This problem affects the following products:
- Upgrades to HealthShare Unified Care Record® (Registry instance), versions:
2023.1 • 2023.2 • 2024.1
Requirements:
- Customers using Federated SSO who upgrade a Registry to an affected version
A defect has been corrected in HealthShare 2024.2 that had affected upgrades to HealthShare 2023.1, 2023.2, or 2024.1 In those versions, an upgrade step inadvertently triggers OAuth 2.0 token revocation requests for all active tokens on the system.Since the system is currently being upgraded, the requests all fail serially and sequentially. On an active system with more than one hundred (100) active tokens, the unnecessary delay may increase downtime by an hour or more.
The HS.Util.Installer.HSSYS-1.log will provide an indication to administrators that the issue is occurring if they see the following entry for more than a minute:
HS.Util.Installer.Upgrade.Loader:Upgrade
HS.Util.Installer.Upgrade.V25:CoreStep3 started
Further indication of the issue can be found in the messages.log which may report a long-running transaction if token revocation runs for more than 10 minutes:
1 [Utility.Event] [SYSTEM MONITOR] TransOpenSecs Warning: Transactions open longer than 10 minutes. Process id24940 (only top 5 shown)
A mitigation strategy has been added to the HealthShare 2023.1, 2023.2, and 2024.1 upgrade documentation that explains how to Delete OAuth Tokens from the Registry immediately before performing the upgrade.
This issue is corrected in version 2024.2 and later.