Document version: 1 July 2016
This Readme applies to Axway API Gateway 7.4.1 SP 3, for all platforms. The information in this Readme supersedes any corresponding information in the documentation (online or printed) previously supplied for the product.
The main aim of this service pack is to provide fixes for a number of reported defects. This service pack contains updates for:
The service pack contains new binaries only and does not overwrite the existing configuration.
File packages: An installation archive is provided for all platforms (for example,
APIGateway_7.4.1_SP3_Core_win-x86-32_BNYYYYMMDDn.zip
for Windows).
Size: The file size differs for each platform. The MD5 checksum is provided for each file.
This service pack provides the following corrections and enhancements.
Internal ID | Case ID | Description |
---|---|---|
RDAPI-1176 | 00808783 |
Issue: Traffic monitoring trace level not in sync with system trace level. Now, Traffic Monitor displays data in the trace output panel and the request/response panel like you define in the corresponding interface or global settings. |
RDAPI-2325 | 776780 | Issue: When the Connect to URL filter reaches the Max Received Bytes limit, it returns a truncated result instead of an error.Resolution: Previously, the policy would not trap exceptions encountered when streaming the response to the client. Now, the policy buffers the response in the Reflect Message filter and ensures that the Fault Handler is invoked if maximum response length is reached. |
RDAPI-2559 | 00825167 |
Issue: Valid JSON Path incorrectly returns no matches. Now, the JSON Path filter handles these filter expressions. The underlying 3rd party library has been updated to fix the problem. Before installing the service pack, you must remove the old JSON path file ( In addition, Policy Studio uses the JSON path file to validate path expressions. Before installing the service pack, you must also remove the file from Policy Studio ( |
RDAPI-2632 | 00822359 | Issue: Schema validation is failing in API Gateway v7.4.1 when comparing to v7.2.2. Resolution: Previously, Now, you can disable |
RDAPI-2636 | 00823330 | Issue: Cannot access a renamed web service after it is upgraded. Resolution: Previously, if you upgraded an older (v7.3.0 or earlier) configuration that contained a web service you had renamed, requests sent to the web service failed to resolve. This happened because API Gateway tried to match the new web service name against the < Now, you can upgrade a configuration containing a renamed web service, and requests to the web service resolve normally after the upgrade. |
RDAPI-2666 | 00814952 |
Issue: KPS is failing for Resolution: Previously, you could not update a property of the type Now, you can update a |
RDAPI-2698 | 00810590 |
Issue: Extract MTOM filter returns incorrect Resolution: Previously, when a SOAP 1.2 request was sent to the Extract MTOM filter, the Now, when a SOAP 1.2 request is sent to the Extract MTOM filter, the |
RDAPI-2768 | 00827079 | Issue: Connecting to back-end API with an SSL certificate. Resolution: Previously, if you tried to import a PKCS#12 to be used in two-way SSL in the front-end API, you got an Now, you can successfully import a PKCS#12 with a valid password. |
RDAPI-2811 | 00816118 |
Issue: API Gateway becomes unresponsive after a deployment failure. Resolution: Previously, API Gateway might become unresponsive when a client (Node Manager) initiated a deployment request while API Gateway was serving long traffic request. Now, when you set a timeout value in milliseconds to the |
RDAPI-2843 | 00821733 | Issue: Creating policy assembly fails with DuplicateKeysException .Resolution: Previously, when you created a policy assembly for a policy, you got a Now, you can successfully create a policy assembly for a policy. |
RDAPI-2893 | 00829447 | Issue: PGP key not updated after reconnecting Policy Studio to API Gateway. Resolution: Previously, PGP key configuration was not updated in Policy Studio after you reconnected Policy Studio to an API Gateway instance. Now, PGP key configuration is updated correctly in Policy Studio. |
RDAPI-2895 | 00818438 | Issue: Cache attribute filter does not fail when unable to set key in cache Resolution: Previously, the Cache Attribute filter did not return Now, the Cache Attribute filter returns |
RDAPI-2902 | 00827354 | Issue: The option Choose Issuer Certificate is not working. Resolution: Previously, when you clicked Choose Issuer Certificate, the certificate you selected was not taken into account when building the certification chain in Policy Studio. Now, the issuer certificate is correctly displayed in the certificate chain in Policy Studio. |
RDAPI-2906 | 00829293 | Issue: Connection filters are no longer working after applying OpenSSL 1.0.1s-fips. Resolution: Previously, API Gateway with OpenSSL 1.0.1s-fips was disregarding settings to enable SSLv2 protocol. Now, API Gateway respects configuration of SSLv2 protocol with OpenSSL 1.0.1s-fips. |
RDAPI-2984 | 00827134 | Issue: managedomain --deploy return code set to 0 in case of error.Resolution: Previously, if an error occurred during deployment, the Now, if an error occurs during deployment, |
RDAPI-3002 | 00830624 |
Issue: JSON Remove Node fails if the value of the node to remove is Resolution: Previously, the JSON Remove Node filter failed if the value of the node to be removed was set to Now, the JSON Remove Node filter removes the node containing the value |
RDAPI-3052 | 00831687 |
Issue: PGP Encrypt and Sign symmetric key algorithm does not take into account if Encrypt and Sign in Two Passes is selected. Resolution: Previously, the PGP Encrypt and Sign filter was using CAST5 instead of the user-defined symmetric-key algorithm for processing. Now, the PGP Encrypt and Sign filter always uses the user-defined symmetric-key algorithm. |
RDAPI-3290 | 00805574 | Issue: Script injection into timeline on port 8090 .Resolution: Previously, the Monitoring API in API Gateway did not validate the metric group type parameter, so it might return metrics data for an unknown group type. Now, the Monitoring API validates the metric group type parameter. The API responds with a |
RDAPI-3342 | 00830013 |
Issue: Cannot handshake anymore with Resolution: Previously, the API Gateway FTPS server did not accept an SSL client connection with the Now, the FTPS server accepts an SSL client connection with RSA ciphers. |
RDAPI-3358 | 00835093 | Issue: Requests that fail (HTTP Status code 500) shown as successes in Traffic Monitor in the API Gateway Manager. Resolution: Previously, in Traffic Monitor, the HTTP Traffic was incorrectly showing the orange warning icons for transactions with the status Now, the HTTP Traffic shows the green success icons for transactions with the status |
RDAPI-3374 | 00835645 |
Issue: Unable to migrate Client Application Registry data from API Gateway v7.1.1. Resolution: Previously, migrating Client Application Registry data from API Gateway v7.1.1 failed, because the upgrade script Now, the API Gateway upgrade script |
RDAPI-3388 | — | Issue: Success and failure errors in LDAP communication not logged in the message attributes. Resolution: Previously, it was not possible to see the success and failure errors when communicating with an LDAP server. Now, the reason for success or failure when connecting to an LDAP server is stored in |
RDAPI-3396 | — | Issue: The script to migrate OAuth from v7.1.x no longer works. Resolution: Previously, the API Gateway upgrade script Now, the API Gateway upgrade script |
RDAPI-3401 | — | Issue: The information on Node Manager connection in the audit logs is insufficient. Resolution: Previously, API Gateway Node Manager did not audit connection events when communicating with the remote audit offload server. Now, API Gateway Node Manager audits two additional events: |
RDAPI-3432 | — | Issue: SOAP Fault Processor: Soap Fault always returns SOAP 1.2 Resolution: Previously, the trace output at Now, the trace messages generated at
|
RDAPI-3502 | 00829256 |
Issue: HTTP Session cookies distributed cache error. Now, the parameters are maintained in the redirects of the canonical OAuth set up, so the initial request does not need to be searched from cache. The fix defers to the query string in the event of a cache failure. |
RDAPI-3508 | 00835154 |
Issue: Security vulnerabilities identified in OpenSSL Security Advisory [3rd May 2016]. Resolution: Previously,
Now, |
RDAPI-3513 | 00835705 |
Issue: Tight loop reading from closed JMS (IBM MQ) connection. filling logs Now, a concurrent access is no longer triggered. Previously, when a Now, same consecutive errors are no longer printed out, and an increasing delay between retrying operations has been added. |
RDAPI-3731 | 751232 |
Issue: Unable to configure SSL options for outgoing connections. Resolution: Previously, you could not configure SSL/TLS protocols for outbound connections in the Connect To URL filter in API Gateway. Now, you can configure default SSL/TLS protocols for outbound connections in the Connect To URL filter using the <ConfigurationFragment> <SystemSettings> <!-- SSL options for outgoing connections --> ... <!-- Do not use the TLSv1.1 protocol --> <!-- <attribute key="ssloptions">notlsv1_1</attribute> --> <!-- Do not use the TLSv1.2 protocol --> <!-- <attribute key="ssloptions">notlsv1_2</attribute> --> </SystemSettings> </ConfigurationFragment> |
The following issues are known and scheduled for correction in a future release.
Internal ID | Case ID | Description |
---|---|---|
RDAPI-1167 | 00807346 | How to hide internal server endpoints in exposed WSDL? |
RDAPI-2505 | 00813773 | When the logged-in user changes password on API Gateway Manager, they lose all their roles. |
RDAPI-2545 | 00824002 | The Retrieve from or write to database filter fails with NullPointerException when the Date column contains null . |
RDAPI-2927 | 00822328 | API Gateway intermittently resetting the connection to the Apache server. |
RDAPI-3154 | 00832311 | Wrong behavior in legacy attribute naming for the Retrieve attributes from directory server filter, if the filter is called several times. |
RDAPI-3162 | 00827846 | SIGSEGV in Java_com_vordel_dwe_NativeContentSource_buffer . |
RDAPI-3216 | 00833619 | API Gateway instance constantly crashing. |
RDAPI-3454 | 00832678 | The Retrieve from or insert to database failed when trying to insert a null value. |
RDAPI-3570 | 00837700 | Salesforce tokens are not automatically refreshed on expiry. |
RDAPI-3578 | 00838339 | Delay seen in outgoing requests when API Gateway is under load. |
RDAPI-3878 | 00840339 | The Admin User Rest API documentation is empty. |
This service pack has the following prerequisites in addition to the prerequisites specified for the main product release:
INSTALL_DIR/system/lib/modules
directory.policystudio/plugins/com.vordel.rcp.filterbase_7.4.1._DATE/lib/json-path-<version>.jar
). Run togglefips --disable
to turn FIPS mode off.
Start the nodemanager
to move the JARs.
Stop the nodemanager
.
Install API Gateway 7.4.1 SP 3.
Start the nodemanager
.
Stop the nodemanager
.
Run togglefips --enable
to turn FIPS on again.
Start the nodemanager
.
This section describes how to install the service pack on an existing installation of API Gateway.
Note
To install the service pack on your existing API Gateway 7.4.1 Core Server installation, perform the following steps:
INSTALL_DIR/ext/lib
directory (or the ext/lib
directory in an API Gateway instance). These patches have already been included in this service
pack. You do not need to copy patches from a previous version.
apigateway
directory
in your existing installation directory. For example:
tar -xzvf APIGateway_7.4.1_SP3_Core_linux-x86-64_BNYYYYMMDDn.tar.gz -C
/opt/Axway-7.4.1/apigateway/
Note
ls -l INSTALL_DIR/apigateway/posix/bin
command to view the owner of
the binaries.
To install the service pack on your existing API Gateway Analytics 7.4.1 installation, perform the following steps:
INSTALL_DIR/ext/lib
directory (or the ext/lib
directory in an API Gateway Analytics instance). These patches have already been included in this service
pack. You do not need to copy patches from a previous version.
analytics
directory within your existing API Gateway 7.4.1 installation directory. For example:
tar -xzvf APIGateway_7.4.1_SP3_Analytics_linux-x86-64_BNYYYYMMDDn.tar.gz -C
/opt/Axway-7.4.1/analytics/
Note
ls -l INSTALL_DIR/analytics/posix/bin
command to view the owner of
the binaries.
To install the service pack on your existing Policy Studio installation, perform the following steps:
INSTALL_DIR/policystudio
directory.policystudio
directory within your existing API Gateway 7.4.1 installation directory. For example:
tar -xzvf APIGateway_7.4.1_SP3_PolicyStudio_linux-x86-64_BNYYYYMMDDn.tar.gz -C
/opt/Axway-7.4.1/policystudio/
Note
policystudio -clean
.To install the service pack on your existing Configuration Studio installation, perform the following steps:
INSTALL_DIR/configurationstudio
directory.configurationstudio
directory within your existing API Gateway 7.4.1 installation directory. For example:
tar -xzvf APIGateway_7.4.1_SP3_ConfigurationStudio_linux-x86-64_BNYYYYMMDDn.tar.gz -C
/opt/Axway-7.4.1/configurationstudio/
Note
configurationstudio -clean
.To allow an unprivileged user to run the API Gateway on a Linux system, perform the following steps:
INSTALL_DIR/system/conf/jvm.xml
file.
<VMArg
name="-Djava.library.path=$VDISTDIR/$DISTRIBUTION/jre/lib/amd64/server:
$VDISTDIR/$DISTRIBUTION/jre/lib/amd64:$VDISTDIR/$DISTRIBUTION/lib/engines:
$VDISTDIR/ext/$DISTRIBUTION/lib:$VDISTDIR/ext/lib:
$VDISTDIR/$DISTRIBUTION/jre/lib:system/lib:$VDISTDIR/$DISTRIBUTION/lib"/>
setcap 'cap_net_bind_service=+ep'
INSTALL_DIR/platform/bin/vshell
to allow the API Gateway to listen on privileged ports.
Note
Go to Axway Sphere at https://support.axway.com to find all documentation for this product version.
For information about how API Gateway is used in Axway 5 Suite, refer to:
All Axway documentation is available from Axway Sphere at https://support.axway.com.
The Axway Global Support team provides worldwide 24 x 7 support for customers with active support agreements.
Email support@axway.com or visit Axway Sphere at https://support.axway.com.
Copyright © 2016 Axway. All rights reserved