December 2020
For more details of the December 2020 release, see the blog post.
UXP Core 1.14.0
Service providers can now add access rights to REST APIs on a more granular level. See UXPUG-SS Section “Dividing a REST API into Endpoints”.
Security server supports defining specific endpoints for REST APIs, including dynamic endpoints like /posts/{id}.
Service administrators can control access rights on an API endpoint level.
Service administrators can control which HTTP operations (GET, DELETE, etc.) can each service client perform on an endpoint.
Service providers can add HTTP headers for both REST and SOAP services. Headers can be used to configure authentication between the security server and the API.
Security servers do not accept REST requests that include client and service identifiers in URL. The identifiers must be placed in HTTP headers. For the accepted format, see UXP-UG-SS Section “REST Request Format”.
Security servers now have a status info service that can be used by third-party load balancers to choose a healthy target security server in a cluster setup.
Security server can be configured to use its status information to decide whether to accept incoming requests (by default disabled). If enabled, a security server with status DOWN stops responding to HTTP(S) requests so other servers in the cluster with status UP can serve the request. This improves the reliability of a security server cluster.
To help security server administrators with keeping all security servers in a cluster synchronized, we have added functionality to export relevant client and service information in a file. Configuration files can be imported to other security servers.
New user guide Security Server: Configuring High Availability and Load Balancing. See UXPUG-SSHA.
Registry server has now a new global group for all subsystems found in the global configuration. This subsystem can be used to make services available to all instance members.
UXP metainfo services that can be used to discover service providers and their services are now available over REST requests. See UXP-PR-META.
Added scripts that help UXP server administrators gather relevant information about current state of a server.
Security servers and registry servers are now incompatible with UXP Monitoring server versions 1.x. Security servers will not forward monitoring information to old monitoring server.
UXP 1.14 is incompatible with UXP Directory version 2.2 and below. Before upgrading the registry and security servers, UXP Directory must be upgraded to version 2.3 or above.
Performance improvements on high message load.
UI layout was changed in security server client dialog.
Upgraded versions of third-party libraries and components to ensure security of the system.
Multiple minor fixes and improvements.