14.25 Technical Updates
Technical updates to underlying architecture and security features are listed below:
Technical Updates
Service Registry
Overview: The service registry is a new Learning Suite service that accepts the registration of service definitions. A service can be registered to the service repository to allow clients to find a service by name or id. This process relates to DNS discovery. The response to a lookup request contains information where to find a web service in a network. The service lifecycle in a service registry - in respect to our chosen model - follows three lifecycle phases:
Registration: The service makes itself available.
Heartbeat: The service actively lets the registry know that it is still functional.
Unregister: When the service is going down, it actively unregisters from service registry (graceful). In case a service ungracefully shuts down, the service registry waits a defined amount of time until it is clear, that no heartbeats are sent any longer and removes the instance.
Updates with this release include integration of channel-service, vault-service, SOLR, imc-core-open-graph, core-notification-service, core-association-service, and easy-media-upload.
Benefits and Use Cases: Updates to extend the Service Registry are important given the complexity of Kubernetes micro-service architectures. The updates help to identify what modules and services are activated through licence or configuration; more importantly detect the live status to efficiently help identify if a required service is not running.
Audience: Scheer IMC Hosting/Support agents and System administrators
Setup & Access: Setup by Scheer IMC
Considerations & Limitations: The Service Registry applies only to the Kubernetes Micro-service architecture for systems hosted by Scheer IMC.
Testing: Not yet applicable for customers
Risk rating: Low
Scheduled ‘Cron’ Job Descriptions
Overview: Scheduled ‘cron’ Jobs are an important configuration area that controls the activation and timing of many automated jobs performed by the Learning Suite. This update delivers consistency in-line with other functions to provide a Description field. System Administrators are now able to view detailed explanations of the available crons when creating a new scheduled job. A new 'Description' column in the Scheduled jobs function describes the existing scheduled jobs that are already in use.

New Description column to describe each Schedule Cron job
Benefits and Use Cases: By describing each cron job, System administrators will be able understand and self-manage the Scheduled jobs function more confidently. This update will reduce the need for System administrators to contact the Scheer IMC support team to request information on the availability and purpose of crons.
Audience: System administrators and Scheer IMC Consultants
Setup & Access: Not required, all standard scheduled jobs will be updated with descriptions automatically.
Considerations & Limitations: Descriptions have only been provided in English language.
Testing: As a System administrator open the Scheduled jobs function. Check there is a Description column available in the function manager view. Create a new scheduled job, click the Processor name* select box, and there will be a Description field available for each available cron.
Risk rating: Low
Send REST API Cancellation Notifications to Admins and Tutors
Overview: In headless scenario when the Planning status of the course is changed to cancelled via REST API, a notification is sent to the Course administrator and Tutors.
Benefits and Use Cases:
Timely communication to the course administrators and tutors about course communication
Better management and planning of courses.
Audience: Course administrators and Tutors
Setup & Access: Not required
Considerations & Limitations: The Course change notification for cancellation needs to be active.
Testing: Requires the use of REST API to update the Planning status of a Course to Cancelled. The will need to have a Course administrator and at least one Tutor assigned that is flagged to receive emails.
Risk rating: Low
Security Findings (Other)
AWS Broken Authentication Fix
Overview: This security fix prevents that a potential attacker with access to an account keeps access to the victims account, to potentially take it over, even after password change. This update completes the first step of the security fix delivered in IP24 where the session token of a browser was invalidated and the user was redirected to the login page after the password change. The second step done within this fix includes the invalidation of session tokens of several browser instances on the same or on several devices. The second step is only available for customer systems that use Hazelcast caching.
Benefits and Use Cases: Ensures extra security on AWS hosted systems when users change their password to prevent potential misuse with hijacking.
Audience: All users
Setup & Access: Not required
Considerations & Limitations: The invalidation of session tokens of several browser instances on the same or on several devices requires Hazelcast caching.
Testing: Only for AWS hosted customers and very technical test
Risk rating: None