Okiok is releasing version 4.8.0 of S-Filer/Portal™.
This release adds these new features:
- Delegated authentication
- New reports
- Email address suggestions in Shares
- Manage Share members
- Dedicated Logout page
It also brings the following improvements:
- Drag and drop Hint
- Rename “Send to an email address” to “Quick Send”
- Configurable temporary account lock time
There are many bug fixes, here are the most significant:
- When creating a new user and setting a password that did not meet complexity requirements, the operation would fail silently. This now correctly show the failing password rules.
- When a user did not have the right to download files in a community and the community did not allow listing “undownloadable” files, in some cases users could list files (but not download them). This has been fixed.
S-Filer/Portal can now delegate the authentication to a third party component. This feature is too big to explain here, please read the post on Delegated Authentication for more details.
This release brings several new report types: users, groups and communities. These reports give an overview of the system or specific information by selecting filters or different sorting criteria. For example, the current list of filters includes listing empty communities in order to help administrators cleanup old unused communities. If you feel that a filter is missing, please contact us to submit a feature request for this filter. Note that these new reports are available to system administrators as well as group and community administrators and the content is scoped appropriately in each case.
Email address suggestions in Shares
When creating shares (dynamic communities), users need to enter email addresses of all collaborators. This can be a tedious process, so we simplified this by using a feature from webmail clients: email address suggestion. In order to do this securely, S-Filer will suggest email addresses for users which have at least one group in common with the current user, so two unrelated users which have never shared documents together will not have their emails suggested to each other.
When employees are adopted from an Active Directory in S-Filer, the usual configuration is for them to share a common group identifying them as employees. In that case, employees can invite each other in shares and have their email address suggested greatly simplifying this process. Further, when creating a share, a managed group is created with all users in the share. Therefore if a Alice has already created a share with Bob (and several other collaborators) and wants to create a new share with Bob only, Bob’s email address will be suggested because of their earlier collaboration.
Manage Share members
This release also brings a new screen to manage the members in a Share. In this screen more collaborators can be invited by typing their email address. Also collaborators can be removed just as easily by deleting their email address.
Dedicated Logout page
When clicking the Logout button, S-Filer now redirects to a dedicated Logout Page instead of redirecting to the Login page. This Logout page includes a link to go back to the Login page and indicates to the user that he has successfully logged out of the application. However, the main benefit of this page is for enterprises which use external SSO mechanism such as automatic form completion on the login page. These mechanism would automatically log the user back in after a logout, confusing the user and never allowing him to correctly log out.
Drag and drop Hint
S-Filer supports dragging files to the web interface from the Desktop (or any folder) for several years. But users are not aware of the feature so they still go through the manual process of selecting files using the “Browse” button. In order to help users, we have added a hint to users that they can drag files to the main file listing area of a community or folder in order to upload them.
In addition, in Chrome, users can currently drag entire folders to upload the folder and its contents to S-Filer. This feature is available in Chrome only and is non-standard so it may stop working in a future release of Chrome, but for now it is the fastest way to upload a deep folder structure (unless you are ready to zip the folder first).
This hint will only appear if HTTPS transfers are enabled for the web interface and if the user has the right to upload files.
Rename “Send to an email address” to “Quick Send”
The feature allowing to send a file to a user using only his email address is very useful but until now it lacked a concise name. This lead to labels for configuration values such as: “Send to an Email Address Password Policy”. We have decided to give a name to this feature and since the use case doesn’t require any setup of the recipient, we have decided to name this feature “Quick Send”. In this release, all configuration related to this feature will be named “Quick Send” and the user screens will also adopt this terminology.
Configurable temporary account lock time
When a user performs many attempts to authenticate to a S-Filer account (not an AD or LDAP account), S-Filer locks that account temporarily in order to hinder brute force attacks on passwords. The maximum number of attempts was configurable in the password policy, however the amount of time that the user was locked was not, it was fixed at 5 minutes.
Now that we have a new framework for configuring password policies, we have decided to use it to configure the lock time also. It defaults to 5 minutes if not specified, however it can be changed in order to match the enterprise policy. Also, if 0 is specified, the account is locked permanently and it needs to be unlocked by an administrator. If you do not want accounts to lock at all, remove the “Maximum number of failed attempts” password rule instead.
- This update does involve database schema changes, backup the database before performing any schema change
- This update does change the UI themes to accomodate the new UI elements, the changes are mostly minor, but the logout page requires a new css file
- This update does not change the email templates