This document covers the following topics:
The following new Natural profile parameter is provided in this version:
| Profile Parameter | Description |
|---|---|
PROFILER |
Can be used to profile a Natural session. The profiling data is written to a resource file you can analyze with the Natural Profiler in NaturalONE. |
The utility SYSEXT provides the following
new application programming interface (API):
| API | Description |
|---|---|
USR8217 |
Can be used to search in the Natural search path the execution library for a given object. If the object name is not filled, the name of the calling program is used. |
The HEADER/VALUE option of the RETURN clause
now also supports arrays in addition to scalar values. Arrays are required if
more than one occurrence of the same header is returned by the HTTP server.
For more information, see the
header-value-in operand of the
return-clause
described in the Statements documentation.
The SSL connection between the Natural Web I/O server and the Natural Web I/O client(s) or Natural for Ajax is now Poodle-safe. The Poodle ("Padding Oracle On Downgraded Legacy Encryption") vulnerability can be exploited by possible attackers to break the cryptographic security of SSL Version 3.
To counter this, the clients and server no longer allow to be forced back to SSL Version 3. Only TLS Version 1.0 and upwards is possible.
Further information can be found in the Software AG Security Advisory on Poodle in Empower.
This version of Natural supports lowercase characters in database short names for DDM fields generated from an Adabas file. For detailed information, see Using the DDM Editor in the Editors documentation and the ADAFDU utility in the Adabas Utilities documentation.
The maximum size and the number of directory entries in the Natural buffer pool has been increased. For further details please see Buffer Pool Assignments under Local Configuration File in the Configuration Utility documentation.
The Natural Web I/O Interface client is now delivered in the Version 1.3.17.
The following enhancements are provided with Natural Security Version 8.3.6.
Note:
The sections indicated for more information are contained in the
Natural Security
documentation, unless otherwise
noted.
Whenever you modify a security profile, Natural Security automatically adjusts related security profiles to ensure the consistency of all Natural Security definitions. For example, if you modify a group profile to remove a user from the group, Natural Security will automatically modify the user profile to remove that group from the list of the user’s Privileged Groups, if necessary.
As of this version, the general option Logging of Maintenance Functions will not only log the profile modifications themselves but also the automatic adjustments of related profiles.
With previous versions, all Natural Security data were stored on a single FSEC system file.
As of this version, you can store the following data on separate system files:
logon records,
logon/countersign error records,
maintenance log records.
These system files can be specified with the new general option Store Logon and Error Data on Separate System Files.
All other definitions of Natural Security settings, object definitions and object relations will still be stored on the main FSEC system file.
The function Definition of System Libraries now also supports Entire Operations and Entire Output Management; that is, you can use this function to create library security profiles for the system libraries of these products.
The application programing interface NSCADM has been enhanced and now allows you to list unlocked user IDs and unlock individual user IDs.
For details, see the example program PGMADM06 and text
member TXTADM06 in the library SYSSEC.
The new application programming interface NSCSSX is available to check the validity of a password in an LDAP user authentication context.
The application programing interface NSCXR has been enhanced:
It allows you to obtain a list of all users with all libraries to which they are linked directly.
It allows you to obtain the Time Differential and Time Zone values of a specific user security profile.
For details, see the example programs PGMXR019 and
PGMXR020 and text members TXTXR019 and
TXTXR020 in the library SYSSEC.
EntireX Encryption will be deprecated with the next version of EntireX.
For encrypted transport, Software AG strongly recommends that you use the Secure Sockets Layer/Transport Layer Security protocol. The relevant sections in the Natural RPC documentation have been updated accordingly.
Applications that execute with EntireX Encryption are still supported for compatibility reasons.
For more information, see SSL/TLS and Certificates with EntireX in the EntireX documentation.