| 1Severe: | Y | Per the Chancellor’s Office @ONE work plan, the CVC is conducting research on the efficacy of its course review process. In December 2023, CVC requested the number of Quality Reviewed courses available in the Exchange. The research is nearly complete but cannot be released until we have this piece of data.
| Parchment | | | | N/A | |
2. | Severe: Affects Financial Aid Integration | N | Financial Aid Pilot: | Parchment | Workflow issue was resolved by Parchment, but CVC needs to test. We can’t test to prove it’s working until we have a pilot college test with us and they have stopped responding.
| | | | Jira Legacy |
|---|
| server | System JIRA |
|---|
| serverId | 3bc2d1ff-b4f9-313a-8d84-ca6b48c5c997 |
|---|
| key | BLQ-1015 |
|---|
|
| 2/1/24 |
23. | Moderate: Users Were Not Able to Authenticate to CVC via Proxy | Yes | On Friday, Dec 15th, all student attempts to authenticate to our platform via the proxy seem to be failing. No one was been able to sign in. We've seen 100% failure rate on all attempts from every user who has tried at every college since about 6 AM Friday morning. CVC reached out to CCCTC support team but they didn’t seem to have any insight into what could be causing this as they have shared that no one else has reported any issues. However, we kept receiving a 403 Forbidden error message when we try to connect to any college via the Proxy. This is impacting both production and pilot and began failing around the same time on Friday. Whenever a user selects any college where we would normally route them to the appropriate SSO page, we instead are getting this error. https://search.cvc.edu/users/sign_in (select any college) | | We escalated this to Mike Caruso at the CCCTC and he advised they were able to log in with no issues. After further research, it looks like the CCCTC had some additional IP restrictions and our IP was possibly whitelisted. This issue was resolved same day, but we are working with the CCCTC and Parchment to ensure this does not happen in the future. CVC and Jason from Parchment are working to investigate to ensure this doesn't happen again in the future. Jason has provided the following update about next steps and continuing research with the CCCTC: “I've gotten some additional information on this, the net of which is that this part of our application isn't capable of being configured on a guaranteed static IP. There's work we can do to make it semi-static, meaning it still may change with some, but even so change of the outbound IP can happen for reasons outside our control. A "more static IP" change is not something we can implement immediately, given the holidays and that such a change may impact other users. I can't speak to if this was also a risk in the Heroku infrastructure days or not, but I'm slightly concerned as in our current state, as this could happen again based on factors we can't really control. So, I have these questions for the Tech Center: Is this a new practice? If so, can it be rescinded until we have time to ensure there's a lesser risk configuration on our side? Can the Tech Center whitelist by fqdn, rather than by IP? On our end, this is the best solution because we can implement what we have in the rest of the platform, which ensures traffic will always be sourced from
egress.parchment.com even though the IP addresses assigned to that may change in a way we can't control. As an aside, we don't have great logging of this on our side, so normally we'd put a monitor in place that fires the moment we start seeing it. We're not in a position to do that yet.”
| The CCCTC rolled back their previous code to help eliminate this issue over the holidays. Once we return in Jan 2024, Parchment will continue to work on this/investigate this further. Next meeting to dive deeper into this will be on 1/23/24 with the Parchment technical team and Jason, the CCCTC, and CVC.
| | | Jira Legacy |
|---|
| server | System JIRA |
|---|
| serverId | 3bc2d1ff-b4f9-313a-8d84-ca6b48c5c997 |
|---|
| key | BLQ-1041 |
|---|
|
| 2/1/24 |
34. | Severe: Will Affect All eTranscripts Sending Colleges Who Are on SaaS | Y | Manage The CCCTC/Ellucian SaaS Shared Application Staging Tables In Conjunction With The GLUE Data Model - SaaS Migration Process | Mike V. | For colleges who are either a SaaS client or migrating over to SaaS, the current Ellucian APIS will not support eTranscript CA sending infrastructure. This affects colleges that are already live with eTranscript sending through Parchment/XAP as well as the ones who are migrating. | Meeting is scheduled for Feb 9th with Ellucian, CVC, and the CCCTC. | | | Jira Legacy |
|---|
| server | System JIRA |
|---|
| serverId | 3bc2d1ff-b4f9-313a-8d84-ca6b48c5c997 |
|---|
| key | BLC-138 |
|---|
|
| 2.1.24 |