An outbound web service request that used MTOM attachments causes out of memory issues if the attachments are large.

An outbound web service request incorrectly used a memory-buffered output stream when requests with large MTOM attachments were made to external endpoints.

Outbound web service requests that use MOTM attachments now use the correct output stream and chunk the large MTOM attachment.

The pub.security.keystore:setKeyAndChain service clears security parameters after each outbound call instead of when the pub.security.keystore:clearKeyAndChain service executes.

In previous releases, Integration Server did not clear the security parameters configured for the outbound call by the pub.security.keystore:setKeyAndChain service until the pub.security.keystore:clearKeyAndChain executed. Now, Integration Server clears the security parameters after each outbound call. The new behavior is not backward compatible.

Now, the security values configured by pub.security.keystore:setKeyAndChain stay in effect until pub.security.keystore:clearKeyAndChain gets invoked.

An attempt to authenticate a cache manager user fails with an IllegalThreadStateException.

When authenticating users of a cache manager, a race condition caused an IllegalThreadStateException to be thrown.

The race condition that caused the IllegalThreadStateException is now resolved.

Integration Server returns an HTTP 500 error in response to successive requests made on persistent HTTP connections.

When client reuses a persistent HTTP connection to send multiple requests, Integration Server should handle the request and send a response. However, Integration Server sometimes incorrectly returned a HTTP 500 error, which caused the request to fail.

This issue is now resolved.

When using the VCS Integration feature in Integration Server, delete and safe delete of a version-controlled node fails with an error.This issue is now resolved.

Integration Server does not send HTTP cookies after a request is redirected.

When the pub.client:http service sends a request to an HTTP server and the HTTP server responds with a redirection (a 300-level status code) and a Set-Cookie header, Integration Server includes the cookie in the request to the HTTP server to which the request is being redirected. However, subsequent requests to the second server do not include the cookie.

Now, when a HTTP server includes a Set-Cookie header in a redirection response, Integration Server includes the cookie in the request and subsequent requests sent to the HTTP server to which the request is redirected.

The pub.flow:transportInfo document type signature is incorrect as seen on the Input/Output tab.

The signature for the pub.flow:transportInfo document type is missing 2 fields: filePolling/lastModified and filePolling/length.This issue is now resolved. The signature of the pub.flow:transportInfo document type now includes the filepolling/lastModified and filepolling/length parameters.

Integration Server resets the central user management system when lookup for a user in the central user management fails with an error.The reset causes a failure of other operations on the central user management system.

This issue is resolved.

Integration Server becomes unresponsive during startup.Integration Server sometimes became unresponsive at startup when initializing the scheduler. This occurred because of a database deadlock.

This issue is now resolved and the deadlock will no longer occur.

After transitioning to or from daylight savings time, scheduled tasks run twice or not at all.

Integration Server runs scheduled tasks based on the time relative to the time zone. This caused issues when entering and exiting daylight savings time, specifically tasks ran twice or not at all.Now, Integration Server runs scheduled tasks based on coordinated universal time (UTC). Because Integration Server runs the tasks without regard to the relative time zone, the start and end of daylight savings time does not affect the execution of scheduled tasks.

When a flow service invokes a service that does not exist, Integration Server handles operations on the pipeline first before issuing a runtime exception.

When a flow service invokes a service that does not exist, Integration Server performs operations on the pipeline, such as removing the dropped variables from the pipeline, before issuing a com.wm.lang.flow.FlowException about the unknown service.

This issue is resolved. Integration Server now issues the runtime exception when a flow service invokes a service that does not exist and will not proceed with the pipeline operations.

When using Oracle Streams Advanced Queuing (AQ) as the JMS provider, if the JMS connection alias is disabled due to an error from the JMS provider, the JMS connection continues to show the status as "in progress".

If a JMS connection alias, when attempting to establish a connection with Oracle Streams Advanced Queuing (AQ) as the JMS provider, is disabled due to an error from the JMS provider, the JMS connection continues to show the status as "in progress" and cannot be enabled or disabled.

This issue is resolved.

Integration Server logs the following error twice for the same port in the server logs while shutting down:

[ISP.0046.0011I] Disabling HTTP Listener on port <port number>

This issue is resolved. Integration Server now logs this message only once while shutting down.

Change to allow use of forward slash in a regular expression.

Prior to this change, regular expressions used in BRANCH steps and trigger filters could not include a forward slash. Now, a forward slash can be used. However, the forward slash must be preceded by the backslash (\) escape character. For example, to use a regular expression to match a variable whose value contains the string “a/b”, use the regular expression %variableName% = /a\/b/

In certain scenarios, invoking the pub.xml:getNextXMLNode service fails with an exception.

Invoking the pub.xml:getNextXMLNode service fails with a NullPointerException if the specified NodeIterator is returned by the pub.xml:getXMLNodeIterator service that has the criteria input parameter set to a string value that matches an element node of the XML node.

This issue is resolved.

Integration Server does not behave as expected when validating an XML document against a document type created from an XML schema definition containing <xs:restriction base="xs:anyType">.

When using the pub.schema:validate service to validate an XML document against a document type created from an XML schema definition containing <xs:restriction base="xs:anyType">, the validation does not fail even if the target element contains attributes other than the attributes defined in the XML schema definition.

This issue is resolved. Now, validation of XML fails if there are any attributes other than the defined attributes.

An outbound HTTPS web service request fails when using JSSE.

If an outbound HTTPS web service request specifies the use of JSSE, the request fails because Integration Server does not send the client certificates to the endpoint.

This issue is now resolved.

Integration Server error log does not include the names of the affected JDBC pools in the error messages.

When issuing error messages such as, “java.sql.SQLException: Could not get connection”, Integration Server error log does not include the names of the JDBC pools to which the error message is referring.

This issue is resolved. Integration Server error log now includes the name of the JDBC pools in its error messages.

Processing of webMethods messaging triggers fails with a java.lang.ClassCastException if the watt.server.trigger.local.checkTTL server configuration parameter is set to true.

Processing of webMethods messaging triggers fails with the following error if the watt.server.trigger.local.checkTTL server configuration parameter is set to true:

Unable to check document ttl: java.lang.ClassCastException: [B cannot be cast to com.wm.data.IData

This issue is now resolved.

Incorrect logging level specified for error message.

Integration Server gives the logging level of the following error message of Trace logging level incorrectly as Info:

[ISC.0042.0001I] baseURL (Connection reset)

This issue is now resolved. The logging level of the message is corrected to Trace.

Integration Server logs a NullPointerException at one minute intervals.

Once per minute, the Integration Server scheduler uses a background thread to check for scheduled tasks in an invalid state. If Integration Server is in a cluster and the watt.server.scheduler.logical.hostname property is not set, a NullPointerException occurs and is written to the error log.

Now, the background thread used by the scheduler no longer throws a NullPointerException if Integration Server is in a cluster and the watt.server.scheduler.logical.hostname property is not set.

After refreshing a consumer web service descriptor, response services reference the backup folders.

After refreshing a consumer web service descriptor, the response services contain references to the backup folders.

This issue is now resolved.

The pub.client:http service does not include the supplied data in PUT requests.

When using the PUT method with the pub.client:http service, the request transmitted to the remote HTTP server does not include the value supplied for the data/args, data/string, data/table, data/bytes, data/stream or data/mimeStream input variables.

This issue is now resolved. When the PUT method is used with pub.client:http, the value of the data/args, data/string, data/table, data/bytes, data/stream or data/mimeStream input variables is now included as the HTTP entity of the transmitted request.

A NullPointerException occurs when SoftwareAG-IS-Services.xml configuration file is not present in the caching directory.

When SoftwareAG-IS-Services.xml configuration file is not present in the directory location <Integration Server_directory>\instances\<instance_name>\config\Caching, Integration Server throws a NullPointerException.

This issue is resolved. Integration Server now logs the following error message in the server logs to indicate that the configuration file is not present in the caching directory.

Cannot cache "{0}" service. The cache manager SoftwareAG.IS.Services is not initialized."

Integration Server acting as an SFTP client faces issues while attempting to connect to an SFTP server.

When attempting to connect to an SFTP server, Integration Server acting as an SFTP client issues the following error:[ISS.0147.9010] Cannot get host key from server [host_X]:22.Details: com.jcraft.jsch.JSchException: Algorithm negotiation failThis issue occurs because there is no common key exchange algorithm between the SFTP client and SFTP server.

This issue is now resolved by updating the jsch jar file from 0.1.51 version to 0.1.53 version. The 0.1.53 version supports most of the key exchange algorithms that are required to be present in the SFTP client to connect to SFTP server.

Integration Server logs an exception when a service is invoked through a JSSE-enabled HTTPS port with client authentication set to "Username/Password" or "Request Client Certificates".

When a service is invoked through an HTTPS port that uses JSSE and has client authentication set to "Username/Password" or "Request Client Certificates", Integration Server logs the following exception in the error log:

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated.The issue is now resolved. Integration Server does not log any exception upon invoking a service successfully through a JSSE-enabled HTTPS port with client authentication set to "Username/Password" or "Request Client Certificates".

The pub.client:http service does not honor the value set for the useJSSE parameter.

The useJSSE parameter of the pub.client:http service indicates whether to enable the use of the Java Secure Socket Extension (JSSE) socket factory for creating outbound HTTPS connections. However, the pub.client:http service fails to consider the value set for the useJSSE parameter and does not use JSSE for SSL connection with proxy configuration even if the "useJSSE" parameter is set to yes.

This issue is now resolved. The pub.client:http service now honors the value set for the useJSSE parameter.

Subsequent HTTPS requests through proxy to the server fail.When you send repeated outbound HTTPS requests to a server using the pub.client:http service with useJSSE=yes and HTTPS proxy alias, the first request is sent successfully but the subsequent requests fail with exception.

The issue is now resolved.

Publishing a document as a JMS message from Designer fails with a NamingException.

Using Designer to publish an instance of an IS document type as a JMS message fails with a NamingException. This occurs because the pub.jms:send service, which is used by Designer to publish the JMS message, includes a new input parameter named JMSMessage/header/replyTo that Designer populates with an empty String. Integration Server attempts a JNDI lookup using the empty String, which results in the NamingException.Now, Integration Server verifies that JMSMessage/header/replyTo parameter is not empty before performing the JNDI lookup.

When executing a web service connector, Integration Server does not check the Execute ACL of the parent consumer web service descriptor.

When executing a web service connector contained in a consumer web service descriptor that has a Pre-8.2 compatibility mode value of false, Integration Server did not check the Execute ACL of the consumer web service descriptor. The documented behavior is to always verify the Execute ACL for a web service descriptor, but it was not being done.

Now, when executing a web service connector, Integration Server checks the Execute ACL of the parent consumer web service descriptor.

Integration Server KPI that Optimize uses to display lifetime statistics displays current statistics instead.

The Integration Server KPI, getNumCompletedRequests, which Optimize uses to display the number of completed requests over the lifetime of the Integration Server, returns the number of requests in the last polling period instead.

This issue is now resolved.

Integration Server deletes the parent task when all the servers in a cluster are shut down. When you schedule a task to run on all servers in a cluster, and when one server in the cluster is shut down, Integration Server deletes the corresponding child task. However, when all the servers in the cluster are shut down, Integration Server deletes all the child tasks as well as the parent task. As a result, the parent task information is lost upon restart of Integration Server.

This issue is resolved.

Change to Integration Server to allow the pub.client:http service to return response headers and response entity when receiving a 501 to 599 level response from a remote HTTP server.

HTTP servers indicate success or failure by including a status code in the response. The pub.client:http service returns the status code, response headers, and response body. When the HTTP response includes a status code in the 501 to 599 range, the pub.client:http service throws a ServiceException. Some HTTP servers include useful information in the response headers and entity when returning a 501 to 599 level status code. However, this information is lost when pub.client:http throws a ServiceException.

To address this issue, Integration Server now includes a server configuration parameter, watt.net.http501-599.throwException, which you can use to indicate how the pub.client:http service handles a 501 to 599 level response.

watt.net.http501-599.throwExceptionSpecifies whether or not the pub.client:http service throws a ServiceException when receiving a 501 to 599 level response from a remote HTTP server. When set to true, the pub.client:http service throws a ServiceException when it receives a 501 to 599 level response from a remote HTTP server. When set to false, the pub.client:http service does not throw a ServiceException when it receives a 501 to 599 level response from a remote HTTP server.

Instead, when the pub.client:http service returns a status code in the 501 to 599 range, the service returns the status code, response headers, and response body. The default is true. You do not need to restart Integration Server for changes to this parameter to take effect.

Note: When the remote HTTP server returns a response code of 500, the pub.client:http service returns the status code, response headers, and response body.

Integration Server does not handle an element with xsi:nil=1 correctly.

If an IS document type used by the web service contains a field of type Object for which the Allow null property is set to true and the XML instance document contains a corresponding element with an xsi:nil=1 and an xmlns:xsi= attribute, Integration Server does not properly convert the element. Instead, Integration Server incorrectly converts the element to a Document field with no children instead of converting the element to a field of type Object with a “null” value.

This issue can also occur when the pub.xml:xmlNodeToDocument service executes and all of the following are true:

Now, Integration Server properly converts the xsi:nil=1 element to an field of type Object with a "null" value.

Sessions are not being shared among Integration Servers in a cluster.

When a dynamic server page (DSP) is requested by a client, a session is created in Integration Server and a Set-Cookie response header is returned with the session ID. If a subsequent request from the client includes the session ID but a different Integration Server in the cluster receives the request, the second server should find the session in the cluster's session store and then use the session to service the request. This was not happening. The first server did not save the session to the cluster's session store. As a result, the client's session was not available to the second server.

This has been fixed. When a clustered Integration Server receives a request for a DSP, the server saves the session to the cluster's session store.

Integration Server may become unresponsive when processing concurrent requests to disable file polling ports in different packages.

If Integration Server receives concurrent requests to disable a file polling port in a package and the ports are located in different packages, Integration Server may become unresponsive. Additionally, HTTP/S ports on Integration Server might become unavailable.

This issue is now resolved.

Enhancement to pub.jms:send service to allow specifying a destination for the JMSReplyTo header.

Currently, if you want to specify the JMSReplyTo header for a JMS message that you are sending, you must use the pub.jms:sendAndWait service. The pub.jms:sendAndWait service sends a request message and waits for a response. The act of waiting for a response message comes with extra overhead for Integration Server which is unnecessary if you merely want to specify a JMSReplyTo destination but do not want the sending service to wait for a reply.

To address this issue, the pub.jms:send service has been enhanced to include a new input parameter for setting the JMSReplyTo header.

When invoking the pub.jms:send service, you can set the JMSMessage/header/replyTo field which is an optional parameter of type String. Set this parameter to one of the following:

Note: When using the native webMethods API to connect to the Broker, the JMSMessage/header/replyTo destination must be a queue. Topics are not supported.

When executing the pub.jms:send service with a valid value for the JMSMessage/header/replyTo parameter, Integration Server creates the javax.jms.Destination and maps it to the JMSReplyTo field within the message header. Integration Server sends the message and returns immediately. The service does not wait for the response message.

Integration Server logs the message “[B cannot be cast to com.wm.util.Values" in server.log file”.If the ServiceResults cache has the Copy on Read and Copy on Write check boxes selected and the number of entries in the cache exceeds the value specified for Maximum Elements in Memory, Integration Server logs the following error message to the server log: [B cannot be cast to com.wm.util.ValuesThis issue is now resolved.

In the Integration Server Administrator page, the Routing option under Adapters is not available in some cases.

After a successful installation of the OnRamp for Commerce One Marketplace Adapter, the Routing option under Adapters in the Integration Server Administrator page is not available. The Integration Server console is unable to add this option in the Integration Server Administrators page because an incorrect configuration in the Server Log Facilities page results in a failure in the initialization process for the adapter.

This issue is resolved. The Routing option is now available under the Adapters section in the Integration Server Administrator page.

Integration Server does not reflect the changes made to the Create Temporary Queue option after the JMS connection alias is created.

If the Create Temporary Queue option is selected while creating a JMS connection alias and if this selection is cleared later, Integration Server does not reflect this change. The setting of the Create Temporary Queue option that was chosen while creating a JMS connection alias is maintained.

This issue is resolved. Integration Server now reflects the changes made to the Create Temporary Queue option after the JMS connection alias is created.

File polling consumed server threads that were not terminated at the end of file polling process.

The thread leak related to file polling ports is now resolved.

Integration Server erroneously logs a message about the connection pool threshold being exceeded.

Integration Server erroneously writes the following message to the server log:

[ISS.0096.0008I] JDBC Connection pool threshold exceeded, 0 available for pool CentralUsers:CentralUsersPool

This issue is now resolved.

The FTP command PWD returns incorrect structure in certain situationsThe FTP command PWD sometimes returns an incorrect directory path.

The PWD command now returns a valid directory path.

When JSSE is enabled for outbound HTTP connections from Integration Server, watt.security.ssl.client.ignoreEmptyAuthoritiesList does not work as expected.

When JSSE is enabled for outbound HTTP connections, Integration Server client accepts empty trusted authorities lists from the SSL server but does not return its CA certificate even if the watt.security.ssl.client.ignoreEmptyAuthoritiesList is set to true.

This issue is resolved. Now, when JSSE is enabled for outbound HTTP connections, Integration Server client accepts empty trusted authorities lists from the SSL server and returns its CA certificate if the watt.security.ssl.client.ignoreEmptyAuthoritiesList property is set to true.

Integration Server creates an exception when you invoke a flow service exposed as a web service.

Integration Server creates the following exception when you try to invoke a flow service exposed as a web service:

ServiceException: Fault returned by invoked service.

This exception which is created in the stack before the service is executed is not logged in the Integration Server log but, monitoring tools like Dynatrace might interpret the exception as an error even though the service is successfully executed.

This issue is resolved.

When invoking the pub.client:http service with the useJSSE input parameter set to yes, a java.lang.ClassCastException error occurs if the server configuration parameter, watt.security.ssl.keypurposeverification is set to true.

This issue is resolved.

When the pub.client:http service sends an HTTPS request, the SSL handshake process fails when the useJSSE parameter is set to yes.

When the pub.client:http service sends an HTTPS request and the useJSSE input parameter is set to yes, during the SSL handshake process Integration Server sends its certificate even though no matching CA certificate from the other endpoint server is found in the Certificate Authorities list for the SSL handshake.

This issue is resolved. Integration Server now sends its CA certificate during the SSL handshake process only if a matching CA certificate is available from the other endpoint server.

The watt.server.compile parameter is not set correctly if Integration Server instance is created through migration utility.

When running the migration utility, selecting the option to create an Integration Server instance during migration results in an incorrect value for the watt.server.compile server configuration parameter, specifically: ${javac.exe} -classpath {0} -d {1} {2}Now, the migration utility substitutes the value of ${javac.exe} to point to javac executable located in the JDK shipped with Integration Server.

At start up, Integration Server logs a warning message about audit logging even though no audit loggers are configured.

At start up, Integration Server attempts to determine if there are sufficient JDBC connections in the JDBC connection pool even when audit loggers are not configured. If there are no connections, Integration Server logs the following message, which is erroneous if there are no configured audit loggers:

[ISS.0095.0022W] Audit Logging Initialization: Unable to verify the Max Connections setting for the Audit Logging database.

Now, Integration Server does not check for JDBC connections at start up if there are no configured audit loggers.

Update of scheduled tasks to use UTC fails.

At startup, if Integration Server updates scheduled tasks to use UTC (Coordinated Universal Time) instead of local time, Integration Server writes the following message to the server.log:

[ISS.0137.0035E] Migration of scheduled tasks to UTC timezone failed

When Integration Server updates the tasks to UTC, Integration Server also validates the tasks, which, for a task scheduled to run on another Integration Server in a cluster, includes checking that the Integration Server is a member of the cluster. If the Integration Server is not in the cluster, task validation fails and the task timestamp is not updated to UTC. However, Integration Server incorrectly considers that the task that failed validation is now in UTC when, in fact, the task is still in local time.

Now, the migration utility no longer validates the scheduled task during migration. Consequently, a validation failure does not prevent the migration utility from updating the scheduled tasks.

A webMethods messaging request-reply fails when the encoding type of the reply document type is protocol buffers.

When encoding the reply message, Integration Server uses the encoding type specified for the publishable document type used as the reply. However, reply messages are sent to a dedicated reply-to channel on Universal Messaging. The channel is generic and is not associated with any specific document type. To receive a protocol buffer encoded message, a channel must be associated with a specific document type. Because the channel is generic, a reply message encoded as a protocol buffers cannot be processed.

To address this issue, Integration Server now always encodes reply message as IData.

Upgrade does not include layered products if the destination Integration Server does not have an instance with the same name as the source Integration Server.

When upgrading to an Integration Server instances that does not have the same name as the source Integration Server instance, upgrade does not include layered products such as webMethods Mediator and webMethods Monitor.

This issue is now resolved. Upgrade always includes layered products, regardless of whether or not the destination Integration Server instance is the same as the source Integration Server instance.

When the logging level is set to Trace, upon invoking the pub.client:http service, Integration Server logs an entry for the HTTP Get method in the server log irrespective of the HTTP request type.

This issue is resolved. Upon invoking the pub.client:http service, Integration Server now logs entries according to the HTTP request type.\

After a database outage, Integration Server can run out of threads.

When Integration Server cannot connect to the audit logging database, either due a problem in the database or a problem in the network, all threads requesting database connections can pause indefinitely. If this situation persists, all threads in the server thread pool will be paused. No new requests will be accepted.

This issue has been fixed. A point of thread contention in the JDBC pool implementation was removed. Threads requesting database connections after a database outage no longer experience lengthy pauses.

Command Central cannot be used to set the all the JDBC connection pool alias properties.

When using Command Central to create or edit a JDBC connection pool, the Available Connections Warning Threshold and Waiting Thread Threshold Count properties cannot be specified.

The Available Connections Warning Threshold and Waiting Thread Threshold Count properties can now be set through Command Central.

Integration Server does not validate a certificate that uses the SHA-256 algorithm but should.

The certificate chain verifier in Integration Server validates the certificates presented by SSL clients. The certificate chain verifier does not validate a certificate chain that uses the SHA-256 algorithm but should. Instead Integration Server throws the following error:

[ISC.0009.9002] Error in certificate chain: Entrust cannot verify the certificate chain: [ISC.0009.9002] Error in certificate chain

The certificate chain verifier in Integration Server now validates a certificate chain that uses the SHA-256 algorithm.

The jcode utility fails with a MalformedPatternException on Linux.Execution of jcode.sh on Linux fails with the following error:

Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/oro/text/regex/MalformedPatternException

The exception occurs because one of the required jar files in common/lib/ext is missing from the jcode utility classpath.

The jcode.sh file is now updated to include the required jars in the classpath. This issue is now resolved.

After upgrading to version 9.7, when a webMethods messaging trigger, which has join conditions that are dependent on two or more documents, does not start because Integration Server cannot locate the publishable document types, Integration Server does not reload and start the trigger when the publishable document types are later loaded.

Integration Server does not start a webMethods messaging trigger, which has join conditions that are dependent on two or more publishable document types, if it cannot find the document types specified in the join condition. However, Integration Server issues a PDT_DOES_NOT_EXIST (InvalidDocumentException) exception stating the reason the trigger did not fully load and when Integration Server loads the package containing the publishable document types to which the trigger subscribes, Integration Server reloads the trigger. But, after upgrading to version 9.7, instead of the PDT_DOES_NOT_EXIST exception, Integration Server returns an INVALID (ServiceException) exception incorrectly. As a result, Integration Server fails to reload and start the trigger when the publishable document types are later loaded.

This issue is resolved. Integration Server now returns the PDT_DOES_NOT_EXIST exception correctly if it cannot find the document types specified in the join condition. In addition, when Integration Server loads the package containing the publishable document types specified in the join condition, Integration Server reloads the trigger.

If the database associated with Integration Server is restarted abruptly, service invocations or database calls made through JDBC connection pool alias fail and do not return any records from the database.

When the database associated with Integration Server is restarted abruptly, Integration Server does not close and release the existing JDBC connections that are stale due to the abrupt database shutdown and fails to return these connections to the JDBC connection pool.

As a result, service invocations or database calls made through the JDBC connection pool alias fail and do not return any records from the database.

The issue is now resolved.

After migrating to Integration Server 9.5 or later, Integration Server displays an exception when calling a web service and using MTOM streaming.

After migrating 2 to Integration Server 9.5 or later, sending a web service request that uses MTOM streaming for which more than one chunk is sent, the following exception occurs:"Exception --> org.apache.axis2.AxisFault: Connection reset by peer: socket write error"This issue is now resolved.

When installed on Unix or Linux, scripts located in IntegrationServer/instances/<instanceName>/packages/<packageName> directory, such as IntegrationServer/instances/myInstance/packages/WmDeployer, do not have permission to execute.

This issue is now resolved.

Executing the jcode.bat/sh utility removes the name of the output template assigned to a service.

Running the jcode.bat/sh utility removes the value of the Output template Name property for services in the package containing the Java service.

This issue is now resolved.

Using pub.schema:createXSD to create an XML Schema definition for a document type ends with a NullPointerException.

Using the pub.schema:createXSD service to create an XML Schema definition for a document type ends with a NullPointerException if the document type contains a field named *body.

This issue is now resolved.

Memory leak with JMS request-reply.

Integration Server did not correctly close MessageProducer objects when invoking the pub.jms:reply service, resulting in a memory leak.

This issue is now fixed.

Users that are members of the Developers group cannot use Designer to build and upload processes.

When a user that belongs to the Developers group uses Designer to build and upload a process, Designer throws the following exception:

Error: Build of process <processName> failed.com.webmethods.process.connection.is.IntegrationServerConnectionException: [ISC.0064.9314] Authorization Required: [ISS.0084.9004] Access Deniedat com.webmethods.process.generator.util.GeneratorUtils.getJMSProviderData(GeneratorUtils.java:934)at com.webmethods.process.generator.util.GeneratorUtils.createJNDIDestinations(GeneratorUtils.java:718)

This issue is now resolved. Members of the Developers group can now use Designer to build and upload processes.

Integration Server fails to enable email ports configured to use transport layer security.

Upon creating an email port configured to use transport layer security, Integration Server fails to enable the email port and issues the following error message:

Unsupported ciphersuite SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA

This issue is resolved.

Duplicate port aliases are assigned during upgrade.

When upgrading Integration Server 9.5 or earlier to version 9.6 or later, Integration Server might assign the same port alias to multiple Internal Server ports. Upon startup of Integration Server, this may result in only one of the Internal Server ports becoming active and in the following warning:

[ISS.0070.30] yyyy-mm-dd hh:mm:ss zone WARN: Duplicate alias protocolListener_portNumber_packageName encountered creating protocol listener on port portNumber.

This occurs because the naming convention used to assign a port alias to an existing port creates a duplicate alias if more than one Internal Server ports connect to an Enterprise Gateway Server through the same Registration port.

Now, to ensure that each port alias is unique, Integration Server includes the host name for the port in the port alias for migrated ports. The new naming convention is:

protocolListener_portNumber _hostName_packageName

Integration Server reloads packages more than once in a run-time-based deployment.When there are dependencies across different Integration Server packages in a run-time-based deployment, Integration Server reloads these packages more than once.Now, Integration Server reloads the packages just once.

While converting an XML node to a document, Integration Server does not issue any validation errors upon receiving empty fields that are not included in the enumeration list.

When converting an XML node to a document that contains fields with *body attributes, the text specified in *body represents the values of the document fields. These elements can have valid values specified in the enumeration fields. However, while converting, if Integration Server receives an empty value for a field and if the empty value is not included in the enumeration list, Integration Server should issue a validation error, but does not.

This issue is resolved. Integration Server now issues the following validation error upon receiving an empty field that is not included in the enumeration list:No matching enumeration value.”

On Windows, the script for creating a new instance of Integration Server does not use the JVM bundled with the product installation.

The script for creating an Integration Server instance now uses the JVM bundled with the Integration Server product installation.

Users can log in to Integration Server with old and new passwords.When central user management is configured for Integration Server and an authentication cache is enabled for Integration Server, users can log in with an old password even after successfully log in with the new password. This occurs because Integration Server does not remove the cached entry with the old password until after the time specified in watt.server.auth.cache.timeout elapses.

Now, once a user logs in with a new password, Integration Server clears the cached password.

Web browser users are not forced to supply credentials after their session expires.

When Integration Server receives a request that includes a cookie that identifies a session and valid user credentials, Integration Server will do one of two things:

Modern web browsers cache user credentials and send them to servers with each request. For Integration Server Administrator users, this means a user's session may expire but because the browser sends the user's credentials every time, a new session is created. The user may continue to use Integration Server Administrator without re-entering their user name and password. The only way to force the re-entry of a user's credentials is to close the browser. This may be considered a security flaw.

Integration Server addresses this situation by adding a new configuration parameter:

watt.security.session.forceReauthOnExpiration.

When set to true, Integration Server rejects any request that includes a cookie identifying an expired or invalid session, even if the request includes valid user credentials. The rejection response directs the browser to clear its session identifier and to prompt the user for credentials. When set to false, Integration Server creates a new session using the credentials in the cookie. The default value for watt.security.session.forceReauthOnExpiration is false. A value of true offers more secure behavior. Changes to watt.security.session.forceReauthOnExpiration take effect immediately.

The pub.flow:getLastError service does not return a lastError document.

The pub.flow:getLastError service does not return a lastError document if a parent SEQUENCE step specifies a timeout value but a service called by an INVOKE step within the SEQUENCE causes the SEQUENCE to time out.

This issue is now resolved.

A signed XML document or a node in an XML document fails verification performed by the pub.security.xml:verifyXML service.

If the pub.security.xml:signXML service signs an XML document or a node in an XML document and the service input specifies "true" for the includeCertChain parameter or a value other than the default value "X509_CERTIFICATE" for the certData parameter, the resulting signed document fails verification performed by the pub.security.xml:verifyXML service.

This issue is resolved.

After migrating a consumer web service descriptor that uses Web Services Addressing (WS-Addressing) from Integration Server 8.2 to a later release, invoking a web service connector in the descriptor ends with SocketTimeoutException.

If a consumer web service descriptor was created from a WSDL document that declared both the Web Services Addressing namespace as defined in the World Wide Web Consortium (W3C) Recommendation and the namespace from the earlier W3C Submission, after migration from Integration Server 8.2, execution of a web service connector fails with the following:

java.net.SocketTimeoutException: Read timed out

The timeout occurs because Integration Server incorrectly uses the WS-Addressing namespace from the earlier W3C Submission of WS-Addressing when executing the web service connector. As a result, the web service provider does not respond in the expected manner which causes the request to time out.

Now, if a web service descriptor that uses WS-Addressing was created from a WSDL that declared namespace declarations for the WS-Address Recommendation and the Submission, Integration Server uses the namespace declarations defined in the Recommendation.

Package deployment fails when the package contains a document type.

Using Deployer to deploy a package that contains a publishable document type fails with the following error:

[DEP.0005.0326] An error occurred while deploying package "packageName". Item "documentTypeName" could not be loaded because of reason "[ISS.0026.9112] Document type documentTypeName has failed to load. Duplicate Broker document type name brokerDocumentTypName is also referenced by documentTypeName". The package may have partially loaded; please check your target server.

This issue is now resolved.

Integration Server logs an erroneous exception when executing web services without an outbound callback service.

When executing web service that is part of a provider web service descriptor for which an outbound callback service is not specified, Integration Server sometimes writes the following erroneous message to the error log:

ISC.0088.9998E Exception --> null.

This issue is now resolved. Integration Server no longer logs an exception when executing a web service that is part of a web service descriptor that does not specify an outbound callback service.

XSLT services experience intermittent XSLT transformation errors or exhibit slow transformation performance.

This fix addresses both issues.

Enhancement to use Universal Messaging for audit logging queues.

In asynchronous audit logging, Integration Server first writes a log entry to a queue and subsequently writes the log entry from the queue to the log destination. Previously, Integration Server provided only an internal queue, sometimes called the light-weight queue, to use as an audit logging queue. With this enhancement, Integration Server provides the option of using a Universal Messaging queue instead of the internal queue as the audit logging queue. Using Universal Messaging with audit logging offers increased performance for asynchronous and synchronous logging.

When using the jcode utility to compile Java services, Integration Server generates wrong jcode utility classpath.

When using the jcode utility to compile Java services, Integration Server generates wrong jcode utility classpath if the code or classes directory added to the classpath does not include path separator.

This issue is now resolved.

A web service connector throws a SOAPException about an invalid envelope.

When executing a web service connector for an InOnly or InOnlyRobust operation for which the parent consumer web service descriptor has the Pre-8.2 compatibility mode property set to true, Integration Server may log the following extraneous error message indicating an invalid SOAP Envelope has been received even though the connector executed successfully.

[ISS.0088.9155] this SOAPMessage does not contain a valid Envelope object

This fix eliminates the extraneous error message.

A trigger with an AND join fails when receiving messages concurrently across a cluster of Integration Servers or a non-clustered group of Integration Servers.

When a JMS trigger or a webMethods messaging trigger with an AND join receives messages at the same time on two different Integration Servers, one of the messages might be lost. The lost message will not be processed which prevents the AND join from being satisfied and causes the trigger to fail. This situation occurs when the trigger resides on Integration Servers in a cluster or on a group of non-clustered Integration Servers.

This issue is now resolved.

Enhancement to provide the ability to configure the allowed protocols for JSSE on a per port basis.

In Integration Server, the watt.net.jsse.server.enabledProtocols server configuration parameter specifies the allowed protocols for all JSSE ports. However, there might be times where you wish to allow specific protocols for use with a particular JSSE port only.

Integration Server now provides the ability to specify the allowed protocols for JSSE on a per port basis.

Note: The 'jsseEnabledProtocols' value specified for the port record in the listeners.cnf file overrides the value set by watt.net.jsse.server.enabledProtocols server configuration parameter.

Note: When the logging facility 0006 Server SSL Interface is set to the Debug logging level, Integration Server writes messages about protocols used for inbound and outbound ports to the server log. At the Trace logging level, Integration Server writes messages about the enabled cipher suites. You can use these server log messages to confirm the enabled protocols for any JSSE port.

The pub.utils.messaging:migrateDocTypesTriggersToUM service incorrectly returns a message indicating a filter was successfully converted.

When the pub.utils.messaging:migrateDocTypesTriggersToUM service cannot convert a filter for a webMethods messaging trigger because of a filter conversion error, the service returns the error message in the failedTriggers/reason parameter. However, the service also returns a message stating that the filter was successfully converted, which is not correct.

If a filter cannot be converted successfully, the pub.utils.messaging:migrateDocTypesTriggersToUM no longer returns a message about successful conversion of the filter.

Web service fails with a RampartException while handling a holder-of-key SAML assertion.

When handling a holder-of-key SAML assertion, a web service fails with the following exception: RampartException: Invalid signature algorithm for Asymmetric binding.

This issue is now resolved.

A concurrent JMS trigger makes a retry attempt after Integration Server suspends the trigger because of a transient error.

When a concurrent JMS trigger encounters a transient error when processing a message, the trigger makes an extra retry attempt after the trigger is suspended. For example, if Max retry attempts is 3, Integration Server suspends the trigger after the third retry attempt fails. However, the trigger makes a fourth retry attempt.This issue is resolved. When Integration Server suspends a concurrent JMS trigger because of a transient error, the trigger does not make an additional retry attempt.

In a clustered environment, Integration Server sometimes does not create child tasks when a new server is added to the cluster or when an existing server is restarted.

When a task is scheduled to run on all servers in a clustered environment, Integration Server creates a parent task and a child task for each server in the cluster. When a new server is added to the cluster or when an existing server in the cluster is restarted, Integration Server creates a corresponding child task upon server restart. However, Integration Server sometimes does not create the child task for the newly added server or for the server that was restarted. As a result, the complete information for all servers in the cluster is not available on the Scheduler screen.

This issue is resolved.

Integration Server resumes document retrieval and/or processing for webMethods messaging triggers after package reload or server restart even when the Apply Change Permanently option was selected.

When using the Integration Server Administrator or the built-in services for suspending document retrieval and/or processing for a webMethods messaging trigger that receives documents from Universal Messaging, Integration Server does not honor the value of the Apply Change Permanently check box. When selected, the Apply Change Permanently check box indicates that Integration Server persists the change in document retrieval or document processing across package reloads and server restart. However, Integration Server reverts the state and enables retrieval and/or processing of documents when Integration Server restarts or when a package is reloaded.

This issue is resolved.

While creating an Enterprise Gateway Server port that uses the HTTPS protocol, the ‘Use JSSE’ option is not available in the Edit Enterprise Gateway Server Configuration screen in Integration Server Administrator.

This issue is resolved. The ‘Use JSSE’ option is now available in the Edit Enterprise Gateway Server Configuration screen while creating an Enterprise Gateway Server port that uses the HTTPS protocol.

When creating an Internal Server port that uses the HTTPS protocol, the “Use JSSE” option is not available in the Edit Internal Server Configuration screen in Integration Server Administrator.

This issue is resolved. The Edit Internal Server Configuration screen now includes the “Use JSSE” option when the selected protocol is HTTPS.

An HTTPS port that uses JSSE fails to start when a keystore is specified.

If Use JSSE is set to Yes for an HTTPS port and the key alias password is different from the password used for the keystore, the port does not start.

This issue is now resolved.

The pub.client:smtp service completes successfully even though the service finishes with errors.

Improper exception handling allowed the pub.client:smtp service to execute successfully even though the service encountered errors. This could lead to missing MIME parts in the email sent by the service.

Now, the pub.client:smtp service includes proper exception handling, which prevents successful completion of the service when the service encounters errors.

When entering quiesce mode, Integration Server writes messages to the client-side queue because Integration Server disables connection aliases before disabling packages.

When Integration Server enters quiesce mode, Integration Server disables the webMethods messaging connection aliases and JMS connection aliases before disabling packages. As a result, services that publish messages might execute after the needed connection alias is disabled, causing messages to be written to the client-side queue.

Now, when entering quiesce mode, Integration Server disables packages before disabling connection aliases. This will prevent new messages from being written to the client-side queue as Integration Server enters quiesce mode.

The jcode utility does not scan the jar files present in the static folders of the packages.

The jar files present in the static folders of the packages (package's code\jars\static folders) were not being scanned and added to the classpath by the jcode utility.

This issue is resolved.

When migrating from Integration Sever 8.2 or later to a newer version of Integration Server, the migration utility overwrites server configuration parameter values set during an earlier migration.

If you migrated Integration Server from version 7.x to version 8.2 or later and the later version introduces new behavior for existing functionality, the migration utility prompts you to choose the new behavior or the existing behavior and then sets a server configuration parameter in the server.cnf accordingly. When you migrate Integration Server from 8.2 or later to a newer version of Integration Server, the migration utility prompts to use the new or existing behavior for existing functionality that was changed in the new version. However, the Integration Server migration utility incorrectly overwrites some of the settings that were already set during earlier migrations.

This issue is now resolved. Integration Server migration utility retains previously selected behavior and sets server configuration parameters for behavior introduced in the new version only.

Setting the watt.server.db.connectionCache server configuration parameter to server increases the number of database connections.

Setting the watt.server.db.connectionCache server configuration parameter to server tells Integration Server to maintain a pool of connections for each database. However, when a connection became stale, a new connection was getting created without the stale connection getting closed. This increased the number of connections even though the pool reached its maximum number of connections.

This issue is resolved. Integration Server now closes all the stale connections before creating new connections.