Enportal/5.6/release notes 5.6.0

Introduction

This page summarizes the new features, resolved issues, and known issues in enPortal version 5.6.0 released on August 4th, 2015.

What is enPortal

Edge enPortal is the industry's only secure, vendor-neutral network management integration platform. With pre-built Product Integration Modules (PIMs) for common third-party applications, enPortal is a Commercial Off The Shelf (COTS) solution that quickly integrates these network management tools and offers advanced capabilities including:

  • Integration of existing web-based tools and applications
  • Advanced Security including role/domain-based access via a secure proxy
  • Single Sign-On (SSO) and Sign-Off
  • Integration with external user authentication systems
  • Branding and Customization
  • Dashboard Views
  • Multi-tenancy
  • Scalability

New Features

  • Add support for breadcrumbs in default enPortal look and feel. (EN-195)
  • Add support for Kerberos authentication for Single Sign On (SSO). (EN-169)
  • Add support for HTTP DELETE method in CRS. This allows for better support with modern web applications using REST interfaces. (EN-211)
  • New default CRS rule to automatically handle proxied content that includes X-Frames-Options headers. (EN-220)
  • Inclusion of a new request processor to limit users to one active session. This processor is disabled by default. Please contact support for more information. (EN-193)
  • Improve Login Page admin page by providing a list of valid options and a preview window. (EN-217)
  • New example promotional login page edgeMarketing. (AB-970)
  • Additional logging of per-user accesses to enPortal Channels for usage statistics purposes. (AB-1002)
  • Introduced a short random authentication delay to reduce the risk of brute force password attacks. (EN-242)

Resolved Issues

  • Removed Apache Standard Taglib to address CVE-2015-0254. This library is not used by the product. (EN-196)
  • Fix sub-menu loading on slower links to prevent wrong menu contents being shown. (EN-184)
  • Fix CRS resetting enPortalComponentInfo and enPortal_sessionid cookies without appropriate HttpOnly or Secure flags. (EN-190)
  • Fix enPortal when refreshing/reloading page via browser so that the selected channel remains selected. (EN-195)
  • Removed un-necessary JSESSIONID cookie being set for the root content (Path = /). (EN-202)
  • Fix incorrect encoding of protocol-relative URLs. These URLs are now by default allowed to pass through without encoding. (EN-203)
  • Better handling of username case sensitivity with LDAP Domain Adapters. (AB-939)
  • Fix issue introduced in 5.5.1 with managing SSO tokens provisioned to Roles. (EN-221)
  • Fix concurrency exceptions on high-concurrency deployments. (EN-207)
  • Avoid client-side generated cookies being echoed back in enPortal responses via Set-Cookie. (EN-198)
  • Permit HTTP 3xx redirects to include URL fragments according to the HTTP specification. (EN-228)
  • Fix Session Manager failure when a role is deleted for an active user session using that role. (EN-205)
  • Fix handling of "\" characters in SSO passwords. (EN-142)

Known Issues

  • no known issues

Contact Information

For questions or assistance with this release of enPortal, please see the support page for contact information.