Jama Connect 8.62.3 Self-Hosted, hotfix - NOT Supported

Carly Rossi
Carly Rossi
  • Updated

 Release Date AU/EMEA/US: 2021/08/27
 

Customize SAML/OAuth Database Configurations

Added capability for the configuration for the two database schemas required to support the new SAML and OAuth authentication options and the installation the 8.62 Standard release. You can now determine the usernames, password and database schema names for both the SAML and OAuth services in both MySQL and Microsoft SQL Server.

 

Notes for Self-Hosted Administrators

New Database Schemas are Required for This Release
Before you can install or upgrade to the Jama Connect 8.62.3 release, you must first create two new database schemas to support the new SAML and OAuth authentication options.

For the upgrade to complete, organizations using Microsoft SQL Server must enter database users in Replicated. Without these entries, the installation or upgrade will fail. If you are in MySQL and have already implemented these databases in 8.62, you have the new option to keep the same user for all the databases or dedicate different users for each, see second scenario below.

Organizations that do not create the new schema will successfully install/upgrade: however, the system will continue to attempt to connect to the database and product log failures. After you create the database schemas, you must restart Jama Connect


To create the database schemas, use the script for your database and your upgrade or installation scenario:

*The available configurable database names, users and passwords are highlighted below in bold.

MySQL Install

CREATE DATABASE jama character set utf8;
CREATE DATABASE saml;
CREATE DATABASE oauth;

CREATE USER 'jamauser'@'%' IDENTIFIED BY 'password';
CREATE USER 'oauthuser'@'%' IDENTIFIED BY 'password';
CREATE USER 'samluser'@'%' IDENTIFIED BY 'password';

GRANT ALL PRIVILEGES ON jama.* TO 'jamauser'@'%';
GRANT ALL PRIVILEGES ON oauth.* TO 'oauthuser'@'%';
GRANT ALL PRIVILEGES ON saml.* TO 'samluser'@'%';

 

MySQL Upgrade to 8.62.3 from 8.62 (this is optional, the installer can keep the same user for all databases)

CREATE USER 'oauthuser'@'%' IDENTIFIED BY 'password';
CREATE USER 'samluser'@'%' IDENTIFIED BY 'password';

GRANT ALL PRIVILEGES ON oauth.* TO 'oauthuser'@'%';
GRANT ALL PRIVILEGES ON saml.* TO 'samluser'@'%';

 

MySQL Upgrade to 8.62.3 from 8.56 or 8.49

CREATE DATABASE saml;
CREATE DATABASE oauth;

CREATE USER 'oauthuser'@'%' IDENTIFIED BY 'password';
CREATE USER 'samluser'@'%' IDENTIFIED BY 'password';

GRANT ALL PRIVILEGES ON oauth.* TO 'oauthuser'@'%';
GRANT ALL PRIVILEGES ON saml.* TO 'samluser'@'%';

 

Microsoft SQL Server Install

USE master;
CREATE LOGIN jamauser with password = 'password';
CREATE LOGIN samluser with password = 'password';
CREATE LOGIN oauthuser with password = 'password';
GO

USE master;
CREATE DATABASE jama;
GO
ALTER DATABASE jama SET READ_COMMITTED_SNAPSHOT ON WITH ROLLBACK IMMEDIATE
GO

USE jama;
EXEC ('CREATE SCHEMA oauth');
EXEC ('CREATE SCHEMA saml');
GO

USE jama;
CREATE USER jamauser for LOGIN jamauser;
CREATE USER samluser for LOGIN samluser with DEFAULT_SCHEMA=saml;
CREATE USER oauthuser for LOGIN oauthuser with DEFAULT_SCHEMA=oauth;
GO

EXEC sp_addrolemember N'db_owner', jamauser;
EXEC sp_addrolemember N'db_owner', samluser;
EXEC sp_addrolemember N'db_owner', oauthuser;
GO

 

Microsoft SQL Server Upgrade to 8.62.3

USE master;
CREATE LOGIN samluser with password = 'password';
CREATE LOGIN oauthuser with password = 'password';
GO

USE jama;
EXEC ('CREATE SCHEMA oauth');
EXEC ('CREATE SCHEMA saml');
GO
 
USE jama;
CREATE USER samluser for LOGIN samluser with DEFAULT_SCHEMA=saml;
CREATE USER oauthuser for LOGIN oauthuser with DEFAULT_SCHEMA=oauth;
GO

EXEC sp_addrolemember N'db_owner', samluser;
EXEC sp_addrolemember N'db_owner', oauthuser;
GO

 

Resolved Issue

ID Resolution
SOS-DEF-5434 Safari browser users no longer receive a "Invalid Cors request" error when logging in via SAML.  

Related to

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.