Important Update Information
Released December 18th, 2019
Highlights
As promised on the ILLiad Roadmap, here are the main features/enhancements of ILLiad 9.1:
- Authentication Enhancements
- Automatic User Creation
- New, Fully Accessible and Responsive Web Pages
- Enhanced Rapid / RapidR Integration
- Decision Support for Request Processing
There are over 60 bug fixes and several underlying component updates to continue supporting external systems in this release.
Considerations Before You Update
Review ILLiad 9.1 FAQ
For frequently asked questions and additional information regarding the 9.1 features and fixes, please see the ILLiad 9.1 FAQ. You can also view the recorded 9.1 pre-release webinars in the VTL (ILLiad in Focus 9.1 and ILLiad in Focus 9.1 Encore). For all other questions, please contact support at support@atlas-sys.com.
Updating During Normal Working Hours
Please consider running updates and installations during standard support hours 8 am - 5 pm eastern time (business days Monday - Friday) so that help is readily available if any issues are encountered.
Updating Procedures
Before you begin updating, please review the Hardware and Software Requirements for Version 9.1. For specific instructions on updating, see Updating ILLiad to the Newest Version.
Updating from Version 8.7
If you are updating from ILLiad 8.7, please review the ILLiad 9.0 Release Notes and FAQ since all the password change requirements will impact you after updating to version 9.1. You will need to update the server and the client on each machine to 9.0 prior to updating the server and clients for ILLiad 9.1. It's not required to login or change any passwords until after you've updated to 9.1.
NoteWorthy Changes in the 9.1 Update
- The existing RemoteAuthUserVariable Customization Key will be removed and recreated as a default line in the new RemoteAuthValidation table. This change was added in support of the Authentication Enhancements feature.
Manual ISO Service Upgrade
The ISO Service requires a manual upgrade after the 9.1 update due to the new database configuration. For instructions on upgrading, see 9.1 ISO Service Upgrade.Rapid Returnable Workflow Configuration
After updating ILLiad to v9.1, please contact Rapid staff at RapidStaff@rapidill.org. There is a UsesReturnableWorkflow flag that needs to be turned on. If the flag has not been configured when a lender sets a Book request to Filled via the Rapid API and the borrower utilizes the UsesReturnableWorkflow, then instead of setting the request to Filled, it sets it to Shipped.Point Releases
Bug fixes and new features are added periodically as point releases. See 9.1.x point releases below:
16 January 2020 (9.1.1) Client & Customization Manager Release
6 February 2020 (9.1.2) Server & Web DLL Release
27 February 2020 (9.1.3) DLL Release
9 April 2020 Default Web Pages Release
2 June 2020 (1.3) Atlas Auth Portal Release
For a list of current known issues, see UserVoice.
ILLiad 9.1 Features & Fixes
Addons | Administrative | Authentication | Connection Manager | Decision Support for Request Processing | DOCLINE | Email | ISO | Odyssey | RAPID | Staff Client | Staff Customization Manager | Staff Manager | Web Interface | Web Platform
Addons
| New |
Added support for addon history entries added to the Request Form using the ExecuteCommand("AddHistory", {TransactionNumber, Entry, Username}). |
|---|
Administrative
| New |
ILLiad 9.0 and 9.1 are now supported to run on Windows Server 2019. |
|---|---|
| Fixed |
Fixed issue where the ILLiad API was not using database defaults for creating new requests. For example, a request would not appear on the ILLiad reports even though it was in the Client if the CopyrightAlreadyPaid key is set to Null via the API since the reports are looking for the default value of No or Yes. Bug# 4093 |
Authentication
| New |
Added Authentication Enhancements that allow ILLiad to validate patron registration through their external authentication system by verifying access and importing relevant user information. At each login, ILLiad will validate credentials and verify access as well as update any relevant identity information. For more information, see Authentication Enhancements. |
|---|---|
| New |
Through the use of Automatic User Creation, ILLiad will now create a user record automatically based on identity information provided by an external authentication system for unregistered users who login to ILLiad. This feature is supported by the Authentication Enhancements feature. For more information, see Automatic User Creation. Removed the Customization Key RemoteAuthUserVariable and replaced it with a line item in the RemoteAuthValidation table. |
| New |
Sites will be able to force patrons to update their user information by Auto Expiring Users. Four new Customization Keys have been added to support auto expiration:
For more information, see Automatic Expiration of Users. |
| New |
Added SLUserLockedOut, UserLoginAttemptsBeforeLock, and UsingUserLockout Customization Keys to temporarily block web users after a configurable number of invalid password login attempts. In support of temporarily blocking web users after exceeding the failed login limit, the two new columns have been added to the user's table (FailedLoginCount and Locked). See Temporarily Block Web User for Failed Login Attempts for more information. |
Connection Manager
| Changed | Removed the DevExpress MemData component that caches transaction statuses from the Connection Manager and replaced it with JSON functionality. |
|---|---|
| Fixed |
Fixed issue where the updater may cause a hang-up in the Client if it receives a 404 response when trying to download the update executable. Bug# 4007 |
| Fixed |
Fixed an issue that would generate an Undo Shipped error "Received unexpected undo shipped message for transaction from [lender symbol]" when an item was Checked In from a lender with a lowercase lender symbol. Bug# 3989 |
Decision Support for Request Processing
| New |
The Decision Support Pipeline (DSP) combines the power of addons, pipelines, stages, business rules, and routing rules to gather data from external systems in an effort to help make better fulfillment decisions and automate the borrowing request process for both articles and loans. For more information, see the new DSP articles below:
New addons supported by DSP: |
|---|
DOCLINE
As a part of the 9.1 update, the ILLiad client installer will update the DOCLINE scripts to accommodate the URL change which will occur on January 1st, 2020. For information on this change, please see the DOCLINE FAQ.
| New |
Added support for handling requests placed using the "Place Requests - PMIDs" borrowing option. If the request is placed through the DOCLINE web interface, the lending library will receive a separate transaction number for each item requested. Since each DOCLINE request must be associated with a single ILLiad request, multiple borrowing requests using the Place Requests - PMID is not supported. |
|---|---|
| Changed |
The DOCLINE scripts (v3.2) have been updated to use the new DOCLINE URL https://docline.gov. The DOCLINE scripts will be updated as a part of the 9.1 update. |
| Changed |
Removed the DOCLINE username and password customization keys since DOCLINE 6.0 no longer allows for automatic authentication into the website and requires each user to have a unique username and password. |
| Fixed |
Fixed issue where the default shipping option value for articles in Docline is being set to the default shipping value of loans. When the lending library imports the lending request, it imports the LenderAddresses. The DefaultShippingMethodLoan value was being placed into the Transactions.ShippingOptions field instead of using the LenderAddresses.DefaultShippingMethodArticle value. Bug# 4028 |
| Fixed |
Fixed issue where the email and SMS template tag processor does not properly handle parameters that have a right angle bracket. The RegEx used assumes the first right angle bracket is part of the tag instead of a bracket inside the tag parameter. Bug# 1470 |
|---|
ISO
| Change/Fixed |
The ISO Service requires a manual upgrade after the 9.1 update due to the new database configuration and the OpenJDK bundle. For instructions on upgrading, see 9.1 ISO Service Upgrade.
As a part of the configurations, new installs of the ISO Service Manager will be installed via a ps1 PowerShell script instead of the InstallService.bat. |
|---|---|
| Fixed |
Fixed issue where the ESPNumber and InstitutionSymbol are not being set on outgoing ISO requests resulting in the error message "Could not execute JDBC batch update". Bug# 1453 |
Odyssey
| Changed/Fixed |
Updated the Odyssey Manager to check if the lending library is a Trusted CopyrightPayer. If the lending library is a CopyrightPayer, then the CopyrightAlreadyPaid field will be checked. Bug# 4491 |
|---|
RAPID
| New |
Enhanced RAPID/RAPIDR integration with live RAPID status updates, support for variable due dates, ability to share RAPID symbols in Shared Server setups, and capability to determine if the lender has shipped an item through the RAPID API. Note: Most of these feature enhancements (e.g., live status updated) require both the lending and borrowing institutions to have updated to v9.1 to utilize. For more information, see the ILLiad 9.1 FAQ under the RAPID heading. |
|---|
Staff Client
| Changed | Removed the Atlas Systems and OCLC ILLiad web links from Systems ribbon. |
| Changed | Removed the OCLC Resource Sharing Settings interface within the client (the interface used to change Custom Holdings Paths, Custom Holdings Groups, Constant Data, and Direct Request Profiles) and replaced it with a button that links out to the OCLC Interface where the updated settings are located. This allows OCLC to rapidly change the Service Config without having to maintain a duplicate interface or breaking ILLaid until an update can be released. You may need to contact OCLC to get credentials to access Service Configuration if you have not accessed previously. These credentials are different than the 9-digit authorization number and password that you used previously. |
| Fixed | Fixed issue where the transaction status that displays in the lower left-hand corner of the Client status bar on a request form is not visible when using some skins due to the color contrast with the default black text. Bug# 4166 |
| Fixed | Fixed issue where the Outgoing Notification grid columns reset their size whenever the Outgoing Notifications are closed or the client is restarted. Bug# 3927 |
| Fixed | Fixed issue where closing the client after switching sites using `Login as...` caused an error pop-up and would sometimes cause a temporary crash in ILLiad client. Bug# 3980 |
| Fixed | Removed several deprecated OCLC WsKey URLs from messages as a result of the shortened OCLC domain causing the missing WSKey prompt in the Client. Bug# 3788 |
| Fixed | Fixed issue where the DocDel form would not save grid layout customizations in the Staff Client. Bug# 3758 |
| Fixed | Fixed issue where grouping a column row by a field (e.g., username) in Document Delivery (DD) Stacks Searching would prompt an error message in the Client. Bug# 4172 |
| Fixed | Fixed issue where the "TransactionNumber could not be determined from the OCLC request." error appears when a staff user clicks the Show button on a borrowing request that is linked to an OCLC request in the Cancelled status. Bug# 3595 |
| Fixed | Fixed the error dialog message for requests that have been resubmitted with a previous OCLC status of Cancelled. The error message will now include a more descriptive message instead of saying"Nullable object must have a value". Bug# 3594 |
| Fixed | Fixed issue where the OCLC Request form would not properly open for completed requests if they have a WorldShare ILL Status of Closed and disposition of Supplied. Bug# 3787 |
| Fixed | Fixed issue where the spaces at the beginning or ending of a password were being trimmed off in the web but not in the client. Bug# 4490 |
| Fixed | Fixed issue where the ClientUpdateLocation Customization Key does not allow index files with names other than "ClientUpdates.xml". Bug# 4006 |
Staff Customization Manager
| New | Added SLPasswordResetInvalidEmail, a status line customization key that displays when a user attempts to reset their password with an unknown or invalid email address. |
| Changed | Changed the value requirements for the SLPasswordResetEmailConfirmation customization key. To ensure the privacy and security of the user account, the value for the SLPasswordResetEmailConfirmation and SLPasswordResetInvalidEmail customization keys must match. This will prevent ILLiad from revealing if an account exists for that particular email address. |
| Changed | The ServerAddons Table has been removed from the database since it was replaced by the Addons Table in the 8.7 release and will no longer be used. |
| Fixed | Fixed issue where dragging the last server from the included listbox to the available servers listbox and then saving during a ZSearch with no included servers would cause an error in the Customization Manager. Bug# 1456 |
| Fixed | Fixed issue where creating or editing a Z39.50 server would not clear the yellow highlighted indicator in the modified ISSN search field after changes are saved in the Customization Manager. Bug# 1481 |
Staff Manager
| New | New fully accessible and responsive web pages that adhere to WCAG 2.1 & Section 508 compliance. The new web pages are not installed automatically to prevent overwriting any customizations your institution may have created. The complete set of 9.1 webpages are available for download on the ILLiad Downloads. For more information, see ILLiad 9.1 Fully Accessible and Responsive Web Pages. |
|---|---|
| Change |
Hidden user fields are no longer required on HTML forms to preserve the values in the user record. The DLL will only update the data in the database for user fields that exist on the HTML form instead of updating al the fields. |
| Fixed | Fixed issue where in some cases ILLiad users can login unprompted for password change if WebAuthType=RemoteAuth and users AuthType=Default. Bug# 4214 |
Web Platform
| Changed | Changed the name of the Web Report RequestSentByHour's filename when exported. The filename prefix was being set incorrectly to 'RequestsSentbyDay' instead of 'RequestSentByHour.' Bug# 2764 |
|---|---|
| Fixed | Fixed issue where the ElecDelTurnaroundTime WebReport would cause an error when attempting to download the report due to a visible ungrouped date column. Bug# 2765 |
| Fixed |
Fixed issue in Web Reports where the Article Details Grid will leave the transaction parameters blank for the Turnaround Time Reports when exported to excel. Bug# 3931 |
| Fixed |
Fixed an ILLiad and Aeon integration issue that was causing the ExternalRequestController to error out when checking for an Aeon status that had not yet been created in Aeon. The ExternalRequestController will no longer check the Aeon status if the ExternalID is set to null. Bug# 3829 |
ILLiad 9.1.x Point Release Notes
16 January 2020 (9.1.1) Client & Customization Manager Release
In conjunction with the Web DLL release, a revised set of web pages that adhere to the changes mentioned below are now available for download on the ILLiad Downloads page.
| Fixed | Fixed a bug that was preventing RAPID Lending requests from downloading correctly for shared server sites who share a RAPID symbol but have different branches. Bug# 4834 | |
|---|---|---|
| Fixed | Fixed the document type tag to mitigate the potential risk of cross-site scripting (XSS) in the ILLiad web pages. Bug# 4766 | |
| Fixed | Fixed how ILLiad handles the HTTP headers to mitigate the potential risk of cross-frame scripting (XFS) in the ILLiad web pages. The Customization Key HttpContentSecurityPolciyHeader was added to add the Content Security Policy header to responses from the webserver. The Customization key HttpXFrameOptionsHeader will add the X Frame Options header. The values for the key are deny, sameorigin, and allow-from (uri). For more information, see Web XFS Prevention. | |
| Fixed |
Fixed an issue where the ILLiad WebAlerts may contain HTML tags in both the title and the body of the message.
There are no special styling requirements for these elements; therefore, adding HTML to the WebAlert message will change the default styling. Bug# 4540
|
|
| Fixed |
Fixed the Automatic User Creation feature to include support for user notifications preferences.
|
6 February 2020 (9.1.2) DLL & Database Components Release
| Change | Added the GetBuildInfoShowDetailed Customization Key to control whether HTTP Headers and Server Variables are displayed when using the GetBuildInfo in the Web DLL. If set to Yes, the HTTP headers will display once and then toggle to change the key's value to no. Note: This is a system-level setting and should not be changed by sites. |
|---|---|
| Fixed | Fixed an issue where the RemoteAuthValidation would prevent the ILLiad web DLLs from looking at IIS server variables when determining remote authentication details, such as the username. The RemoteAuthValidation was only checking for HTTP headers. Since it's more secure to retrieve the web request's special fields from the IIS server variables than from the HTTP headers, by default ILLiad will now only consider server variables when retrieving the values of RemoteFieldName from the RemoteAuthValidation table. Legacy behavior is still supported, where ILLiad will consider both server variables and HTTP headers when mapping RemoteAuth fields. The UseLegacyRemoteAuthHandling Customization key was added to retrieve RemoteAuth fields from HTTP headers and server variables in support of the legacy behavior. This key is set to No for new installations but will be set to Yes by default for all sites upgrading to v9.1.2, in order to not break existing RemoteAuth configurations. Bug# 5154 |
| Fixed | Fixed an issue that prevented fields from displaying at the correct width within the default web pages. Bug# 5062 |
| Fixed | Fixed an issue where the wrong ID was assigned to the Username field on NewUserRegistration form. Bug# 5066 |
| Fixed | Fix an issue where the Search button on the Navbar was green instead of utilizing the default blue for consistency. In addition, the size of the button was adjusted for consistency. Bug# 5071 |
| Fixed | Fixed an issue that was preventing custom queues from being added to the list of business rule targets for shared server installations when utilizing the Decision Support Pipeline feature. Bug# 4961 |
| Fixed |
Fixed an issue where custom statuses set in the DisplayStatus table (e.g., using "Ready for Pickup or Checked Out" as a display status for "Checked Out to Customer") would not display certain menu options (e.g., renew, clone, etc.) in the patron web pages because the <#MENU> tag would not read the custom statuses as a valid status. Bug# 5050 |
| Fixed | Fixed an issue where LDAP users who attempted to create a new user after coming in through an OpenURL link would be sent to the Main Menu instead of the Request Page after registration. Bug#5018 |
| Fixed | Fixed an issue where the batch Copyright Clearance processing form would check to see if the request was at the 'Awaiting Copyright Clearance' status to ensure the request wasn't being processed by someone else simultaneously. When checking for the status of the request, ILLiad should have considered the 'Awaiting Copyright Clearance - Pipeline' status to also be a valid status. Instead, this status was seen as invalid and would prevent latter requests from being processed. Bug# 4930 |
| Fixed |
Fixed an issue where the lending returns would now refresh the OCLC or Rapid status on the batch processing form. Bug# 4867 |
| Fixed |
Fixed an issue where the change user password form would display a second time after the user had already changed their password if their previous password was expired. Bug# 4795 |
28 February 2020 (9.1.3) DLL Release
| Fixed | Fixed an issue where the RemoteAuthValidation would trigger WebValidation errors (e.g., missing daytime phone) on the NewAuthRegistration form the first time the form loads. These errors were a result of the Auto User Creation not being able to pre-populate certain fields; however, it appears misleading to patrons since they see these errors before they've had a chance to complete the registration form. |
|---|
9 April 2020 Web Page Release
To implement these changes, you can either:
- Download the 9.1 web pages and replace your existing pages.
- If you have customizations, find and replace the code changes outlined in the Implementing the 9.1.1 Web Page Changes article.
| Changed | Updated JQuery to 3.4.1 on ILLiad default web pages. |
|---|---|
| Fixed | Updated ILLiad web pages to prevent a potential external link vulnerability. |
| Fixed | On LendingGenericRequestArticle.html and EditLendingGenericRequestArticle.html, the input tag for the request type and been added. Bug# 5935 |
| Fixed | The EditArticleRequest form name tag has been updated to EditLendingGenericRequestArticle, and the value in the input tag has been updated from WebRequest to EditLendingGenericRequestArticle in the EditGenericRequestArticle.html file to stop the duplication of a request after editing the original. These changes have been mimicked in the EditGenericRequestLoan.html file. Bug# 5969 |
| Fixed | The ID's for Password and Re-enter Password divs for NewUserRegistration.html have been updated to Password1 and Password2. |
| Fixed | For both borrowing and lending, HTML and CSS have been updated to align the radio buttons vertically for viewing search results. |
| Fixed |
Removed any redundant target=_self tags from the default web pages.
|
| Fixed |
In ILLiad lending pages, the atlasCookieConsent.js and the cookieconsent.min.js have been updated to resolve the returning cookie consent banner.
|
| Fixed |
Both borrowing and lending pages, required spans have been correct to be consistently within the ERROR spans.
|
| Fixed |
In both borrowing and lending pages for ILLiad, searches without any results will now properly show "no results" on the ViewSearchResults.html and also works with the LendingViewSearchResults.html.
|
| Fixed |
A thorough review of the pages has been performed and corrected for keywords like "special collections" in ILLiad.
|
| Fixed |
Resolved a 404 error by updating the search form to point illiad.dll to illiadlending.dll.
|
| Fixed |
Fixed the inconsistency between icons for the Lending Long and Logon2 pages.
|
02 June 2020 (1.3) Atlas Auth Portal Release
This release includes changes to the Atlas Auth Portal in an effort to close a potential redirect vulnerability that will require some modifications to the index.cshtml and web.config files. The Atlas Auth portal installer can be obtained from the ILLiad Downloads. For step-by-step instructions on implementing the 1.3 release, see Atlas Auth Portal 1.3 Release Configuration.
| Changed | The redirectUrl parameter has been replaced with the authType parameter. The accepted authType values are AtlasAuth and RemoteAuth. For details, see the Using an Authentication Portal Landing article under Automatic Redirect Feature. |
|---|---|
| Changed | The RedirectUrlCookieName setting has been removed and replaced with the AuthTypeCookieName which defaults to AtlasAuthType. |