Download

API Gateway Readme

Axway API Gateway 7.3.1 SP 2 Readme

Document version: 13 Apr 2015


Readme for 7.3.1 SP2

This Readme applies to Axway API Gateway 7.3.1 SP2 for all platforms. The information in this Readme supersedes any corresponding information in the documentation (online or printed) previously supplied for the product.

The main aim of this service pack is to provide fixes for a number of reported defects.

This service pack contains updates for:

The service pack contains new binaries only and does not overwrite the existing configuration.

File Packages: An installation archive is provided for all platforms (for example, APIGateway_7.3.1_SP2_Core_win-x86-32_BN201504131.zip) for Windows.

Size: The file size differs for each platform. The MD5 checksum is provided for each file.

Corrections and enhancements

This service pack provides the following corrections and enhancements.

Case IDInternal IDDescription
760918 143518 Upgrade Time filter with cron from v6.2.0
Previously, the Time filter configuration upgrade failed reporting unexpected presence of the cronExpression field.
Now, the Time filter configuration upgrade passes.
762062 142448 API Gateway does not stop illegal characters in incoming path
Previously, the API Gateway allowed illegal characters in the incoming path.
Now, you can configure the API Gateway to disallow illegal characters in the incoming path using the com.vordel.strictUriSyntaxChecking Java system property in jvm.xml. For example: <VMArg name="-Dcom.vordel.strictUriSyntaxChecking=true"/>.
764315 142757 Performance issues when editing configuration in Policy Studio
Previously, Policy Studio had performance issue removing or changing certain filters.
Now, performance and error handling have been improved by removing or changing filters in Policy Studio.
765432 143057 Possible Cross-Site Scripting vulnerability in API Gateway
Previously, the API Gateway was responding with 400 Bad Request "unknown format" message that also contained value of the bad query parameter (possible Cross-Site Scripting vulnerability).
Now, the API Gateway responds with 400 Bad Request message including the "unknown format" text only.
765771 143309 Unable to test LDAPS in Policy Studio
Previously, the LDAP SSL connection test in Policy Studio was always failing when the SSL Enabled option was selected.
Now, the LDAP SSL connection test in Policy Studio passes when the SSL Enabled option is selected. You must import the LDAP server SSL certificate into the certificate store.
766455 143680 Entrust GetAccess filter does not appear to work in v7.3.1
Previously, the GetAccess filter was always aborting with a java.lang.NullPointerException.
Now, the GetAccess filter aborts when an invalid input is provided.
767120 143848 JVM crash and core dump created if invalid ephemeral DH key
Previously, the API Gateway was crashing if incorrect DH parameters are configured for an HTTPS port listener.
Now, the API Gateway reports incorrect DH parameters supplied for an HTTPS port listener.
767928 145159 Admin node manager crashes when trying to rename audit.log.49 to audit.log.50
Previously, the API Gateway was throwing an unexpected exception at start up when you attempted to configure the audit log with maximum number of files (50 by default).
Now, the API Gateway configures the audit log with maximum number of files (50 by default) successfully.
- 142698 Cannot connect to Amazon S3 using a proxy after applying v7.3.1 SP1
Previously, API Gateway was sending a CONNECT request to a proxy omitting the default SSL port, 443.
Now, API Gateway always adds the port in the CONNECT request to proxy.
- 144699 Backport 134747: Time filter stops execution of policy entirely when passed invalid timestamp
Previously, the Time filter aborted with NullPointerException when the provided timestamp was invalid.
Now, the Time filter fails when the provided timestamp is invalid.
- 145808 File Upload filter always uses FTPS settings and ignores FTP settings for ASCII/Binary transfer
Previously, the File Upload filter always used FTPS settings and ignored FTP settings for ASCII/Binary transfer.
Now, the File Upload filter uses FTPS, FTP, or SFTP configuration settings respectively.
- 145809 FTP Poller always uses passive mode for FTPS connection type disregarding the configuration
Previously, the FTP Poller always used passive mode for the FTPS connection type disregarding the configuration.
Now, the FTP Poller uses passive mode for the FTPS connection type based on the configuration.
- 145810 Proxy-Authorization header is not correct when a passphrase is used.
Previously, when an API Gateway configuration was protected with a passphrase, a user password in the Proxy settings was not decrypted causing the Proxy-Authorization HTTP header to contain the incorrect value.
Now, a user password in the Proxy settings is correctly decrypted when loading from a passphrase-protected API Gateway configuration.
- 145811 Hash Client Password option of the authentication repository is no longer hashing the password
Previously, the HTTP basic filter did not always authenticate user correctly using a database repository configured to hash a client password.
Now, API Gateway always hashes the client password if configured in the database repository.

Known issues

The following issues are known and scheduled for correction in a future release:

Case IDInternal IDDescription
760690 144315 Switching off traffic monitoring suppresses incoming/outgoing data from a trace file
764376 142550 Cannot start instance: Pipe Server Stopping error
766676 144401 Change in retrieving cached database results between v7.1.0 and v7.3.1
768745 144625 Out of memory error when writing to event log
768781 145157 WS-Policy configuration issue with XML decryption

Install the service pack

Prerequisites

This service pack has the following prerequisites in addition to the prerequisites specified for the main product release:

  1. Shut down any Node Manager or API Gateway instances on your existing installation.
  2. Back up your existing installation. For details on backing up, see the API Gateway Administrator Guide.
  3. Remove any old third-party libraries. To do this, delete the INSTALL_DIR/system/lib/modules directory.

Installation

This section describes how to install the service pack on an existing installation of API Gateway.

To install a new API Gateway installation from scratch without an existing installation, see the API Gateway Installation and Configuration Guide.

Install the API Gateway Core Server service pack

To install the service pack on your existing API Gateway 7.3.1 Core Server installation, perform the following steps:

  1. Ensure that your existing API Gateway instance and Node Manager have been stopped. For more details, see the API Gateway User Guide.
  2. Remove any previous patches from your INSTALL_DIR/ext/lib directory (or the ext/lib directory in an API Gateway instance). These patches have already been included in this service pack. You do not need to copy patches from a previous version.
  3. Unzip and extract API Gateway 7.3.1 SP2 Core over the apigateway directory within your existing installation directory. For example:
  4. tar -xzvf APIGateway_7.3.1_SP2_Core_linux-x86-64_BN201504131.tar.gz -C /opt/Axway-7.3.1/apigateway/

Note

Install the API Gateway Analytics service pack

To install the service pack on your existing API Gateway Analytics 7.3.1 installation, perform the following steps:

  1. Ensure that your existing API Gateway Analytics instance and Node Manager have been stopped. For more details, see the API Gateway User Guide.
  2. Remove any previous patches from your INSTALL_DIR/ext/lib directory (or the ext/lib directory in an API Gateway Analytics instance). These patches have already been included in this service pack. You do not need to copy patches from a previous version.
  3. Unzip and extract API Gateway 7.3.1 SP2 Analytics over the analytics directory within your existing API Gateway 7.3.1 installation directory. For example:
  4. tar -xzvf APIGateway_7.3.1_SP2_Analytics_linux-x86-64_BN201504131.tar.gz -C /opt/Axway-7.3.1/analytics/

Note

Install the Policy Studio service pack

To install the service pack on your existing Policy Studio installation, perform the following steps:

  1. Delete your existing Policy Studio installation directory (for example, INSTALL_DIR\policystudio).
  2. Use the API Gateway 7.3.1 installation executable to install Policy Studio into the same directory.

Note

Install the Configuration Studio service pack

To install the service pack on your existing Configuration Studio installation, perform the following steps:

  1. Delete your existing Configuration Studio installation directory (for example, INSTALL_DIR\configurationstudio).
  2. Use the API Gateway 7.3.1 installation executable to install Configuration Studio into the same directory.

After installation

To allow an unprivileged user to run the API Gateway on a Linux system, perform the following steps:

  1. Add the following line to the INSTALL_DIR/system/conf/jvm.xml file.
  2. 64-bit installation

    <VMArg name="-Djava.library.path=$VDISTDIR/$DISTRIBUTION/jre/lib/amd64/server:$VDISTDIR/$DISTRIBUTION/jre/lib/amd64:$VDISTDIR/$DISTRIBUTION/lib/engines:$VDISTDIR/ext/$DISTRIBUTION/lib:$VDISTDIR/ext/lib:$VDISTDIR/$DISTRIBUTION/jre/lib:system/lib:$VDISTDIR/$DISTRIBUTION/lib"/>

  3. 32-bit installation

    <VMArg name="-Djava.library.path=$VDISTDIR/$DISTRIBUTION/jre/lib/i386/server:$VDISTDIR/$DISTRIBUTION/jre/lib/i386:$VDISTDIR/$DISTRIBUTION/lib/engines:$VDISTDIR/ext/$DISTRIBUTION/lib:$VDISTDIR/ext/lib:$VDISTDIR/$DISTRIBUTION/jre/lib:system/lib:$VDISTDIR/$DISTRIBUTION/lib"/>

  1. Run the command setcap 'cap_net_bind_service=+ep' INSTALL_DIR/platform/bin/vshell to allow the API gateway to listen on privileged ports.

Note

Related documentation

Axway API Gateway is accompanied by a complete set of documentation, covering all aspects of using the product. These documents include the following:

Axway API Gateway documentation

Axway 5 Suite documentation

All Axway documentation is available from Axway Sphere at https://support.axway.com.

Support services

Support services are available from Axway Sphere at https://support.axway.com, including:

The Axway Global Support team also provides worldwide 24 x 7 support, subject to validation of your license agreement.
Email support@axway.com or, for your local support telephone number, visit Axway Sphere at https://support.axway.com and click Contact Axway Support.

See "Troubleshoot your API Gateway installation" in the API Gateway Administrator Guide for the information that you should be prepared to provide when you contact Axway Support.

You can display the version and build of API Gateway by selecting Help > About in Policy Studio.

For information about Axway training services, go to: www.axway.com.


Copyright © Axway Software 2015
All rights reserved