Document version: 19 November 2015
This Readme applies to Axway API Gateway 7.4.1 SP 1, for all platforms. The information in this Readme supersedes any corresponding information in the documentation (online or printed) previously supplied for the product.
The main aim of this service pack is to provide fixes for a number of reported defects. This service pack contains updates for:
The service pack contains new binaries only and does not overwrite the existing configuration.
File packages: An installation archive is provided for all platforms (for example,
APIGateway_7.4.1_SP1_Core_win-x86-32_BNYYYYMMDDn.zip
for Windows).
Size: The file size differs for each platform. The MD5 checksum is provided for each file.
This service pack provides the following corrections and enhancements.
Case ID | Internal ID | Description |
---|---|---|
789954 | RDAPI-125 |
Issue: API Gateway sends garbage data when both sides of a WebSocket send frames at the same time |
774850 | RDAPI-128 |
Issue: The |
787659 | RDAPI-155 |
Issue: Decode Extracted Attributes still decoding even if not selected (Extract REST Request Attributes filter) |
780484 | RDAPI-156 |
Issue: XPath not visible after upgrade from v7.1.1 to v7.4.1 SP 1 (via 7.3.0 SP 1) |
779817 | RDAPI-159 |
Issue: API Gateway port 8090 vulnerable to XSRF attack Enable protection for the API Gateway Manager web app (8090) by adding the following Jersey property to the Name: For more details, see https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet. |
- | RDAPI-160 |
Issue: XSS/Session hijack/CSRF vulnerability on registration name |
784222 | RDAPI-237 |
Issue: Large native memory leak from |
775282 | RDAPI-238 |
Issue: LDAP character conversion issue |
786131 | RDAPI-239 |
Issue: Gateway runs out of heap space |
785809 | RDAPI-254 |
Issue: Problem on startup initializing the Luna HSM engine |
- | RDAPI-255 |
Issue: Changing name of XPath entity in Policy Studio leads to creation of duplicated entity |
762257 | RDAPI-257 |
Issue: Certificate check from Connection filter is case sensitive |
- | RDAPI-378 |
Issue: WS-Policy is broken |
779069 | RDAPI-566 |
Issue: SSL connection |
- | RDAPI-587 |
Issue: API Gateway crashed parsing a SOAP request |
789992 | RDAPI-627 |
Issue: Java crash— |
786897 | RDAPI-628 |
Issue: |
772132-1 | RDAPI-629 |
Issue: |
785760 | RDAPI-630 |
Issue: |
- | RDAPI-671 |
Issue: |
The following issues are known and scheduled for correction in a future release.
Case ID | Internal ID | Description |
---|---|---|
- | RDAPI-165 | Upgrade adds Default Services to API Gateway configuration, which breaks the configuration. |
This service pack has the following prerequisites in addition to the prerequisites specified for the main product release:
INSTALL_DIR/system/lib/modules
directory.This section describes how to install the service pack on an existing installation of API Gateway.
Note
To install the service pack on your existing API Gateway 7.4.1 Core Server installation, perform the following steps:
INSTALL_DIR/ext/lib
directory (or the ext/lib
directory in an API Gateway instance). These patches have already been included in this service
pack. You do not need to copy patches from a previous version.
apigateway
directory
in your existing installation directory. For example:
tar -xzvf APIGateway_7.4.1_SP1_Core_linux-x86-64_BNYYYYMMDDn.tar.gz -C
/opt/Axway-7.4.1/apigateway/
Note
ls -l INSTALL_DIR/apigateway/posix/bin
command to view the owner of
the binaries.
To install the service pack on your existing API Gateway Analytics 7.4.1 installation, perform the following steps:
INSTALL_DIR/ext/lib
directory (or the ext/lib
directory in an API Gateway Analytics instance). These patches have already been included in this service
pack. You do not need to copy patches from a previous version.
analytics
directory within your existing API Gateway 7.4.1 installation directory. For example:
tar -xzvf APIGateway_7.4.1_SP1_Analytics_linux-x86-64_BNYYYYMMDDn.tar.gz -C
/opt/Axway-7.4.1/analytics/
Note
ls -l INSTALL_DIR/analytics/posix/bin
command to view the owner of
the binaries.
To install the service pack on your existing Policy Studio installation, perform the following steps:
INSTALL_DIR/policystudio
directory.policystudio
directory within your existing API Gateway 7.4.1 installation directory. For example:
tar -xzvf APIGateway_7.4.1_SP1_PolicyStudio_linux-x86-64_BNYYYYMMDDn.tar.gz -C
/opt/Axway-7.4.1/policystudio/
Note
policystudio -clean
.To install the service pack on your existing Configuration Studio installation, perform the following steps:
INSTALL_DIR/configurationstudio
directory.configurationstudio
directory within your existing API Gateway 7.4.1 installation directory. For example:
tar -xzvf APIGateway_7.4.1_SP1_ConfigurationStudio_linux-x86-64_BNYYYYMMDDn.tar.gz -C
/opt/Axway-7.4.1/configurationstudio/
Note
configurationstudio -clean
.To allow an unprivileged user to run the API Gateway on a Linux system, perform the following steps:
INSTALL_DIR/system/conf/jvm.xml
file.
<VMArg
name="-Djava.library.path=$VDISTDIR/$DISTRIBUTION/jre/lib/amd64/server:
$VDISTDIR/$DISTRIBUTION/jre/lib/amd64:$VDISTDIR/$DISTRIBUTION/lib/engines:
$VDISTDIR/ext/$DISTRIBUTION/lib:$VDISTDIR/ext/lib:
$VDISTDIR/$DISTRIBUTION/jre/lib:system/lib:$VDISTDIR/$DISTRIBUTION/lib"/>
<VMArg
name="-Djava.library.path=$VDISTDIR/$DISTRIBUTION/jre/lib/i386/server:
$VDISTDIR/$DISTRIBUTION/jre/lib/i386:$VDISTDIR/$DISTRIBUTION/lib/engines:
$VDISTDIR/ext/$DISTRIBUTION/lib:$VDISTDIR/ext/lib:
$VDISTDIR/$DISTRIBUTION/jre/lib:system/lib:$VDISTDIR/$DISTRIBUTION/lib"/>
setcap 'cap_net_bind_service=+ep'
INSTALL_DIR/platform/bin/vshell
to allow the API Gateway to listen on privileged ports.
Note
Go to Axway Sphere at https://support.axway.com to find all documentation for this product version.
For information about how API Gateway is used in Axway 5 Suite, refer to:
All Axway documentation is available from Axway Sphere at https://support.axway.com.
The Axway Global Support team provides worldwide 24 x 7 support for customers with active support agreements.
Email support@axway.com or visit Axway Sphere at https://support.axway.com.
Copyright © 2015 Axway. All rights reserved