New API Dashboard
A revamped API Management dashboard using REST APIs to communicate with API Management Server (AMS), to assist in configuring and maintaining AMS and API Gateway Servers (AGSs) and API projects. This dashboard which is built on Angular framework is more user-friendly and intuitive.
New features in this dashboard include:
- A landing page which shows overall statistics for the AMS server.
- Support for creating and exporting API projects using Open API specification.
- View policy execution order for resources in API projects.
- Support to define request body for POST and PUT operations in resources of API projects.
- Support to attach files to an API project.
- Support to export and import policies from and to the policy repository respectively.
- Support to export and import product or client data in the Applications section.
- Developer Portal can be customized to show PSD2-specific APIs.
- Open API:
- Option to create API Project from Open API specification.
- Option to export Open API documentation of the API project.
- JWT: API policies to generate, verify and validate JSON Web Tokens.
- JWS: API policies to generate and verify JSON Web Signature.
- JWS and JWT: Support for ES256 algorithm to generate and validate JWS and JWT tokens.
- Support for 'scope' attribute in OAuth.
- Option to configure re-direct URL in client subscription which will be used during OAuth code generation.
- Option to generate OAuth Access Token with custom attributes.
- Option to configure time periods in quota policy to allow or reject requests for a specified period of the day.
- Option to set CPU affinity when servers are run as service. This will be helpful if the license is generated with less cores than the actual number of cores in the system.
- Option to integrate with Web Application Firewall (WAF) which filters, monitors, and blocks HTTP traffic to and from API proxies.
- Developer Portal can connect to a backup API Management Server (AMS) when connection to a primary AMS fails thereby eliminating single point of failure.
- SMTP server and authentication configuration feature to send e-mails from the Developer Portal to its users while signing up or during other communications.
- Support for multiple apikeys to enable login to AMS from multiple systems by the same user simultaneously.
- Configurable alerts for specific log statements to notify users about errors occurred during runtime.
- Integrated Nodejs service in API Gateway Server (AGS) to execute customized scripts or expose custom APIs which can be triggered during runtime.
- Storing memory and CPU usage history to monitor server health.
- Unified profiles to run both AMS and AGS modules in a single server. This will be helpful to create docker images and deploy them in containers.
- Option to configure expiry time for Consumer Keys.
- Monetization support for API Projects. This feature helps in monetizing the APIs so that revenue can be generated for the use of APIs. Admin can define rate plans for products from which developers can subscribe a suitable rate plan.
- Option to add documents to an API project which can be used to store Help or Design documents.
- Option to track geographical location of the client based on the IP address in the request, which will be helpful to track specific requests for security purposes or to get the most active regions for a particular Server Group.
- DynamoDB 4.0: Used to perform CRUD operations on Amazon DynamoDB. This microservice supports XML input and JSON response.
- KafkaConnector 4.0: Used to produce and consume large volume of data from the Kafka server. It allows clients to produce data either synchronously or asynchronously.
- AS4Connector: Allows to send and receive payloads via AS4 messaging protocol. It allows exchanging any type of payload (e.g., XML, JSON, Binary) as SOAP attachments or SOAP body payloads.
- WebSocket: Allows two-way (full duplex) communication and transfer of messages until the connection is terminated between web servers and clients.
- SMPPSend: SMPPSend microservice is used to send SMS to cell phones using SMPP (Short Messsage Peer to Peer) protocol. The microservice communicates with the Short Message Service Centre (SMSC) of the network provider.
Features in Microservices
- FTP: Added an option to disable host key verification in case of SFTP.
- Timer: Option to manually trigger a message on right-clicking a microservice.
- File Poller: Provided a property ‘Persistent’ to withstand Peer server crash and HA failure.
- Users can set properties (JMS Headers) in the input message and view them in the output message while testing using the Test panel.
- DB: Added support to insert all records that result from parent query during post processing action in the DB microservice.
- SocketAdapter: Provided a feature to limit the number of active sessions connecting to the server.
- Aggregator: Added an option ‘Flush old messages’ which helps to discard ungrouped messages which are older than the given Cache Timout value.
- XMLSplitter: Added a CPS attribute ‘Remove WFInstanceID property’ to remove ESBX__SYSTEM__WORK_FLOW_INST_ID and ESBX__SYSTEM__WORKFLOW_STATUS so that it automatically adds this property with a new value on the next workflowItem config encounter.
- RestConsumer: Added Connection Error Handling panel.
- WebServiceConsumer 5.0: Different security features such as Username Token, Digital Signature, Encryption, SAML, and Timestamp are added to securely send and receive SOAP messages.
- WebServiceConsumer 5.0: Added various security features such as Username Token, Digital Signature, Encryption, SAML, and Timestamp to send and receive SOAP messages securely.
- Added sample demo flows for SOAP Service and REST Service.
- Asynchronous Sending feature at the microservice level by which messages are sent to the output port asynchronously without having to wait for an acknowledgment. This will help in performance improvement of the microservice as messages are received at a faster rate.
- Option to set CPU-affinity when servers are run as service. This will be helpful if the license is generated with less cores than the actual number of cores in the system.
- Support for multiple apikeys to enable login to the ESB server from multiple systems by the same user simultaneously.
- Authorization support for breakpoint addition as well as breakpoint removal operations.
- Logging component PIDs in peer output log for easier debugging.
- Configurable alerts for specific log statements to notify users about errors occurred during runtime.
- Integrated Nodejs service in the peer server to execute customized scripts or expose custom APIs which can be triggered during runtime.
- Storing memory and CPU usage history to monitor server health.
- Unified profiles to run both FES and FPS modules in a single server. This will be helpful to create docker images and deploy them in containers.
- Option to fetch query from the Document Tracking Search window based on search parameters provided.
- Auto-update application documents count in Document Tracking page.
- Option to delete event processes from the dashboard.
- Fiorano Orchestration: Option to create shortcut of a service instance in an event process to improve visualization of service instances and routes in the Orchestrator editor.
- Fiorano Tools perspective: An editor to create EDI schemas for using in EDI to XML transformations.
- Offline perspective: Added an option 'View Referring Applications' for microservices context menu in event processes to check if they are referred as remote service instances in other event processes.
- An option 'BeautifyXML' is added in the CPS Test interface to format the output XML.
- Queue Manager can now be accessed on a per event process basis as well.
- Option to log messages to a file.
- Option to provide log level for console and file logging.
- Global funclets referred in transformations in an event process can be exported along with the event process.
- Option to add notes next to service instances and routes in Orchestrator editor.
- A new funclet to store and fetch an incremental number in a JMS queue.
- Option to use encrypted password in the db.properties file used with DB lookup funclets.
- For REST API authentication and authorization, api_key must be sent as the Header parameter in place of Query parameter so that the API key is not exposed.
- Now a client can generate multiple OAuth Access Tokens.
- Error will be thrown if quota identifier is not present in the context variable.
- DB: Support for monitoring Informix DB.
- FileWriter: Support to append line separator.
- Cache: Support to check the number of stored messages.
- JSONConverter: Enhanced to support BigInteger and Long data type in XML.
- FTP: Support for multiple File Name patterns.
- Timer 5.0: Support to retain the configuration from Timer 4.0.
- HL7Sender and HL7Receiver: Added support for SSL security.
- To optimize the performance and improve CRC (Check Resource and Connectivity), only those microservices which are modified will be fetched from the FES by the FPS server. Unmodified microservices will be fetched from the local repository folder of the peer server.
- For REST API authentication and authorization, api_key must be sent as the header parameter in place of Query parameter so that the API key is not exposed.
- Exception will be thrown during CRC if there are any special characters other than “_” or space in the port names.
- The default Jetty log file is reduced to avoid disk space issues.
- Log4j logger is used for logging Jetty logs.
- Directory listing is disabled in all web servers to mitigate security threats.
- Default configuration values for G1GC algorithm are changed for efficient garbage collection.
- The default Memory Threshold value is changed from 0.8 to 0.9 and the default Maximum Client Connections value is changed from 1024 to 2048.
- Admin user can now delete other groups and users even if they are assigned with certain permissions.
- 'Cancel' button is replaced with 'Reset' button in the Certificate Management tab.
- Not allowing space in password.
- Component grouping can be done only at the event process level. Components in different event processes cannot share a group process ID.
- Fetching of micro-services and event processes from Enterprise Server to local repository during login has been optimized. Previously, the local repository was wiped clean when it is logged out from the server. Now, it will be intact on logout and on re-login; only those micro-services and event processes which are modified later than those in the local repository will be fetched. This reduces re-login duration and saves bandwidth.
- The option to view analytics data by grouping various parameters missing in the Advanced section under Analytics.
- The value of Quota Identifier not getting saved correctly in the Quota policy configuration in an API project.
- Reduced memory consumption of microservices which are processing large messages. Microservices like FileReader, FileWriter, Sleep etc., which handles plain text content will become more efficient.
- WSStub: Wsdl file not getting deleted from the peer repository after shutting down the peer server.
- FTP component: Fixed issues in processing subsequent messages without blocking when the local directory is mounted but the mount location is not available.
- SalesForce: Fixed issues to save newly added properties in the 'Call Properties' interface.
- SAPR3: Fixed issues arising while executing BAPI with names bearing “/” in them.
- SocketAdapter: When the decoding type is set to “ISO” and the bytes or text sent is more than the ISO length, the bytes or text sent was getting forwarded to the output port. Now the bytes or text sent to the output port is restricted to the ISO length specified in the ISO message.
- T24Inbound: Fixed issue to return all those events which are polled.
- All JMS message functions fail during route and application context transformations.
- Exceptions on simultaneously stopping an event process and deleting any microservice in the event process or the whole event process itself.
- Microservices not getting launched in Group Process when servers are started as service in the Windows operating system.
- “REMOTE_APP_HANDLE_NULL” exception gets logged if an event process with remote service instance is monitored using the monitoring tool.
- Exceptions while clearing the application context from a running event process.
- Serialization error while fetching SBW document details using REST API.
- The ‘Persistent’ property, when set to “false”, switches to “true” when a breakpoint is used.
- All remote instances shown when 'View Referring Applications' is selected for a microservice.
- NPE thrown in peer error logs when low memory policy is applied for non-running microservices.
- Document re-injection not working while selecting a filtered document from the 'Set SBW Document Filters' window.
- UI issues while configuring periodic alerts.
- Patch installation failing in Windows OS if framework jars are included in the patch.
- New temp files getting created for every peer restart.
- Password shown in plaintext when a user enters it in the server console during Jetty module startup.
- Appropriate error not thrown when the provided EP name is not present in the repository.
- Exception thrown while trying to remove the breakpoint from the route that is connected to a remote instance.
- A new log file getting created every time Monitoring Utility is started.
- Gateway alert e-mails not being received for HA peer servers.
- Environment Analytics Migration script failing.
- Component logs not getting deleted when an event process is deleted.
- Wrong exception thrown in FES error logs while flushing messages using REST or JMS APIs.
- “UTFDataFormatException” thrown while viewing stored messages in the Join microservice.
- Unable to select the application name in the 'Purge Completed Docs' window.
- Drop-down options to select 'Resource' and 'Method' not shown while testing RESTful services.
- “IllegalArgument” error thrown when ‘To’ date is greater than the current date while searching for SBW documents.
- Service Instance name shown null when the backlog policy is configured for multiple microservices.
- “NullPointerException” on validating the route name while working with an Orchestrator editor.
- A running event process not getting synchronized when a route between microservices present in that event process is deleted.
Known Issues and Limitations
- If multiple eStudio clients are connected to the same Enterprise Server and working on the same Event Process, the changes made by one client will not be reflected to the other clients.
- There is a race condition which under rare circumstances leads to corruption of the Peer Server's PUBSUB database on multiple start/stop events of an Event Process accompanied by multiple failovers of a Shared HA Peer Server. The Peer Server refuses to start after this point. For exact sequence of steps that may lead to this issue, please refer to KB#3273 on the Fiorano Support Portal following the URL http://support.fiorano.com/
- Workaround: Clear Peer Server's PUBSUB database manually. The PUBSUB database is present under: $FIORANO_HOME/runtimedata/PeerServers/<PeerProfileName>/FPS/run/PUBSUB.
- While logging on to eStudio (server on Windows 2012), if the user is not logged in as admin, he/she could get exceptions while connecting to eStudio.The reason is that by default the NTFS file system does not provide necessary Write permissions to a Guest User. And if the default temp file location that java uses falls outside the permissible territory, it results in the aforementioned exceptions.
- Resolution: The 'java.io.tmpdir' property should be set to some location within permissible limits (in server.conf/fes.conf) or the user should be given explicit Write permissions.
- A Peer Server run as an NT Service under a Domain User account in Windows fails to deploy more microservices after about 75 microservices have already been deployed.
- JMSIn/JMSOut/JMSRequestor microservices running on a Linux machine cannot connect to a Weblogic server running on a remote Linux machine using the T3 (default) protocol; the HTTP protocol should be used instead.
- SBW search does not work properly with the MSSQL database when an Event Process name has Japanese characters.
- SimpleHttp Microservice fails when the length of IP and subnet are different in the system property "http.nonProxyHosts".
- Layouts will not be completely preserved when an Event Process is opened in eStudio and nStudio.
- Customization of Error Logs and Problems View to show only eStudio-related logs is not supported.
- Event Processes created prior to SOA 2007 SP4 cannot be imported.
- Option to import an extension is not present.
- Validation of Types is not present while compiling funclets.
- EDI and CSV formats are not supported.
- Feature not supported—Cannot use overloaded java functions for scripts imported from a TMF file.
- Applications created prior to SOA 2007 SP3 using WS Stub and Http Stub microservices are not compatible with the latest versions.
- Work around: After importing, reconfigure WS Stub and Http Stub instances.