enPortal v5.6.0 Release Notes

1. Introduction #

This page summarizes the new features, resolved issues, and known issues in enPortal version 5.6.0 released on August 4th, 2015.

2. What is enPortal #

Edge enPortal is the industry’s only secure, vendor-neutral network management integration platform. With pre-built Product Integration Modules (PIMs) for common third-party applications, enPortal is a Commercial Off The Shelf (COTS) solution that quickly integrates these network management tools and offers advanced capabilities including:

  • Integration of existing web-based tools and applications
  • Advanced Security including role/domain-based access via a secure proxy
  • Single Sign-On (SSO) and Sign-Off
  • Integration with external user authentication systems
  • Branding and Customization
  • Dashboard Views
  • Multi-tenancy
  • Scalability

3. New Features #

  • Add support for breadcrumbs in default enPortal look and feel. (EN-195)
  • Add support for Kerberos authentication for Single Sign On (SSO). (EN-169)
  • Add support for HTTP DELETE method in CRS. This allows for better support with modern web applications using REST interfaces. (EN-211)
  • New default CRS rule to automatically handle proxied content that includes X-Frames-Options headers. (EN-220)
  • Inclusion of a new request processor to limit users to one active session. This processor is disabled by default. Please contact support for more information. (EN-193)
  • Improve Login Page admin page by providing a list of valid options and a preview window. (EN-217)
  • New example promotional login page edgeMarketing. (AB-970)
  • Additional logging of per-user accesses to enPortal Channels for usage statistics purposes. (AB-1002)
  • Introduced a short random authentication delay to reduce the risk of brute force password attacks. (EN-242)

4. Resolved Issues #

  • Removed Apache Standard Taglib to address CVE-2015-0254. This library is not used by the product. (EN-196)
  • Fix sub-menu loading on slower links to prevent wrong menu contents being shown. (EN-184)
  • Fix CRS resetting enPortalComponentInfo and enPortal_sessionid cookies without appropriate HttpOnly or Secure flags. (EN-190)
  • Fix enPortal when refreshing/reloading page via browser so that the selected channel remains selected. (EN-195)
  • Removed un-necessary JSESSIONID cookie being set for the root content (Path = /). (EN-202)
  • Fix incorrect encoding of protocol-relative URLs. These URLs are now by default allowed to pass through without encoding. (EN-203)
  • Better handling of username case sensitivity with LDAP Domain Adapters. (AB-939)
  • Fix issue introduced in 5.5.1 with managing SSO tokens provisioned to Roles. (EN-221)
  • Fix concurrency exceptions on high-concurrency deployments. (EN-207)
  • Avoid client-side generated cookies being echoed back in enPortal responses via Set-Cookie. (EN-198)
  • Permit HTTP 3xx redirects to include URL fragments according to the HTTP specification. (EN-228)
  • Fix Session Manager failure when a role is deleted for an active user session using that role. (EN-205)
  • Fix handling of “\” characters in SSO passwords. (EN-142)

5. Known Issues #

  • no known issues

6. Contact Information #

For questions or assistance with this release of enPortal, please see the support page for contact information.