ISL Conference Proxy 4.4.2044.21 with modules for Windows and Linux (2020-12-01)

 

On 1st of December the following was released:

  • ISL Conference Proxy 4.4.2044.21 for for Windows 64bit (Platform=win64, Revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25, req_os_version=0x06010000-0x7fffffff)
  • ISL Conference Proxy 4.4.2044.21 for for Linux 64bit (Platform=linux64, Revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25, req_os_version=0x0206200000-0xffffffffff)

Modules

  • Administration 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • Audit 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • Authentication 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • Backup 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • Core Login 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • DNS 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • GeoIP 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • ISL AlwaysOn 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • ISL Groop 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • ISL Light 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • ISL Pronto 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • Locale 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • NTP 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • PostgreSQL 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • Reports 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • Storage 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)
  • System Monitor 4.4.2044.21 (revision=0d7f27baf0e8b6dc7ad7d38c69c789e434b9cff7, release_date=2020-11-25)

Translations

  • administration_20201125_20201125_195515.translation
  • backup_20201125_20201125_195515.translation
  • core_login_20201125_20201125_195515.translation
  • isl_alwayson_20201125_20201125_195515.translation
  • isl_conference_proxy_20201125_20201125_195515.translation
  • isl_groop_20201125_20201125_195515.translation
  • isl_light_20201125_20201125_195515.translation
  • isl_pronto_20201125_20201125_195515.translation
  • reports_20201125_20201125_195515.translation

Update availability

All updates, except translations, have release date set to 2020-11-25. Your ESS will need to be  same or higher to be able to update your server. This release is  available to all countries except Japan.

Upgrading to new version

This are server side updates so hosted service users do not need to do anything.

Server license users please check Upgrading Server License

Improvements

ISL Conference Proxy - Core - Patch jQuery CVE 2020-11023 - potential XSS vulnerability when appending HTML containing option elements (SECURITY) [ISLCONFPROXY-2277] More

Description

Patch that prevents CVE 2020-11023 was applied to jQuery. Select wrapper for <option> was disabled.

ISL Conference Proxy - Core - Direct tables replication AKV logs (FEATURE) [ISLCONFPROXY-1647] More

Description

New setting "Direct table replication stats interval in seconds" was added to "Configuration->Logs", which sets how often replication stats should be logged, 3600 seconds by default.

ISL Conference Proxy - Administration - Add domain/admin/user/permission/list/1 webapi (FEATURE) [ISLCONFPROXY-1703] More

Description

Added new webapi2 method domain/admin/user/permission/list/1 webapi. This method returns list of administrative permissions. If sessions user is not domain admin he may only call webapi for self (leave name blank) otherwise "Insufficient permissions" error is returned. Level can be "user", "domain" or "default" depending on where permission is set.

ISL Conference Proxy - Administration - Add domain/admin/user/list/1 webapi (FEATURE) [ISLCONFPROXY-1707] More

Description

Added new webapi2 method domain/admin/user/list/1. This method returns list of users from user's domain. Set filter to filter users by username. Session user must be Domain Admin otherwise "insufficient permissions" error is returned.

ISL Conference Proxy - Administration - Add admin/domain/user/create/1 webapi (FEATURE) [ISLCONFPROXY-1708] More

Description

Added new webapi2 method domain/admin/user/create/1. This method creates new user. Session user must be Domain Admin and have "Create, edit and delete users (domain admin only)" permission otherwise "insufficient permissions" error is returned.

ISL Conference Proxy - Administration - Add admin/domain/user/update/1 webapi (FEATURE) [ISLCONFPROXY-1709] More

Description

Added new webapi2 method domain/admin/user/update/1. This method updates existing user. Session user must be Domain Admin and have "Create, edit and delete users (domain admin only)" permission otherwise "insufficient permissions" error is returned.

ISL Conference Proxy - Administration - Add user management view (FEATURE) [ISLCONFPROXY-1758] More

Description

New product page "Administration" was registered. Administration pages for domain admins are now available at "/users/administration" where user management view was added to view and update users from user's domain. Only Domain Admin has permission to access Administration pages, otherwise "Insufficient permissions" error is returned.

ISL Conference Proxy - Administration - Mark external users and disable set password (FEATURE) [ISLCONFPROXY-1856] More

Description

Added new webapi2 method domain/admin/user/is/external/1. This method will mark external users and add warning before modifying them since modifications to external users are overridden on next login. Furthermore password update has been disabled for external user.

ISL Conference Proxy - Administration - Implement new settings GUI (FEATURE) [ISLCONFPROXY-1891] More

Description

Setting management view was added to Administration pages for domain admins (/users/administration), where user and domain settings can be viewed or updated.

ISL Conference Proxy - Administration - Add domain/admin/domain/setting/update/1 webapi (FEATURE) [ISLCONFPROXY-1901] More

Description

Added new webapi2 method domain/admin/domain/setting/update/1. This method stores domain setting value. 

New General setting was added to /conf -> User management: "Edit domain settings (domain admin only)". This setting grants access to the "Settings" tab in the Administration Dashboard. There, the user can update domain settings. Domain settings are applied to all users within a domain. If you disable this permission, the user will not have access to the "Settings" tab. Please note that the user must already be a domain admin to access the Administration Dashboard (see the "Domain Admin" setting).

ISL Conference Proxy - Administration - Add domain/admin/domain/setting/overview/data/1 webapi (FEATURE) [ISLCONFPROXY-1902] More

Description

Added new webapi2 method domain/admin/domain/setting/overview/data/1. This method returns list of keys set for users domain. Also returns list of calculated settings for settings set. Session user must be Domain Admin otherwise "insufficient permissions" error is returned.

ISL Conference Proxy - Administration - Add domain/admin/user/setting/update/1 webapi (FEATURE) [ISLCONFPROXY-1916] More

Description

Added new webapi2 method domain/admin/user/setting/update/1. This method stores user setting value. Session user must be Domain Admin and have "Create, edit and delete users (domain admin only)" permission otherwise "insufficient permissions" error is returned.

ISL Conference Proxy - Administration - Add domain/admin/user/setting/overview/data/1 webapi (FEATURE) [ISLCONFPROXY-1942] More

Description

Added new webapi2 method domain/admin/user/setting/overview/data/1. This method returns list of keys set for selected user. Also returns list of calculated settings for settings set for user. Session user must be Domain Admin otherwise "insufficient permissions" error is returned.

ISL Conference Proxy - Administration - Add domain/admin/user/setting/page/section/list/1 (FEATURE) [ISLCONFPROXY-1943] More

Description

Added new webapi2 method domain/admin/user/setting/page/section/list/1. This method returns setting pages, sections and sub-sections for settings registered in user scope. Session user must be Domain Admin otherwise "insufficient permissions" error is returned.

ISL Conference Proxy - Administration - Add domain/admin/domain/setting/page/section/list/1 (FEATURE) [ISLCONFPROXY-1944] More

Description

Added new webapi2 method domain/admin/domain/setting/page/section/list/1. This method returns setting pages, sections and sub-sections for settings registered in domain scope. Session user must be Domain Admin otherwise "insufficient permissions" error is returned.

ISL Conference Proxy - Administration - Add domain/admin/user/setting/list/1 (FEATURE) [ISLCONFPROXY-1945] More

Description

Added new webapi2 method domain/admin/user/setting/list/1. This method returns all settings registered in grid for requested user. Settings are sorted in order they should appear on page. Session user must be Domain Admin otherwise "insufficient permissions" error is returned.

ISL Conference Proxy - Administration - Add domain/admin/domain/setting/list/1 (FEATURE) [ISLCONFPROXY-1946] More

Description

Added new webapi2 method domain/admin/domain/setting/list/1. This method returns all settings registered in grid for session users domain. Settings are sorted in order they should appear on page. Session user must be Domain Admin otherwise "insufficient permissions" error is returned.

ISL Conference Proxy - Core - Log add concurrent usage failures (FEATURE) [ISLCONFPROXY-1988] More

Description

Log lines were added to "[Core] License usage":

  • added concurrent usage (info)
  • concurrent usage limit hit (error)
  • failed to add concurrent usage (critical)

Log line keys:

  • LICUSG_RESULT (OK; added concurrent usage)
  • LICUSG_RESULT (LICENSE, SERVER, DOMAIN, USER; concurrent usage limit hit)
  • LICUSG_RESULT (OTHER; failed to add concurrent usage)
  • LICUSG_MODULE (ISL LIGHT, ...)
  • LICUSG_DOMAIN_ID, LICUSG_USER_ID (user account info)
  • LICUSG_CONCDESC_TXT (concurrent description if any at the moment of request)
  • LICUSG_MULTI_ID (multilicense ID if any at the moment of request)
  • LICUSG_SERVERCONC_L, LICUSG_DOMAINCONC_L, LICUSG_USERCONC_L (server+domain+user concurrent at the moment of request)
  • EXC_DESC_TXT (exception; failed to add concurrent usage)

HTTP event "LICENSE_LIMIT_HIT" was added when failure occurs with keys:

  • result (LICENSE, SERVER, DOMAIN, USER)
  • concurrentTitle (concurrent description if any at the moment of request)
  • concurrentMultiID (multilicense ID if any at the moment of request)
  • concurrentModule (ISL LIGHT, ...)
  • domain, name, username, external_id, user_id, domain_id, custom_* (user account info)
  • serverConcurrentCount, domainConcurrentCount, userConcurrentCount (server+domain+user concurrent at the moment of request)

ISL Conference Proxy - Core - Do not log rejected HTML tunnel HTTP requests (FEATURE) [ISLCONFPROXY-2013] More

Description

Rejected HTML tunnel HTTP requests are not logged as errors anymore.

ISL Conference Proxy - Core - Release Administration settings batch 1: Authentication Login, 2FA, Password and Basic module settings (FEATURE) [ISLCONFPROXY-2020] More

Description

Following settings were released and can now be set by Domain Admins in Administration pages (/users/administration). Settings from "/conf" pages (Old name) were renamed (New name) and now use same layout (Page, Section, Subsection) as Administration settings.
Old Name: Login enabled
New Name: Account enabled
Comment: Use this as a master switch to enable/disable a user or a domain.
Page: Security
Section: Authentication
Subsection: Login

Old Name: ISL AlwaysOn enabled
New Name: ISL AlwaysOn
Comment: Disabling this option will prevent the user(s) from adding or connecting to unattended computers. The computers are not permanently deleted, so the setting can be reverted. The user(s) will also be unable to view "Remote Access" tab on webpages.
Page: ISL AlwaysOn
Section: ISL AlwaysOn
Subsection: Basic

Old Name: ISL Groop enabled
New Name: ISL Groop
Comment: Disabling this option will prevent the user(s) from starting online meetings. The user(s) will also be unable to view the "Web Conference" tab on webpages.
Page: ISL Groop
Section: ISL Groop
Subsection: Basic

Old Name: ISL Light enabled
New Name: ISL Light
Comment: Disabling this option will prevent the user(s) from starting any remote support sessions or connecting to unattended computers. The user(s) will also be unable to view the "Remote Support" tab on webpages.
Page: ISL Light
Section: ISL Light
Subsection: Basic

Old Name: ISL Pronto enabled
New Name: ISL Pronto
Comment: Disabling this option will prevent the user(s) from logging into ISL Pronto. This means the user(s) will be unable to answer client chats. The user(s) will also unable to view "Live Chat" tab on webpages.
Page: ISL Pronto
Section: ISL Pronto
Subsection: Basic

Old Name: Allow login without configured Two-Factor Authentication
New Name: Login without configured Two-Factor Authentication
Comment: Disabling this option will force Two-Factor Authentication for the user(s). This will require the user(s) to configure Two-Factor Authentication on their next login attempt if they do not have at least one Two-Factor Authentication method set.
Page: Security
Section: Authentication
Subsection: Two-factor Authentication

Old Name: Allow login with "Don't ask again on this device"
New Name: "Don't ask again on this device" option for 2-Factor authentication
Comment: Disabling this option will remove the "Don't ask again on this device" checkbox from the GUI, and the user(s) will no longer be able to skip Two-Factor Authentication on any devices.
Page: Security
Section: Authentication
Subsection: Two-factor Authentication

Old Name: User must change password
New Name: Require password change
Comment: After setting this to "Yes", the user will be asked to change their password on their next login. The setting is reset to "No" after the user has changed their password.
Page: Security
Section: Authentication
Subsection: Password

Old Name: Comment
New Name: Notes
Comment: Use this field for storing notes about users. The notes will only be seen here and do not affect any functionality of services.
Page: General
Section: Account
Subsection: Admin Notes

Old Name: Maximum failed logins for user
New Name: Max failed login attempts for user(s)
Comment: This setting throttles login attempts for the user(s) by limiting the maximum number of attempts in a given time period. All further login attempts are rejected until the oldest login attempt expires (sliding time window). The time period is specified by the "Max failed login attempts period in seconds" setting.
Page: Security
Section: Authentication
Subsection: Login

Old Name: Maximum failed logins for address
New Name: Max failed login attempts from IP address
Comment: This setting throttles login attempts from one IP address by limiting the maximum number of login attempts in a given time period. All further login attempts are rejected until the oldest login attempt expires (sliding time window). The time period is specified by the "Max failed login attempts period in seconds" setting.
Page: Security
Section: Authentication
Subsection: Login

Old Name: Maximum failed logins period in seconds
New Name: Max failed login attempts period in seconds
Comment: Set the time period in which each failed login attempt will count towards the maximum failed login attempts.
Page: Security
Section: Authentication
Subsection: Login

ISL Conference Proxy - Administration - Implement audit GUI (FEATURE) [ISLCONFPROXY-2036] More

Description

New tab Audit was added to Administration pages for domain admins (/users/administration). To view tab user must be Domain Admin. Tab shows all domain audit logs returned from DB. Logs can be filtered by user, timestamp, user agent, IP address and event. Logs can be ordered by all column values.

ISL Conference Proxy - Audit - Add audit/event/list/1 (FEATURE) [ISLCONFPROXY-2039] More

Description

Added new webapi2 method domain/admin/audit/event/list/1. Method returns audit logs based on provided filters. Results can be also ordered by providing ordering.
Filters are specified by: field, operator and values.
Valid fields: user, module, event, timestamp.
Valid operators: starts, not_starts, before(timestamp), after(timestamp) and between(timestamp).
Webapi returns all domain audit logs for Domain Admin users, for regular users it only returns audit logs belonging to this user.

ISL Conference Proxy - Audit - Add internal/audit/event/new/1 (FEATURE) [ISLCONFPROXY-2040] More

Description

Registered new internal webapi2 method internal/audit/event/new/1. Method creates new audit log and stores it in database.

ISL Conference Proxy - Administration - Add audit logs for setting changes (FEATURE) [ISLCONFPROXY-2045] More

Description

Audit logs are added on successful setting value change in Administration pages for domain admins (/users/administration).

ISL Conference Proxy - Core - Release Administration settings batch 2: Password strength (FEATURE) [ISLCONFPROXY-2057] More

Description

Following settings were released and can now be set by Domain Admins in Administration pages (/users/administration). Settings from "/conf" pages (Old name) were renamed (New name) and now use same layout (Page, Section, Subsection) as Administration settings.

Old Name: Minimum password length
New Name: Minimum password length
Comment: User passwords shorter than selected value will be rejected by the system. This requirement can be disabled by setting the value to "0". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.
Page: Security
Section: Authentication
Subsection: Password

Old Name: Maximum password length
New Name: Maximum password length
Comment: User passwords longer than selected value will be rejected by the system. This requirement can be disabled by setting the value to "0". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.
Page: Security
Section: Authentication
Subsection: Password

Old Name: List of custom special characters
New Name: List of custom special characters
Comment: The value for this setting is a string containing special characters that should appear in a user's new password. The number of required special characters is set by the "Minimum number of custom special characters required in passwords" setting. Setting this to an empty string will disable the special characters requirement. Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.
Page: Security
Section: Authentication
Subsection: Password

Old Name: Minimum number of custom special characters required in passwords
New Name: Minimum number of custom special characters required in passwords
Comment: This setting specifies the minimum number of special characters required in users' new passwords. The list of special characters can be set using the "List of custom special characters" setting. This requirement can be disabled by setting the value to "0". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.
Page: Security
Section: Authentication
Subsection: Password

Old Name: Minimum number of uppercase characters required in passwords
New Name: Minimum number of uppercase characters required in passwords
Comment: This setting specifies the minimum number of uppercase characters required in users' new passwords. This requirement can be disabled by setting the value to "0". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.
Page: Security
Section: Authentication
Subsection: Password

Old Name: Minimum number of lowercase characters required in passwords
New Name: Minimum number of lowercase characters required in passwords
Comment: This setting specifies the minimum number of lowercase characters required in users' new passwords. This requirement can be disabled by setting the value to "0". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.
Page: Security
Section: Authentication
Subsection: Password

Old Name: Minimum number of digit characters required in passwords
New Name: Minimum number of digit characters required in passwords
Comment: This setting specifies the minimum number of digit characters (0, 1, 2, ..., 9) required in users' new passwords. This requirement can be disabled by setting the value to "0". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.
Page: Security
Section: Authentication
Subsection: Password

Old Name: Allow password to start or end with whitespace
New Name: Allow password to start or end with whitespace
Comment: When this setting is enabled, users' new passwords may start or end with a whitespace character (" ", "\n", ...) otherwise they are rejected by the system. Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.
Page: Security
Section: Authentication
Subsection: Password

Old Name: Reject passwords from password_blacklist.txt
New Name: Reject passwords from password_blacklist.txt
Comment: When this setting is enabled, users' new passwords is checked against a database of blacklisted passwords (which is set by the system administrator) meant to prevent passwords that are too common/basic. If a user's new password is blacklisted, they are shown the following message: "Password considered too weak. Please choose a stronger password.". Changing the setting value does not affect any existing user passwords and is only applied on a user's next password change.
Page: Security
Section: Authentication
Subsection: Password

ISL Conference Proxy - Core - Release Administration settings batch 3: ISL Light GUI features (FEATURE) [ISLCONFPROXY-2068] More

Description

Following settings were released and can now be set by Domain Admins in Administration pages (/users/administration). Settings from "/conf" pages (Old name) were renamed (New name) and now use same layout (Page, Section, Subsection) as Administration settings. GUI Features are not a separate section in /conf anymore and are now registered as permissions from ISL Light module. GUI Features exist for both v1 and v2 except for the "RDP / SSH" subsection, where:

  • Version 1 of this setting applies to ISL Light Desk 3 (Windows) and ISL Light Client 3 (Windows).
  • Version 2 of this setting applies to ISL Light 4 (Windows, macOS, Linux) and ISL Light Client 4 (macOS and Linux).


Old Name: Using clipboard while viewing or streaming desktop is enabled
New Name: Clipboard
Comment: Enables clipboard between local and remote computers. Operator can utilize the Copy (Ctrl-C) command on the remote computer and Paste (Ctrl-V) it on the local computer or vice versa. This allows for much faster work flow eliminating the need to send snippets of text via the text chat or any other means of transport to the remote side.
Page: ISL Light
Section: Permissions
Subsection: Remote Desktop

Old Name: Desktop streaming is enabled
New Name: Share My Screen
Comment: When enabled operator can share his screen to remote computer (client). If disabled, then the connection to your computer can still be established, but the viewing side will have no way of seeing or controlling your desktop.
Page: ISL Light
Section: Permissions
Subsection: Remote Desktop

Old Name: Desktop stream control is enabled
New Name: Control My Screen
Comment: When enabled remote computer can control operators local computer. If disabled, then the remote (client) side will enter the session in whiteboard mode. They will be able to see your desktop (If Share My Screen is enabled), but won't be able to control it. In order for the remote (client) side to control your computer, the client will ask for permission and the local (operator) side will have to grant it.
Page: ISL Light
Section: Permissions
Subsection: Remote Desktop

Old Name: Remote desktop viewing is enabled
New Name: View Remote Desktop
Comment: When enabled operator can view remote (client) desktop. When disabled the connection to the remote computer can be established, but the operator won't be able to see the remote desktop.
Page: ISL Light
Section: Permissions
Subsection: Remote Desktop

Old Name: Remote desktop control is enabled
New Name: Control Remote Desktop
Comment: When enabled operator can control remote (client) desktop. When disabled the operator will be able to see the remote desktop but won't be able to control it.
Page: ISL Light
Section: Permissions
Subsection: Remote Desktop

Old Name: Receiving files is enabled
New Name: Receive Files
Comment: If disabled, operator can't receive any files from remote (client) computer. Operator is still able to send files given "Send Files" is enabled.
Page: ISL Light
Section: Permissions
Subsection: Files

Old Name: Sending files is enabled
New Name: Send Files
Comment: If disabled, operator can't send any files to remote (client) computer. Operator is still able to receive files given "Receive Files" is enabled.
Page: ISL Light
Section: Permissions
Subsection: Files

Old Name: Allow accept from and connect to remote hosts not just localhost
New Name: Enable Jumpbox functionality
Comment: Enables the possibility to include tunnel endpoints other than localhost on either operator side or client side, but it also depends on the value of "Enable operator-side tunnel creation" (and also "Enable client-side tunnel creation" if doing the reverse Jumpbox tunnel). Read more about Jumpbox functionality here.
Page: ISL Light
Section: Permissions
Subsection: RDP / SSH

Old Name: Allow desk to perform connects
New Name: Enable client-side tunnel creation
Comment: Enables the client to create tunnels to operator. Please note that when disabled, tunnels can still be created from operator to client, unless this is prohibited by "Enable operator-side tunnel creation".
Page: ISL Light
Section: Permissions
Subsection: RDP / SSH

Old Name: Allow desk to accept connections
New Name: Enable operator-side tunnel creation
Comment: Enables the operator to create tunnels to client. Please note that when disabled, tunnels can still be created from client to operator, unless this is prohibited by "Enable client-side tunnel creation".
Page: ISL Light
Section: Permissions
Subsection: RDP / SSH

ISL Conference Proxy - Administration - Audit logs for all actions (FEATURE) [ISLCONFPROXY-2093] More

Description

Audit logs are added for create/update/delete actions on users in Administration pages for domain admins (/users/administration).

ISL Conference Proxy - Core - Add support for "Do not serve requests if no root handler" (FEATURE) [ISLCONFPROXY-2107] More

Description

Dev flag "Require WWW root handler" (file require_www_root) was added. When enabled and module with root handler is not installed, ICP will refuse to start.

ISL Conference Proxy - Core - Release Administration settings batch 4: Domain Admin permissions, group permissions and profile permissions (FEATURE) [ISLCONFPROXY-2117] More

Description

Following settings were released and can now be set by Domain Admins in Administration pages (/users/administration). Settings from "/conf" pages (Old name) were renamed (New name) and now use same layout (Page, Section, Subsection) as Administration settings.

Old Name: User is Domain Admin
New Name: Domain Admin
Comment: Enable this to promote the user to domain admin. This grants the user access to the Administration Dashboard where they can edit users, computers and settings for their domain. Using the permissions below, such as "Create, edit and delete users (domain admin only)", you can grant/revoke access to certain settings. For example you can create a read-only domain admin by enabling "Domain Admin" and revoking all the permissions below.
Page: General
Section: Account
Subsection: Domain Administration

Old Name: User can create, edit and delete users if he is Domain Admin
New Name: Create, edit and delete users (domain admin only)
Comment: This setting grants access to the "Users" tab in the Administration Dashboard. There, the user can view a list of users in their domain, create new users, update their settings and delete existing ones. If you disable this permission, the user will not have access to the "Users" tab. Please note that the user must be a domain admin to access the Administration Dashboard (see the "Domain Admin" setting).
Page: General
Section: Account
Subsection: Domain Administration

Old Name: User can edit domain settings if he is Domain Admin
New Name: Edit domain settings (domain admin only)
Comment: This setting grants access to the "Settings" tab in the Administration Dashboard. There, the user can update domain settings. Domain settings are applied to all users within a domain. If you disable this permission, the user will not have access to the "Settings" tab. Please note that the user must already be a domain admin to access the Administration Dashboard (see the "Domain Admin" setting).
Page: General
Section: Account
Subsection: Domain Administration

Old Name: User can create groups
New Name: Create computer groups
Comment: When this setting is enabled, the user can create new computer groups. In order to add computers to group, user will also need "Edit computer groups" permission.
Page: General
Section: Account
Subsection: Computer Groups

Old Name: User can edit groups
New Name: Edit computer groups
Comment: When this setting is enabled, the user is allowed to edit computer groups (add or remove computers, rename group, share group with other users).
Page: General
Section: Account
Subsection: Computer Groups

Old Name: User can delete groups
New Name: Delete computer groups
Comment: When this setting is enabled, the user can delete computer groups.
Page: General
Section: Account
Subsection: Computer Groups

Old Name: User can change full name
New Name: Edit full name
Comment: When this setting is enabled, user(s) can edit their full name in "My Profile". Disable this setting if you wish to prevent the user from editing their full name.
Page: General
Section: Account
Subsection: My Profile

Old Name: User can change e-mail
New Name: Edit e-mail
Comment: When this setting is enabled, user(s) can edit their e-mail in "My Profile". Disable this setting if you wish to prevent the user from editing their e-mail.
Page: General
Section: Account
Subsection: My Profile

Old Name: User can change nickname
New Name: Edit nickname
Comment: When this setting is enabled, user(s) can edit their nickname in "My Profile". Disable this setting if you wish to prevent the user from editing their nickname.
Page: General
Section: Account
Subsection: My Profile

Old Name: User can change time zone
New Name: Change time zone
Comment: When this setting is enabled, user(s) can change their time zone in "My Profile". Disable this setting if you wish to prevent the user from changing their time zone.
Page: General
Section: Account
Subsection: My Profile

Old Name: User can change password
New Name: Change password
Comment: When this setting is enabled, user(s) can change their password in "My Profile". Disable this setting if you wish to prevent users from changing their password. Warning: enabling either the "Require password change" or "Password expiration interval" setting will prompt the user to change his password on the next login, but they will be unable to do so if this setting is disabled. Doing so may lock user(s) out of their account.
Page: Security
Section: Authentication
Subsection: Password

ISL Conference Proxy - Audit - DB fixes (FEATURE) [ISLCONFPROXY-2132] More

Description

Registered new DT table "audit_log" for storing audit logs.

ISL Conference Proxy - Core - Optimize DT GRID message locks (FEATURE) [ISLCONFPROXY-2169] More

Description

DT GRID message locks were optimized.

ISL Conference Proxy - Module SysInfo Usage meters improve look (FEATURE) [ISLCONFPROXY-2172] More

Description

Usage meters in /conf -> "System statistics" were improved. CPU meters cpkrn, cpusr and cptot are now grey (green/orange/red do not represent correct impact because cp* meters mean how often confproxy_server process was scheduled to run on at least one processor). RAM, swap and disk meters are not scaled anymore, size of the bar is fixed.

ISL Conference Proxy - Audit - Add data lifecycle for user/domain references to log data (FEATURE) [ISLCONFPROXY-2193] More

Description

Data lifecycle settings for Audit module were updated (accessible in /conf -> Configuration -> Data lifecycle -> Associated data settings). Support for all 4 columns (domain_id, user_id, data_domain_id and data_user_id) was added. If deleting of associated data is enabled:

  • when user is deleted
    • all Audit logs, created (triggered) by this user, will get removed also (link: Audit event by user)
    • all Audit logs, that contain this user in log data, will get removed also (link: Audit event for user)
  • when domain is deleted
    • all Audit logs, created (triggered) by users in this domain, will get removed also (link: Audit event by user in domain)
    • all Audit logs, that contain objects from this domain in log data, will get removed also (link: Audit event for domain)

ISL Conference Proxy - Core - Delete flags for ICP 4.4.1734 branch (FEATURE) [ISLCONFPROXY-2219] More

Description

All flags from 4.4.1734 branch were deleted. These flags are now considered as enabled and can not be disabled by user anymore. Deleted flags:

  • 2017-06-12 ISLALWAYSON-1221 add fid to file upload form in html
  • 2017-06-29 ISLCONFPROXY-1482 pass orig_session_id to webapi2 backend
  • 2017-06-22 ISLCONFPROXY-1479 email or username in login dialog
  • 2017-08-31 ISLCONFPROXY-1517 remove stateless login
  • 2017-09-05 ISLPRONTO-1067 Join server to chat's domain when receiving file uploaded by web client
  • 2017-08-21 ISLCONFPROXY-1509 simplify PG sql for sets equals
  • 2017-08-24 ISLCONFPROXY-1513 set not_equals dt
  • 2017-08-24 ISLCONFPROXY-1513 set not_equals vfs
  • 2017-09-13 ISLCONFPROXY-1526 transfer support and show flags in args
  • 2017-09-20 ISLCONFPROXY-1533 fix random code generation algorithm
  • 2017-09-21 ISLLIGHT-4745 register 8 char lb-rx session code to service
  • 2017-09-21 ISLLIGHT-4745 remove session code checksum
  • 2017-09-21 ISLCONFPROXY-1535 initial args with state
  • 2017-06-20 ISLCONFPROXY-1477 show integrator webapi2 only on localhost
  • 2017-03-14 ISLCONFPROXY-1309 read multiple RSA keys from advsec files
  • 2017-03-14 ISLCONFPROXY-1309 remove key_cs from MUX connection-keys response
  • 2017-03-14 ISLCONFPROXY-1309 remove software signing and client to client keys in web admin
  • 2017-03-14 ISLCONFPROXY-1309 return multiple RSA keys in connection data
  • 2017-03-14 ISLCONFPROXY-1309 support multiple RSA keys in web admin
  • 2017-03-14 ISLCONFPROXY-1309 use key-cs-id in MUX
  • 2017-03-15 ISLCONFPROXY-1309 default custom RSA bits 2048
  • 2017-03-15 ISLCONFPROXY-1309 write multiple RSA keys to advsec files
  • 2017-03-16 ISLCONFPROXY-1309 use 2048 bit RSA key for client to server by default
  • 2017-03-23 ISLCONFPROXY-1309 add MUX service to transport type
  • 2017-10-31 ISLCONFPROXY-1574 sanitize CPLANG
  • 2017-10-31 ISLCONFPROXY-1574 sanitize CPVER
  • 2017-10-31 ISLCONFPROXY-1574 sanitize internal CP-WEB-VERSION
  • 2017-08-25 ISLCONFPROXY-1515 fallback translations
  • 2017-10-31 ISLCONFPROXY-1575 sanitize webtoken language
  • 2017-11-03 ISLCONFPROXY-1577 use relative url flag
  • 2017-11-03 ISLCONFPROXY-1577 use relative url flag login.html
  • 2017-11-17 ISLCONFPROXY-1577 relative url webapi2 help
  • 2017-11-08 ISLCONFPROXY-1583 flush grid packet
  • 2017-11-08 ISLCONFPROXY-1583 show grid packet in debug xml
  • 2017-09-04 ISLALWAYSON-1244 add computer_all permission to group acl which matches any computer_X acl
  • 2017-11-21 ISLCONFPROXY-1518 check for remove on group owner
  • 2017-09-04 ISLCONFPROXY-1518 refactor privilege permission rules
  • 2017-09-04 ISLCONFPROXY-1518 remove generic "aon_*" privilege
  • 2017-11-21 ISLCONFPROXY-1518 clean privileges on member remove
  • 2017-11-21 ISLCONFPROXY-1518 match privileges to members
  • 2017-09-04 ISLCONFPROXY-1518 register new webapi groups/update/security/2
  • 2017-11-07 ISLALWAYSON-1249 dont update last_used when sharing computer connection

ISL Conference Proxy - Core - Delete flags for ICP 4.4.1747 branch (FEATURE) [ISLCONFPROXY-2224] More

Description

All flags from 4.4.1747 branch were deleted. These flags are now considered as enabled and can not be disabled by user anymore. Deleted flags:

  • 2018-01-09 ISLCONFPROXY-1623 remove locator setting, add direct url
  • 2018-01-09 ISLCONFPROXY-1623 use webapi locator url setting
  • 2017-12-06 ISLALWAYSON-1245 group members UI
  • 2017-06-02 ISLCONFPROXY-1469 always show postgresql install
  • 2017-05-31 ISLCONFPROXY-1468 fix installation name sanitizer
  • 2017-11-10 ISLCONFPROXY-1588 remove license version from web admin
  • 2018-02-09 ISLALWAYSON-1308 remove permission check for sysinfo action
  • 2017-06-22 ISLALWAYSON-1227 action_list_js xpp
  • 2018-02-01 ISLALWAYSON-1305 add c_time index to connections
  • 2018-02-01 ISLALWAYSON-1305 include c_time connections in last used v2
  • 2017-11-07 ISLALWAYSON-1250 remove last_used
  • 2017-11-07 ISLALWAYSON-1250 replace last_used with session history
  • 2018-01-31 ISLCONFPROXY-1647 dt replicator stats log
  • 2017-11-09 ISLALWAYSON-1251 fix con_search computer query
  • 2017-11-09 ISLALWAYSON-1251 fix extract computer query
  • 2017-06-05 ISLALWAYSON-1224 files.html layout of password protected file storage
  • 2017-11-07 ISLCONFPROXY-1578 web admin runtime changes
  • 2017-11-07 ISLCONFPROXY-1578 web admin title
  • 2017-11-07 ISLCONFPROXY-1578 web admin title background
  • 2017-11-07 ISLCONFPROXY-1578 web admin title background setting
  • 2017-11-30 ISLCONFPROXY-1603 UTC timestamps
  • 2018-01-08 ISLCONFPROXY-1633 tester download link
  • 2017-11-14 ISLCONFPROXY-1591 remove key_cc from connection keys
  • 2017-11-13 ISLCONFPROXY-1589 mark /file as untrusted
  • 2017-11-13 ISLCONFPROXY-1589 HTTP server handle unstrusted flag
  • 2017-11-14 ISLALWAYSON-1253 mark /live/islalwayson/files/download as untrusted
  • 2017-11-14 ISLALWAYSON-1253 mark /live/islalwayson/files/download_zip as untrusted
  • 2017-11-30 ISLCONFPROXY-1604 secure web login event
  • 2017-11-30 ISLCONFPROXY-1604 secure webapi login event
  • 2017-12-08 ISLCONFPROXY-1614 admin_rights init builtin
  • 2017-12-08 ISLCONFPROXY-1614 admin_rights setting
  • 2017-12-08 ISLCONFPROXY-1614 admin_rights account flag
  • 2017-12-08 ISLCONFPROXY-1614 skip admin_rights accounts for noadmin flag
  • 2017-12-08 ISLCONFPROXY-1614 basic admin password change own
  • 2017-12-08 ISLCONFPROXY-1614 create user admin rights
  • 2017-12-11 ISLCONFPROXY-1615 check empty admin password
  • 2018-02-15 ISLALWAYSON-1310 add index on u_id + c_time
  • 2018-02-16 ISLCONFPROXY-1653 nulls first for nullable columns
  • 2017-11-29 ISLCONFPROXY-1601 /conf/api activity log
  • 2017-12-01 ISLCONFPROXY-1601 report admin user activity log
  • 2017-12-06 ISLCONFPROXY-1601 module action activity log
  • 2017-12-06 ISLCONFPROXY-1601 column limits
  • 2017-12-07 ISLCONFPROXY-1601 readable /conf page names
  • 2017-11-30 ISLCONFPROXY-1602 LIB-845 sanitize CSV output
  • 2017-11-13 ISLCONFPROXY-1590 HTTP server use modern force download headers
  • 2017-11-14 ISLPRONTO-1078 mark /live/islpronto_download_chat_file as untrusted
  • 2017-11-14 ISLPRONTO-1078 mark /live/islpronto_download_file as untrusted
  • 2017-06-26 ISLLIGHT-4674 2fa not available message
  • 2017-11-27 ISLCONFPROXY-1600 HTTP server file type filter
  • 2017-11-28 ISLCONFPROXY-1600 bulk files CP-UNTRUSTED-WHITELIST
  • 2017-11-28 ISLCONFPROXY-1600 whitelist and blacklist settings
  • 2017-11-28 ISLCONFPROXY-1600 default gmail-like blacklist setting
  • 2017-11-15 ISLALWAYSON-1260 catch invalid data on rpc auth message
  • 2017-11-15 ISLCONFPROXY-1592 use conf bulk file download
  • 2017-11-16 ISLCONFPROXY-1592 HTTP server bulk file handler
  • 2017-11-17 ISLGROOP-981 use islgroop bulk file download
  • 2017-11-20 ISLGROOP-981 /users/islgroop/webapi/session/file/download
  • 2017-11-21 ISLGROOP-981 session image download
  • 2017-11-22 ISLGROOP-982 bulk file name correction
  • 2017-11-22 ISLGROOP-982 check bulk file rename
  • 2017-12-19 ISLGROOP-983 blocked file error
  • 2017-12-19 ISLGROOP-983 bulk file type download block check
  • 2017-12-19 ISLGROOP-983 bulk file type upload block check
  • 2017-12-19 ISLGROOP-983 session file type upload block check
  • 2017-12-19 ISLGROOP-983 session file type download block check
  • 2017-12-20 ISLPRONTO-1085 check block supporter upload
  • 2017-12-20 ISLPRONTO-1085 check block client upload
  • 2017-07-28 ISLCONFPROXY-1502 content etag http server
  • 2017-07-28 ISLCONFPROXY-1502 content etag resources
  • 2017-07-28 ISLCONFPROXY-1502 content etag downloads
  • 2017-07-28 ISLCONFPROXY-1503 slice authenticode exe
  • 2017-07-27 ISLCONFPROXY-1501 sign code md5 etag
  • 2017-07-27 ISLCONFPROXY-1501 appssl content hash
  • 2017-07-27 ISLCONFPROXY-1501 translations cache hash
  • 2017-07-27 ISLCONFPROXY-1501 cache raw file etags
  • 2017-07-27 ISLCONFPROXY-1501 zip date hash
  • 2017-07-27 ISLCONFPROXY-1501 dmg date hash
  • 2017-07-27 ISLCONFPROXY-1501 plugins cache hash
  • 2017-11-17 ISLCONFPROXY-1592 remove /file
  • 2017-11-16 ISLPRONTO-1079 Add ISL Pronto object patch form
  • 2017-11-16 ISLPRONTO-1080 Show all ISL Pronto RAM objects
  • 2017-07-13 ISLCONFPROXY-1498 report moduleapp wrapper crash
  • 2017-03-09 ISLCONFPROXY-1294 /health/server/enabled
  • 2017-07-13 ISLCONFPROXY-1494 detect go panic
  • 2017-08-22 ISLCONFPROXY-1511 check for empty storage configuration
  • 2017-04-26 ISLCONFPROXY-1395 add setting external_authenticator_fail_reason_spec
  • 2017-04-26 ISLCONFPROXY-1395 use setting external_authenticator_fail_reason_spec
  • 2017-04-05 ISLCONFPROXY-1389 fix code and public_code mismatch
  • 2017-04-05 ISLCONFPROXY-1389 fix count 1000
  • 2017-12-01 ISLCONFPROXY-1605 mark storage as untrusted
  • 2017-12-01 ISLCONFPROXY-1605 whitelist /conf/api/url
  • 2017-11-07 ISLALWAYSON-1249 dont update last_used when sharing computer connection
  • 2017-04-28 ISLCONFPROXY-1395 replace account-is-disabled with invalid-credentials

ISL Conference Proxy - Administration - Add jwt webhook lib and call from core admin (FEATURE) [ISLCONFPROXY-2229] More

Description

Added JWT (JSON Web Tokens) webhook lib for reporting user create/delete events.
New setting was registered in Integration page:

  • Webhook URL must be set to a valid URL address otherwise integration is unconfigured and ignored.
  • JWT private key (PEM file) must be set to the file name of the private key uploaded to private storage. Otherwise, integration is unconfigured and ignored and an error is reported in the logs.
  • JWT Claims is optional. If set it must be valid JSON of claims which will be merged to the JWT req.
  • User Create, User Delete, User Undelete, Domain Delete can be used to fine-tune which events are reported.
    • You can respond to User Create and User Undelete with JSON key-value pairs which are then stored as custom:: keys.


ISL Conference Proxy - Core - Reduce PostgreSQL function costs (FEATURE) [ISLCONFPROXY-2232] More

Description

COST of PostgreSQL functions was reduced.

ISL Conference Proxy - Core - Add islcp_core and register it as an app (FEATURE) [ISLCONFPROXY-2240] More

Description

Added "islcp_core" moduleapp which is shipped with ISL Conference Proxy. Status can be seen /conf -> Processes.

ISL Light - Module - Expose recording files in ISL Light module conf pages (FEATURE) [ISLCONFPROXY-2242] More

Description

ISL Light module now exposes server side recording files in its /conf pages (in /conf -> Activity Monitor -> Sessions -> Active|History, select ISL Light tab and click on session). User is able to download the files in order and open them with ISL Player. With older players the files need to be concatenated first.

ISL Conference Proxy - Core - Add and call user create/delete notify API (FEATURE) [ISLCONFPROXY-2247] More

Description

JWT Weebhook lib is now also called for events in /conf. Please see ISLCONFPROXY-2229 for details.

ISL Conference Proxy - Core - Delete remaining JS flags from previously removed branches (FEATURE) [ISLCONFPROXY-2249] More

Description

These flags are now considered as enabled and can not be disabled by user anymore. Deleted flags:

  • 2017-06-02 ISLCONFPROXY-1469 always show postgresql install
  • 2017-12-06 ISLALWAYSON-1245 group members UI
  • 2018-02-09 ISLALWAYSON-1308 remove permission check for sysinfo action

ISL Conference Proxy - Core - Delete flags for ICP 4.4.1816 branch (FEATURE) [ISLCONFPROXY-2250] More

Description

All flags from 4.4.1816 branch were deleted. These flags are now considered as enabled and can not be disabled by user anymore. Deleted flags:

  • 2018-01-17 ISLCONFPROXY-1642 config.json flag preprocessor
  • 2018-02-02 ISLALWAYSON-1306 register group id for email and grant apis
  • 2018-02-02 ISLALWAYSON-1306 use group owner as username
  • 2018-02-02 ISLALWAYSON-1306 dont check access for aon group code
  • 2018-02-02 ISLALWAYSON-1306 export group_name in join json
  • 2018-03-15 ISLCONFPROXY-1666 limit webhits by time
  • 2018-04-20 ISLCONFPROXY-1699 show group name in aon join box
  • 2018-05-10 ISLCONFPROXY-1725 accept feature settings via xmlmsg
  • 2017-12-28 ISLCONFPROXY-1627 LIB-852 expand custom_filter syntax
  • 2018-01-03 ISLCONFPROXY-1631 Add 'domain_id' and 'type' columns to group table
  • 2018-03-09 ISLCONFPROXY-1662 use AKV for system emails
  • 2018-03-09 ISLCONFPROXY-1662 use AKV for error report lines
  • 2018-03-09 ISLCONFPROXY-1662 use AKV for GRID connect
  • 2018-03-14 ISLCONFPROXY-1665 use AKV for HTTP events
  • 2018-03-15 ISLCONFPROXY-1665 log setting ordering
  • 2018-03-13 ISLCONFPROXY-1665 webapi2 AKV log
  • 2018-03-13 ISLCONFPROXY-1665 remove /webaccess from webhits and logs
  • 2018-03-16 ISLCONFPROXY-1667 scope enabled check
  • 2018-03-16 ISLCONFPROXY-1667 scope settings
  • 2018-03-16 ISLCONFPROXY-1667 scope moduleapp
  • 2018-03-19 ISLCONFPROXY-1667 days limit
  • 2018-03-19 ISLCONFPROXY-1668 websid as event group id
  • 2018-03-20 ISLCONFPROXY-1669 admin_rights whitelist setting
  • 2018-03-21 ISLCONFPROXY-1670 time log rotate
  • 2018-03-22 ISLCONFPROXY-1673 reduce debug log settings
  • 2018-03-22 ISLCONFPROXY-1673 akv report web error
  • 2018-03-30 ISLCONFPROXY-1681 data lifecycle support
  • 2018-03-30 ISLGROOP-988 register table meta info
  • 2018-03-27 ISLLIGHT-4969 register table meta info
  • 2018-04-04 ISLCONFPROXY-1692 ntp load data lifecycle api
  • 2018-04-04 ISLCONFPROXY-1692 ntp report to data lifecycle api
  • 2018-04-06 ISLCONFPROXY-1691 core login register table meta info
  • 2018-04-11 ISLCONFPROXY-1693 data lifecycle policy admin
  • 2018-04-12 ISLCONFPROXY-1694 init grid static reg
  • 2018-04-17 ISLCONFPROXY-1691 core login register delete triggers
  • 2018-04-24 ISLCONFPROXY-1717 ensure index for delete triggers
  • 2018-04-25 ISLCONFPROXY-1718 associated data lifecycle support
  • 2018-04-27 ISLCONFPROXY-1718 core meta info
  • 2018-04-27 ISLCONFPROXY-1718 delete groups in domain by default
  • 2018-04-30 ISLCONFPROXY-1719 delete domain/user custom gui
  • 2018-04-30 ISLCONFPROXY-1719 data lifecycle delete handler
  • 2018-04-30 ISLCONFPROXY-1719 custom api for deletable objects
  • 2018-05-01 ISLCONFPROXY-1720 internal/data_lifecycle/associated_data/delete/list/1
  • 2018-03-28 ISLPRONTO-1123 register table meta info
  • 2018-03-28 ISLPRONTO-1123 chat member delete trigger
  • 2018-04-19 ISLCONFPROXY-1698 ignore deleted object errors in groups
  • 2018-05-17 ISLCONFPROXY-1728 LIB-914 crc32 queue files
  • 2018-04-25 ISLCONFPROXY-1287 add unencrypted to smtp_secure combo
  • 2018-04-25 ISLCONFPROXY-1287 use unencrypted in smtp_secure combo
  • 2018-04-25 ISLCONFPROXY-1287 use STARTTLS in smtp send
  • 2017-05-12 ISLCONFPROXY-1453 severity mail level setting
  • 2017-05-15 ISLCONFPROXY-1453 mail log lines
  • 2017-05-31 ISLCONFPROXY-1453 setting 'log_mail::enabled'
  • 2017-04-04 ISLCONFPROXY-1381 disable crash reports emails
  • 2017-06-22 ISLALWAYSON-1231 can use protocol messages v8
  • 2017-09-25 ISLCONFPROXY-1545 remove servers that are gone from gc list
  • 2017-09-25 ISLCONFPROXY-1545 gc server list per table
  • 2017-09-26 ISLCONFPROXY-1545 run gc
  • 2017-09-26 ISLCONFPROXY-1545 record last nonzero gc
  • 2017-09-26 ISLCONFPROXY-1545 hide gc threshold single server
  • 2017-09-26 ISLCONFPROXY-1545 start gc after flags are read
  • 2017-09-26 ISLCONFPROXY-1545 record grid dt tables
  • 2017-12-27 ISLALWAYSON-1285 add computer tunnel switch
  • 2017-12-27 ISLALWAYSON-1285 use native_only protocol
  • 2018-02-28 ISLCONFPROXY-1658 CP-JSONPARSE header
  • 2018-06-20 ISLALWAYSON-1341 enable protocol messages v9
  • 2018-06-20 ISLALWAYSON-1341 restore connect options
  • 2018-06-20 ISLALWAYSON-1341 update connect options
  • 2018-06-20 ISLALWAYSON-1341 updated connect options handling
  • 2018-06-20 ISLALWAYSON-1341 updated connect options handling in rpc
  • 2018-06-27 ISLCONFPROXY-1744 empty email is not error
  • 2018-06-27 ISLCONFPROXY-1749 move corrupt mail file into separate folder
  • 2018-06-28 ISLCONFPROXY-1737 report intranet or DNS host match 404
  • 2018-06-28 ISLCONFPROXY-1746 report ignore internal error to webhits
  • 2018-06-28 ISLLIGHT-5070 register isllight/session/info/2 for external_id
  • 2018-06-29 ISLCONFPROXY-1736 mux webapi2 user agent
  • 2018-07-27 ISLALWAYSON-1363 improve webapi2 connect authentication arguments check
  • 2018-07-30 ISLALWAYSON-1364 fix wrong user parameter on group migrate
  • 2018-08-08 ISLALWAYSON-1371 add setting for native only authentication
  • 2018-08-08 ISLALWAYSON-1372 clean authentication for webapi2 connect
  • 2018-08-21 ISLALWAYSON-1380 include notify message
  • 2018-08-28 ISLALWAYSON-1394 use new options


ISL Groop - Module - Add option to delete registered users (FEATURE) [ISLCONFPROXY-2255] More

Description

GUI for managing registered users was updated. All bulk actions were combined into one "Bulk Actions" dropdown. Single user actions are now available to manage actions on one user. "Delete User" option was added which removes registered user from session.

ISL Groop - Module - Add option to edit registered users (FEATURE) [ISLCONFPROXY-2261] More

Description

Option to edit user details was added to Registered Users overview. User details, such as name and email together with all custom fields can be edited by meeting owner. When user is being edited, owner can also select to resend registration notification to the newly selected email, which contains link for joining.

ISL Conference Proxy - Core - Add support for overriding/removing /join handler (FEATURE) [ISLCONFPROXY-2266] More

Description

New dev flags were added to remove WWW handlers:

  • Remove WWW handler /join (file remove_www_join)
  • Remove WWW handler /programs (file remove_www_programs)
  • Remove WWW handler /start (file remove_www_start)
  • Remove WWW handler /download (file remove_www_download)

ISL Conference Proxy - Core - Add server_id field to "Consistency error when decrementing concurrent usage count" (FEATURE) [ISLCONFPROXY-2283] More

Description

When "Consistency error when decrementing concurrent usage count" is logged, server_id field (indicating the origin of the problem) will now be present.

ISL Conference Proxy - Core - Lower severity of 404 /browserconfig.xml (FEATURE) [ISLCONFPROXY-2285] More

Description

HTTP requests to /browserconfig.xml will now be logged at notice severity instead of critical for HTTP 404 errors.

ISL Conference Proxy - Core - Fix gui / email template translation output format (FEATURE) [ISLCONFPROXY-2305] More

Description

Some strings were using incorrect HTML or GUI translation output format. Strings were corrected to TXT translation output format:

  • Core: reset password email subject
  • ISL AlwaysOn: notification emails subject
  • ISL Light: notification emails subject
  • ISL Groop: notification emails subject
  • ISL Pronto: chat transcript subject
  • ISL Pronto: web chat buttons and texts

ISL Conference Proxy - Core - Validate grid static registry historic direct tables (FEATURE) [ISLCONFPROXY-2307] More

Description

Validation was added to grid static registry historic direct tables. Corrupt file db/db.gridsregdt will now be detected and reported, before it corrupts PostgreSQL table setup.

ISL Conference Proxy - Core - Allow apos in emails (FEATURE) [ISLCONFPROXY-2308] More

Description

Apostrophe ' is now treated as a valid character in emails.

ISL AlwaysOn - Module - Use old flow when wol_group is invalid (00:00:00:00:00:00) (FEATURE) [ISLCONFPROXY-2310] More

Description

ISL AlwaysOn module will not use wol_group with invalid value (00:00:00:00:00:00) but will use old flow instead.

[INTERNAL] ISL Conference Proxy - Core - Translations: handle ' and nested HTML inside HTML attributes (FEATURE) [ISLCONFPROXY-2311] More

Description

Support for apostrophe ' and nested HTML inside HTML attributes was added.

ISL Groop - Module - Remove "user" field from survey redirect link (FEATURE) [ISLCONFPROXY-2315] More

Description

Field user_string is no longer exposed in survey link as it is no longer needed after ISLCONFPROXY-2314 changes.

ISL Conference Proxy - Core - Register internal/utils/http/event/send/1 and call it from Core Admin (FEATURE) [ISLCONFPROXY-2317] More

Description

Added new internal webapi2 method internal/utils/send/http/object/changed/1 for sending OBJECT_CHANGED HTTP events. This method is now called from Administration module on user update and on user setting change (when Global HTTP events are enabled in /conf -> Integration).

[INTERNAL] ISL Conference Proxy - Core - Register flags from icp top dir as "$core:moduleapp" (FEATURE) [ISLCONFPROXY-2320] More

Description

Flags from ICP top dir are registered as "$core:moduleapp".

ISL Conference Proxy - Core - Exception text in group and privileges log lines (FEATURE) [ISLCONFPROXY-2324] More

Description

The following log lines for groups and privileges API will include exception text (EXC_DESC_TXT):

  • invalid group data
  • invalid group public code
  • invalid privilege data in db object during query
  • invalid privilege data in db object during load

ISL Conference Proxy - Core - DT sync replication: order by time & sync category (FEATURE) [ISLCONFPROXY-2325] More

Description

DT sync and async replicator are now more precisely ordered.

ISL Conference Proxy - Core - Release Administration settings batch 5: Plugins, Session management (FEATURE) [ISLCONFPROXY-2337] More

Description

Following settings were released and can now be set by Domain Admins in Administration pages (/users/administration). Settings from "/conf" pages (Old name) were renamed (New name) and now use same layout (Page, Section, Subsection) as Administration settings.
Old Name: User can view own sessions
New Name: View own sessions
Comment: When this setting is enabled, the user can list and query their own sessions.
Page: Security
Section: Session Management
Subsection: User Sessions

Old Name: User can control own sessions
New Name: Control own sessions
Comment: When this setting is enabled, the user can terminate their own sessions. Please note that the "View own sessions" setting also needs to be enabled.
Page: Security
Section: Session Management
Subsection: User Sessions

Old Name: User can view sessions in domain
New Name: View domain sessions
Comment: When this setting is enabled, the user can list and query sessions in their own domain.
Page: Security
Section: Session Management
Subsection: Domain Sessions

Old Name: User can control sessions in domain
New Name: Control domain sessions
Comment: When this setting is enabled, the user can terminate sessions in their own domain. Please note that the "View domain sessions" setting also needs to be enabled.
Page: Security
Section: Session Management
Subsection: Domain Sessions

Old Name: Desk code request IP filter
New Name: Desk code request IP filter
Comment: Limits session code generation based on IP or MAC address. For a detailed guide on how to use filters please see the Using Filters manual.
Page: ISL Light
Section: ISL Light
Subsection: IP Filtering

Plugin settings are exposed in /conf in Plugins page (Old Name) and now also in ISL Light page under Permissions section (New Name) and in Administration pages.

Old Name (Plugins section): Allow plugin ISL LIGHT desktop
New Name: Desktop plugin
Comment: This setting controls the desktop plugin. Please note that this setting is deprecated and only affects ISL Light Desk (on Windows) and ISL Light Client (on Windows). Please use ISL Light Permissions instead.
Page: ISL Light
Section: Permissions
Subsection: Plugins

Old Name (Plugins section): Allow plugin ISL LIGHT file_transfer
New Name: File transfer plugin
Comment: This setting controls the file_transfer plugin. Please note that this setting is deprecated and only affects ISL Light Desk (on Windows) and ISL Light Client (on Windows). Please use ISL Light Permissions instead.
Page: ISL Light
Section: Permissions
Subsection: Plugins

Old Name (Plugins section): Allow plugin ISL LIGHT video
New Name: Video plugin
Comment: This setting controls the video plugin. Please note that this setting is deprecated and only affects ISL Light Desk (on Windows) and ISL Light Client (on Windows).
Page: ISL Light
Section: Permissions
Subsection: Plugins

Old Name (Plugins section): Allow plugin ISL LIGHT audio
New Name: Audio plugin
Comment: This setting controls the audio plugin. Please note that this setting is deprecated and only affects ISL Light Desk (on Windows) and ISL Light Client (on Windows).
Page: ISL Light
Section: Permissions
Subsection: Plugins

Old Name (Plugins section): Allow plugin ISL LIGHT printing
New Name: Printing plugin
Comment: This setting controls the printing plugin. Please note that this setting is deprecated and only affects ISL Light Desk (on Windows) and ISL Light Client (on Windows).
Page: ISL Light
Section: Permissions
Subsection: Plugins

Old Name (Plugins section): Allow plugin ISL LIGHT recording
New Name: Recording plugin
Comment: This setting controls the recording plugin. Please note that this setting is deprecated and only affects ISL Light Desk (on Windows) and ISL Light Client (on Windows).
Page: ISL Light
Section: Permissions
Subsection: Plugins

Server settings, only accessible on /conf pages:
Old Name: User can view all sessions on server
New Name: View server sessions
Comment: When this setting is enabled, the user can list and query sessions on the server.
Page: Security
Section: Session Management
Subsection: Server Sessions

Old Name: User can control all sessions on server
New Name: Control server sessions
Comment: When this setting is enabled, the user can terminate sessions on the server. Please note that the "View server sessions" setting also needs to be enabled.
Page: Security
Section: Session Management
Subsection: Server Sessions

[INTERNAL] ISL Conference Proxy - Core - Flag status in integration test json (FEATURE) [ISLCONFPROXY-2349] More

Description

Disabled flags were added to integration_test.json. The values are "flag_<keydesc>":"0".

ISL Conference Proxy - Core - DT GRID sync time warnings (FEATURE) [ISLCONFPROXY-2355] More

Description

Log line "sync receive" in "core_direct_tables_replication_stats" will now report:

  • DTSYNC_SENDTIME_MS: total time of GRID sync write using GRID wide time (approximation of: GRID network send + DTSYNC_QWAIT_MS + DTSYNC_DBTIME_MS)


Two new log lines "sync receive long execution" and "sync total GRID send and receive long execution" in "core_direct_tables_replication_writes":

  • critical is reported at 10s
  • warning is reported at 2s
  • log lines are aggregated and reported every 50s-55s
  • GRID_SERVER_ID: server that sent the packets
  • DTRPL_TABLEPKTS_TXT: list of packet counts per table: table1:pkt1,table2:pkt2,...


New log lines were added to "isllight_session_db_sync":

  • info: allocated new ISL Light session code
  • info: session is synced in local DB
  • warning 3s, critical 10s: session DB sync long wait
  • info: redirected client to another server


New log lines were added to "core_dt_notify_storage_offload" (affects ISL Light and ISL Pronto):

  • warning: DT notify memory queue full, switched to storage
  • warning: DT notify storage queue empty, switched back to memory
  • alert / runtime error: DT notify queue error:


ISL Conference Proxy - Core - DT GRID sync total replication time warnings (FEATURE) [ISLCONFPROXY-2357] More

Description

Log line "sync receive" in "core_direct_tables_replication_stats" will now report:

  • DTSYNC_REPLTIME_MS: total replication time of GRID sync write using GRID wide time (approximation of: original write to DB + GRID network send + DTSYNC_QWAIT_MS + DTSYNC_DBTIME_MS)


New log line "sync total GRID replication long execution" in "core_direct_tables_replication_writes":

  • critical is reported at 11s (10s + 1s extra read time, see ISLCONFPROXY-2355)
  • warning is reported at 3s (2s + 1s extra read time, see ISLCONFPROXY-2355)
  • log lines are aggregated and reported every 50s-55s
  • GRID_SERVER_ID: server that sent the packets
  • DTRPL_TABLEPKTS_TXT: list of packet counts per table: table1:pkt1,table2:pkt2,...


ISL Conference Proxy - Core - Split GRID sync and async queues (FEATURE) [ISLCONFPROXY-2362] More

Description

GRID sync and async replication task was optimized by splitting into two queues.

ISL Conference Proxy - Core - Rename webtoken strings from logoff to logout (FEATURE) [ISLCONFPROXY-2374] More

Description

File "Logoff webtokens XML" (accessible in /conf -> Debug) was renamed to "Logout webtokens XML". Also counter "WEBTOKEN:expired_logoff" was renamed to "WEBTOKEN:expired_logout".

ISL Conference Proxy - Core - iOS app start page is not translatable (DEFECT) [ISLCONFPROXY-1418] More

Description

When users joined the session from iOS devices, they landed on an untranslated banner page, that allowed them to download or open ISL Light application. Cookie responsible for language has been moved to correct path, iOS application start page is now translated correctly.

The defect was fixed.

ISL Light - Module - Fix email invitation send and session/info/set/1 webapi call (DEFECT) [ISLCONFPROXY-2236] More

Description

In previous versions when sending e-mail invitation to ISL Light session from "Remote Support" web pages, email was sent, but error was shown to user. This was now redesigned, callbacks are set correctly and user should not see error message when invitation is sent without errors.

The defect was fixed.

ISL Conference Proxy - Core - Extract template data from url on /users/start/ios (DEFECT) [ISLCONFPROXY-2253] More

Description

In previous versions buttons ( App store and Join session ) on iOS join link did not work, because data was not correctly extracted from url. This was redesigned and should not happen anymore.

The defect was fixed.

ISL Light - Module - Enable tr recording for string "ISL Light product is not licensed" (DEFECT) [ISLCONFPROXY-2259] More

Description

In previous versions string "ISL Light product is not licensed" could not be translated. This was redesigned and translation recording for this string was enabled.

The defect was fixed.

ISL Light - Module - Simplify configuration inconsistency error message and add critical log line (DEFECT) [ISLCONFPROXY-2260] More

Description

In previous versions when inconsistent configuration was detected, untranslated message was returned. This was now redesigned and simplified error message should be returned. Critical error was added to log.

The defect was fixed.

ISL Conference Proxy - Core - Normalize newlines in translate handler (DEFECT) [ISLCONFPROXY-2262] More

Description

In previous versions newlines in translate handler were not normalized, which resulted that some strings were not translated correctly for all platforms. This was redesigned and newlines are now correctly normalized.

The defect was fixed.

ISL AlwaysOn - Module - Use hsrv and preview when querying actions (DEFECT) [ISLCONFPROXY-2265] More

Description

In previous versions executing computer action on computer with file sharing disabled resulted in error message shown instead of results. This was now redesigned, preview is used when available and action result should be correctly displayed.

The defect was fixed.

ISL AlwaysOn - Module - Improve reading/writing of action events (DEFECT) [ISLCONFPROXY-2267] More

Description

In previous versions executing actions on ISL AlwaysOn computers would sometimes timeout and fail. This was now redesigned, event reading and writing was improved and the issue should not happen anymore.

The defect was fixed.

ISL Conference Proxy - Core - Override system MIME types in Go Modules (DEFECT) [ISLCONFPROXY-2287] More

Description

In previous versions when wrong MIME types were set on system, required javascript libraries were blocked which resulted in broken web pages. This was now redesigned and system MIME types are overwritten so this should not happen anymore.

The defect was fixed.

ISL Conference Proxy - Core - Unmarshal response by hand in case of IE (DEFECT) [ISLCONFPROXY-2294] More

Description

In previous versions when using Internet Explorer browser, response was not shown correctly (or error was displayed) when:

  • editing account in Profile pages
  • searching ISL AlwaysOn computers in /conf pages
  • sending chat transcript in ISL Pronto by clicking "Send by e-mail".

This happened because "json" is not a valid responseType in IE and was now redesigned by manually unmarshalling response in case of IE.

The defect was fixed.

ISL Conference Proxy - Core - Fix Join page download bubble in firefox to show arrows and properly close  tags inside (DEFECT) [ISLCONFPROXY-2295] More

Description

In previous versions  tags were not properly closed which resulted in download bubble on join page not displaying correctly. This was now redesigned and tags should be properly closed. 

The defect was fixed.

ISL Pronto - Module - Increase handle size to hefa::uint64 (DEFECT) [ISLCONFPROXY-2301] More

Description

In previous versions ISL Pronto object handle size was 32 bit, which could lead to overflows. This was now redesigned and size was increased to 64 bits, so overflows should not happen anymore.

The defect was fixed.

ISL Groop - Module - Prevent multiple clicks on Create meeting button (DEFECT) [ISLCONFPROXY-2306] More

Description

In previous versions when quickly clicking "Create" button, multiple ISL Groop meetings were created. This was now redesigned and only one meeting should be created.

The defect was fixed.

ISL Conference Proxy - Core - Handle macOS 11.x (DEFECT) [ISLCONFPROXY-2309] More

Description

In previous versions macOS 11.0 Big Sur user agent was not correctly handled by ICP which resulted in downloaded programs being incorrect. This was now redesigned and os_version upper bound was increased to support macOS 11. Programs should now be downloaded as usual.

The defect was fixed.

ISL Conference Proxy - Core - Program download cannot be disabled (DEFECT) [ISLCONFPROXY-2313] More

Description

In previous versions programs that had download disabled could still be downloaded on "/users/start" and "/users/programs" pages. This was now redesigned and disabled downloads are now no longer shown. GUI was also updated to show user that no matching programs could be found or he is not allowed to download them.

The defect was fixed.

ISL Groop - Module - Allow registered users to fill survey (DEFECT) [ISLCONFPROXY-2314] More

Description

In previous versions when a registered user left ISL Groop meeting with enabled survey, error was shown to the user. This was now redesigned and survey should be correctly shown.

The defect was fixed.

ISL Groop - Module - Notify owner is not set in the DB when creating meeting (DEFECT) [ISLCONFPROXY-2316] More

Description

In previous versions ISL Groop setting "Notify owner when session is started by another user" did not work correctly and emails to owner were not sent when session was started by not-owner. This was redesigned and emails should now be correctly sent.

The defect was fixed.

ISL Groop - Module - Check mandatory custom fields when registering user for meeting (DEFECT) [ISLCONFPROXY-2321] More

Description

In previous versions checks for mandatory custom fields were not applied when registering for ISL Groop meeting. This was now redesigned and error ("Missing mandatory register form field.") will be returned when mandatory fields are not provided.

The defect was fixed.

ISL Groop - Module - Use owner customization when generating ISL Groop download links (DEFECT) [ISLCONFPROXY-2333] More

Description

In previous versions when joining ISL Groop sessions customization was not used. This was now redesigned and customization is selected based on the customization that the owner of session has set (if it is set).

The defect was fixed.

ISL AlwaysOn - Module - Handle broken group owner in migrate computer (DEFECT) [ISLCONFPROXY-2339] More

Description

In previous versions when migrating ISL AlwaysOn computer to or from group that has deleted owner, misleading error message was shown to user. This was now redesigned and correct error message should be shown.

The defect was fixed.

ISL AlwaysOn - Module - Check platform before pushing install to computer (DEFECT) [ISLCONFPROXY-2346] More

Description

In previous versions when upgrade for wrong platform was pushed to ISL AlwaysOn computer from /conf pages, computer was shown as offline. This was now redesigned and additional checks were added before pushing upgrade, now showing error if upgrade is not supported by computer.

The defect was fixed.

ISL Light - Module - Move disconnect_rpc to separate executor (DEFECT) [ISLCONFPROXY-2367] More

Description

In previous versions disconnect_rpc was called from wrong executor which could lead to crashing of ISL Conference Proxy. This was now redesigned and correct executor should be used.

The defect was fixed.

ISL Conference Proxy - Core - Use onmouseenter and onmouseleave events for conf tooltips (DEFECT) [ISLCONFPROXY-2381] More

Description

In previous versions it was not possible to click on link inside tooltip next to "/conf -> General -> Create computer groups" setting, because tooltip re-positioned itself when trying to click it. This was now redesigned and it should now be possible to click on "here" link.

The defect was fixed.

Tags: software modules, proxy software

Was this article helpful?