Release Information for Natural Version 8.3.6

This document covers the following topics:


New Features

Parameters

The following new Natural profile parameter is provided in this version:

Profile Parameter Description
PROFILER Can be used to profile a Natural session. The profiling data is written to a resource file you can analyze with the Natural Profiler in NaturalONE.

Application Programming Interfaces

The utility SYSEXT provides the following new application programming interface (API):

API Description
USR8217 Can be used to search in the Natural search path the execution library for a given object. If the object name is not filled, the name of the calling program is used.

Changes and Enhancements

REQUEST DOCUMENT Statement

The HEADER/VALUE option of the RETURN clause now also supports arrays in addition to scalar values. Arrays are required if more than one occurrence of the same header is returned by the HTTP server.

For more information, see the header-value-in operand of the return-clause described in the Statements documentation.

Poodle Safe SSL Connections

The SSL connection between the Natural Web I/O server and the Natural Web I/O client(s) or Natural for Ajax is now Poodle-safe. The Poodle ("Padding Oracle On Downgraded Legacy Encryption") vulnerability can be exploited by possible attackers to break the cryptographic security of SSL Version 3.

To counter this, the clients and server no longer allow to be forced back to SSL Version 3. Only TLS Version 1.0 and upwards is possible.

Further information can be found in the Software AG Security Advisory on Poodle in Empower.

Support of Adabas Short Names

This version of Natural supports lowercase characters in database short names for DDM fields generated from an Adabas file. For detailed information, see Using the DDM Editor in the Editors documentation and the ADAFDU utility in the Adabas Utilities documentation.

Increased Limits for Natural Buffer Pool

The maximum size and the number of directory entries in the Natural buffer pool has been increased. For further details please see Buffer Pool Assignments under Local Configuration File in the Configuration Utility documentation.

Natural Web I/O Interface Client

The Natural Web I/O Interface client is now delivered in the Version 1.3.17.

Natural Security

The following enhancements are provided with Natural Security Version 8.3.6.

Note:
The sections indicated for more information are contained in the Natural Security documentation, unless otherwise noted.

Administrator Services

Logging of Maintenance Functions

Whenever you modify a security profile, Natural Security automatically adjusts related security profiles to ensure the consistency of all Natural Security definitions. For example, if you modify a group profile to remove a user from the group, Natural Security will automatically modify the user profile to remove that group from the list of the user’s Privileged Groups, if necessary.

As of this version, the general option Logging of Maintenance Functions will not only log the profile modifications themselves but also the automatic adjustments of related profiles.

Store Logon and Error Data on Separate System Files

With previous versions, all Natural Security data were stored on a single FSEC system file.

As of this version, you can store the following data on separate system files:

  • logon records,

  • logon/countersign error records,

  • maintenance log records.

These system files can be specified with the new general option Store Logon and Error Data on Separate System Files.

All other definitions of Natural Security settings, object definitions and object relations will still be stored on the main FSEC system file.

Definition of System Libraries

The function Definition of System Libraries now also supports Entire Operations and Entire Output Management; that is, you can use this function to create library security profiles for the system libraries of these products.

Application Programming Interfaces

NSCADM

The application programing interface NSCADM has been enhanced and now allows you to list unlocked user IDs and unlock individual user IDs.

For details, see the example program PGMADM06 and text member TXTADM06 in the library SYSSEC.

NSCSSX

The new application programming interface NSCSSX is available to check the validity of a password in an LDAP user authentication context.

NSCXR

The application programing interface NSCXR has been enhanced:

  • It allows you to obtain a list of all users with all libraries to which they are linked directly.

  • It allows you to obtain the Time Differential and Time Zone values of a specific user security profile.

For details, see the example programs PGMXR019 and PGMXR020 and text members TXTXR019 and TXTXR020 in the library SYSSEC.

Notice of Future Changes

Encryption

EntireX Encryption will be deprecated with the next version of EntireX.

For encrypted transport, Software AG strongly recommends that you use the Secure Sockets Layer/Transport Layer Security protocol. The relevant sections in the Natural RPC documentation have been updated accordingly.

Applications that execute with EntireX Encryption are still supported for compatibility reasons.

For more information, see SSL/TLS and Certificates with EntireX in the EntireX documentation.