More details for SFTP session

• print SSH session ID in hexadecimal format in the log
• in case of handshake error: show the remote address: Failed to perform handshake: '%s' Address '%s'
• in case of handshake success, show the user, client version, and remote address: ID: '%X' Handshake connection User: '%s' Client Version: '%s' Address: '%s
• keep session id in transfer info with key: udmg_session_id

Cross-Origin Resource Sharing (CORS).

New 'domain' configuration parameter for Authentication Proxy to define the list of allowed and trusted domains to perform CORS requests

Cross-Origin Resource Sharing (CORS)

New 'domain' configuration parameter to define the list of allowed and trusted domains to perform CORS requests

CSRF Protection

New 'CSRF' flag parameter for Authentication Proxy to enable CRSF protection. A CSRF Token is exchanged between Authentication Proxy and Admin UI during the authentication handshake.

CSRF Protection

A CSRF Token is exchanged during the authentication handshake between the frontend and backend.

Mime Type Scanning

Scanning of transferred files to determine their mime-type and suggested file extension. The guessed type and extension are added as transfer metadata:

• udmg_file_computed_extension
• udmg_file_computed_mimetype

User Revocation of Certificate or Key

Certificate records (TLS certificate, SSH host key, or SSH public key) can be disabled on demand with 'revoke' and 'authorize' features.

Server and Partner extended info fields

Addition of custom fields for describing Servers and Partners. Standard fields are

• Description
• Contact 1 name, email, and phone
• Contact 2 name, email, and phone

Additional fields can be added from the interfaces as pairs of label - value according to user needs.

Log User Actions on Servers

Log and audit the actions on the local servers for traceability: enable, disable, start, stop, restart

Composite quick filters in Transfer Activity: Pending, Active, Blocked, Completed, Problem

Module Rebranding

The solution components are renamed to udmg-* for better useability:

• waarp-gateway → udmg-client
• waarp-gatewayd → udmg-server
• mft-auth-proxy → udmg-auth-proxy
• mft-agent-client → udmg-agent-client
• mft-agent-server → udmg-agent-server
• mft-web-upload → udmg-web-transfer

Version numbering for udmg-server and udmg-client is now aligned with the UDMG release and not with the legacy 3PP.

The default installation folders and environment variables are also updated.

UDMG Admin UI,
UDMG Authentication Proxy

LDAP Integration

Support for LDAP authentication of UDMG users with explicit binding.
The breaking glass "admins" parameter is removed and replaced with the ability to choose local authentication provider.

UDMG Admin UI,
UDMG Authentication Proxy

SSO Integration

Support for Single Sign-On authentication of UDMG users with the following Identity Providers:

• SAML 2.0
• Google
• OAuth2
• OpenID

UDMG Server,
UDMG Admin UI

Addition of internal object ID in the GET/LIST API response for below endpoints, for improved usability and easier troubleshooting.

• users
• sb_partners
• sb_partners/X/accounts
• sb_partners/X/certs
• sb_servers
• sb_servers/X/accounts
• sb_servers/X/certs
• sb_rules

API to update own password

New 'password' web service and CLI command to provide the ability for a UDMG user to change its own password without the system permission to update all users.

udmg-client user password -p [password] [username]

UDMG Server

Healthcheck API

'healthcheck' web service and CLI command to provide an easy monitoring of UDMG services.

One line response with overall system status:

• Operational: all services are Running or Offline (either disabled or stopped by a user).
• Degraded: at least 1 service is in the Error state.
• Transitional: at least 1 service is in Starting or ShuttingDown state.

Certificate Expiration Report API

New web service and CLI command to list the TLS certificates that have expired or will expire in the next X days.
udmg-client sb_cert expired --days=30

Requires the Administration Read permission.