S-Filer Portal™ is a complete solution that enables large and small organizations to meet all of their enterprise needs for secure file transfer and storage.
OKIOK RELEASES VERSION 4.19.0 OF S-FILER/PORTAL™ SECURE TRANSFER SOLUTION
New features
Cloud Storage
It is now possible to store files on external repositories offered by various cloud service providers such as Azure and AWS. Previously, the only option was to store files locally on the S-Filer Portal server. This option is still available, and will continue to be used following migration to version 4.19.0. The Cloud Storage services available are Azure Blob and AWS S3.
See documentation for full information on cloud storage.
REST API V2
The REST API has just been released in experimental version 2. This version fills several functionalities available through the web interface but not reflected in the REST API. This API version will remain experimental until version 5.0.0 of the application when it is finalized and a version 3.0 will be created. The solution’s REST API can be reached via a gateway or by talking directly to the server.
This new version of the API includes many changes, and the vast majority of the services offered have been modified. It is therefore important to validate the behavior of your application before migrating to this version. The first API version is still available. However, please note that the URL of the services offered now contains a “v1” in the URL. For example:
REST API url before version 4.19.0 : https://sfiler.okiok.com/sfiler/server/api/docs/ REST API V1 url from version 4.19.0 : https://sfiler.okiok.com/sfiler/server/api/v1/docs/ REST API V2 url from version 4.19.0 : https://sfiler.okiok.com/sfiler/server/api/v2/docs/
Default Template
This new feature completes what has been added with the template in version 4.18.0. To simplify the application of a Template when creating a new Share, two new options are now available:
- Default template, which allows the preselection of a template when creating a new Share
- The share is the default community for new users, when a share uses this template and this option is enabled, the share will be assigned as the default community to all new users created in this share or to existing users invited in this share who are not assigned to any other community or share.
Default Template
Service Account
The service account concept for the solution was reflected by a user parameter indicating not to apply password expiration. To clarify this behavior, the label appearing in user management screens is now called : “Service Account”. When this property is activated on an account, the password will never expire (even if the password policy requires it) and MFA will not be required.
Note that the sfiler-admin-cli “add-user” command has been adjusted to reflect this change. It no longer takes a “batch” option but a “sa” option to specify that the user is a service account.
SNI Support
It is no longer possible to connect via SSL with IP addresses. This will cause an SNI error. To use IP addresses, it is now necessary to include them in the SSL certificate. New parameters have been added to the administrative console to determine SNI behavior. By default, SNI is now enabled. It should be deactivated if it doesn’t meet business needs.
SNI (Server Name Indication) is an extension to the SSL/TLS protocol by which a client indicates which hostname it is attempting to connect to at the start of the connection process. If the SNI host check is enabled and the hostname of the server to which the client is trying to connect to is not found in the server certificate, the server returns an invalid SNI error.
Label Override
It is now possible to override the labels displayed in the GUI. This functionality is not offered via the solution’s administration screen, but via a database table named “ResourceBundlePropertyOverride”. Records in this table are based on labels stored in files in the solution’s installation tree.
Display Password Policy
The password policy is now displayed wherever it is required. This makes it possible for users to know the required combination of elements as soon as they enter it, rather than having an error message displayed on submission.
Widespread Use of MFA
It is now possible to force the use of MFA for all users of the solution. Previously, users had to register their MFAs themselves. From now on, if the policy is activated via the administrative console, users will be forced to register their MFAs after successful authentication.
Transfer Under an Alternative Identity
This feature allows users to decide which identity they want to use when sending a file. Previously, files were always sent under the identity of the person performing the file transfer, and this information was reflected in the e-mail sent to recipients. The identities that can be used are associated with the groups of the user performing the transfer. The identity selection will be required at the time of sending if one of the groups with which the user is associated has a sender name.
Java 17
This new version of the solution now uses Java version 17, instead of version 11. The installers take care of this version change when updating the solution. This change requires no action on your part, with the exception of sfiler-cli.exe for Windows environments. In this case, it is necessary to have Java version 17 installed and to ensure that the JAVA_HOME environment variable points to the Java 17 installation.
It is important to remove the CMSClassUnloadingEnabled parameter, which is no longer compatible with Java 17, from the wrapper.conf file for both Gateway and Server.
Bug fixes
- There was a problem with the process of cleaning up expired files, which meant that a file might not be deleted once its expiration date had been reached.
- Modification to user duplication process to exclude password fields.
- The file report did not show the total disk space used.
- The hourly file retention parameter now takes into account the absolute retention limit.
- The behavior of the “Maximum number of downloads per file” parameter has been modified so that if the value is left empty, the number of transfers will be considered unlimited.
- Use of the REST API now works correctly when requests use the GUI proxy.
- The theme now applies correctly if an error occurs when downloading a file sent via the Quick Send feature.
- Corrected validation of the cron expression in the scheduler.
- Add domain to user details page.
- Fixed a problem with the REST API’s queryUsersByRemainingSpace method when a user has a quota higher than 99999.
- Correction of the calculation of the number of users in the license validation process.
- Suppression du paramètre CMSClassUnloadingEnabled qui n’est plus comptatible avec Java 17.
This upgrade requires an update of the database. We strongly recommend that you perform a full backup of the solution prior to the upgrade. Do not hesitate to contact our support group if you have any questions regarding this upgrade at support@okiok.com
