Release 10.5
Added Items
Administrator API Integration Server provides an administrative API that can be used to perform administrative actions such as restarting Integration Server as well as creating, retrieving, updating, and deleting assets on Integration Server. The Administrator API uses the REST architectural style.
GraphQL Dataloader support Dataloader is a utility that improves the performance of your GraphQL query. Dataloader supports batching and caching functional capabilities. When you create a Dataloader, Integration Server generates a loader service and a document type for keys. You can specify the field(s) in the key document for which you want to fetch the data from the data source. A loader service loads the data for the list of keys and returns a list of values.
MQTT Support Integration Server can be used to publish MQTT messages to and receive MQTT messages from an MQTT server. Use the pub.mqtt:publish service to publish an MQTT message to an MQTT server. Use MQTT triggers to create topic subscriptions and then receive and process MQTT messages. Integration Server supports MQTT version 3.1.1
SSL session logging Integration Server SSL session log contains SSL session information for inbound connections in JSON format. It contains information related to the cipher suite used, version of protocol, and client details along with server and session creation details. Using this information, you can analyze the details of a successful SSL handshake.
HTTP request or response compression Integration Server supports data compression for both HTTP requests and HTTP responses. Integration Server as HTTP client supports data compression before sending the HTTP request and can also instruct the HTTP server to compress the data before responding back to the client.
SSL support for third party JNDI provider Integration Server provides options to configure SSL communication between Integration Server and the JNDI provider.
HTTP/S port can be stateless Integration Server provides the ability to make Integration Server HTTP and HTTPS ports stateless. A stateless port will not maintain any sessions or provide session IDs for requests received by the port.
SAML2 support at transport level Integration Server adds support for sending SAML2 tokens in a custom HTTP header "wmIS-SAML2-Assertion", making it possible to use SAML2 tokens with all types of services and enabling integration with other security providers.
Service blacklist Integration Server provides the ability to block the invocation of services through use of a service blacklist. An attempt to invoke a blacklisted service results in an Access Denied error.
Support for Outbound interceptor The support for HTTP interceptors is enhanced with the addition of Outbound interceptor that is invoked when Integration Server is an HTTP client.
Additional support for JSON schemas Integration Server now supports additional features when generating JSON document types, such as support for readOnly and writeOnly from the JSON schema draft 7 specification.
Support for Kerberos authentication at the HTTP/S transport level for consumer web services. Integration Server now supports Kerberos authentication at the HTTP/S transport level for consumer web services.
Support for content-security policy Two new server configuration properties: watt.server.http.Content-Security-Policy and watt.server.http.X-Permitted-Cross-Domain-Policies, enable you to secure Integration Server against attacks such as Cross Site Scripting (XSS) and data injection.
Server log archive file name The server.log archive file name format for a size-based rotation changed from server.log_yyyyMMdd_HHmmssSSSZ,
(where yyyyMMdd_HHmmssSSSZ is the date and time the log file was created) to server.log.yyyyMMdd.n.
Changed Item
JVM version requirement for package release and the subscribing Integration Server Previously, Integration Server installed but did not activate a package when the version of the JVM used by Integration Server was less than the minimum JVM version required for the package. This included cases where the JVM used by Integration Server and the JVM version required by the package were the same major version. For example, if the minimum JVM version required for a package is 1.8.0_23 and the Integration Server JVM version is 1.8.0_12, Integration Server installed the package but did not activate it. Now, the Integration Server on which the package is installed must run in a JVM with a major version that is the same or higher than the JVM version required by the package.
Support for accommodating clock skew between a Java Web Token (JWT) issuer and Integration Server A variation between the JWT issuer server clock and the Integration Server clock can cause valid JWT tokens to be rejected. A new setting in the IS Administrator enables you to accommodate unavoidable and authentic variations. You can use this setting to define the permissible limits for variations between JWT issuer server clocks and the Integration Server clock.
Support for configuring and using Time To Live (TTL) settings for the UsernameToken used in the UsernameToken security policy Two new properties, Username Token TTL and Username Token Future TTL, and their corresponding server configuration properties: watt.server.ws.security.usernameTokenTTL and watt.server.ws.security.usernameTokenFutureTTL, enable you to accommodate time differences between when a SOAP username token is created and when it reaches Integration Server.