Panel | ||||
---|---|---|---|---|
|
Introduction
Stonebranch provides product maintenance in the form of updated product installation packages. This document lists the product installation package maintenance history for Universal Data Mover Gateway 1.5.x.
Note |
---|
For Universal Data Mover Gateway 1.5.x, applying maintenance refers to the increase from a currently installed and supported version of the Universal Data Mover Gateway to a later 1.5.x version of the Universal Data Mover Gateway (for example, increase Universal Data Mover Gateway 1.0.0.0 to Universal Data Mover Gateway 1.5.0.0). |
Product Packaging
A package maintenance level is incremented when the package changes or the package installation changes.
Stonebranch changes product version, release, or modification identifiers at its discretion when it deems an appropriate number of enhancements or capabilities have been introduced to warrant the change.
Versioning
Package version numbers are comprised of four numeric identifiers: version, release, modification level, and maintenance level.
For example, for Universal Data Mover Gateway 1.5.0.0:
1 = Version 1
5 = Release 5
0 = Modification Level 0
0 = Maintenance Level 0
Packaging Methods
The Universal Data Mover Gateway 1.5.x packages are provided in formats appropriate for the target platforms.
See Administrator Guide for information on installing, upgrading, and applying maintenance to the Universal Data Mover Gateway.
Package Maintenance Levels
This section identifies the changes included in Universal Data Mover Gateway 1.4.x.
This table identifies the maintenance level of every component in each package.
...
Release
...
UDMG Server
...
UDMG 1.5.0.0 - November 17, 2023
...
Two-Factor Authentication
UDMG user can be configured with the "Standard / Authenticator App (TOTP)" (local-otp) login method.
When enabled, the login requires a TOTP code from an authenticator mobile application. The registration with a generated QR code or secret is performed on first login or after the registration has been reset.
The reset of the OTP registration can be reset with the 'user write' permissions from the CLI or the UDMG Admin UI.
...
Web services for the multi instance monitoring and load balancing.
- Existing
/api/sb_healthcheck
is enhanced with additional information: node details and node status. Requires authentication but no specific permissions.
Example of output for a passive instance:{
"status": "operational",
"nodeId": "gateway_1:8080-mft-gw-0",
"nodeHostname": "gateway_1",
"nodeIPAddress": "172.99.0.101",
"nodePort": "8080",
"nodeStatus": "PASSIVE",
"nodeUptime": "15h6m4.810854748s",
"nodeLastUpdate": "2023-11-14T08:07:54.848374Z",
"nodeLastActiveDate": "2023-11-13T16:57:57.026091Z"
}
- New
/ping
endpoint returns the instance status with a 400 Bad Request HTTP code when the node is not active and the plain text status: 'ACTIVE', 'PASSIVE', or 'OFFLINE'. This API is provided without authentication for load balancers. - New /
api/sb_mgmt_nodes
endpoint return the list of the instances with their details and status. Requires the 'administration read' permissions.
...
UI: Management of user sessions
The open sessions for the user of the UDMG Admin UI can be displayed and terminated from the user menu.
Requires the 'administration write' permissions.
...
REST/CLI: Management of user sessions
REST API: new /api/sb_session
endpoint with GET and DELETE
...
Panel | ||||
---|---|---|---|---|
|
Introduction
Stonebranch provides product maintenance in the form of updated product installation packages. This document lists the product installation package maintenance history for Universal Data Mover Gateway 1.5.x.
Note |
---|
For Universal Data Mover Gateway 1.5.x, applying maintenance refers to the increase from a currently installed and supported version of the Universal Data Mover Gateway to a later 1.5.x version of the Universal Data Mover Gateway (for example, increase Universal Data Mover Gateway 1.0.0.0 to Universal Data Mover Gateway 1.5.0.0). |
Product Packaging
A package maintenance level is incremented when the package changes or the package installation changes.
Stonebranch changes product version, release, or modification identifiers at its discretion when it deems an appropriate number of enhancements or capabilities have been introduced to warrant the change.
Versioning
Package version numbers are comprised of four numeric identifiers: version, release, modification level, and maintenance level.
For example, for Universal Data Mover Gateway 1.5.0.0:
1 = Version 1
5 = Release 5
0 = Modification Level 0
0 = Maintenance Level 0
Packaging Methods
The Universal Data Mover Gateway 1.5.x packages are provided in formats appropriate for the target platforms.
See Administrator Guide for information on installing, upgrading, and applying maintenance to the Universal Data Mover Gateway.
Package Maintenance Levels
This section identifies the changes included in Universal Data Mover Gateway 1.4.x.
This table identifies the maintenance level of every component in each package.
Release | Release date | UDMG Server | UDMG Agent Proxy | UDMG Authentication Proxy | UDMG Admin UI | UDMG Web Transfer Client |
---|---|---|---|---|---|---|
1.5.0.0 | November 17, 2023 | 1.5.0.0 | 1.5.0.0 | 1.5.0.0 | 1.5.0.0 | 1.5.0.0 |
UDMG 1.5.0.0 - November 17, 2023
Change ID | Component | Description | ||||
---|---|---|---|---|---|---|
B-17739 | UDMG Admin UI, UDMG Server, UDMG Authentication Proxy, UDMG Client | Two-Factor Authentication UDMG user can be configured with the "Standard / Authenticator App (TOTP)" (local-otp) login method. The reset of the OTP registration can be reset with the 'user write' permissions from the CLI or the UDMG Admin UI. | ||||
#34810 | UDMG Server | Web services for the multi instance monitoring and load balancing.
| ||||
#34873 | UDMG Admin UI | UI: Management of user sessions The open sessions for the user of the UDMG Admin UI can be displayed and terminated from the user menu. | ||||
#34872 | UDMG Server | REST/CLI: Management of user sessions REST API: new
CLI: new 'session list' and 'session revoke' commands
| ||||
#34890 | UDMG Admin UI | UI: Management of the 'administration' user permission | ||||
#34112 | UDMG Client | CLI: Management of the 'administration' user permission.
| ||||
#34834 | Linux services | Changed the service description for alignment with Universal Agent ubroker service. Syslog messages are tagged with the service name. | ||||
#34247 | UDMG Server | Allow absolute paths in SFTP client requests. If the filename stub in the transfer request starts with a '/' it is considered an absolute path and will be used without prefixing with the transfer rule remote directory path. | ||||
#33062 | UDMG Authentication Proxy | Custom properties can be associated to a udmg service for use by the UDMG Admin UI. Refer to the installation guide for the configuration file syntax and the [settings] section. | ||||
#33063 | UDMG Admin UI | Support for environment customization with the service settings on the UDMG Authentication Proxy configuration.
| #34725 | UDMG Server |
Code Block |
---|
$ /opt/udmg/bin/udmg-server migrate -l -c /opt/udmg/etc/udmg-server/server.ini | tail -1
1.5.0
$ /opt/udmg/bin/udmg-server migrate -c /opt/udmg/etc/udmg-server/server.ini -v -v -v
2023/10/30 10:57:24 [INFO ] Migration: Starting upgrade migration...
...
2023/10/30 10:57:25 [INFO ] Migration: Applying migration 'Bump database version to 1.5.0' |
The server and rule are now looked up when computing the value of these special variables.
Providing an empty value for the '
rule update --pre='
, 'rule update --pre='
, or 'rule update --pre='
option would be treated as if the parameter was not given.}
DELETE /api/sb_session/{id}
delete a user session, forcing its expiration
requires Admin permission |
CLI: new 'session list' and 'session revoke' commands
Code Block |
---|
udmg-client [CONNECTION-OPTIONS] session <list | revoke>
Available commands:
list List current sessions
revoke Revoke user session session
udmg-client session list
Sessions:
● Session 196
User: admin
IP Address: 79.129.6.7
Completed: true
Creation Date: 2023-11-13T09:05:20.780075Z
Expiration Date: 2023-11-13T10:05:20.780072Z
Last Used Date: 2023-11-13T09:58:34.707537Z
● Session 204
User: admin
IP Address: 172.99.0.7
Completed: true
Creation Date: 2023-11-13T09:51:04.091549Z
Expiration Date: 2023-11-13T10:51:04.091546Z
Last Used Date: 2023-11-13T09:51:04.091551Z
udmg-client session revoke 204
The session 204 was successfully revoked. |
UDMG Admin UI
UI: Management of the 'administration' user permission
CLI: Management of the 'administration' user permission.
- Administration permissions are displayed on 'user list' or 'user get' commands
- read/write/delete can be assigned with the 'A' tag for administration permission on 'user add' and 'user update' commands
- 'superuser' shortcut is provided to create or convert a user to a superuser with all possible permissions, including the administration permissions
udmg-client user update bob -r 'superuser'
Improved useability of the Linux services:
- Service description is prefixed with "Stonebranch" for parity with Universal Agent ubroker service.
- Syslog messages are labeled with the service name (udmg-server, udmg-auth-proxy, ...) instead of 'sh'.
- Syslog messages are sent to 'local0' utility for easier filtering.
Allow absolute paths in SFTP client requests. If the filename stub in the transfer request starts with a '/' it is considered an absolute path and will be used without prefixing with the transfer rule remote directory path.
Refer to the installation guide for the configuration file syntax and the
[settings]
section.- "udmg.system_identifier": name of the system or the environment.
- "udmg.banner.background_color": color of the banner background, as HTML color name ("Brown"), RGB code ("rgb(165,42,42)"), or hexadecimal code ("#A52A2A").
- "udmg.banner.logo": Company logo, optional picture to display next to the system identifier.
Example of a production environment with a brown banner and a development environment with an orange banner:
Improved the useability of Business Service : they can be used for tagging objects and not only to enforce security permissions. A Business Service without any User Group can be attached to an object as a way a labeling it.
Permissions over the new business service are not required anymore when assigning an object to a business service thus allowing them to be used as tags (i.e. to group resources). The permissions required to assign an object to a business service are either: having the corresponding global permission (object write at user level) or having the corresponding business service permission (object write at user group level) in at least one of the object's business services.
REST API changes:
- Added new endpoints to add business server members:
PUT /api/sb_businessservices/{name}/local_agents/{object_name}
PUT /api/sb_businessservices/{name}/remote_agents/{object_name}
PUT /api/sb_businessservices/{name}/rules/{object_name}/{direction:send|receive}
PUT /api/sb_businessservices/{name}/sb_pgp/{object_name}
- Added new endpoints to delete business server members:
DELETE /api/sb_businessservices/{name}/local_agents/{object_name}
DELETE /api/sb_businessservices/{name}/remote_agents/{object_name}
DELETE /api/sb_businessservices/{name}/rules/{object_name}/{direction:send|receive}
DELETE /api/sb_businessservices/{name}/sb_pgp/{object_name}
- Added new endpoints to add user group members:
PUT /api/sb_usergroups/{name}/users/{user}
- Added new endpoints to delete user group members:
DELETE /api/sb_usergroups/{name}/users/{user}
- Added new endpoints to list business server members:
GET /api/sb_businessservices/{name}/servers
GET /api/sb_businessservices/{name}/partners
GET /api/sb_businessservices/{name}/rules
GET /api/sb_businessservices/{name}/sb_pgp
Easier upgrade procedure, the migrate command now uses the last version by default.
Code Block |
---|
$ /opt/udmg/bin/udmg-server migrate -l -c /opt/udmg/etc/udmg-server/server.ini | tail -1
1.5.0
$ /opt/udmg/bin/udmg-server migrate -c /opt/udmg/etc/udmg-server/server.ini -v -v -v
2023/10/30 10:57:24 [INFO ] Migration: Starting upgrade migration...
...
2023/10/30 10:57:25 [INFO ] Migration: Applying migration 'Bump database version to 1.5.0' |
Ability to globally disable each rule task type.
New udmg-server configuration parameter for each task type allows to disable its processing during any file transfer. For the following task types: COPY, COPYRENAME, MOVE, MOVERENAME, DELETE, RENAME, EXEC, EXECMOVE, EXECOUTPUT, TRANSFER, CHECKREGEX, PUBLISHEVENT, ICAP.
UDMG Server
The server and rule are now looked up when computing the value of these special variables.
Providing an empty value for the '
rule update --pre='
, 'rule update --pre='
, or 'rule update --pre='
option would be treated as if the parameter was not given.#34494,
#34102
upstream udmg_auth_proxy
udmg-client user password bob -o ws -p ws
#33842
#34130
New web service and CLI command for a user to fetch its own user profile with system permissions.
GET /api/user_profile
- the output is the same as GET /api/sb_users/{user} for the calling user
- no permission is required
udmg-client user profile
Fix for SFTP Partner (client transfer), in some cases the resume operation would not continue the transfer from the last point.
The behavior is now:
- if the remote server file size is same than the transfer progress : resume from that point
- if the remote server file size is different from the transfer progress : stop transfer with ERROR
- If the remote target file is not found : resume the transfer from 0 (send whole file again)