This document covers the following topics:
The following new Natural profile parameter is provided in this version:
Profile Parameter | Description |
---|---|
PROFILER |
Can be used to profile a Natural session. The profiling data is written to a resource file you can analyze with the Natural Profiler in NaturalONE. |
The utility SYSEXT
provides the following
new application programming interface (API):
API | Description |
---|---|
USR8217 |
Can be used to search in the Natural search path the execution library for a given object. If the object name is not filled, the name of the calling program is used. |
This version of Natural supports the usage of the DMExpress Syncsort library. To use this library, you have to link it to your Natural nucleus as described in Re-Linking a Natural Nucleus in the Installation documentation.
Once linked to your Natural nucleus, you can use Syncsort options
when issuing a SORT
statement. Refer to
Using External Sort
Programs in the section
SORT
in the
Statements documentation for further details.
The HEADER/VALUE
option of the RETURN
clause now also supports arrays in addition to scalar values. Arrays are
required if more than one occurrence of the same header is returned by the HTTP
server.
For more information, see the
header-value-in
operand of the
return-clause
described in the Statements documentation.
The SSL connection between the Natural Web I/O server and the Natural Web I/O client(s) or Natural for Ajax is now Poodle-safe. The Poodle ("Padding Oracle On Downgraded Legacy Encryption") vulnerability can be exploited by possible attackers to break the cryptographic security of SSL Version 3.
To counter this, the clients and server no longer allow to be forced back to SSL Version 3. Only TLS Version 1.0 and upwards is possible.
Further information can be found in the Software AG Security Advisory on Poodle in Empower.
This version of Natural supports lowercase characters in database short names for DDM fields generated from an Adabas file. For detailed information, see Using the DDM Editor in the Editors documentation and the ADAFDU utility in the Adabas Utilities documentation.
The Natural Web I/O Interface client is now delivered in the Version 1.3.17.
The following enhancements are provided with Natural Security Version 8.3.6.
Note:
The sections indicated for more information are contained in the
Natural Security
documentation, unless otherwise
noted.
Whenever you modify a security profile, Natural Security automatically adjusts related security profiles to ensure the consistency of all Natural Security definitions. For example, if you modify a group profile to remove a user from the group, Natural Security will automatically modify the user profile to remove that group from the list of the user’s Privileged Groups, if necessary.
As of this version, the general option Logging of Maintenance Functions will not only log the profile modifications themselves but also the automatic adjustments of related profiles.
With previous versions, all Natural Security data were stored on a single FSEC system file.
As of this version, you can store the following data on separate system files:
logon records,
logon/countersign error records,
maintenance log records.
These system files can be specified with the new general option Store Logon and Error Data on Separate System Files.
All other definitions of Natural Security settings, object definitions and object relations will still be stored on the main FSEC system file.
The function Definition of System Libraries now also supports Entire Operations and Entire Output Management; that is, you can use this function to create library security profiles for the system libraries of these products.
The application programing interface NSCADM has been enhanced and now allows you to list unlocked user IDs and unlock individual user IDs.
For details, see the example program PGMADM06
and
text member TXTADM06
in the library SYSSEC.
The new application programming interface NSCSSX is available to check the validity of a password in an LDAP user authentication context.
The application programing interface NSCXR has been enhanced:
It allows you to obtain a list of all users with all libraries to which they are linked directly.
It allows you to obtain the Time Differential and Time Zone values of a specific user security profile.
For details, see the example programs PGMXR019
and
PGMXR020
and text members TXTXR019
and
TXTXR020
in the library SYSSEC.
EntireX Encryption will be deprecated with the next version of EntireX.
For encrypted transport, Software AG strongly recommends that you use the Secure Sockets Layer/Transport Layer Security protocol. The relevant sections in the Natural RPC documentation have been updated accordingly.
Applications that execute with EntireX Encryption are still supported for compatibility reasons.
For more information, see SSL/TLS and Certificates with EntireX in the EntireX documentation.