Released: 22 April 2016
This version of uPortal is a maintenance/bug-fix release of the 4.2 minor version. It includes 40 bug fixes and improvements in total, which is a substantial number. There are some very important performance improvements included with this release. (There are even more in the 4.3.0 release, which is intended to be available in the same time frame as this release.)
- Support for Java 8
- Support for Tomcat 8
- Ability to manage BROWSE permission in the Portlet Manager
- Performance fixes & improvements for JPA PAGS
- Version updates to the bundled CAS and several bundled portlets
- A change was made in uPortal 4.2.0 to have BROWSE also means SUBSCRIBE. This change was removed in 4.2.2 and 4.3.0. If you are starting from a 4.1.x, 4.2.0, or 4.2.1 database or data set how it may impact you is:
- If you have institution-data derived from the quickstart entities, you probably have the data like the following in your data set: https://github.com/Jasig/uPortal/blob/uportal-4.2.1/uportal-war/src/main/data/quickstart_entities/permissions_set/Everyone_BROWSE_SpecificPortlets-permission-set.xml
- The impact of BROWSE on portlet categories in the 4.2.0 and 4.2.1 code is that a category such as Information assigned to a portlet will basically allow everyone to see the portlet in the Customize Gallery and be able to render it. So if for instance you have a student-news and faculty-news both assigned the Information category, any authenticated user will be able to see it in the Customize Gallery and be able to render it on their page. Particularly a problem if you have a Home page that has a mix of student, faculty, and staff portlets that used permissions to prevent some portlets from rendering for certain audiences.
- The solution to this is to remove the BROWSE assignment to the categories. You can't do this with data import, you must do this with the Manage Permissions UI. Click on a permission such as Browse. Use the target filter to select one of the Categories. In the table of results with uPortal 4.3.0 click on Delete to delete the permission. Then insure that you have the BROWSE permission assigned to your portlets that you want users to be able to see. It's recommended to do this via the portlet definition files as is done likehttps://github.com/Jasig/uPortal/blob/uportal-4.2.1/uportal-war/src/main/data/quickstart_entities/portlet-definition/about-college-life.portlet-definition.xml#L40 so your XML data files are up to date. Alternately you can use the Manage Portlets section of the Admin UI to assign BROWSE permission to the portlets, but then it's recommended to export your entities and incorporate the changes into your src/main/data directory.
- NOTE: The Portlet Marketplace uses BROWSE permission on a category to determine whether to display the category name in the UI. Unfortunately this can cause problems (see above). Eventually this behavior will change (see - UP-4086Filter listing of Categories in Marketplace entry view on BROWSE (added by JW suggest only BROWSE on the individual portlets) OPEN ). For now be aware that assigning BROWSE to portlet categories can have the unintended impact of allowing audiences to see portlets in the Customize, Search Auto-select, and Search results that they may not be intended to see, though without SUBSCRIBE permission they would not be able to render them.
Download the release
You can grab the binary releases, including a ready-to-start Quickstart release, from the GitHub release page.
Security bugs known to affect uPortal 4.2.2
This macro will automatically display publicly visible security bugs tagged as affecting this release in the issue tracker.
See also : Release announcement as posted on uportal-user@ email list.
Human readable release notes
See the GitHub release page for human-readable release notes.
Maven Project Site: http://developer.jasig.org/projects/
Issues addressed in uPortal 4.2.2
Bugs known to afflict uPortal 4.2.2
(Note that this is only as good as the affects-version metadata on JIRA issues).