Page History
...
Warning | ||
---|---|---|
| ||
SHRINE 1.25.4 is not backwards-compatible with any previous version! |
...
PLEASE MAKE SURE THAT YOU HAVE SHRINE 1.22.8 INSTALLED BEFORE YOU FOLLOW THESE UPGRADE INSTRUCTIONS! |
This guide makes the following assumptions of a current 1.22.8 system. Make sure all of these conditions are satisfied before proceeding:
- i2b2 1.7.09c or newer is installed and operational.
- SHRINE 1.22.8 or later is installed and operational.
- The SHRINE Data Steward has been installed and configured properly.
- The SHRINE Dashboard has been installed and configured properly.
...
Code Block | ||||
---|---|---|---|---|
| ||||
$ /opt/shrine/tomcat/bin/shutdown.sh |
...
Create Backups
Now that SHRINE is stopped, it is a good idea to back up the current versions of the components we will be upgrading. The exact method for making this backups may vary, but these instructions will place the backups in a folder called /opt/shrine/upgrade-backups.
...
Code Block | ||||
---|---|---|---|---|
| ||||
$ rm /opt/shrine/tomcat/webapps/*.war |
...
Deploy New .war Files
Deploy New SHRINE core
Next, we will retrieve the new SHRINE webapp from the HMS Sonatype Nexus server at: https://repo.open.med.harvard.edu/nexus/content/groups/public/net/shrine/shrine-war/1.25.4/. From there, download shrine-war-1.25.4.war to the webapps/ directory on the SHRINE server and rename it to shrine.war.
...
Much like shrine.war, the SHRINE Data Steward can be found on the HMS Sonatype Nexus server at https://repo.open.med.harvard.edu/nexus/content/groups/public/net/shrine/steward/1.25.4/. From there, download steward-1.25.4.war to the webapps/ directory on the SHRINE server and rename it to steward.war.
...
Like other SHRINE artifacts, the SHRINE proxy can be found on the HMS Sonatype Nexus server at https://repo.open.med.harvard.edu/nexus/content/groups/public/net/shrine/shrine-proxy/1.25.4/. From there, download shrine-proxy-1.25.4.war to the webapps/ directory on the SHRINE server and rename it to shrine-proxy.war.
...
The SHRINE webclient can be found on the HMS Sonatype Nexus server at https://repo.open.med.harvard.edu/nexus/content/groups/public/net/shrine/shrine-webclient/1.25.4/. From there, download shrine-webclient-1.25.4-dist.zip file to the webapps/ directory on the SHRINE server and rename it to shrine-webclient.zip. Then, unzip the shrine-webclient.zip file.
...
Like other SHRINE artifacts, the SHRINE Dashboard can be found on the HMS Sonatype Nexus server at https://repo.open.med.harvard.edu/nexus/content/groups/public/net/shrine/dashboard-war/1.25.4/. From there, download dashboard-war-1.25.4.war to the webapps/ directory on the SHRINE server and rename it to shrine-dashboard.war.
...
Like other SHRINE artifacts, the SHRINE Node Metadata Service can be found on the HMS Sonatype Nexus server at https://repo.open.med.harvard.edu/nexus/content/groups/public/net/shrine/meta-war/1.25.4/. From there, download meta-war-1.25.4.war to the webapps/ directory on the SHRINE server and rename it to shrine-metadata.war.
...
Since SHRINE 1.25.4, there are 2 a couple of changes to SHRINE's configuration file:
You will need to add a new code block within the main shrine {} block:
Code Block language bash theme RDark messagequeue { blockingq { serverUrl = “https://shrine_hub_url:6443/shrine-metadata/mom” } }
Please take note that the database profile class names have changed:
slick.driver.MySQLDriver$ to slick.jdbc.MySQLProfile$
slick.driver.H2Profile$ to slick.jdbc.H2Profile$
slick.driver.PostgresProfile$ to slick.jdbc.PostgresProfile$
slick.driver.SQLServerProfile$ to slick.jdbc.SQLServerProfile$
slick.driver.JdbcProfile$ to slick.jdbc.JdbcProfile$
- slick.driver.OracleProfile$ to slick.jdbc.OracleProfile$
- Add externalStewardBaseUrl to the 'emailDataSteward' section under the steward {} block:
- externalStewardBaseUrl = "https://your_shrine_url:port/steward"
- externalStewardBaseUrl = "https://your_shrine_url:port/steward"
If you are not using port 6443 to serve SHRINE:
You will need to override a URL in shrine.conf to see progress and results from QUEUED queries.
Code Block language bash theme rdark shrine { queryEntryPoint { queuedQueryPollUrl = "https://localhost:6443/shrine/rest/i2b2/request" //Change to your url and port number } }
Sample SHRINE configuration file (for a downstream node)
You will need to add in a database block within the problems section:
Code Block language bash theme
...
rdark problem {
...
...
problemHandler
...
=
...
"net.shrine.problem.LogAndDatabaseProblemHandler$" database {
...
dataSourceFrom = "
...
JNDI"
...
...
jndiDataSourceName = "
...
java:comp/env/jdbc/problemDB"
...
slickProfileClassName = "
...
slick.jdbc.MySQLProfile$"
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
//
...
slick.jdbc.H2Profile$
...
...
...
...
...
...
...
...
...
...
...
...
...
//slick.jdbc.PostgresProfile$
...
...
...
...
...
...
...
...
...
...
...
...
//slick.jdbc.SQLServerProfile$
...
...
...
...
...
...
...
...
...
...
...
...
...
...
//slick.jdbc.JdbcProfile$
...
...
...
...
...
...
...
...
...
...
...
/
...
/
...
slick.jdbc.OracleProfile$ }
...
}
Sample SHRINE configuration file (for a downstream node)
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
shrine { pmEndpoint { url = "http://i2b2_node_url:9090/i2b2/services/PMService/getServices" = "slick.jdbc.MySQLProfile$" } } ontEndpoint { trustModelIsHuburl = true"http://i2b2_node_url:9090/i2b2/services/OntologyService" } attachSigningCert =hiveCredentials true{ authenticationTypedomain = "pmi2b2demo" authorizationTypeusername = "shrine-stewarddemo" password shrineSteward= {"demouser" crcProjectId qepUserName= "Demo" ontProjectId = "qepSHRINE" } messagequeue { qepPassword =blockingq "trustme"{ stewardBaseUrl serverUrl = "https://localhostshrine-act-test.hms.harvard.edu:6443/shrine-metadata/mom" } } includeAggregateResultsbreakdownResultOutputTypes = false{ PATIENT_AGE_COUNT_XML { maxQueryWaitTimedescription { = "Age minutes = 5 patient breakdown" } broadcasterServiceEndpointPATIENT_RACE_COUNT_XML { description = url"Race =patient "https://shrine-act-test.hms.harvard.edu:6443/shrine/rest/broadcaster/broadcast"breakdown" } } //end queryEntryPoint adapter PATIENT_VITALSTATUS_COUNT_XML { create = true description = "Vital Status auditpatient {breakdown" } collectAdapterAudit = false PATIENT_GENDER_COUNT_XML { description = "Gender patient breakdown" } } queryEntryPoint { create = true audit { collectQepAudit = false database { dataSourceFrom = "JNDI" jndiDataSourceName = "java:comp/env/jdbc/adapterAuditDBqepAuditDB" slickProfileClassName = "slick.jdbc.MySQLProfile$" } } crcEndpoint { url = "http://i2b2_node_url:9090/i2b2/services/QueryToolService" //slick.jdbc.H2Profile$ } adapterLockoutAttemptsThreshold = 0 setSizeObfuscation = true adapterMappingsFileName = "AdapterMappings.csv" maxSignatureAge { minutes = 5 //slick.jdbc.PostgresProfile$ } immediatelyRunIncomingQueries = true } // end adapter networkStatusQuery = "\\\\SHRINE\\SHRINE\\Demographics\\Gender\\Male\\" humanReadableNodeName = "Harvard Test Node" //slick.jdbc.SQLServerProfile$ shrineDatabaseType = "mysql" keystore { file = "/opt/shrine/shrine.keystore" password = "password" privateKeyAlias = "privateKeyAlias" //slick.jdbc.JdbcProfile$ keyStoreType = "JKS" caCertAliases = ["shrine-hub-ca"] } problem { problemHandler = "net.shrine.problem.LogAndDatabaseProblemHandler$" //slick.jdbc.OracleProfile$ database {} dataSourceFrom = "JNDI"} jndiDataSourceName = "java:comp/env/jdbc/problemDB" slickProfileClassNametrustModelIsHub = "slick.jdbc.MySQLProfile$"true attachSigningCert = }true } authenticationType dashboard {= "pm" happyBaseUrlauthorizationType = "https://localhost:6443/shrine/rest/happyshrine-steward" statusBaseUrlqueuedQueryPollUrl = "https://localhostyour_shrine_url:6443/shrine/rest/internalstatus"i2b2/request" //Change to your url and port number databaseshrineSteward { dataSourceFromqepUserName = "JNDIqep" jndiDataSourceNameqepPassword = "java:comp/env/jdbc/problemDBtrustme" slickProfileClassNamestewardBaseUrl = "slick.jdbc.MySQLProfile$https://localhost:6443" } } //end dashboard status { permittedHostOfOrigin includeAggregateResults = "localhost"false } squerylDataSource { databasemaxQueryWaitTime { dataSourceFromminutes = "JNDI"5 jndiDataSourceName = "java:comp/env/jdbc/shrineDB"} broadcasterServiceEndpoint }{ } authenticateurl { usersource { domain = "i2b2demo" = "https://shrine-act-test.hms.harvard.edu:6443/shrine/rest/broadcaster/broadcast" } } //end }queryEntryPoint stewardadapter { createTopicsModecreate = Approvedtrue emailDataStewardaudit { sendAuditEmailscollectAdapterAudit = false //false to turn offdatabase the{ whole works of emailing the data steward dataSourceFrom = "JNDI" //interval = "1 day" //Audit researchers daily jndiDataSourceName = "java:comp/env/jdbc/adapterAuditDB" //timeAfterMidnightslickProfileClassName = "6 hours" //Audit researchers at 6 am. If the interval is less than 1 day then this delay is ignored. "slick.jdbc.MySQLProfile$" //maxQueryCountBetweenAudits = 30 //If a researcher runs more than this many queries since the last audit audit her slick.jdbc.H2Profile$ //minTimeBetweenAudits = "30 days" //If a researcher runs at least one query, audit those queries if this much time has passed //slick.jdbc.PostgresProfile$ //You must provide the email address of the shrine node system admin, to handle bounces and invalid addresses //slick.jdbc.SQLServerProfile$ //from = "shrine-admin@example.com" //You must provide the email address of the data steward //to = "shrine-steward@example.com" slick.jdbc.JdbcProfile$ //subject = "Audit SHRINE researchers" //The baseUrl for the data steward to be substituted in to email text. Must be supplied if it is used in the email text.//slick.jdbc.OracleProfile$ } } //stewardBaseUrl = "https://example.com:6443/steward/"crcEndpoint { //externalStewardBaseUrlurl = "httpshttp://example.com:6443/steward/i2b2_node_url:9090/i2b2/services/QueryToolService" } //Text toadapterLockoutAttemptsThreshold use for the email audit.= 0 setSizeObfuscation //AUDIT_LINES will be replaced by a researcherLine for each researcher to audit.= true adapterMappingsFileName = "AdapterMappings.csv" maxSignatureAge { //STEWARD_BASE_URL will be replaced by the value in stewardBaseUrl if available. //emailBody = """Please audit the following users at STEWARD_BASE_URL at your earliest convinience: AUDIT_LINES"""minutes = 5 } immediatelyRunIncomingQueries = true } // end adapter networkStatusQuery = "\\\\SHRINE\\SHRINE\\Demographics\\Gender\\Male\\" humanReadableNodeName = "Harvard Test Node" shrineDatabaseType //note that this can be a multiline message //Text to use per researcher to audit.= "mysql" keystore { file = "/opt/shrine/shrine.keystore" password = "password" //FULLNAME, USERNAME, COUNT and LAST_AUDIT_DATE will be replaced with appropriate text.privateKeyAlias = "privateKeyAlias" keyStoreType = "JKS" //researcherLinecaCertAliases = "FULLNAME (USERNAME) has run COUNT queries since LAST_AUDIT_DATE." } ["shrine-hub-ca"] } problem { problemHandler = "net.shrine.problem.LogAndDatabaseProblemHandler$" database { dataSourceFrom = "JNDI" jndiDataSourceName = "java:comp/env/jdbc/stewardDBproblemDB" slickProfileClassName = "slick.jdbc.MySQLProfile$" } } // end steward} emaildashboard { } } // end shrine section |
Changes to i2b2 PM cell database
You will need to remove a primary key constraint within the pm_user_login table in the i2b2pm schema. An unneeded compound primary key limits the PM cell to only processing one authentication attempt per second. In Postgres, remove it with:
...
language | sql |
---|---|
theme | rdark |
...
happyBaseUrl = "https://localhost:6443/shrine/rest/happy" statusBaseUrl = "https://localhost:6443/shrine/rest/internalstatus" database { dataSourceFrom = "JNDI" jndiDataSourceName = "java:comp/env/jdbc/problemDB" slickProfileClassName = "slick.jdbc.MySQLProfile$" |
...
|
...
|
...
|
...
//slick.jdbc.H2Profile$ |
...
...
|
...
|
...
|
...
|
...
//slick.jdbc.PostgresProfile$ //slick.jdbc.SQLServerProfile$ |
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
//slick.jdbc.JdbcProfile$ |
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
|
...
...
|
...
//slick.jdbc.OracleProfile$ |
...
...
|
...
} } //end dashboard |
...
status { permittedHostOfOrigin = "localhost" |
...
|
...
|
...
} |
...
squerylDataSource { |
...
|
...
|
...
database { |
...
dataSourceFrom = "JNDI" |
...
|
...
|
...
jndiDataSourceName = " |
...
java:comp/env/jdbc/shrineDB" } } authenticate { usersource { domain = "i2b2demo" } } steward { createTopicsMode |
...
= Approved |
...
emailDataSteward { |
...
sendAuditEmails = false //false to turn off the whole works of emailing the data steward |
...
//interval = "1 day" //Audit researchers daily //timeAfterMidnight = "6 hours" //Audit researchers at 6 am. If the interval is |
...
Allow for Many More Types of Status from the i2b2 CRC
Change the shrine_query_history's QUERY_RESULT's status column's type from an enum to a text field to accommodate many more types from the i2b2 CRC. This will allow some results previously interpreted as errors to be interpreted as QUEUED. See SHRINE-2715.
For Mysql:
Code Block | ||||
---|---|---|---|---|
| ||||
mysql> use shrine_query_history;
mysql> alter table QUERY_RESULT change status status varchar(30) not null; |
For Oracle:
Code Block | ||||
---|---|---|---|---|
| ||||
-- To find the constraint name on the status column:
SELECT COLUMN_NAME,CONSTRAINT_NAME,TABLE_NAME FROM user_cons_columns WHERE TABLE_NAME = 'QUERY_RESULT';
-- To drop that constraint:
ALTER TABLE QUERY_RESULT DROP CONSTRAINT <constraint_name_for_status>; |
For MS SQL Server:
Code Block | ||||
---|---|---|---|---|
| ||||
USE shrine_query_history;
-- To find the constraint name on the status column:
SELECT * FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS WHERE TABLE_NAME= 'QUERY_RESULT';
-- To drop that constraint:
ALTER TABLE QUERY_RESULT DROP CONSTRAINT <constraint_name_for_status>; |
Changes to the context.xml file
In SHRINE 1.25.4, we will need to change context.xml to utilize new parameters as the old ones are going to be deprecated. The old parameters were:
- maxActive
- maxWait
You will now use the new parameters:
- maxTotal
- maxWaitMillis
As part of the changes, here's a sample context.xml file, with the values that you should have:
Code Block | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
<?xml version='1.0' encoding='utf-8'?> <!-- The contents of this file will be loaded for each web application --> <Context> <WatchedResource>WEB-INF/web.xml</WatchedResource> <Resource name="jdbc/problemDB" auth="Container" type="javax.sql.DataSource" maxTotal="128" maxIdle="32" maxWaitMillis="10000less than 1 day then this delay is ignored. //maxQueryCountBetweenAudits = 30 //If a researcher runs more than this many queries since the last audit audit her //minTimeBetweenAudits = "30 days" //If a researcher runs at least one query, audit those queries if this much time has passed //You must provide the email address of the shrine node system admin, to handle bounces and invalid addresses //from = "shrine-admin@example.com" //You must provide the email address of the data steward //to = "shrine-steward@example.com" //subject = "Audit SHRINE researchers" //The baseUrl for the data steward to be substituted in to email text. Must be supplied if it is used in the email text. //stewardBaseUrl = "https://example.com:6443/steward/" //externalStewardBaseUrl = "https://example.com:6443/steward/" //Text to use for the email audit. //AUDIT_LINES will be replaced by a researcherLine for each researcher to audit. //STEWARD_BASE_URL will be replaced by the value in stewardBaseUrl if available. //emailBody = """Please audit the following users at STEWARD_BASE_URL at your earliest convenience: AUDIT_LINES""" //note that this can be a multiline message //Text to use per researcher to audit. //FULLNAME, USERNAME, COUNT and LAST_AUDIT_DATE will be replaced with appropriate text. //researcherLine = "FULLNAME (USERNAME) has run COUNT queries since LAST_AUDIT_DATE." } database { dataSourceFrom = "JNDI" jndiDataSourceName = "java:comp/env/jdbc/stewardDB" slickProfileClassName = "slick.jdbc.MySQLProfile$" username="shrine" password="demouser" driverClassName="com.mysql.jdbc.Driver" url="jdbc:mysql://localhost:3306/shrine_query_history" //slick.jdbc.H2Profile$ testOnBorrow="true" validationQuery="SELECT 1" /> <Resource name="jdbc/shrineDB" auth="Container" type="javax.sql.DataSource" //slick.jdbc.PostgresProfile$ maxTotal="128" maxIdle="32" maxWaitMillis="10000" username="shrine" password="demouser" driverClassName="com.mysql.jdbc.Driver" //slick.jdbc.SQLServerProfile$ url="jdbc:mysql://localhost:3306/shrine_query_history" testOnBorrow="true" validationQuery="SELECT 1" //>slick.jdbc.JdbcProfile$ <Resource name="jdbc/adapterAuditDB" auth="Container" type="javax.sql.DataSource" maxTotal="128" maxIdle="32" maxWaitMillis="10000" //slick.jdbc.OracleProfile$ username="shrine" password="demouser" driverClassName="com.mysql.jdbc.Driver"} url="jdbc:mysql://localhost:3306/adapterAuditDB" testOnBorrow="true" validationQuery="SELECT 1" /> <Resource name="jdbc/qepAuditDB" auth="Container" type="javax.sql.DataSource" } // end steward email { } } // end shrine section |
Changes to i2b2 PM cell database
You will need to remove a primary key constraint within the pm_user_login table in the i2b2pm schema. An unneeded compound primary key limits the PM cell to only processing one authentication attempt per second. In Postgres, remove it with:
Code Block | ||||
---|---|---|---|---|
| ||||
bash-4.1$ psql postgres=# \c i2b2pm i2b2pm=# \d+ pm_user_login |
...
|
...
|
...
|
...
Table "public.pm_user_login" Column | |
...
Type |
...
|
...
|
...
|
...
| Modifiers | |
...
Storage | Description ---------------+-----------------------------+-----------+----------+------------- user_id | character varying(50) |
...
|
...
| not null | extended | attempt_cd | character |
...
varying(50) | not null | extended | entry_date |
...
| timestamp without time zone | not null | plain |
changeby_char | character varying(50) | | extended |
status_cd | character varying(50) | | extended |
Indexes:
"pm_user_login_pkey" PRIMARY KEY, btree (entry_date, user_id)
Has OIDs: no
i2b2pm=# ALTER TABLE "pm_user_login" DROP CONSTRAINT "pm_user_login_pkey" ;
ALTER TABLE
i2b2pm=# \d+ pm_user_login
Table "public.pm_user_login"
Column | Type | Modifiers | Storage | Description
---------------+-----------------------------+-----------+----------+-------------
user_id | character varying(50) | not null | extended |
attempt_cd | character varying(50) | not null | extended |
entry_date | timestamp without time zone | not null | plain |
changeby_char | character varying(50) | | extended |
status_cd | character varying(50) | | extended |
Has OIDs: no |
Allow for More Types of Status from the i2b2 CRC
Change the shrine_query_history's QUERY_RESULT's status column's type from an enum to a text field to accommodate more types from the i2b2 CRC. This will allow some results previously interpreted as errors to be interpreted as 'QUEUED'.
For Mysql:
Code Block | ||||
---|---|---|---|---|
| ||||
mysql> use shrine_query_history;
mysql> alter table QUERY_RESULT change status status varchar(30) not null; |
For Oracle:
Code Block | ||||
---|---|---|---|---|
| ||||
-- To find the constraint name on the status column:
SELECT COLUMN_NAME,CONSTRAINT_NAME,TABLE_NAME FROM user_cons_columns WHERE TABLE_NAME = 'QUERY_RESULT';
-- To drop that constraint:
ALTER TABLE QUERY_RESULT DROP CONSTRAINT <constraint_name_for_status>; |
For MS SQL Server:
Code Block | ||||
---|---|---|---|---|
| ||||
USE shrine_query_history;
-- To find the constraint name on the status column:
SELECT * FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS WHERE TABLE_NAME= 'QUERY_RESULT';
-- To drop that constraint:
ALTER TABLE QUERY_RESULT DROP CONSTRAINT <constraint_name_for_status>; |
Changes to the context.xml file
In SHRINE 1.25.4, we will need to change context.xml to utilize new parameters as the old ones are going to be deprecated. The old parameters were:
- maxActive
- maxWait
You will now use the new parameters:
- maxTotal
- maxWaitMillis
Warning | ||
---|---|---|
| ||
If you are using Oracle, please change the driverClassName to "oracle.jdbc.driver.OracleDriver". |
As part of the changes, here's a sample context.xml file, with the values that you should have (assuming MySQL used):
Code Block | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
<?xml version='1.0' encoding='utf-8'?>
<!-- The contents of this file will be loaded for each web application -->
<Context>
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<Resource name="jdbc/problemDB" auth="Container" type="javax.sql.DataSource"
maxTotal="128" maxIdle="32" maxWaitMillis="10000 |
Info | ||
---|---|---|
| ||
Please note that qepAuditDB is set to 512 connections, which will help in scaling issues for a larger network. |
Changes to the i2b2_config_data.js file
...
Code Block | ||||
---|---|---|---|---|
| ||||
shrineUrl: 'https://your_shrine_url:6443/shrine-metadata', |
Changes to the cell_config_data.js file
There is a small change that needs to be made within the cell_config_data.js file, located at /opt/shrine/tomcat/webapps/shrine-webclient/js-i2b2/cells/SHRINE/cell_config_data.js:
Code Block | ||||
---|---|---|---|---|
| ||||
files: [
“dist/shrine.bundle.js”
// “shrine.controller.js”,
// “i2b2_msgs.js”,
// “shrine.plugin.js”
], |
You will need to add the line “dist/shrine.bundle.js” and remove or comment out the other three js files.
Sample SHRINE configuration file (for a downstream node)
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
shrine { pmEndpoint { url = "http://i2b2_node_url:9090/i2b2/services/PMService/getServices" } ontEndpoint { url = "http://i2b2_node_url:9090/i2b2/services/OntologyService" } hiveCredentials { domain = "i2b2demo" username = "demo" password = "demouser" crcProjectId = "Demo" ontProjectId = "SHRINE" } messagequeue { blockingq { serverUrl = "https://shrine_hub_url:6443/shrine-metadata/mom" } } breakdownResultOutputTypes { PATIENT_AGE_COUNT_XML { description = "Age patient breakdown" } PATIENT_RACE_COUNT_XML { description = "Race patient breakdown" } PATIENT_VITALSTATUS_COUNT_XML { description = "Vital Status patient breakdown" } PATIENT_GENDER_COUNT_XML { description = "Gender patient breakdown" } } queryEntryPoint { create = true audit { collectQepAudit = false database { dataSourceFrom = "JNDI" jndiDataSourceName = "java:comp/env/jdbc/qepAuditDB" slickProfileClassName = "slick.jdbc.MySQLProfile$" } } trustModelIsHub = true attachSigningCert = true authenticationType = "pm" authorizationType = "shrine-steward" shrineSteward { qepUserName = "qep" qepPassword = "trustme" stewardBaseUrl = "https://localhost:6443" } includeAggregateResults = false maxQueryWaitTime { minutes = 5 } broadcasterServiceEndpoint { url = "https://shrine_hub_url:6443/shrine/rest/broadcaster/broadcast" } } //end queryEntryPoint adapter { create = true audit { collectAdapterAudit = false database { dataSourceFrom = "JNDI" jndiDataSourceName = "java:comp/env/jdbc/adapterAuditDB" username="shrine" slickProfileClassName = "slickpassword="demouser" driverClassName="com.mysql.jdbc.MySQLProfile$Driver" } } crcEndpoint { url = "httpjdbc:mysql://localhost:3306/i2b2shrine_node_url:9090/i2b2/services/QueryToolServicequery_history" } adapterLockoutAttemptsThreshold = 0 setSizeObfuscationtestOnBorrow="true" = truevalidationQuery="SELECT 1" /> adapterMappingsFileName<Resource name="jdbc/shrineDB" "AdapterMappings.csv" auth="Container" type="javax.sql.DataSource" maxSignatureAge { minutes = 5 maxTotal="128" } maxIdle="32" maxWaitMillis="10000" immediatelyRunIncomingQueries = true } // end adapter networkStatusQuery = "\\\\SHRINE\\SHRINE\\Demographics\\Gender\\Male\\" username="shrine" password="demouser" driverClassName="com.mysql.jdbc.Driver" humanReadableNodeName = "Harvard Test Node" shrineDatabaseType url= "jdbc:mysql://localhost:3306/shrine_query_history" keystore { filetestOnBorrow="true" validationQuery="SELECT 1"/opt/shrine/shrine.keystore" /> <Resource name="jdbc/adapterAuditDB" auth="Container" type="javax.sql.DataSource" password = "password" privateKeyAlias = "privateKeyAliasmaxTotal="128" maxIdle="32" maxWaitMillis="10000" keyStoreType = "JKS" caCertAliasesusername="shrine" password="demouser" ["shrine-hub-ca"]driverClassName="com.mysql.jdbc.Driver" } problem { problemHandler url= "net.shrine.problem.LogAndDatabaseProblemHandler$" "jdbc:mysql://localhost:3306/adapterAuditDB" database { dataSourceFrom testOnBorrow= "JNDItrue" jndiDataSourceName = "java:comp/env/jdbc/problemDB" validationQuery="SELECT 1" /> slickProfileClassName = "slick.jdbc.MySQLProfile$" <Resource name="jdbc/qepAuditDB" auth="Container" type="javax.sql.DataSource" } } maxTotal="512" maxIdle="32" maxWaitMillis="10000" dashboard { happyBaseUrl = "https://localhost:6443/shrine/rest/happy" statusBaseUrl username= "https://localhost:6443/shrine/rest/internalstatus" database {password="demouser" driverClassName="com.mysql.jdbc.Driver" dataSourceFrom = "JNDI" jndiDataSourceName url= "javajdbc:mysql:comp/env/jdbclocalhost:3306/problemDBqepAuditDB" slickProfileClassName = "slick.jdbc.MySQLProfile$" } } //end dashboardtestOnBorrow="true" validationQuery="SELECT 1" /> status { permittedHostOfOrigin = "localhost" } squerylDataSource {<Resource name="jdbc/stewardDB" auth="Container" type="javax.sql.DataSource" database { dataSourceFrom = "JNDI" jndiDataSourceName = "java:comp/env/jdbc/shrineDBmaxTotal="128" maxIdle="32" maxWaitMillis="10000" } } authenticate {username="shrine" password="demouser" driverClassName="com.mysql.jdbc.Driver" usersource { domain url= "i2b2demo" }"jdbc:mysql://localhost:3306/stewardDB" } steward { createTopicsMode = Approved emailDataSteward { sendAuditEmails = false //false to turn off the whole works of emailing the data steward //interval = "1 day" //Audit researchers daily //timeAfterMidnight = "6 hours" //Audit researchers at 6 am. If the interval is less than 1 day then this delay is ignored. //maxQueryCountBetweenAudits = 30 //If a researcher runs more than this many queries since the last audit audit her //minTimeBetweenAudits = "30 days" //If a researcher runs at least one query, audit those queries if this much time has passed //You must provide the email address of the shrine node system admin, to handle bounces and invalid addresses //from = "shrine-admin@example.com" //You must provide the email address of the data steward //to = "shrine-steward@example.com" //subject = "Audit SHRINE researchers" //The baseUrl for the data steward to be substituted in to email text. Must be supplied if it is used in the email text. //stewardBaseUrl = "https://example.com:8443/steward/" //Text to use for the email audit. //AUDIT_LINES will be replaced by a researcherLine for each researcher to audit. //STEWARD_BASE_URL will be replaced by the value in stewardBaseUrl if available. //emailBody = """Please audit the following users at STEWARD_BASE_URL at your earliest convinience: AUDIT_LINES""" //note that this can be a multiline message //Text to use per researcher to audit. //FULLNAME, USERNAME, COUNT and LAST_AUDIT_DATE will be replaced with appropriate text. //researcherLine = "FULLNAME (USERNAME) has run COUNT queries since LAST_AUDIT_DATE." } database { dataSourceFrom = "JNDI" jndiDataSourceName = "java:comp/env/jdbc/stewardDB" slickProfileClassName = "slick.jdbc.MySQLProfile$" } } // end steward email { } } // end shrine section |
...
testOnBorrow="true" validationQuery="SELECT 1" />
</Context> |
Info | ||
---|---|---|
| ||
Please note that qepAuditDB is set to 512 connections, which will help in scaling issues for a larger network. |
Changes to the i2b2_config_data.js file
You will need to make a change in the i2b2_config_data.js file, by adding this line of code:
Code Block language bash theme rdark shrineUrl: 'https://your_shrine_url:6443/shrine-metadata/',
Here's the whole i2b2_config_data.js file for reference:
Code Block language bash theme rdark { urlProxy: "/shrine-proxy/request", urlFramework: "js-i2b2/", loginTimeout: 15, // in seconds username_label:"SHRINE ACT Hub username:", //Username Label password_label:"SHRINE ACT Hub password:", //Password Label clientHelpUrl:'help/pdf/shrine-client-guide.pdf', networkHelpUrl:'help/pdf/shrine-network-guide.pdf', wikiBaseUrl:'https://open.med.harvard.edu/wiki/display/SHRINE', obfuscation: 10, resultName: "patients", shrineUrl: 'https://your_shrine_url:6443/shrine-metadata/', // ------------------------------------------------------------------------------------------- // THESE ARE ALL THE DOMAINS A USER CAN LOGIN TO lstDomains: [ { domain: "your domain name", name: "your node name", debug: true, urlCellPM: "http://your_i2b2_url:9090/i2b2/services/PMService/", allowAnalysis: true, isSHRINE: true } ] // ------------------------------------------------------------------------------------------- }
Changes to the cell_config_data.js file
There is a small change that needs to be made within the cell_config_data.js file, located at /opt/shrine/tomcat/webapps/shrine-webclient/js-i2b2/cells/SHRINE/cell_config_data.js:
Code Block | ||||
---|---|---|---|---|
| ||||
files: [
"dist/shrine.bundle.js"
// "shrine.controller.js",
// "i2b2_msgs.js",
// "shrine.plugin.js"
], |
You'll need to add "dist/shrine.bundle.js" under the files section as well as "wrapperHtmlFile: "./js-shrine/shrine.plugin.html"" under the readApprovedURL parameter.
Here's the whole cell_config_data.js file for reference:
Code Block | ||||
---|---|---|---|---|
| ||||
{
files: [
"dist/shrine.bundle.js"
],
css: [],
config: {
// additional configuration variables that are set by the system
name: "SHRINE Cell",
description: "The SHRINE cell...",
category: ["core","cell","shrine"],
newTopicURL: "https://your_shrine_url:6443/steward/client/index.html",
readApprovedURL:"https://your_shrine_url:6443/shrine/rest/i2b2/request",
wrapperHtmlFile: "./js-shrine/shrine.plugin.html"
}
} |
Configure support for client-side https Proxies
Set Java system properties to use a client-side https proxy. In /opt/shrine/tomcat/bin/setenv.sh , add values for httphttps.proxyHost and httphttps.proxyPort to the export CATALINA_OPTS=""
Code Block | ||||
---|---|---|---|---|
| ||||
export CATALINA_OPTS="-DhttpDhttps.proxyHost=yourProxyHost -DhttpDhttps.proxyPort=yourProxyHostPort" |
Info | ||
---|---|---|
| ||
Please note, if you are not running a client-side proxy, you can skip this section! |
Start SHRINE
The only thing left to do at this point is start SHRINE back up. Simply do the following:
Code Block | ||||
---|---|---|---|---|
| ||||
$ /opt/shrine/tomcat/bin/startup.sh |
Verify SHRINE Upgrade
After starting SHRINE up, verify that the upgrade was properly deployed by checking the SHRINE Dashboard. The exact address you will need to go to depends on your configuration, but the general format looks like the following:
Code Block | ||||
---|---|---|---|---|
| ||||
https://your.shrine.host:6443/shrine-dashboard |
...