Okiok releases version 4.13.0 of S-Filer/Portal™.
Important features and changes have been added in this release:
NEW REST API for File Transfers
This version introduces the new REST API to perform file transfers. The new services are mainly divided into two parts: file transfers and file management.
The transfer services allows the user to perform standard upload and download operations and apply them to S-Filer entities. At a glance, it is possible to perform the following operations :
- Upload to anonymous users (upload to external users using their email addresses).
- Upload a file to an identified S-Filer entity (community or directory).
- Upload a file to the members of the communities for which the user is a member.
- Download a file from a file identifier.
- Download a file from an identified S-Filer entity (community or directory).
The file management services allows the user to perform all operations on files that have been uploaded to the S-Filer server. At a glance, you can perform the following operations on the files:
- Recover a resource identifier from its path on the server.
- Delete a resource (community, directory or file) from its resource identifier.
- Retrieve the information of a resource from its resource identifier.
- Create new directories.
- Move resources from one directory to another.
- Modify the time to live of a resource.
- Rename an existing resource.
- List the content of a resource.
Please refer to the Swagger document present in the installation package to have a complete overview of the different services offered by the API.
A NEW THROTTLING MECHANISM
A new throttling mechanism has been integrated to protect the application from being overloaded by concurrent file transfers. This mechanism is not a general throttling functionality, it is specifically aimed at ensuring the server can process all file transfers in a timely manner. New configuration parameters have been added to tune this functionality, but default values are provided.
A NEW STATISTICS PANEL
A new statistics panel displays the number of transferred files in a given time period. A new REST service also offers the ability to retrieve this information if required.
REMOVAL OF JMX TECHNOLOGY
The JMX technology that was used by the components to exchange configuration information has been removed from the application. This was a required step to properly support the High Availability feature coming in the next major release.
CRYPTOGRAPHIC MATERIAL CENTRALIZATION
The management of cryptographic material has now been centralized in the S-Filer Configuration interface. Once again, this was a required step in preparation for the High Availability feature. This eliminates the need to manage keystores on individual components. This will also simplify the maintenance of the different keys in the solution and simplify solution compliance.
MODIFICATION TO THE DATABASE SCHEMA MANAGEMENT
The management of the database schema has been moved into the command line tool, called sfiler-config-cli, instead of the S-Filer configuration interface (web). This tool offers greater flexibility for using automated deployment tools. Refer to the sfiler-config-cli usage to view the complete list of features available.
Minor improvements and bugfixes
- The installer now installs Java version 11 instead of Java 8.
- Fixed an issue of overlapping fields in pdf reports when the name of the files or communities were too long.
- Fixed an issue with the name of the originator in the email notification when a new share was created.
- Fixed an issue with the error message being displayed when assigning extensions.
- Added a warning message when Community or Group administrators attempt to remove their own admin privileges.
- Fixed the error message when illegal characters are used when creating a Community or Share.
- Added the functionality to download entire folders from the web interface when HTTPS downloads are allowed. Previously, this was not allowed since the end-to-end transfer functionality does not allow transferring multiple files. This feature automatically falls back to HTTPS (without end-to-end) when downloading a folder.
- Improved the REST API for entity management to better respect the convention regarding the returned HTTP status codes. Now, every entity creation returns a 201 as a return code instead of the 200. The Swagger documentation has been improved to better represent each call of the API. We strongly recommend that you switch to our new REST API for managing entities and file transfers instead of our legacy SOAP API or custom endpoint. The SOAP API will be deprecated in upcoming versions.
- Added a mail notification status in the response of the new file transfer REST API. This feature makes it possible to know if email notifications have been sent to recipients.
- Added validation of password attempts for recipients of “Quick Send” files which have a defined password. The policy applied is based on the password policy applicable for “Quick Send” transfers for the user which sent the file. This allows organization to prevent brute forcing of these passwords.
- Increased the minimum supported version of MySQL to 5.7. For organization using MySQL, make sure that at least version 5.7 is used. Also consider using the latest version of the JDBC driver offered by the MySQL community for better performance.
- Changed the process of registering a component (Gateway, Web Interface) to enable communication with the S-Filer/Portal Server. The “Basic Configuration” file of the component must now be downloaded from the configuration interface and copied over to the component. Then the file must be imported using a command line tool (sfiler-config-cli). This replaces the previous process of copying the information directly in the installer because of limitations in the installer and to allow for alternate modes of installation in the future. Please refer to the Installation Guide for a detailed description of the process. This process is only used in new installations, upgrade of existing components is not impacted.
- The direct invocation of the DownloadProcessor to perform downloads requires a new “headless=true” parameter to work as the previous versions.
- The new email notification status for file transfers is not reported individually for each recipient. There is a single status for the transfer. The status will be reported as “Failed” if any recipient has not been reached as expected. We plan to have an individual status of the notification of each recipient in the future.
- There might be issues running “sfiler-admin-cli” in Windows environments which have OpenJDK deployed instead of the Oracle JDK. The “sfiler-admin-cli” tool needs to locate the Java installation to work and, in some conditions, will report that it cannot find it. To fix this issue, change the Windows Registry Key under “[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft]” so they point to the proper version of your running JDK
- The HTTP status code 401 (Unauthorized) and 403 (Forbidden) returned in the new REST web services are not 100% consistent across the different endpoints. Please note that we might change those return code in the future.
- The CAPTCHA feature might not work as expected after an upgrade on Linux if the required fonts libraries are not installed. Please refer to the Installation Guide to have the list of required packages to be installed.
Feature deprecation and removal
- Reminder: Applet support will soon be removed. The Applet will be maintained within the solution at least as long as Microsoft officially supports the IE 11 browser which is the latest modern browser still supporting the Java plugin. It is recommended to migrate to the end-to-end encryption technology introduced in the solution and available with modern browsers.
This section describes the changes made to the application that are not compatible with prior versions.
- If you use the Download Processor url directly to retrieve files from the S-Filer Server, you are now forced to use an extra query argument called “headless” and set its value to “true” to keep the previous behavior. To download files from the S-Filer Server, we now recommended that you use the new REST API available in this release.
This section describes an update from version 4.12.0
- This upgrade requires careful consideration. A dedicated manual has been created that describes each step required to move to version 4.13.0. Do not hesitate to reach our support group if you have any questions regarding this upgrade. firstname.lastname@example.org