...
7.14 --> 7.16
- The gateways behaviour when calling the /logout endpoint has changed from always answering with http code 304 and redirecting to /login?logout to now return http code 200 or 304 and redirection to a passed url if and only if this was passed with the 'redir' query parameter.
- Behaviour before:
- call to /logout (without parameter): HTTP 304 with redirection to /login?logout
- call to /logout?redir=url: HTTP 304 with redirection to url (url can be any value)
- Behaviour now:
- call to /logout (without parameter): HTTP 200 (no redirection)
- call to /logout?redir=url: HTTP 304 with redirection to url (url can be any value)
- This is especially important if you have an external tool that creates sessions by sending the basic auth header and you want to close this session by calling /logout. With the before behaviour the http client would get redirected to the login page and automatically create a new session because the basic auth header is existent. This could be avoided by setting the redir parameter to (e.g.) '/auth/info/'. This is not necessary anymore.
Warning title custom Custom clients Custom clients need to make sure that when calling logout you set the redir parameter to redirect to the login-form again. Otherwise the session gets logged out but the client still shows the current page (or an error).
- Behaviour before:
- Oracle databases only: The NLS_TERRITORY session setting must be configured to 'AMERICA' in order for date/time values to be processed correctly. To make sure this is the case, do the following:
- Edit the file <core-service>\standalone\configuration\standalone-full-ha.xml.
- Find the subsystem 'datasources:5.0' and there the datasource with jndi-name="java:/JASDB".
- Within this section find (or if necessary create) the following line:
<new-connection-sql>ALTER SESSION SET current_schema=yuuvis</new-connection-sql> (yuuvis is a placeholder for the actual schema name) - Add the parameter nls_territory='AMERICA' after "current_schema=yuuvis".
- The section should now look as shown below:
Metrics-Manager only: Due to CVE-2021-44228 (a.k.a Log4Shell) and CVE-2021-44832 the metrics-manager needs to be updated to the newest hotfix. Please see https://help.optimal-systems.com/rw/en/index.html for details.
- The format of the response body of the endpoint
BpmProcessService.getDataFields
endpoint changed from the examplary value "l_workflowFileIds.item: OsId[id=97DC54B56A844F9EBB198935476F15B5]" to "l_workflowFileIds.item: 97DC54B56A844F9EBB198935476F15B5".
Custom -Microservices microservices that use this endpoint need to adapt to this change before updating to version 7.16.
- The gateways behaviour when calling the /logout endpoint has changed from always answering with http code 304 and redirecting to /login?logout to now return http code 200 or 304 and redirection to a passed url if and only if this was passed with the 'redir' query parameter.