Thorn Tech Marketing Ad
Skip to main content
Version: Next

Release Notes

Version 1.001.01

Feature Updates

  • Add configuration to disable admin login and access on a server. This can be used to create a public-facing server that has no admin access. defaults to:
features.api.admin-enabled=true
  • AWS base image updated from Amazon Linux 2 to Amazon Linux 2023.
  • AWS IMDSv2 now enabled, supported, and required.
  • Improved Load Balancer support to get and act on actual Client IP behind a load balancer.
  • Uploading a file with an extension and then uploading a file with the same name without an extension is now allowed.

Bug Fixes

  • Fixes access to some restricted apis.

Version 1.001.00

Breaking API Changes

  • The /token/revoke endpoint is replaced with /logout, which does not need the token as a parameter
  • The /login endpoint no longer needs to specify a 'scope' value
  • The OIDC login process now delivers a Single-use token to the front-end when OIDC login completes. The single use token is posted to the /login endpoint as a code parameter with a grant_type of 'urn:ietf:params:oauth:grant-type:single-use-auth' which returns a usable hybrid token. This change was made to ensure possibly leaked token values through query string parameters would not give an attacker access to an account.

Feature Updates

  • Pre-calculate user permissions and cloud connections to improve SFTP user connection speed
  • Add field to Azure Cloud Connections to configure if HNS is enabled or not
  • Increase max memory size for backend Java jar based on memory size of instance
  • Upgrade Google Cloud SQL Proxy to v2 to support PSC to connect to database
  • Remove network calls from instance boot to support starting instances in networks with no egress

Bug Fixes

  • Fix issue with failing to upload files larger than 50GB to AWS
  • Limit OIDC “prompt” query string parameter to Google Identity Providers (fixes OIDC to providers like Ping that do not support that parameter)
  • Correct encoding of slashes in the base prefix for the Resolved Cloud Path for Azure Cloud Connections
  • Ensure no connection errors when uploading more than 500 simultaneous files
  • Pre-calculate user permissions and cloud connections to address bug where having many cloud connections could result in a database timeout
  • Disable password expiration after a year on Linux root account
  • Show and allow navigation to folders that have a blank name
  • Removes automatic determination of HNS enablement on Azure Storage Accounts because it failed when using a System Assigned Identity. HNS is now specified when creating/editing Azure Cloud Connection.
  • Importing a backup file with unsupported characters will now show errors with the line numbers of the unsupported characters

Other

  • Update Java version from 11 to 17
  • Update Spring Security from 5 to 6
  • Update Spring Boot from 2 to 3

Version 1.000.03

Bugs

  • Corrects the code that was preventing the deletion of folders.
  • Conditionally utilize the select_account parameter when interacting with identity providers to enable support for Ping

Version 1.000.02

Security

  • Update SnakeYaml to v2.x to resolve CVE-2022-1471

Features

  • Users that were automatically provisioned by OIDC login will now have a note indicating the provisioning
  • Responsive sizing for file list and buttons to display well on small screens

Bugs

  • Downloading a file name with spaces will no longer replace spaces with +
  • Users that signed in via an Identity Provider will not be presented with the option to change their password
  • Long folder and file names will no longer cause a horizontal scrollbar

Version 1.000.00

Files and Folders

  • Read and write directly to Cloud Storage, using the HTTPS protocol
  • Configure folder permissions with List, Download, Upload and Delete/Overwrite
  • Map an Web User Home Folder to an Cloud Storage location
  • Folder mapping lets you configure a common scenario where an internal Web user has read/write access to external Web users' data, while external users cannot see each other's data

Web accounts

  • Authenticate Web users with passwords or Identity Providers such as Cognito, Azure Active Directory or Google
  • Adds password complexity requirements

Web administration

  • Supports multiple Web Admin accounts
  • Authenticate Web Admins with passwords or Identity Providers such as Cognito, Azure Active Directory or Google
  • Simplifies first-time setup, which can be done entirely from the Web Admin Interface (no command line required)
  • Imports Folders, Users and Settings via a migration process

Security

  • Use instance profile permissions or configure credentials for each Cloud Storage location.

Performance and maintenance

  • Improves performance and scalability through the use of the AWS/Azure/GCS SDK for Java
  • Uses Postgres instead of LDAP, for easier maintenance

Cost

  • Software charge of 8 cents USD per hour
  • 30-day free trial