go to post Scott Roth · Apr 25, 2024 Sessions normally are available closer to the date of the Summit. You should receive a notice when they are available to be Scheduled.
go to post Scott Roth · Apr 25, 2024 I noticed that this is now included in 2024.1, and there is documentation Production Validator | HealthShare Health Connect 2024.1 (intersystems.com) While I was able to help test the code, the code version I have is probably an older version. The Documentation mentions loading the code for the Production Validator and compiling it in the system. For me and others where can that updated Production Validator code be found? @James Bourette
go to post Scott Roth · Apr 23, 2024 I am being told the OAuth certificate has no chain behind it. it is a Self Signed Certificate/Key Pair. I changed the ownership of the files to irisusr:irisusr but I am still getting the same error message... "error reported 'error:0200100D:system library:fopen:Permission denied, error:20074002:BIO routines:file_ctrl:system lib, error:140DC002:SSL routines:use_certificate_chain_file:system lib' *" I am still thinking it is something wrong with the Cert/Private Key that was provided to me from the Application, am I wrong?
go to post Scott Roth · Apr 23, 2024 My real concern is... "error:0200100D:system library:fopen:Permission denied, error:20074002:BIO routines:file_ctrl:system lib, error:140DC002:SSL routines:use_certificate_chain_file:system lib",,,,,,,$lb(,"%SYS",$lb("e^Send+313^%Net.HttpRequest.1^1","e^Post+1^%Net.HttpRequest.1^1","e^GetAccessTokenJWT+44^%SYS.OAuth2.Authorization.1^1" is there an issue with my Certs?
go to post Scott Roth · Apr 22, 2024 ConvertDateTime works well... Ens.Util.FunctionSet (ENSLIB namespace) - InterSystems IRIS Data Platform 2024.1 - including private class members when you call it within a DTL you can specify the incoming and outgoing formats like ..."%d/%m/%Y", "%Y%m%d"
go to post Scott Roth · Apr 15, 2024 I was able to get past the iam-setup.sh but now when I run podman-compose up -d I am getting the follwing error... :>sudo podman-compose up -dpodman-compose version: 1.0.6['podman', '--version', '']using podman version: 4.6.1** excluding: set()['podman', 'ps', '--filter', 'label=io.podman.compose.project=scripts', '-a', '--format', '{{ index .Labels "io.podman.compose.config-hash"}}']podman volume inspect scripts_pgdata14 || podman volume create scripts_pgdata14['podman', 'volume', 'inspect', 'scripts_pgdata14']['podman', 'network', 'exists', 'scripts_default']podman run --name=scripts_db_1 -d --label io.podman.compose.config-hash=0b8c4491a1820337de3b759d5b1067ea78426dafeaec513283d14bd1ac5c3e8b --label io.podman.compose.project=scripts --label io.podman.compose.version=1.0.6 --label PODMAN_SYSTEMD_UNIT=podman-compose@scripts.service --label com.docker.compose.project=scripts --label com.docker.compose.project.working_dir=/ensemble/tmp/IAM/scripts --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=db -e POSTGRES_DB=iam -e POSTGRES_PASSWORD=iam -e POSTGRES_USER=iam -v scripts_pgdata14:/var/lib/postgresql/data --net scripts_default --network-alias db -i --restart on-failure --healthcheck-command /bin/sh -c pg_isready' '-U' 'iam --healthcheck-interval 30s --healthcheck-timeout 30s --healthcheck-retries 3 postgres:14.57db3dff8488e4115cd7d65d4ea61be9de185e68dfdbcf1744ec913b02314645cexit code: 0['podman', 'network', 'exists', 'scripts_default']podman run --name=scripts_iam-migrations_1 -d --requires=scripts_db_1 --label io.podman.compose.config-hash=0b8c4491a1820337de3b759d5b1067ea78426dafeaec513283d14bd1ac5c3e8b --label io.podman.compose.project=scripts --label io.podman.compose.version=1.0.6 --label PODMAN_SYSTEMD_UNIT=podman-compose@scripts.service --label com.docker.compose.project=scripts --label com.docker.compose.project.working_dir=/ensemble/tmp/IAM/scripts --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=iam-migrations -e KONG_DATABASE=postgres -e KONG_PG_DATABASE=iam -e KONG_PG_HOST=db -e KONG_PG_PASSWORD=iam -e KONG_PG_USER=iam -e KONG_CASSANDRA_CONTACT_POINTS=db -e ISC_IRIS_URL= -e ISC_CA_CERT= --net scripts_default --network-alias iam-migrations --restart on-failure bash -c kong migrations bootstrap; kong migrations up; kong migrations finishError: repository name must have at least one componentexit code: 125podman start scripts_iam-migrations_1Error: no container with name or ID "scripts_iam-migrations_1" found: no such containerexit code: 125['podman', 'network', 'exists', 'scripts_default']podman run --name=scripts_iam_1 -d --requires=scripts_db_1 --label io.podman.compose.config-hash=0b8c4491a1820337de3b759d5b1067ea78426dafeaec513283d14bd1ac5c3e8b --label io.podman.compose.project=scripts --label io.podman.compose.version=1.0.6 --label PODMAN_SYSTEMD_UNIT=podman-compose@scripts.service --label com.docker.compose.project=scripts --label com.docker.compose.project.working_dir=/ensemble/tmp/IAM/scripts --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=iam -e KONG_ADMIN_ACCESS_LOG=/dev/stdout -e KONG_ADMIN_ERROR_LOG=/dev/stderr -e KONG_ADMIN_LISTEN=0.0.0.0:8001 -e KONG_ANONYMOUS_REPORTS=off -e KONG_CASSANDRA_CONTACT_POINTS=db -e KONG_DATABASE=postgres -e KONG_PG_DATABASE=iam -e KONG_PG_HOST=db -e KONG_PG_PASSWORD=iam -e KONG_PG_USER=iam -e KONG_PROXY_ACCESS_LOG=/dev/stdout -e KONG_PROXY_ERROR_LOG=/dev/stderr -e KONG_PORTAL=on -e KONG_PORTAL_GUI_PROTOCOL=http -e KONG_PORTAL_GUI_HOST=127.0.0.1:8003 -e KONG_ADMIN_GUI_URL=http://localhost:8002 -e ISC_IRIS_URL= -e ISC_CA_CERT= --net scripts_default --network-alias iam -p 8000:8000 -p 8001:8001 -p 8002:8002 -p 8003:8003 -p 8004:8004 -p 8443:8443 -p 8444:8444 -p 8445:8445 --restart on-failureError: repository name must have at least one componentexit code: 125podman start scripts_iam_1Error: no container with name or ID "scripts_iam_1" found: no such containerexit code: 125
go to post Scott Roth · Apr 15, 2024 my httpd.conf is setup to send / to CSP.# ### BEGIN-ApacheCSP-SECTION #### LoadModule csp_module_sa "/opt/webgateway/bin/CSPa24.so" CSPModulePath "/opt/webgateway/bin/" CSPConfigPath "/opt/webgateway/bin/" CSPFileTypes csp cls zen cxw Alias /csp/ /opt/webgateway/bin/ <Location /> CSP On </Location> <Location "/csp/"> CSP On </Location> <Location "/api/"> CSP On </Location> <Location "/oauth2/"> CSP On </Location> <Location "/isc/"> CSP On </Location> <Location "/ui/"> CSP On </Location> <Directory "/opt/webgateway/bin/"> AllowOverride None Options MultiViews FollowSymLinks ExecCGI Require all granted <FilesMatch "\.(log|ini|pid|exe)$"> Require all denied </FilesMatch> </Directory>
go to post Scott Roth · Apr 12, 2024 I played around with the iam-setup.sh script, and found when I ran the script without a CA and port it was able to connect to the IRIS instance. Next step is that the docker will not start, I need to dig into that more.
go to post Scott Roth · Apr 11, 2024 We just went through a same dilemma. it was recommended from an IT audit perspective that we look into securing the access and hardening what access was given. We had been using Delegated authentication that performed the necessary lookup against LDAP, but the way in which we did it was not ideal according to the Audit. So, we moved to using the internal LDAP functionality inside IRIS, and through a painful process I was able to get a TLS certificate signed by the Active Directory Services. By knowing how to obtain a Certificate signed by the CA that is used across the Medical Center, it allowed us to configure Apache and a Local instance of the Web Gateway to encrypt the connection to the management portal instead of using HTTP with port 52773. VS Code was not affected either as we switched our VS Code connections to use https and port 443. We also took steps in hardening access by limiting resources, and web applications by those resources as well. That was just how we addressed it, Configuring a local firewall, or network access based on ports is painful but it can be done. As applications are moved to a segregated network we have had to start having tickets put in to allow traffic across ports. So we are updating the network as we go through new applications. Eventually we will need to do this for all ports as the Powers that be would like us to move to the Cloud evenutally.
go to post Scott Roth · Apr 11, 2024 I verified that /api/iam is enabled, but using CURL or POSTMAN, I keep getting a 404 - Not Found error. I thought it might be because the script is looking for /api/iam/license so I shorted it to /api/iam to see if I could get a response but still getting the 404 error. I even tried unauthenticated on /api/iam
go to post Scott Roth · Apr 9, 2024 Thanks, I did receive an email, downloaded the new kit, and upgraded our DEV environment yesterday to start evaluating.
go to post Scott Roth · Apr 5, 2024 The scenario was for a Backload that may or may not happen. The Backloaded data does not include a field that was recently added to the interface. I think if need be since it is a one-time backload, I might just use a Data Lookup table to get the missing information into the backloaded data.
go to post Scott Roth · Apr 3, 2024 I have many integrations using JDBC stored procedure calls against MS SQL. Define Stored Procedure Class Structure that extends Extends (%Library.Persistent, %XML.Adaptor) [ Not ProcedureBlock, SqlRowIdPrivate ] for any Parameters (Properties) that need to be passed to the stored procedure Class osuwmc.CPD.DataStructures.CheckProviderSpecialty Extends (%Library.Persistent, %XML.Adaptor) [ Not ProcedureBlock, SqlRowIdPrivate ] { Property DoctorNumber As %String(MAXLEN = 6); Storage Default { <Data name="CheckProviderSpecialtyDefaultData"> <Value name="1"> <Value>%%CLASSNAME</Value> </Value> <Value name="2"> <Value>DoctorNumber</Value> </Value> </Data> <DataLocation>^osuwmc.CPD59D.CheckProvideAF3D</DataLocation> <DefaultData>CheckProviderSpecialtyDefaultData</DefaultData> <IdLocation>^osuwmc.CPD59D.CheckProvideAF3D</IdLocation> <IndexLocation>^osuwmc.CPD59D.CheckProvideAF3I</IndexLocation> <StreamLocation>^osuwmc.CPD59D.CheckProvideAF3S</StreamLocation> <Type>%Storage.Persistent</Type> } Using a Custom Operation that uses the EnsLib.SQL.Outbound adapter, and a XData Message Map, I create Methods that use the Stored Procedure class structure defined and return EnsLib.SQL.Snapshot. Include (EnsSQLTypes, %occODBC) Class osuwmc.Epic.MFN.EpicMFNToCPDDBWriteDEV Extends Ens.BusinessOperation [ ClassType = "", ProcedureBlock ] { Parameter ADAPTER = "EnsLib.SQL.OutboundAdapter"; Parameter INVOCATION = "Queue"; Property InitDSN As %String; Method OnInit() As %Status { Set ..InitDSN = ..Adapter.DSN Kill $$$EnsRuntimeAppData(..%ConfigName) //Set ..Adapter.ConnectAttrs = "QueryTimeout:45" ; try this too just in case... Quit $$$OK } I call the execution of the store procedure using ..Adapter.ExecuteProcedureParmArray Method CheckDoesProviderExists(pRequest As osuwmc.CPD.DataStructures.CheckDoesDoctorNumberExist, Output pResponse As EnsLib.SQL.Snapshot) As %Status { set SPQuery = "{ ?= call InterfaceCheckDoctorNumber(?) }" set parm = 2 set parm(1,"SqlType")=$$$SQLVARCHAR set parm(1,"IOTypes")=$$$SQLPARAMOUTPUT set parm(2)=pRequest.DoctorNumber set parm(2,"SqlType")=$$$SQLVARCHAR set parm(2,"IOTypes")=$$$SQLPARAMINPUT set tSC = ..Adapter.ExecuteProcedureParmArray(.CheckDoctor,.outputs,SPQuery,"oi",.parm) if tSC = 1 { set pResponse = CheckDoctor.GetAt(1) } quit tSC } Let me know if you need additional help, but this should give you a good start.
go to post Scott Roth · Apr 2, 2024 I am not seeing HealthShare Health Connect 2024.1 listed under the HealthShare Full Kits. Am I missing something?
go to post Scott Roth · Mar 26, 2024 tar(1) - Linux manual page (man7.org) It is suggested that using tar, you use the -cZf tar -cZf <filename>.zip files.....
go to post Scott Roth · Mar 18, 2024 May 2023 we moved from AIX to RHEL, that was a sad day as we are finding a lot of quirks when it comes to our RHEL environment. We went from Physical Hardware to VM, and found that the VM environment wasn't as thought out like we wanted. Our VM Hosts were not organized, and we have had 3 unexpected downtimes since because of resource contention. May want to look at other Linux OS's outside of RHEL if you can, as the updates/patches aren't as dynamic as they were in our old environment meaning we didn't have to reboot too often. If we had the choice, we would of went with Ubuntu or SUSE as at least the updates/patches don't require reboots as often. Now we get notified at the drop of a hat when there is a patch, that security needs us to reboot. You just can't take it down at a moment's notice. Just thoughts, and pain points. Each environment is different and hopefully you don't run into as many issues as we have.
go to post Scott Roth · Mar 18, 2024 It all depends on your learning style. For me I rather learn as I am building so it was trial by fire as we were migrating from SeeBeyond eGate to InterSystems Ensemble (2014.1) at the time by a certain deadline. I learned a lot on the fly by reading the Developer Community posts, reaching out as needed, and just playing around with the code as I was building it. I also had my company by Cache Objectscript and MUMPS, at least so I can search for a Reference when figuring out syntax. The Learning site as a lot of good and informational courses you can take as well.
go to post Scott Roth · Mar 13, 2024 If I remember correctly, I had to make HSLIB read/write and then I was able to update %SYS when we used ZAUTHENTICATE.mac. We have since moved to using LDAP.
go to post Scott Roth · Mar 12, 2024 This has been documented with WRC, and there is a development ticket pending DP-415930. But I also recently created an Idea to make the Interface Maps Utility more of an On Demand option so Maps that don't involve many layers of Business Process (BPL) to run. Make Interface Maps more OnDemand | InterSystems Ideas