Enportal/5.5/release notes 5.5.2
Introduction
enPortal version 5.5.2 is a production released on March 9th, 2015. This page summarizes the New Features, Resolved Issues, and Known Issues for this release.
What is enPortal
Edge enPortal is the industry's only secure, vendor-neutral network management integration platform. With pre-built Product Integration Modules (PIMs) for common third-party applications, enPortal is a Commercial Off The Shelf (COTS) solution that quickly integrates these network management tools and offers advanced capabilities including:
- Integration of existing web-based tools and applications
- Advanced Security including role/domain-based access via a secure proxy
- Single Sign-On (SSO) and Sign-Off
- Integration with external user authentication systems
- Branding and Customization
- Dashboard Views
- Multi-tenancy
- Scalability
Supported Platform Changes
enPortal 5.5.2 introduces the following changes to the supported platforms:
- None
New Features
This section describes the enhancements to enPortal that are included in version 5.5.2.
- Upgraded the Apache/Tomcat web server component to version 7.0.59 for the latest security updates. (AB-980)
- Added support for AES-256 level encryption of passwords, in addition to the previously supported AES-128. For more information, see Product Security. (EN-167)
- Upgraded one-way hashing algorithm for encrypting passwords from SHA-1 to SHA-2 (block size SHA-256). For more information, see Product Security. (EN-168)
- Improved results of security scans by changing the JSESSIONID cookie whenever a session is created or terminated. (EN-173)
- Increased the length of the enPortal_sessionid cookie from 16 hex chars (64 bits) to 64 hex chars (256 bits) to exceed the current security recommendation. (EN-174)
Resolved Issues
This section describes the resolved issues that are included in enPortal version 5.5.2.
- Fixed an issue where The {webapp.home}/custom/ directory was being excluded from archives in the default configuration. For more information on customizing archives, see Backup and Recovery. (AB-802)
- Fixed an issue where the post_install script on a Solaris O/S would fail in some cases. (AB-927)
- Fixed an issue where some cookies were not being sent by the cookie manager because the maxAge value in seconds was being treated as milliseconds. (EN-177)
- Improved handling of rules in portal.css to better handle @ CSS rules, which were causing silent exceptions. Any portal.css files that include @ CSS rules (for example, @font-face) should be validated to confirm that they are working correctly. (EN-171)
- Fixed the portal keycreate command to properly handle the encrypting of all system passwords when the system administrator makes a manual key change. For more information on this command, see the Portal Commands documentation. (EN-175)
- Updated a library in httpclient 4.2.6 to address a vulnerability reported in CVE-2014-3577. (EN-187)
- Fixed an issue where an application using a redirect with a "logout=true" request parameter could cause enPortal to interpret the command and terminate the enPortal session. (EN-170)
Known Issues
This section describes the new known issues in enPortal version 5.5.2.
- There are no major new known issues in this release.
Contact Information
For questions or assistance with this release of enPortal, please see the support page for contact information.