Jan
04
2022
By dev on

Yearly release of the mendelson OFTP2 server
- Log4j is no longer part of the product nor referenced in the included libs

What is new

<ul>
<li>Adding the possibility in the server settings to delete old system events and transaction logs during system maintenance</li>
<li>Enabling the creation of a High Availability Cluster (HA) with multiple mendelson OFTP2 instances (optional plugin)</li>
<li>Added GUI notification when a client request could not be processed within 30s on the server (connection deadlock detection)</li>
<li>Enhanced the filter in the GUI to select only messages routed from this station - this is mainly useful if you use the installation as a gateway</li>
<li>Added placeholders for text fields</li>
<li>Password fields can now be switched between unmasked and masked view</li>
<li>Added possibility to reset keystore passwords to default value in server startup executable file</li>
<li>New icons for encryption and signature with an indication if the algorithms used are recommended/strong</li>
<li>Added the possibility to delete transactions per minute or per hour, this can be set in the settings</li>
<li>Added the optional plugin REST API to integrate the mendelson OFTP2 into your web projects. All this can be secured with HMAC256 - examples are included.</li>
</ul>

Resolved problems

<ul>
<li>Fixed the problem that system languages other than "en" and "de" had to use the parameter -lang for the programme start.</li>
<li>Fixed a problem when deleting transactions (manually and automatically), this function was very slow</li>
<li>Fixed a problem when starting the application under macOS Big Sur 11.2.3, the error message was "Native library not found in resource path".</li>
<li>Fixed a DB problem when managing outgoing connections.</li>
<li>The "Resend as new transaction" function took the preprocessed data of a transaction to resend and reprocessed it before it was sent. This means that the wrong data was sent. If custom postprocessing was in the transmission, some variables were also missing.</li>
</ul>

Updated software packages

<ul>
<li>Complete removal of Log4j from the product and all 3rd party products - so the product is no longer affected by previous and upcoming Log4j vulnerabilities.</li>
<li>The DB connection pool commons pool and commons dbcp have been replaced by HikariCP</li>
<li>Update to Bouncycastle v1.69 (Crypto API)</li>
<li>Update to Lucene 8.11.0 (indexing of system events)</li>
<li>Update to MINA 2.1.5 (Client-Server Interface)</li>
<li>Update to flatlaf 1.5 (dark mode)</li>
<li>Addition of Jackson for JSON processing</li>
</ul>