Document version: 10 August 2015
This Readme applies to Axway API Gateway 7.3.0 SP 3 on all platforms. The information in this Readme supersedes any corresponding information in the documentation (online or printed) previously supplied for the product.
The main aim of this service pack is to provide fixes for reported defects. This service pack contains updates for:
The service pack contains new binaries only and does not overwrite the existing configuration.
File packages: An installation archive is provided for all platforms (for example,
APIGateway_7.3.0_SP3_Core_win-x86-32_BNyyyymmddn.zip
for Windows).
Size: The file size differs for each platform. The MD5 checksum is provided for each file.
This service pack provides the following corrections and enhancements.
Case ID | Internal ID | Description |
---|---|---|
762257 | 149651 | Issue: Certificate check from Connection filter is case sensitive Resolution: Previously, the Connect to URL filter reported that host name in the request did not match the server's certificate subject, where the certificate subject name contains upper/lowercase characters. Now, the Connect to URL filter correctly matches the host name against the server's certificate subject containing upper/lowercase characters. |
770305 | 145334 | Issue: Java crash—SIGSEGV in com.vordel.circuit.InvocationEngine.recordFilterEnd Resolution: Previously, the API Gateway was inconsistently crashing when attempting to send the response after processing a large payload when the client already closed the connection. Now, the API Gateway reports closed connections as expected when attempting to send the response. |
772132-1 | 146388 | Issue: SIGSEGV from libvcommon.so in Vordel::BoundHeap::allocImpl Resolution: Previously, API Gateway could crash when allocating memory due to an incorrect check of available memory per transaction. Now, API Gateway correctly reports out of memory errors. |
772935 | 146725 | Issue: WebServicePlugin action: null: java.lang.NullPointerException Resolution: Previously, in Policy Studio, a WebServicePlugin: java.lang.NullPointerException was shown when attempting to edit a WebService path in Listeners. Now, you can modify the WebService path in Listeners using the Web Service Resolver dialog in Policy Studio. |
774284 | 147201 | Issue: Retrieve from or write to database filter aborts with NPE when stored procedure returns NULL Resolution: Previously, a NPE was returned from the Retrieve from or write to database filter when a stored procedure was called that returned NULL . Now, when NULL is returned by the stored procedure, it is ignored (no message attribute is set). You can set a "" (blank) value in a message attribute for the returned NULL value of the stored procedure by setting a Java system property of ALLOW_NULL_VALUES_FROM_DB=true " in jvm.xml . For example, <VMArg name="-DALLOW_NULL_VALUES_FROM_DB=true"/> . |
775124 | 148772 | Issue: Allow access to attributes from a MAIL FROM policy handlerResolution: Previously, the MAIL , RCPT and DATA policy handlers did not have access to the authentication.subject.id and authentication.subject.password message attributes. Now, the MAIL , RCPT and DATA policy handlers have access to the authentication.subject.id and authentication.subject.password message attributes. |
775901 | 147916 | Issue: Upgrade Xerces to fix OutOfMemoryException Resolution: Previously, an OutOfMemoryException in the Xerces layer could occur during a schema check using data with large maxOccurs values. Now, no OutOfMemoryException occurs. |
776650 | 149975 | Issue: Very slow deployments cause failures Resolution: Previously, API Gateway had poor performance loading deployed configurations containing JSON Schema/XSLT entities. This might cause the API Gateway Node Manager to report the deployment errors due to a timeout waiting for a response from the instance reloading such configuration. Now, the API Gateway has been improved instantiating JSONSchema/XSLT entities when re-loading newly deployed configuration. |
779804 | 149427 | Issue: [port] XPath not visible after upgrade from 7.1.1 to 7.3.0 SP2 Resolution: Previously, migration of API Gateway configuration from 7.1.1 to 7.3.0 was failing for custom X-Path-Expressions in the Retrieve Attribute From Message filter. Now, migration of API Gateway configuration from 7.1.1 to 7.3.0 passes for custom X-Path-Expressions in the Retrieve Attribute From Message filter. |
147287 | Issue: Invalid directories searched for libvxml Resolution: Previously, some API Gateway shared libraries were using built-in RPATH first searching for other libraries to resolve dependencies. This caused problems loading API Gateway where the built-in RPATH was accidentally matching system paths in the customer's environment. Now, the RPATH is removed from reported API Gateway shared libraries. |
|
147361 | Issue: Scheduled Analytics reports sometimes fail to run Resolution: Previously, API Gateway Analytics reports were incorrectly rescheduled on refresh, and hence failed to run. Now, the Analytics reports are scheduled on refresh as expected. |
|
148021 | Issue: Maximum bytes per transaction issue Resolution: Previously, in Policy Studio, the Maximum Sent/Received Bytes per Transaction fields in System Settings were incorrectly set. Now, the Maximum Sent/Received Bytes per Transaction fields in Policy Studio match the actual values set in configuration. |
|
148194 | Issue: Directory Scanner moves folders as well as files when no file type specified Resolution: Previously, the Directory Scanner was also processing folders when no file type was specified in the configuration. Now, the Directory Scanner processes files as required when no file type is specified in the configuration. |
|
148980 | Issue: Incorrect installation instructions for Policy Studio and Configuration Studio SPs Resolution: Previously, in SP Readmes, the installation instructions for Policy Studio and Configuration Studio were incorrect. Now, the installation instructions for Policy Studio and Configuration Studio are correct. |
|
149355 | Issue: API Gateway port 8090 vulnerable to CSRF attack (v7.3.0) Resolution: Previously, the API Gateway Manager web application was vulnerable to potential CSRF attacks. Now, when you upgrade from API Gateway 7.2.x, the migrated API Gateway Manager web application has a Referer Header check enabled. For existing 7.3.0 installations, a manual step is provided for enabling the Referer Header check. For more information, see https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet. |
|
150453 | Issue: XPath not visible after upgrade from v7.1.1 to v7.4 SP1 (with v7.3.0 SP2) Resolution: Previously, in Policy Studio, when editing the Retrieve Attributes from message filter, custom XPath expressions may not appear in the XPath expression popup menu. Now, in Policy Studio, when editing the Retrieve Attributes from message filter, all available XPath expressions are shown in the XPath expression tree view dialog for selection. |
|
150491 | Issue: Changing name of XPath entity in Policy Studio creates duplicate entity Resolution: Previously, in Policy Studio, an XPath expression entity was duplicated when the XPath name was modified. Now, in Policy Studio, the XPath expression name is updated correctly if modified, and no duplicated XPath is created. |
The following issues are known and scheduled for correction in a future release.
Case ID | Internal ID | Description |
---|---|---|
771666 | 146050 | Upgrade OpenSSL libraries for http://openssl.org/news/secadv_20150319.txt |
773388 | 146901 | API Gateway tries to load OpenSSL libraries from invalid directories |
This service pack has the following prerequisites in addition to the prerequisites specified for the main product release:
INSTALL_DIR/system/lib/modules
directory.This section describes how to install the service pack on an existing installation of API Gateway.
Note
To install the service pack on your existing API Gateway 7.3.0 Core Server installation, perform the following steps:
INSTALL_DIR/ext/lib
directory (or the ext/lib
directory in an API Gateway instance). These patches have already been included in this service
pack, so you do not need to copy patches from a previous version.
Do not remove files used by any custom API Gateway filters that you have developed. apigateway
directory
in your existing installation directory. For example:
tar -xzvf APIGateway_7.3.0_SP3_Core_linux-x86-64_BNyyyymmddn.tar.gz -C
/opt/Axway-7.3.0/apigateway/
Note
ls -l INSTALL_DIR/apigateway/posix/bin
command to view the owner of
the binaries.
To install the service pack on your existing API Gateway Analytics 7.3.0 installation, perform the following steps:
INSTALL_DIR/ext/lib
directory (or the ext/lib
directory in an API Gateway Analytics instance). These patches have already been included in this service
pack. You do not need to copy patches from a previous version.
analytics
directory within your existing API Gateway 7.3.0 installation directory. For example:
tar -xzvf APIGateway_7.3.0_SP3_Analytics_linux-x86-64_BNyyyymmddn.tar.gz -C
/opt/Axway-7.3.0/analytics/
Note
ls -l INSTALL_DIR/analytics/posix/bin
command to view the owner of
the binaries.
To install the service pack on your existing Policy Studio installation, perform the following steps:
INSTALL_DIR/policystudio
directory.policystudio
directory within your existing API Gateway 7.3.0 installation directory. For example:
tar -xzvf APIGateway_7.3.0_SP3_PolicyStudio_linux-x86-64_BNyyyymmddn.tar.gz -C
/opt/Axway-7.3.0/policystudio/
Note
policystudio -clean
.To install the service pack on your existing Configuration Studio installation, perform the following steps:
INSTALL_DIR/configurationstudio
directory.configurationstudio
directory within your existing API Gateway 7.3.0 installation directory. For example:
tar -xzvf APIGateway_7.3.0_SP3_ConfigurationStudio_linux-x86-64_BNyyyymmddn.tar.gz -C
/opt/Axway-7.3.0/configurationstudio/
Note
configurationstudio -clean
.To allow an unprivileged user to run the API Gateway on a Linux system, perform the following steps:
INSTALL_DIR/system/conf/jvm.xml
file.
<VMArg
name="-Djava.library.path=$VDISTDIR/$DISTRIBUTION/jre/lib/amd64/server:
$VDISTDIR/$DISTRIBUTION/jre/lib/amd64:$VDISTDIR/$DISTRIBUTION/lib/engines:
$VDISTDIR/ext/$DISTRIBUTION/lib:$VDISTDIR/ext/lib:
$VDISTDIR/$DISTRIBUTION/jre/lib:system/lib:$VDISTDIR/$DISTRIBUTION/lib"/>
<VMArg
name="-Djava.library.path=$VDISTDIR/$DISTRIBUTION/jre/lib/i386/server:
$VDISTDIR/$DISTRIBUTION/jre/lib/i386:$VDISTDIR/$DISTRIBUTION/lib/engines:
$VDISTDIR/ext/$DISTRIBUTION/lib:$VDISTDIR/ext/lib:
$VDISTDIR/$DISTRIBUTION/jre/lib:system/lib:$VDISTDIR/$DISTRIBUTION/lib"/>
setcap 'cap_net_bind_service=+ep'
INSTALL_DIR/platform/bin/vshell
to allow the API Gateway to listen on privileged ports.
Note
Go to Axway Sphere at https://support.axway.com to find all documentation for this product version.
For information about how API Gateway is used in Axway 5 Suite, refer to:
All Axway documentation is available from Axway Sphere at https://support.axway.com.
The Axway Global Support team provides worldwide 24 x 7 support for customers with active support agreements.
Email support@axway.com or visit Axway Sphere at https://support.axway.com.
Copyright © 2015 Axway. All rights reserved