be imported to RDM. Expressed in kilobytes. Default value: 1000.

    No action is required unless your configuration file is larger than 1000 KB.

/

/

rdm.runtimeConfig

  • PlatformDeploymentContributor definition, see Spring Boot 3 upgrade.

    rdm.runtimeConfig example
    <config class="com.ataccama.server.platform.PlatformDeploymentContributor">
    ...
    </config>

/

/

rdm.serverConfig

<usePlatformDeployment>rdm</usePlatformDeployment> - See Spring Boot 3 upgrade.

/

/

Was this page useful?