Page Comparison

Panel

Table of Contents

maxLevel	2

...

Change ID Component Description

B-17739

UDMG Admin UI, UDMG Server, UDMG Authentication Proxy, , UDMG Client

Two-Factor Authentication

UDMG user can be configured with the "Standard / Authenticator App (TOTP)" (local-otp) login method.
When enabled, the login requires a TOTP code from an authenticator mobile application. The registration with a generated QR code or secret is performed on first login or after the registration has been reset.

The reset of the OTP registration can be reset with the 'user write' permissions from the CLI or the UDMG Admin UI.

#34810

UDMG Server

Web services for the multi instance monitoring and load balancing.

Existing /api/sb_healthcheck is enhanced with additional information: node details and node status. Requires authentication but no specific permissions.
Example of output for a passive instance:
{
    "status": "operational",
    "nodeId": "gateway_1:8080-mft-gw-0",
    "nodeHostname": "gateway_1",
    "nodeIPAddress": "172.99.0.101",
    "nodePort": "8080",
    "nodeStatus": "PASSIVE",
    "nodeUptime": "15h6m4.810854748s",
    "nodeLastUpdate": "2023-11-14T08:07:54.848374Z",
    "nodeLastActiveDate": "2023-11-13T16:57:57.026091Z"
}
New /ping endpoint returns the instance status with a 400 Bad Request HTTP code when the node is not active and the plain text status: 'ACTIVE', 'PASSIVE', or 'OFFLINE'. This API is provided without authentication for load balancers.
New /api/sb_mgmt_nodes endpoint return the list of the instances with their details and status. Requires the 'administration read' permissions.

#34873

UDMG Admin UI

UI: Management of user sessions

The open sessions for the user of the UDMG Admin UI can be displayed and terminated from the user menu.
Requires the 'administration write' permissions.

Image Added

#34872

UDMG Client

REST/CLI: Management of user sessions

REST API: new /api/sb_session endpoint with GET and DELETE

Code Block

GET /api/sb_session
list all the user sessions
requires Admin permission
{
    "sessions": [
        {
            "sessionId": 116,
            "userId": 8,
            "username": "oli",
            "ipAddr": "185.70.76.140",
            "completed": true,
            "creationDate": "2023-11-09T12:38:07.718294Z",
            "expirationDate": "2023-11-09T13:38:07.718291Z",
            "lastUsedDate": "2023-11-09T12:41:20.852212Z" 
        },
        {
            "sessionId": 117,
            "userId": 1,
            "username": "admin",
            "ipAddr": "185.70.76.140",
            "completed": true,
            "creationDate": "2023-11-09T12:38:17.470503Z",
            "expirationDate": "2023-11-09T13:38:17.470492Z",
            "lastUsedDate": "2023-11-09T12:41:26.508968Z" 
        }
    ]
}
DELETE /api/sb_session/{id}
delete a user session, forcing its expiration
requires Admin permission

CLI: new 'session list' and 'session revoke' commands

Code Block

udmg-client [CONNECTION-OPTIONS] session <list | revoke>

Available commands:
  list    List current sessions
  revoke  Revoke user session session
  
udmg-client session list
Sessions:
● Session 196
    User:            admin
    IP Address:      79.129.6.7
    Completed:       true
    Creation Date:   2023-11-13T09:05:20.780075Z
    Expiration Date: 2023-11-13T10:05:20.780072Z
    Last Used Date:  2023-11-13T09:58:34.707537Z
● Session 204
    User:            admin
    IP Address:      172.99.0.7
    Completed:       true
    Creation Date:   2023-11-13T09:51:04.091549Z
    Expiration Date: 2023-11-13T10:51:04.091546Z
    Last Used Date:  2023-11-13T09:51:04.091551Z

udmg-client session revoke 204
The session 204 was successfully revoked.

#34890

UDMG Admin UI

UI: Management of the 'administration' user permission

Image Added

#34112

UDMG Client

CLI: Management of the 'administration' user permission.

Administration permissions are displayed on 'user list' or 'user get' commands
read/write/delete can be assigned with the 'A' tag for administration permission on 'user add' and 'user update' commands
'superuser' shortcut is provided to create or convert a user to a superuser with all possible permissions, including the administration permissions
```
udmg-client user update bob -r 'superuser' 
```

#34834 Linux services Changed the service description for alignment with Universal Agent ubroker service. Syslog messages are tagged with the service name.

#34247

UDMG Server

Allow absolute paths in SFTP client requests. If the filename stub in the transfer request starts with a '/' it is considered an absolute path and will be used without prefixing with the transfer rule remote directory path.

#33062 UDMG Authentication Proxy Custom properties can be associated to a udmg service for use by the UDMG Admin UI.
Refer to the installation guide for the configuration file syntax and the [settings] section.

#33063

UDMG Admin UI

Support for environment customization with the service settings on the UDMG Authentication Proxy configuration.

"udmg.system_identifier": name of the system or environment
"udmg.banner.background_color": color of the banner background, as HTML color name ("Brown"), RGB code ("rgb(165,42,42)"), or hexadecimal code ("#A52A2A")
"udmg.banner.logo": Company logo, optional picture to display next to the system identifier

Image Added

#34725

UDMG Server

Easier upgrade procedure, the migrate command now uses the last version by default.

Code Block

$ /opt/udmg/bin/udmg-server migrate -l -c /opt/udmg/etc/udmg-server/server.ini | tail -1
1.5.0
$ /opt/udmg/bin/udmg-server migrate -c /opt/udmg/etc/udmg-server/server.ini -v -v -v
2023/10/30 10:57:24 [INFO    ] Migration: Starting upgrade migration...
...
2023/10/30 10:57:25 [INFO    ] Migration: Applying migration 'Bump database version to 1.5.0'

#33930 UDMG Admin UI References to "Certificate" are changed to "Certificate / Key" depending on the context.

#34250 UDMG Server Fix the expansion of the #INPATH#, #OUTPATH#, and #WORKPATH# task variables. They used to only take into account the default in/out/work paths defined at the gateway-level (in the config file). Therefore, the server and rule-level paths are completely ignored.
The server and rule are now looked up when computing the value of these special variables.

#34246 UDMG Server, UDMG Client Fix a panic error on udmg-client when showing a transfer rule with more than 3 tasks in a task chain. The client would crash when trying to display the rule on a list or a get command.

#34255 UDMG Server, UDMG Client Fix the inability to empty a transfer rule task chain from the CLI.
Providing an empty value for the 'rule update --pre=', 'rule update --pre=', or 'rule update --pre=' option would be treated as if the parameter was not given.

#34254 UDMG Server Fix the COPY and RENAME rule tasks. Copying a file to itself would truncate it.

D-11401 (#34118) UDMG Admin UI Fix the filtering on the lists. Any partial string of "undefined", like "e" would invalidate the filtering and return all rows.

#34209 Linux packages Fix the package naming convention to use '.build' instead of '+build' as '+' is not valid for the Stonebranch Software Downloads platform.

#34884 UDMG Server Fix the export of users to includes the 'administration' and 'pgp' permissions.

#32139 UDMG Server Fix the export and import of User Groups to rely on the Business Service name instead of UUID

Versions Compared

Old Version 3

New Version 4

Key