Thorn Tech Marketing Ad
Skip to main content
Version: 1.1.3

Release Notes

Version 1.001.03

Summary

StorageLink v1.1.3 introduces the Azure File Share connection, improvements to password policy configuration, better handling of special characters in files and folders, and the ability to rename files and folders.

New Features

  • Azure File Shares are now available for mapping to folders.
  • Folders can be "disconnected" from a cloud storage mapping. Disconnecting a folder will not delete the objects in that cloud storage location.
  • Files and folders can be renamed.

Improvements to existing features

  • Login access token lifetime can now be configured in application properties, with a default of 8 hours:
features.api.access-token-time-to-live-seconds=28800
  • Password policy can be customized in the application properties. Can now set a required number of characters per class, prevent previously used passwords, and prevent usage of passwords from a word file:
password.policy.word-file=classpath:100k-most-used-passwords-NCSC.txt
password.policy.required-upper-count=1
password.policy.required-digit-count=1
password.policy.required-lower-count=1
password.policy.required-special-count=1
password.policy.require-digit=false
password.policy.require-lower=false
password.policy.require-special=false
password.policy.require-upper=false
password.policy.prevent-previously-used-password-count=5
  • Importing users with pbkdf2 encoded passwords is now supported. Can be configured with application properties:
password.encoder.pbkdf2.salt-length=16
password.encoder.pbkdf2.iterations=5000
password.encoder.pbkdf2.secret=
  • Preservation of timestamps for uploaded files can be disabled via application properties
features.api.preserve-file-timestamp-on-upload-enabled=true
  • Success and error icons added to the Uploaded Files list to make it easier to see which uploads have failed.
  • Folder names can now have any cloud-storage supported character in them.

Bug fixes

  • Folders with "+" and other special characters are now navigable.
  • Deleting all items in a folder will no longer show an error that the folder no longer exists.
  • Paging on the users list now changes the page correctly.
  • Database connection properties tuned to prevent stale database connections.
  • Http Client interactions with cloud storage tuned to prevent stale cloud storage connections.

Version 1.001.02

Security Updates

  • Upgrades installed version of OpenSSH to overcome regression in CVE-2024-6387

Version 1.001.01

Feature Updates

  • Add configuration to disable admin login and access on a server. This can be used to create a public-facing server that has no admin access. defaults to:
features.api.admin-enabled=true
  • AWS base image updated from Amazon Linux 2 to Amazon Linux 2023.
  • AWS IMDSv2 now enabled, supported, and required.
  • Improved Load Balancer support to get and act on actual Client IP behind a load balancer.
  • Uploading a file with an extension and then uploading a file with the same name without an extension is now allowed.

Bug Fixes

  • Fixes access to some restricted apis.

Version 1.001.00

Breaking API Changes

  • The /token/revoke endpoint is replaced with /logout, which does not need the token as a parameter
  • The /login endpoint no longer needs to specify a 'scope' value
  • The OIDC login process now delivers a Single-use token to the front-end when OIDC login completes. The single use token is posted to the /login endpoint as a code parameter with a grant_type of 'urn:ietf:params:oauth:grant-type:single-use-auth' which returns a usable hybrid token. This change was made to ensure possibly leaked token values through query string parameters would not give an attacker access to an account.

Feature Updates

  • Pre-calculate user permissions and cloud connections to improve SFTP user connection speed
  • Add field to Azure Cloud Connections to configure if HNS is enabled or not
  • Increase max memory size for backend Java jar based on memory size of instance
  • Upgrade Google Cloud SQL Proxy to v2 to support PSC to connect to database
  • Remove network calls from instance boot to support starting instances in networks with no egress

Bug Fixes

  • Fix issue with failing to upload files larger than 50GB to AWS
  • Limit OIDC “prompt” query string parameter to Google Identity Providers (fixes OIDC to providers like Ping that do not support that parameter)
  • Correct encoding of slashes in the base prefix for the Resolved Cloud Path for Azure Cloud Connections
  • Ensure no connection errors when uploading more than 500 simultaneous files
  • Pre-calculate user permissions and cloud connections to address bug where having many cloud connections could result in a database timeout
  • Disable password expiration after a year on Linux root account
  • Show and allow navigation to folders that have a blank name
  • Removes automatic determination of HNS enablement on Azure Storage Accounts because it failed when using a System Assigned Identity. HNS is now specified when creating/editing Azure Cloud Connection.
  • Importing a backup file with unsupported characters will now show errors with the line numbers of the unsupported characters

Other

  • Update Java version from 11 to 17
  • Update Spring Security from 5 to 6
  • Update Spring Boot from 2 to 3

Version 1.000.03

Bugs

  • Corrects the code that was preventing the deletion of folders.
  • Conditionally utilize the select_account parameter when interacting with identity providers to enable support for Ping

Version 1.000.02

Security

  • Update SnakeYaml to v2.x to resolve CVE-2022-1471

Features

  • Users that were automatically provisioned by OIDC login will now have a note indicating the provisioning
  • Responsive sizing for file list and buttons to display well on small screens

Bugs

  • Downloading a file name with spaces will no longer replace spaces with +
  • Users that signed in via an Identity Provider will not be presented with the option to change their password
  • Long folder and file names will no longer cause a horizontal scrollbar

Version 1.000.00

Files and Folders

  • Read and write directly to Cloud Storage, using the HTTPS protocol
  • Configure folder permissions with List, Download, Upload and Delete/Overwrite
  • Map an Web User Home Folder to an Cloud Storage location
  • Folder mapping lets you configure a common scenario where an internal Web user has read/write access to external Web users' data, while external users cannot see each other's data

Web accounts

  • Authenticate Web users with passwords or Identity Providers such as Cognito, Azure Active Directory or Google
  • Adds password complexity requirements

Web administration

  • Supports multiple Web Admin accounts
  • Authenticate Web Admins with passwords or Identity Providers such as Cognito, Azure Active Directory or Google
  • Simplifies first-time setup, which can be done entirely from the Web Admin Interface (no command line required)
  • Imports Folders, Users and Settings via a migration process

Security

  • Use instance profile permissions or configure credentials for each Cloud Storage location.

Performance and maintenance

  • Improves performance and scalability through the use of the AWS/Azure/GCS SDK for Java
  • Uses Postgres instead of LDAP, for easier maintenance

Cost

  • Software charge of 8 cents USD per hour
  • 30-day free trial