32-bit installation
Document version: 2 December 2016
This Readme applies to Axway API Gateway 7.4.1 SP 4 on all platforms. The information in this Readme supersedes any corresponding information in the documentation (online or printed) previously supplied for the product. This service pack is cumulative and includes all updates from previous API Gateway 7.4.1 service packs.
The main aim of this service pack is to provide fixes for a number of reported defects. This service pack contains updates for:
The service pack contains new binaries only and does not overwrite the existing configuration.
File packages: An installation archive is provided for all platforms (for example,
APIGateway_7.4.1_SP4_Core_win-x86-32_BNYYYYMMDDn.zip
for Windows).
Size: The file size differs for each platform. The MD5 checksum is provided for each file.
This service pack provides the following corrections and enhancements:
Internal ID | Case ID | CVE Identifier | Description |
---|---|---|---|
RDAPI‑5877 | — | CVE-2016-0800, CVE-2016-2107 |
Issue: Update to OpenSSL version. Now, API Gateway uses The |
Internal ID | Case ID | Description |
---|---|---|
RDAPI-1063 | 00807182 |
Issue: No HTTP header information in Traffic Monitor in API Gateway Manager. Now, all the headers are correctly shown. |
RDAPI-1167 | 00807346 |
Issue: How to hide internal server endpoints in exposed WSDL? Now, API Gateway replaces external locations with locations identified by their fingerprint that API Gateway can render. |
RDAPI-2545 | 00824002 |
Issue: The Retrieve from or write to database filter fails with Resolution: Previously, if you ran a query on Retrieve from or write to database filter that retrieved the Date column, the filter failed with a Now, if you run a query that retrieves the Date column containing the value |
RDAPI-2638 | 00821003 |
Issue: The Read Application filter does not return image property. Now, the image property has been defined both as public and persistent, and the Read Application filter can correctly export it. |
RDAPI-3154 | 00832311 |
Issue: Wrong behavior on the Retrieve Attributes from Directory Server filter if the directory is called several times. Resolution: Previously, in the Retrieve Attributes from Directory Server filter, if you selected Enable the legacy attribute naming for retrieved attributes and called the directory more than once, the previously retrieved attribute values were overwritten with each call. Now, the retrieved values are no longer overwritten and correctly match the values in the directory. |
RDAPI-3216 | 00833619 | Issue: The Connect to URL filter fails with a short hostname alias. Resolution: Previously, the Connect to URL filter might cause API Gateway to crash if the hostname alias of the URL was very short, for example, Now, API Gateway handles these requests without crashing. |
RDAPI-3570 | 00839714 |
Issue: Issue with refreshing Salesforce tokens. Now, you can configure the default routing policy to retry the request, if API Manager receives a |
RDAPI‑3608 | 00859686 |
Issue: Scriptable
Now, group level operations have been added to manage KPS collections, and you can use scripts in the
For more details, run It is recommended to try out these features in the development environment before using them in the production environment. For more details, see the API Gateway Key Property Store User Guide. |
RDAPI-3878 |
00840339 |
Issue: The Admin User Rest API documentation is empty. Resolution: Previously, the documentation for the Admin User REST API was missing. Now, the documentation is available online at https://support.axway.com/htmldoc/1433379. |
RDAPI-3880 | 00836121 | Issue: The XML to JSON filter converts Unicode characters to ? .Resolution: Previously, the XML to JSON filter used the system's default encoding when converting the message. Now, the XML to JSON filter uses UTF-8 encoding. |
RDAPI-4106 | 00841372 | Issue: Applying a service pack breaks the Policy Studio help. Resolution: Previously, after applying a service pack, the Policy Studio help contents were missing, and the help was blank. Now, after applying a service pack, the Policy Studio help is displayed normally. |
RDAPI-4195 | 00840012 | Issue: Fault handler policy not called on failure. Resolution: Previously, the Read API Proxy filter was not handling exceptional circumstances correctly, and the fault handler was not called in case of a failure. Now, the Read API Proxy filter correctly handles exceptional circumstances and ensures that the fault handler is called. |
RDAPI-4324 | 00845637 |
Issue: Cannot add a Policy Assembly filter to a policy. Now, you can add the Policy Assembly filter to a policy. |
RDAPI-4463 | 00839882 |
Issue: SSL protocols from
Now, the Connect to URL filter always uses the SSL protocols configured in |
RDAPI-4532 | 00847255 | Issue: Variable cannot be entered in the Port field for a File Transfer Service listener. Resolution: Previously, when configuring a File Transfer Service listener in Policy Studio, you could not set the port value to use a selector. Now, you can set the port value to use a selector. |
RDAPI-4684 | 00849495 | Issue: JSON Remove node filter not working as expected. Resolution: Previously, the value of check box Fail if no nodes returned from JSON Path in the JSON Remove Node filter was ignored. Now, the JSON Remove Node filter follows the success path if this check box is selected and the JSON Path expression does not return any nodes. |
RDAPI-4791 | 00851001 | Issue: Cross-site scripting (XSS) vulnerability in API Gateway Manager. Resolution: Previously, API Gateway Manager was vulnerable to XSS attacks. In case of repeated failed login attempts to API Gateway Manager, an error message containing the unescaped user name was displayed. Now, the error message displayed no longer contains the user name. |
RDAPI-4835 | 00851284 |
Issue: Cannot deserialize an instance of Resolution: Previously, in the Verify ID Token filter, the presence of an Authentication Methods References ( Now, |
RDAPI-4951 | 00841109, 00859658, 00847890, 00859498 |
Issue: Memory leak in Traffic Monitor. Now, this memory leak has been fixed. |
RDAPI-5125 | 00857187, 00843534 |
Issue: Data missing from access log. Now, the bytes sent to the client logged in the access log correctly reflect the size of the content body. |
RDAPI-5386 | 00852989 |
Issue: Environmentalized Certificate Chain filter shows only certificates with private key. Now, you can see all certificates in Configuration Studio. |
RDAPI-5588 | 00857893 |
Issue: Insufficient data logged when an error occurs in the JSON Schema Validation.
Now, the JSON Schema Validation filter includes a new message attribute, |
RDAPI-5882 | 00811590 |
Issue: Update to McAfee Anti-Malware Engine. Now, API Gateway has been updated to McAfee Anti-Malware Engine 5800. |
RDAPI-6152 | 00863107 |
Issue: The Get OAuth Access Token filter is incorrectly encoding Now, the |
RDAPI-6217 | 00840941 |
Issue: A policy loads very slowly in Policy Studio. Now, these conditions are handled correctly, and the message attribute calculations have returned to normal. |
RDAPI-6251 | 00862127 |
Issue: Decryption fails when key on a hardware security module (HSM). Now, XML-Decryption |
There are no known issues in this service pack.
This service pack has the following prerequisites in addition to the prerequisites specified for the main product release:
INSTALL_DIR/system/lib/modules
directory.INSTALL_DIR/apigateway/webapps/apiportal/vordel/apiportal/app/app.config
before applying API Gateway and API Manager service packs. You must then restore customized API Manager data manually in the new app.config
file.If FIPS mode is enabled, you must perform the following steps:
togglefips --disable
to turn FIPS mode off.nodemanager
to move the JARs.nodemanager
.nodemanager
.nodemanager
.togglefips --enable
to turn FIPS on again.nodemanager
.This section describes how to install the service pack on an existing installation of API Gateway.
To install a new API Gateway installation from scratch without an existing installation, or to upgrade from an earlier version to 7.4.1, see the API Gateway Installation Guide.
To install the service pack on your existing API Gateway 7.4.1 Core Server installation, perform the following steps:
INSTALL_DIR/ext/lib
directory (or the ext/lib
directory in an API Gateway instance). These patches have already been included in this service
pack. You do not need to copy patches from a previous version.
apigateway
directory
in your existing installation directory. For example:
tar -xzvf APIGateway_7.4.1_SP4_Core_linux-x86-64_BNYYYYMMDDn.tar.gz -C
/opt/Axway-7.4.1/apigateway/
# [ -f /etc/vordel/ssl-engines.xml ] && mv /etc/vordel/ssl-engines.xml /etc/vordel/ssl-engines.xml.1
# chown -R admin:admin /opt/gateway/
# grep "java.library.path" /opt/gateway/system/conf/jvm.xml || sed -i.bak -e '/<JVMSettings/a\\n <!-- Set to allow correct library load after setting CAP_NET_BIND_SERVICE on vshell -->\n <VMArg name="-Djava.library.path=$VDISTDIR/$DISTRIBUTION/jre/lib/amd64/server:$VDISTDIR/$DISTRIBUTION/jre/lib/amd64:$VDISTDIR/$DISTRIBUTION/lib/engines:$VDISTDIR/ext/$DISTRIBUTION/lib:$VDISTDIR/ext/lib:$VDISTDIR/$DISTRIBUTION/jre/lib:system/lib:$VDISTDIR/$DISTRIBUTION/lib"/>' /opt/gateway/system/conf/jvm.xml
# setcap 'cap_net_bind_service=+ep cap_sys_rawio=+ep' /opt/gateway/platform/bin/vshell
# ldconfig
Note
ls -l INSTALL_DIR/apigateway/posix/bin
command to view the owner of
the binaries.
To install the service pack on your existing API Gateway Analytics 7.4.1 installation, perform the following steps:
INSTALL_DIR/ext/lib
directory (or the ext/lib
directory in an API Gateway Analytics instance). These patches have already been included in this service
pack. You do not need to copy patches from a previous version.
analytics
directory within your existing API Gateway 7.4.1 installation directory. For example:
tar -xzvf APIGateway_7.4.1_SP4_Analytics_linux-x86-64_BNYYYYMMDDn.tar.gz -C
/opt/Axway-7.4.1/analytics/
Note
ls -l INSTALL_DIR/analytics/posix/bin
command to view the owner of
the binaries.
To install the service pack on your existing Policy Studio installation, perform the following steps:
INSTALL_DIR/policystudio
directory.policystudio
directory within your existing API Gateway 7.4.1 installation directory. For example:
tar -xzvf APIGateway_7.4.1_SP4_PolicyStudio_linux-x86-64_BNYYYYMMDDn.tar.gz -C
/opt/Axway-7.4.1/policystudio/
The first time you start Policy Studio, you must use policystudio -clean
.
To install the service pack on your existing Configuration Studio installation, perform the following steps:
INSTALL_DIR/configurationstudio
directory.configurationstudio
directory within your existing API Gateway 7.4.1 installation directory. For example:
tar -xzvf APIGateway_7.4.1_SP4_ConfigurationStudio_linux-x86-64_BNYYYYMMDDn.tar.gz -C
/opt/Axway-7.4.1/configurationstudio/
The first time you start Configuration Studio, you must use configurationstudio -clean
.
Note
To allow an unprivileged user to run the API Gateway on a Linux system, perform the following steps:
INSTALL_DIR/system/conf/jvm.xml
file: <VMArg
name="-Djava.library.path=$VDISTDIR/$DISTRIBUTION/jre/lib/amd64/server:
$VDISTDIR/$DISTRIBUTION/jre/lib/amd64:$VDISTDIR/$DISTRIBUTION/lib/engines:
$VDISTDIR/ext/$DISTRIBUTION/lib:$VDISTDIR/ext/lib:
$VDISTDIR/$DISTRIBUTION/jre/lib:system/lib:$VDISTDIR/$DISTRIBUTION/lib"/>
setcap 'cap_net_bind_service=+ep'
INSTALL_DIR/platform/bin/vshell
to allow the API Gateway to listen on privileged ports.
Go to Axway Support at https://support.axway.com to find all documentation for this product version.
All Axway documentation is available from Axway Support at https://support.axway.com.
The Axway Global Support team provides worldwide 24 x 7 support for customers with active support agreements.
Email support@axway.com or visit Axway Support at https://support.axway.com.
Copyright © 2016 Axway. All rights reserved