Caché® and Ensemble® Change Notes (2018.1.3)

CDS3103: Prevent Atelier from auditing entries for read-only database

Category: Atelier
Platforms: All
Version: 2018.1.3

Atelier could generate <PROTECT> error audit entries for a read-only databases. This change corrects this problem.

HYY2345: Avoid access violation in VSS writer

Category: Backup/Restore
Platforms: All
Version: 2018.1.3

This change addresses an issue that could cause access violation in VSS writer.

SML2663: Fix backup task looping when alias is defined for null device

Category: Backup/Restore
Platforms: All
Version: 2018.1.1

Under certain circumstances if an alias is defined for the null device, backup could loop and fill the disk drive. This change corrects this problem.

MAK4766: When a REST/SOAP application fails login with no username/password, audit login failure

Category: CSP
Platforms: All
Version: 2018.1.3

When a REST/SOAP application fails login with no username/password, add an audit entry for the login failure. Before this change the code would assume that the login page would be displayed which is the case for CSP applications so nothing would be logged. Now it detectss REST/SOAP and adds an audit entry.

MAK4890: Do not remove CacheUserName when redirecting to password change page

Category: CSP
Platforms: All
Version: 2018.1.3

When you login with CSP and we redirect to the password change page we were removing the CacheUserName %request parameter which should be retained so the user can see who they logged in as and so who they need to change the password for.

MAK4934: Audit a license failure in CSP

Category: CSP
Platforms: All
Version: 2018.1.2

If a CSP request fails because it can not get a license, audit the failure.

MAK5007: Honor request to not free gateway cache on a %CSP.Routine:Compile call

Category: CSP
Platforms: All
Version: 2018.1.2

In some cases the setting to not free the gateway cache was ignored and the cache was freed after a call to %CSP.Routine:Compile. The setting to retain and not free the cache is ^%SYS("CSP","DisableGatewayCacheClear")=1. This change corrects this problem.

MAK5010: Protect against %request.Data("Error:FullURL",1) not being defined in %CSP.PasswordChange.cls

Category: CSP
Platforms: All
Version: 2018.1.3

This change protects against %request.Data("Error:FullURL",1) not being defined in %CSP.PasswordChange.cls which would result in an UNDEFINED error.

MAK5013: Correct problem where CSP was calling OnStartSession callback function on every request in a session

Category: CSP
Platforms: All
Version: 2018.1.1

The OnStartSession callback function should be called when a CSP session is created. Under certain circumstances, it was being called for every request in the session rather than just at the session creation time. This change corrects this problem.

MAK5043: Correct CSP parsing of lines longer than 32000 characters

Category: CSP
Platforms: All
Version: 2018.1.3

CSP assumed that all lines were less than 32000 characters in length and would add a CR/LF for any line longer than this length. Now the code checks if the eol token is read before adding a CR/LF. CSP is updated to use longer reads as long strings are supported now.

MXT2080: Support CORS for CSP pages which are not subclasses of %CSP.REST

Category: CSP
Platforms: All
Version: 2018.1.1

This enhancement supports CORS for CSP pages which are not subclasses of %CSP.REST. In previous releases, CORS was only supported for subclasses of %CSP.REST.

CORS processing for CSP pages that do not inherit from %CSP.REST is provided by the CSP login page; that is, subclasses of %CSP.Login which are assigned as the login page for a CSP application. To turn on CORS assign the application's login page to be a subclass %CSP.Login that has the HandleCorsRequest parameter = 1. In addition, OnHandleCorsRequest and/or OnHandleOptionsRequest methods may be overridden in order to override the default CORS response for the application.

ALE3199: Stop IIS service during upgrade

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

Fixed a problem where IIS service (w3svc) was not stopped when CSPSILENTRESTART property was set (which is set by default). Added an entry to installation log file to indicate when IIS service is being stopped.

AOD008: Fix CSPFileTypes * directive not working in root of httpd.conf

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

When the "CSPFileTypes *" directive was placed at the root of the Apache server configuration file outside a <Location> or <Directory> tag, the Web Gateway would fail to serve any files, leading to an HTTP 404 error. This issue has been fixed so that "CSPFileTypes *" is recognized at the root of the Apache configuration file.

AOD010: Fix <SUBSCRIPT> error in processing multipart/form-data POST request

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

Improve the parsing of the "name" and "filename" parameters in the Content-Disposition header in POST requests of type multipart/form-data. This fixes a <SUBSCRIPT> error that would sometimes occur when the filename was Base64-encoded.

CMT1587: Improve the performance of Gateway installations working to large configurations (many application paths defined)

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This enhancement aims to improve the performance of Gateway installations working to large configurations. In this context a 'large configuration' is one containing many application paths defined in the Gateway configuration and/or the Caché configuration.

With previous builds large configurations resulted in a noticeable degradation in CSP performance. In order to address this problem, the Gateway now uses an improved internal layout (in the shared memory sector) for holding the configuration. Also, a better indexing mechanism and search algorithm has been developed to enable the Gateway to quickly identify the running configuration for a particular application path.

Apart from improved performance, the only visible change is the message that's recorded (in the Event Log) when more memory is required to be reserved in the shared memory sector for holding the configuration.

Previously the message recorded was:

Configuration Error: Insufficient space in the configuration buffer
Configuration block Size: A; Size of configuration block to insert: B; Space available: C (Consider setting CONFIG_BUFFER_SIZE=X (or higher) in the [SYSTEM] section of CSP.ini)

The new message is:

Configuration Error: Insufficient space in the configuration buffer  
Consider setting MAX_APPLICATIONS=X (or higher) in the [SYSTEM] section of CSP.ini  

The MAX_APPLICATIONS parameter is the total number of paths defined in the Gateway plus the number of paths defined in each participating Cache installation. The Gateway (that is, the hosting web server) must be completely restarted after modifying this parameter.

CMT1591: Ensure that the 'SSL/TLS Cipher Suites' (SSLCC_Cipher_Suites) configuration parameter can be updated via the Gateway Registry methods

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change ensures that the 'SSL/TLS Cipher Suites' (SSLCC_Cipher_Suites) configuration parameter can be updated via the Gateway Registry methods.

For example:

Kill properties Set properties("SSLCC_Cipher_Suites")="ALL:"
set status = gateway.SetServerParams("LOCAL", .properties) 

CMT1592: Ensure that the 'Connection Security Level' (Connection_Security_Level) configuration parameter can be updated via the Gateway Registry methods

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change ensures that the 'Connection Security Level' (Connection_Security_Level) configuration parameter can be updated via the Gateway Registry methods.

For example:

Kill properties Set properties("Connection_Security_Level")=10 // SSL/TLS
Set status = gateway.SetServerParams("LOCAL", .properties) 

Before this change it was not possible to set the Security Level to SSL/TLS (10). The correct values representing each security level are listed below.

#define CSP_H_SECURITY_LEVEL0             "Password"
#define CSP_H_SECURITY_LEVEL1             "Kerberos"
#define CSP_H_SECURITY_LEVEL2             "Kerberos with Packet Integrity"
#define CSP_H_SECURITY_LEVEL3             "Kerberos with Encryption"
#define CSP_H_SECURITY_LEVEL10            "SSL/TLS"

CMT1593: Write extended error information to Event Log if the Gateway fails to load a DLL under Windows

Category: CSP.Gateway
Platforms: Windows
Version: 2018.1.3

This enhancement will write extended error information to the Event Log if the Gateway fails to load a DLL under Windows AND the the Log Level is set to 'e'.

The information recorded will include the reason why a particular library could not be loaded and also record the path to the location where the Gateway was looking.

For example, if the 'cconnect' library cannot be found, a series of messages similar to those shown below will be recorded.

>>> Time: Sat Jun 03 11:34:44 2017; RT Build: 1801.1636 (win64/iis/mod:srv=7.5); Log-Level: 0; Gateway-PID: 3700; Gateway-TID: 3212  
 Unable to load the following library - code: 126 - The specified module could not be found.  
 C:/Inetpub/CSPGateway/cconnect64.dll 
>>> Time: Sat Jun 03 11:34:44 2017; RT Build: 1801.1636 (win64/iis/mod:srv=7.5); Log-Level: 0; Gateway-PID: 3700; Gateway-TID: 3212  
 Unable to load the following library - code: 193 - %1 is not a valid Win32 application.  
 C:/Inetpub/CSPGateway/cconnect.dll  
>>> Time: Sat Jun 03 11:34:44 2017; RT Build: 1801.1636 (win64/iis/mod:srv=7.5); Log-Level: 0; Gateway-PID: 3700; Gateway-TID: 3212  
 Unable to load the following library - code: 126 - The specified module could not be found.  
 C:/Inetpub/CSPGateway/bin/cconnect64.dll  
...
>>> Time: Sat Jun 03 11:34:44 2017; RT Build: 1801.1636 (win64/iis/mod:srv=7.5); Log-Level: 0; Gateway-PID: 3700; Gateway-TID: 3212  
 Initialization  
 Information: The CCONNECT library is not present on this system (This library is used for the optional Kerberos and SSL/TLS based security between the Gateway and Cache)  

CMT1600: Avoid re-encrypting Microsoft DPAPI-encrypted passwords after a fault on decrypting an existing (encrypted) password

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change avoids re-encrypting Microsoft DPAPI-encrypted passwords after a fault on decrypting an existing (encrypted) password.

There were cases where the Gateway attempted to re-encrypt aan already encrypted password after an error decrypting a password. The Gateway now applies further checks to determine whether or no it is dealing with an encrypted value and if it is, will simply report the error in the Event Log.

CMT1601: Respond gracefully when Caché returns a formal HTTP error code (and message) in response to the Gateway checking the integrity of a connection and the associated instance process

Category: CSP.Gateway
Platforms: Windows
Version: 2018.1.3

With this change the Gateway responds gracefully when Caché returns a formal HTTP error code (and message) in response to the Gateway checking the integrity of a connection and the associated instance process.

For example, if an invalid password is submitted (or the Gateway is attempting to connect to a non-existent user account) Caché will respond with a message similar to that shown below:

   HTTP/1.0 403 Forbidden  
   Content-type: text/html  
   Connection: closed  
   Password authentication failed  
   ERROR #838: User cm does not exist 

The Gateway doesn't always recognize HTTP messages that are returned in response to internal validation/handshake commands which, in turn can lead to confusing error messages being recorded. For example:

   WARNING: Incorrectly formatted value for $ZVersion  
   CacheSP: chd=1  

Or:

   cspTestConnection(mode=0, context=14, response_size=33): Response
   CacheSP: es=1;p=0;chd=1;ato=60;

Or:

   New Value for $ZVersion (Old value: '/csp')
   Cache for Windows (x86-64) 2015.2.1 (Build 705_0_17102U) Mon Mar 6 2017 16:28:18 EST

Or:

   Gateway response cache
   The CSP Gateway has detected a server version change for configuration '4) 2015.2.1 (Build 705_0_17102U) Mon Mar 6 2017 16:28:18 EST'.  Clearing the response cache

The Gateway now correctly processes these messages and records a more explanatory error message in the log. For example:

   Connection Validation Failed: mode=0; context=11;  
   HTTP/1.0 403 Forbidden  
   Content-type: text/html  
   Connection: closed  
   Password authentication failed  
   ERROR #838: User cm does not exist

CMT1616: Ensure that a UNIX signal involved in worker process close-down is not recorded as an error condition when terminating IPC Server threads

Category: CSP.Gateway
Platforms: UNIX®
Version: 2018.1.3

This change ensures that a UNIX signal involved in worker process close-down is not recorded as an error condition when terminating IPC Server threads supporting state-aware connectivity.

For example, this change will prevent the following spurious 'errors' being recorded when the hosting web server terminates a worker process.

   Error : cspIPCService : Signal=1; Phase=1

CMT1619: Correct a fault formulating the final copy of the HTTP response headers prior to dispatch to the hosting web server

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change corrects a fault in the function responsible for formulating the final copy of the HTTP response headers prior to dispatch to the hosting web server. This fault could result in a security violation being assumed/detected by IIS, leading to a failure of the request and the hosting Application Pool closing down (in order to protect the web server).

One symptom of this problem is the following error being recorded in the Event Log:

   Invalid parameter detected in function at line 0 

CMT1621: Secure access to the Gateway Registry methods

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change secures access to the Gateway Registry methods.

Registry Methods have been divided into two categories:

1. Read orientated operations (e.g. GetDefaultParams()).
   Users must have one of the following roles assigned: %All, %Manager or %Operator.

2. Update oriented operations (e.g. SetDefaultParams()).
   Users must have one of the following roles assigned: %All or %Manager.

For example, if a user with just the %Operator role assigned were to invoke the method to change the Gateway's Default Configuration Parameters the following error message would be returned.

Insufficient privileges to invoke the 'SetDefaultParams' method

CMT1628: Modify the Gateway Management forms so that they automatically redirect to the 'login' form after the user session times-out

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

The Gateway Management forms have been modified such that they will now automatically redirect to the 'login' form after the user session times-out. Previous versions would remain on the current form (after timeout) until the next user action, after which control would go back to the login form. Of course, this change only applies to Gateway installations for which the Management forms have been password protected.

CMT1633: Ensure that the Gateway does not attempt to resize its run time configuration and internal indices after a web server worker process rotation

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change ensures that the Gateway does not attempt to resize its run time configuration and internal indices after a web server worker process rotation. With previous releases, this would occasionally happen - particularly (though not exclusively) when connecting to mirrored configurations after a web server worker rotation event. This, in turn, would lead to a mismatch between process-local indices and the running configuration held in the Gateway's shared memory sector.

Apart from request failures and failures to connect to Cache, the following error messages in the Event Log (Linux systems) were symptomatic of this issue:

   Backtrace (SIGSEGV) : cspDaemonListenerErrorTrap  
      /scratch3/cm/apache2231/csp/CSPa22.so(cspDaemonListenerErrorTrap+0xdb) [0x7f0f9d01a9ab]  
      /lib64/libpthread.so.0() [0x310120f4c0]  
      /scratch3/cm/apache2231/csp/CSPa22.so(csprtDaemonListener+0x2cb) [0x7f0f9d01ad8f]  
      /lib64/libpthread.so.0() [0x31012077e1]  
      /lib64/libc.so.6(clone+0x6d) [0x3100ae153d]  

And/or:

   Backtrace (SIGSEGV) : cspDaemonErrorTrap  
      /scratch3/cm/apache2231/csp/CSPa22.so(cspDaemonErrorTrap+0x1cd) [0x7f6fea974c1c]  
      /lib64/libpthread.so.0() [0x310120f4c0]  
      /scratch3/cm/apache2231/csp/CSPa22.so(csprtSysManager+0x7420) [0x7f6fea9f9d4d]  
      /scratch3/cm/apache2231/csp/CSPa22.so(csprt+0x4316) [0x7f6fea9c493a]  
      /scratch3/cm/apache2231/csp/CSPa22.so(+0x6ede6) [0x7f6fea9b9de6]  
      /scratch3/cm/apache2231/bin/httpd(ap_run_handler+0x5b) [0x43f499]  
      /scratch3/cm/apache2231/bin/httpd(ap_invoke_handler+0x16f) [0x43fd8a] 
   etc .........

CMT1634: Correct a Memory Access Violation that's reported if the Gateway Management URL (instead of the RunTime URL) is used to obtain a Gateway System Status report

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change corrects a Memory Access Violation that's reported if the Gateway Management URL (instead of the RunTime URL) is used to obtain a Gateway System Status report.

For example:

Incorrect URL: http://localhost/csp/bin/Systems/Module.cxw?CSPSYS=1

Correct URL: http://localhost/csp/bin/RunTime/Module.cxw?CSPSYS=1

CMT1640: Ensure that content (to be cached) is not written to permanent storage until it is confirmed that there is enough space

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change ensures that content (to be cached) is not written to permanent storage until it is confirmed that there is enough space in the master index to hold the reference for the cached file. A failure to do this in previous releases could lead to to an accumulation of 'orphaned' files in the Gateway's /temp directory. This happened because the Gateway can only clear down cached physical files that it is aware of that is. those for which there is a corresponding entry in the master index of cached files that is held in the Gateway's shared memory sector.

Also, in cases where the whole content of a cached entity can fit into a single cache block, the Gateway will not write the payload to permanent storage, but instead include it in the data block used to hold the master index entry.

CMT1643: Correct a fault in the cconnect library trace facility.

Category: CSP.Gateway
Platforms: Windows
Version: 2018.1.3

This change corrects a fault in the cconnect library trace facility. This change utilizes a new function provided by the cconnect library (CconnectSetTraceFile()).

This function allows the Gateway to supply the path and file name of the trace file to be used (usually cconnect.log), rather than opening this file within the Gateway code and passing the (pointer) reference for the open file, to the cconnect library. There are problems (notably under Windows) with passing pointers to open files over function/library boundaries. These problems will be avoided by enabling the cconnect library to completely own the management of the trace file within its own code base.

CMT1645: Ensure that the command line '-encrypt_password' facility generates the same 'hash' as that which would otherwise be generated by the Gateway Management suite

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change ensures that the command line '-encrypt_password' facility (provided by CSPnsd) generates the same 'hash' as that which would otherwise be generated by the Gateway Management suite.

Example:

   # ./CSPnsd -encrypt_password=0:SYS && echo
   1Phmog51gaVNwReQh0rKvtmGBlRw

This change corrects a fault in the mechanism which led to a mismatch between encrypted passwords generated from within the Gateway Management forms and those generated from the command line.

CMT1646: Ensure that the the Gateway configuration file (CSP.ini) is correctly updated when modifying passwords using the 'Security.Users.Modify()' method

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change ensures that the the Gateway configuration file (CSP.ini) is correctly updated when modifying passwords using the 'Security.Users.Modify()' method.

Example: Set properties("Password") = "new" Set status = ##Class(Security.Users).Modify("CSPSystem", .properties)

With previous versions of this method, unwanted trailing data was left at the end of the CSP.ini file if the updated file happened to be shorter in length than the original.

CMT1648: Protect against a memory access violation that can occur if GZIP compression is enabled but the ZLIB initialization function (deflateInit2) fails

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change protects against a memory access violation (SIGSEGV) that can occur if GZIP compression is enabled but the ZLIB initialization function (deflateInit2) fails.

Under these circumstances the following message will be written to the Gateway Event Log:

   GZIP Initialization Error  
   Initialization of the ZLIB library failed (deflateInit2) gzip_err = -2  

CMT1649: Ensure that the 'Maximum Connections per Session' throttle applies across all worker processes in a multi-process web server

Category: CSP.Gateway
Platforms: UNIX®
Version: 2018.1.3

This change ensures that the 'Maximum Connections per Session' throttle applies across all worker processes in a multi-process web server. For example: Apache using a 'prefork' MPM under UNIX.

With previous releases, the 'Maximum Connections per Session' throttle was applied independently to each and every worker process resulting in a single client potentially consuming more connections that it should.

When the throttle is exceeded, the following message will be written to the Event Log (log level 'e'):

   Connection Allocation Error  
   Maximum number of connections in use for session ID: FCJotTP9SP (Server: CACHE20172; Maximum Connections per Session: 6)  

Affected requests will be queued for as long as the the 'Queued Request Timeout' timeout will allow, after which the Gateway will return a 'Server Busy' status and the following message will be written to the Event Log:

   Server Availability Error
   All channels to the Server are busy: Please try later 
 

CMT1655: Rework the signal handler for Access Violation (SIGSEGV) errors to avoid hangs in Apache

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change reworks the signal handler for Access Violation (SIGSEGV) errors to avoid hangs in Apache. Also avoided will be defunct (or zombie) processes appearing in the process listings after a SIGSEGV event.

CMT1656: Correct a fault that could result in a Memory Access Violation (SIGSEGV) occurring when Apache recycles a worker process UNIX systems).

Category: CSP.Gateway
Platforms: UNIX®
Version: 2018.1.3

This change corrects a fault that could result in a Memory Access Violation (SIGSEGV) occurring when Apache recycles a worker process UNIX systems).

When this fault occurs the following function call back-trace will typically be written to the Gateway Event Log:

   Backtrace (SIGSEGV) : cspDaemonErrorTrap  
   /opt/cspgateway/bin/CSPa24.so(cspDaemonErrorTrap+0x1c6) [0x7fa334803346]  
   /lib64/libpthread.so.0(+0xf100) [0x7fa340d02100]  
   /opt/cspgateway/bin/CSPa24Sys.so(cspsmSemaphoreDestroy+0x32) [0x7fa3340f1b57]  
   /opt/cspgateway/bin/CSPa24Sys.so(cspsmCloseDown+0x361) [0x7fa3340df9b2]  
   /opt/cspgateway/bin/CSPa24Sys.so(cspsys_x_closedown+0x11) [0x7fa33410752d]  
   /opt/cspgateway/bin/CSPa24.so(csprtUnInitialize+0x118) [0x7fa334800ef5]  
   /opt/cspgateway/bin/CSPa24.so(csprtCloseDown+0x8b2) [0x7fa3347fe076

CMT1658: Correct a fault that led to the occasional failure of WebSocket connections under Nginx1.12.2.

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change corrects a fault that led to the occasional failure of WebSocket connections under Nginx 1.12.2.

Apart from a failure to initialize a WebSocket, this fault resulted in the following message being recorded in the Nginx error log:

   [alert] 30754#0: *40 zero size buf in writer t:0 r:0 f:0 0000000000000000 00000000020D0E30-00000000020D0E30 0000000000000000 0-0

CMT1659: Ensure that the Gateway version/build information is included in the SERVER_SOFTWARE CGI Environment Variable for Nginx Servers

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change ensures that the Gateway version/build information is included in the SERVER_SOFTWARE CGI Environment Variable for Nginx Servers. Testing revealed that this information was often missing for Nginx hosted Gateway installations.

Example:

   SERVER_SOFTWARE   nginx/1.12.2 CSP-Universal/2018.2.0.999.0-1802.1667-16
   

CMT1677: Correct a fault that led to spurious event log messages warning about absenct HTTP request method

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change corrects a fault that led to spurious event log messages (incorrectly) warning about the absence of an HTTP request method.

For example:

   WARNING: The REQUEST_METHOD is absent for this request (CSP_DELETE_VARS)
   HTTP_ACCESS_CONTROL_REQUEST_METHOD,HTTP_ORIGIN,HTTP_ACCESS_CONTROL_REQUEST_HEADERS

CMT1681: Protect against an infinite loop occurring when the Gateway traverses its forms cache

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change aims to protect against an infinite loop occurring when the Gateway traverses its forms cache.

CMT1682: Correct a fault that made it impossible to download files of type DLL and EXE over HTTP

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change correct a fault that made it impossible to download files of type DLL and EXE over HTTP in a CSP application.

CMT1683: Extend the mechanism for interrupting Caché processes to include a 'reason' code.

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change extends the mechanism for interrupting Caché processes to include a 'reason' code.

The Gateway will send a 'reason for interrupting' code to Caché with the 'interrupt' message. This code will be included in the call to interrupt a process:

$System.Util.SendInterrupt(ProcessID,Reason)

The following 'reason' codes will be recorded.

   1 Client disconnected while waiting for a response (e.g. browser closed).
   2 Request timed-out ('Server Response Timeout' exceeded).
   3 Interrupt request dispatched from the Gateway Management forms ('System Status' form).
   4 Client disconnected while sending the request payload.
   5 Protocol error detected between the Gateway and Caché.

CMT1687: Correct a fault in the initialization of the Shared Memory block for the Nginx Gateway solution

Category: CSP.Gateway
Platforms: UNIX®
Version: 2018.1.3

This change corrects a fault in the initialization of the Shared Memory block for the Nginx Gateway solution - known as the 'Universal Gateway Modules'. Problems caused by this fault were only evident in UNIX-based Nginx installations in which multiple worker processes were used.

For example, in nginx.conf:

   worker_processes  3;

One visible manifestation of this problem was the premature timeout of the Gateway Management forms.

CMT1688: Correct a potential race condition in the functionality that initializes Gateway 'Server' connections

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change corrects a potential race condition in the functionality that initializes Gateway 'Server' connections (the reserved connections responsible for serving Gateway registry functionality and websockets operating in 'shared connection' mode).

While no problem has occurred that could be attributed to this fault, the potential for a race condition theoretically exists for configurations that connect to multiple Caché or InterSystems IRIS servers.

CMT1689: Improve the mechanisms for closing down the threads responsible for hosting the 'Server' connections and listening for incoming commands

Category: CSP.Gateway
Platforms: UNIX®
Version: 2018.1.3

This change improves the mechanisms for closing down the threads responsible for hosting the 'Server' connections and listening for incoming commands from Caché and InterSystems IRIS. Server connections are responsible for serving Gateway Registry methods in Caché and InterSystems IRIS and websockets operating in 'shared connection' mode.

The previous mechanism for closing down these threads was rather crude and it is possible that a failure to cleanly (and gracefully) terminate these threads has been responsible for crashes in Apache/UNIX installations. The new scheme will gracefully interrupt 'Server' listener threads so that they can clean up their resources and cleanly terminate. The core 'closedown' function managing this process will only force the threads to terminate if, for whatever reason, orderly termination is not possible.

CMT1692: Ensure that the correct HTTP response status code is saved in the Nginx 'access' log records

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change ensures that the correct HTTP response status code is saved in the Nginx 'access' log records. It was recently noticed that all CSP requests were being recorded as having a response status code of '000'. The CSP module will now insert the status code supplied by Caché or InterSystems IRIS in the appropriate Nginx data block.

CMT1701: Modify the procedure that searches for the Gateway's 'temp' directory so that the IIS 'temp' directory does not get used by default

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change modifies the procedure that searches for the Gateway's 'temp' directory so that the IIS 'temp' directory does not get used by default. An earlier change introduced a scheme whereby the Gateway's files could be placed in a location other than that hosting the binaries. The intention was to allow a better security scheme to be applied to these files.

The 'alternative' location for the Gateway's temp directory is '../temp' relative to the directory holding the Gateway binaries. The problem for IIS installations that place the Gateway binaries in '/inetpub/CSPgateway/' is that this alternative location resolves to '/inetpub/temp/' which is the 'temp' directory used by IIS.

For IIS, the Gateway will now attempt to use the following paths for its 'temp' directory (and in the order show):

• ./temp/ (i.e. /inetpub/CSPGateway/temp/)
• ../csptemp/ (i.e. /inetpub/csptemp/)
• ../temp/ (i.e. /inetpub/temp/)

The 'temp' directory is where the Gateway holds its repository of cached response files.

CMT1702: Correct a regression in the construction and normalization of the PATH_TRANSLATED CGI Environment Variable.

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change corrects a regression in the construction and normalization of the PATH_TRANSLATED CGI Environment Variable.

After the improvements to allow the processing of CSP URLs of any length, this variable was found to be constructed as follows (for example) ...

C:\inetpub\CSPGateway\samples\inspector.csp\csp\samples\inspector.csp

... instead of the expected form ...

C:\inetpub\CSPGateway\csp\samples\inspector.csp

CMT1704: Allow the '%response.AllowOutputFlush' facility to be set in the HTTP Response Headers

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This enhancement will allow the '%response.AllowOutputFlush' facility to be set in the HTTP Response Headers. This will make the 'output flush' facility accessible to older Caché systems for which the '%response.AllowOutputFlush' is not defined.

Example:

CMT1705: Reduce the risk of interference when versions of the same library are loaded both by the CSP Gateway and a hosting Apache installation

Category: CSP.Gateway
Platforms: UNIX®
Version: 2018.1.2

This change reduces the risk of interference between versions of the same library that are loaded both by the Web Gateway and a hosting Apache installation under Linux. For example, the GZIP library (libz.so) will often be loaded both by the Gateway and Apache. Loading two copies of a library into one process can sometimes cause conflicts (leading to crashes), particularly where different versions of the library are used.

CMT1709: Support oversize lines in the HTTP response headers

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change allows the support of oversize lines in the HTTP response headers (for example, 'Redirect' lines targeting long URLs). The Gateway will now dynamically resize its response headers buffer up to 8K as required.

Note: Bear in mind that other parts of HTTP infrastructure may apply their own limits to the length of URLs. Using Apache, the code in the 'Test Hints' (a 4K URL) will render successfully (on redirection) with Firefox, Chrome and Microsoft Edge. It will, however, be blocked by the default IIS (v10) configuration.

CMT1710: Introduce greater flexibility into the security restrictions applied to the Web Gateway Registry and Management methods

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change introduces greater flexibility into the security restrictions applied to the Web Gateway Registry and Management methods.

Rather than checking for '%Operator' and '%Manager' roles, the access gateway to these methods instead checks if the user has 'Use' access to the '%Admin_Operate' and '%Admin_Manage' resources, respectively. This allows Systems Administrators to create their own finely-tuned user roles for the various Operator and Manager functions.

CMT1712: Upgrade the version of ZLIB to v1.2.11 (from v1.2.3)

Category: CSP.Gateway
Platforms: All
Version: 2018.1.2

This change represents an upgrade of the ZLIB (GZIP) library to v1.2.11 (from v1.2.3).

CMT1713: Correct a fault that can lead to CSP requests hanging if the Gateway run-time module does not have write-access to its configuration file (CSP.ini).

Category: CSP.Gateway
Platforms: All
Version: 2018.1.1

This change corrects a fault that can lead to CSP requests hanging if the Gateway run-time module does not have write-access to its configuration file (CSP.ini).

CMT1715: Move the 'Refresh' and 'Clear' links to the top of the 'View HTTP Trace' form

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This enhancement moves the 'Refresh' and 'Clear' links to the top of the 'View HTTP Trace' form. These links were previously located at the bottom of the form which led to difficulties with managing oversize log/trace files where the Administrator had no option but to wait for the whole report to load before it could be cleared.

CMT1716: Introduce paging to the 'View HTTP Trace' form

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This enhancement introduces paging to the 'View HTTP Trace' form. Previous versions of this form would attempt to list all HTTP request/response records found in the current Event Log file. This led to the form locking up for oversize Event Log files. The new version will only attempt to list a 1000 HTTP records at a time in the left hand frame. Browsers are able to cope with this number of records. As with the main Event Log listing, and where multiple pages of records are involved, 'More' and 'Top' links will be provided as appropriate.

Finally, the auto-refresh facility has been removed from the 'View HTTP Trace' listing as unexpected page refreshes can be a nuisance when studying the HTTP data. A listing 'Refresh' link is available at the top of the form so that the contents can be refreshed at a time convenient to the Administrator.

CMT1717: Adapt the Gateway so that it can cope with oversize header blocks for components within multi-part request messages

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

The Gateway has been modified such that it can cope with oversize header blocks (greater than 1K) for individual components within multi-part request messages. With this change, header blocks up to 2K in size can be accommodated.

CMT1718: Increase the capacity of the buffering algorithm used to receive multi-part request messages

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

For this change the buffering algorithm used to receive and process multi-part request messages has had its capacity increased. With these improvements, component header blocks of up to 6K can be accommodated.

The baseline input buffer for multi-part request messages has been increased from 4K to 8K - a size more appropriate for parsing multi-part SOAP messages.

CMT1725: Corrected a fault that resulted in requests for static file names containing non-ASCII characters (Umlauts etc...) not being processed

Category: CSP.Gateway
Platforms: All
Version: 2018.1.1

This change corrects a fault that resulted in requests for static file names containing non-ASCII characters (Umlauts etc...) not being processed.

For example: http://localhost:80/csp/user/caché.jpg

Requests such as the one above would return an 'HTTP Error 404.0 - Stream Not Found' error.

CMT1726: Protect against an issue resulting from double forward-slash sequences (//) in the URL path

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change protects against an issue resulting from double forward-slash sequences (//) in the URL path.

For example: http://localhost:57773//csp/sys/UtilHome.csp

Notice the '//' sequence introducing the /csp... path part of the URL.

To be more specific, this problem only affects the Caché and InterSystems IRIS Management Portals running over Apache web servers. The observed problem when running over this infrastructure is the portal home page being repeatedly refreshed, with each refresh consuming a new license unit. Eventually the license becomes exhausted.

Although not typically used, URLs constructed in this way are theoretically valid: see https://tools.ietf.org/html/rfc3986#section-3.3

However, the way the above URL is processed differs between IIS and Apache. With IIS the path is passed to CSP 'as is'. CSP sees '//csp/sys/UtilHome.csp' and (correctly) returns 'File Not Found' (HTTP 404).

Apache, on the other hand, tries to be helpful and removes, what it sees as, the surplus '/' character. In this case, CSP sees '/csp/sys/UtilHome.csp' and the page is served. On the browser side, however, all the relative links embedded in the form still have the extra '/' included in the URLs and this causes the application to loop: The home page UtilHome.csp, followed by a hyperlink (an AJAX call), followed by the home page etc ... repeats until the browser is forced down or the license is exhausted.

The remedy implemented here is to modify the Apache interface such that it behaves the same way as IIS. In other words, if an unexpected '//' sequence is detected in the raw request data then the unparsed path will be used instead of the (usual) parsed version and the Gateway will handle 'first line' URL parsing.

CMT1731: Correct the documentation for the Web Gateway's 'Connection Security Level' configuration parameter.

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change corrects the documentation for the Web Gateway's 'Connection Security Level' configuration parameter.

For SSL/TLS based connectivity to the database, the documentation indicates the following setting:

   Connection Security Level = 11

This should be:

   Connection Security Level = 10

CMT1735: Correct a fault in buffer initialization for the function that retrieves CGI Environment Variables from the Nginx web server

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change corrects a fault in buffer initialization for the function that retrieves CGI Environment Variables from the Nginx web server. This fault led to 'non-defined' environment variables not being correctly acknowledged as being 'non-defined' by the CSP Gateway.

This change is in the distributed source file: ngx_http_csp_module_sa.c (module build 19).

CMT1736: Correct a fault in the processing of the 'Sec-WebSocket-Protocol' HTTP request header (for WebSockets) under Nginx

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change corrects a fault in the processing of the 'Sec-WebSocket-Protocol' HTTP request header (for WebSockets) under Nginx. With previous builds, the Gateway was sending a value for this header in the response in cases where the client was not specifying a particular 'WebSocket Protocol'. It was found that Firefox was the only browser able to tolerate this breach of protocol. Other browsers (notably IE, Edge and Chrome) simply rejected the request for a WebSocket connection.

Reference: https://tools.ietf.org/html/rfc6455

CMT1737+CMT1738: Protect against a potential DoS vulnerability caused by the 'hang' period applied to repeated login failures

Category: CSP.Gateway
Platforms: All
Version: 2018.1.2

This change updates the hang time for invalid logins. If a user enters invalid credentials (either invalid username or invalid password), the new behavior is as follows:

The new behavior is the same for both a username who exists in the security user database, and for a username who does not exist in the security user database.

For any type of login for services, Terminal, console, telnet, bindings, or $system.Security.Login(), the system will hang for 2 seconds before the user is allowed to re-enter credentials. The system will also hang for the same two seconds if some other login error is detected (e.g. service disabled, insufficient privileges).

For a web-based CSP type login (CSP, SOAP, REST), an error is immediately returned to the user. Then:

• For a CSP application login, the user receives an "Access Denied" error.
• For a REST/SOAP login, the user receives an HTTP/1.1 401 Unauthorized message.

The user can immediately enter and submit new credentials. There is no "hang 2" implemented here to force a wait. (This is because the CSP server processes are already running and are pooled across connections; it is undesirable to have them to hang and unable to process other requests.) If the system invalid login retry limit is set to 0 (disabled), the above behavior continues for each successive invalid login. If the system invalid login retry limit is not 0, and the system invalid login retry limit is reached, then the behavior changes as follows:

• For CSP application login, the user receives a "Service unavailable" for this and subsequent invalid logins.
• For REST/SOAP login the user receives a "HTTP/1.1 503 Service Unavailable" message.

The user can immediately re-enter their credentials, but that information will be ignored for the next 2 seconds and the service unavailable messages will persist until the two seconds have elapsed, even if valid credentials are entered. Note that audit records will not be written at this point, nor will an existing user record be updated.

CMT1745: Create extra Registry indices when a Gateway instance is simultaneously supporting both TLS and non-TLS traffic

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change ensures that the extra Registry indices are created when a Gateway instance is simultaneously supporting both TLS and non-TLS traffic through the same web server.

The problem addressed here is that Registry information is keyed by the instance host name (CSPIHN) field which is made up of the web server host name and listening port, the latter of which will be different for TLS (usually 443) and non-TLS traffic (usually 80).

In practice it was found that one Registry stream would work, and successfully respond to requests, and one would not. This change will ensure that each instance host name will refer back to the current 'Server connection'(1) for the associated web server process regardless of whether it was initially created, and indexed against, the TLS or non TLS stream.

For example, for a mixed TLS/non-TLS configuration in which the first request was over TLS (the first request always triggers the creation of the Gateway 'Server' process), the Registry records would look something like the following:

 
^cache.Temp.SysMetricsGWClient("COM","DESKTOP-NQL2POG:443:3NG.6fe.1011GpRwO",0,"$J")=24860
^cache.Temp.SysMetricsGWClient("COMX","127.0.0.1:443")="DESKTOP-NQL2POG:443"
^cache.Temp.SysMetricsGWClient("COMX","127.0.0.1:80")="DESKTOP-NQL2POG:443"

Note: 'Server Connections' are the special Gateway connections reserved for the purpose of serving Registry requests.

CMT1746: Transmit 'Registry Disabled' flag to Instance and adapt Registry Methods so that they return immediately when Registry infrastructure is disabled

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change will transmit the 'Registry Disabled' flag to Caché and InterSystems IRIS (as %request.RegistryMethods). The Registry Methods have been adapted so that they will return immediately when the Registry infrastructure is disabled.

This change applies to the following setting in the Gateway configuration:

   [SYSTEM]
   REGISTRY_METHODS=Disabled

With previous versions, the methods would hang and timeout when accessed during a time at which the registry was disabled.

CMT1748: Increase the size of the buffer allocated to the Instance 'configuration changed' timestamp

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change increases the size of the buffer allocated to the Caché and InterSystems IRIS 'configuration changed' timestamp. Lack of buffer space for this data element resulted in mirror-aware Gateway configurations not performing reliably (seemingly random failure of requests, for example).

  New timestamp format (for example): 64980,72829.772386293:11/28/2018
  Old timestamp format:               64980,72829.772386293

CMT1751: Check the integrity of responses to HTTP OPTIONS requests

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change checks the integrity of responses to HTTP OPTIONS requests. This enhancement forms the basis of a requirement to prevent such requests from taking an additional license.

One check that is applied is that responses to OPTIONS requests (from Caché and InterSystems IRIS) should not contain an entity body. This is currently the case but the HTTP standard does mandate that responses can potentially include a body, but, at the present time, there are no conditions under which a body should be generated.

From RFC 2616: https://www.ietf.org/rfc/rfc2616.txt

If the OPTIONS request includes an entity-body (as indicated by the presence of Content-Length or Transfer-Encoding), then the media type MUST be indicated by a Content-Type field. Although this specification does not define any use for such a body, future extensions to HTTP might use the OPTIONS body to make more detailed queries on the server. A server that does not support such an extension MAY discard the request body.

CMT1752: Add 'HTTP OPTIONS' requests to the set of CSP resources that do not require a license

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This enhancement adds 'HTTP OPTIONS' requests to the set of CSP resources that do not require an Caché and InterSystems IRIS license.

These requests will no longer incur a licensing cost provided that a valid license key with greater than one unit is already deployed and the Web Gateway is capable of checking the integrity of the generated response.

CMT1757: Ensure that an array used in the Application Path configuration block is initialized properly

Category: CSP.Gateway
Platforms: All
Version: 2018.1.3

This change ensures that one of the arrays used in the Application Path configuration block is initialized properly. This fault is possibly responsible for a number of memory access violations.

DTB630: Fix problem with shared calculated member in compound cube queries

Category: DeepSee
Platforms: All
Version: 2018.1.1

Compound cube queries where cubes within the compound cube and the compound cube itself reference a shared calculated member in the query text could produce an incorrect value. This change corrects this problem.

Note: Consolidating the values of the calculated member from multiple cubes only has a meaningful answer for some calculations. For example, for a calculated member that defines different literals in each cube there is no meaningful way to aggregate these calculations.

DTB631: Allow %FixBuildErrors to resolve IDs of records that have been removed

Category: DeepSee
Platforms: All
Version: 2018.1.3

If a record in a cube's sourceClass was removed after encountering a build error, the %DeepSee.Utils:%FixBuildErrors repair method would encounter another error and so that ID would never be removed from the list until another full build. A removal of a source record is now considered a means of "fixing" the error.

DTB632: Do not present aggregate override for calculate measures in level options dialog

Category: DeepSee
Platforms: All
Version: 2018.1.1

Aggregate overrides do not make sense with calculated measures. This change removes the option to set this from the Level Options dialog.

DTB643: Retrieve searchable measure indices directly from SQL via %BITMAPCHUNK function

Category: DeepSee
Platforms: All
Version: 2018.1.1

This optimization enhancement creates searchable measure condition indices directly in the SQL query resultset. Use of this optimization can be managed using ^DeepSee.EngineSettings("searchableMeasureSqlChunk"). To preserve compatibility, this optimization is not available for computed SQL dimensions that invoke stored procedures via a CALL statement.

DTB646: Improve source control behavior in portal pages

Category: DeepSee
Platforms: All
Version: 2018.1.2

This change improves source control in the DeepSee UI so that it prevents editing and submission of the loaded document back to the server. In previous versions, the write locks on the source controlled file would work, so allowing editing could lead to the local copy being out of sync with source control. If this occurred a message indicating this would be presented on the next load of the document. This change ensures that the page refreshes the writable state of the in-memory document whenever the source control menu is used to change the source control state. This avoids the problem leading to being out of sync with source control.

The UI has the following changes:

• In the Architect the various buttons now respond to the current editable state of the document.

• Users that do not have write privileges will not be presented the source control buttons.

• Users that do not have write privileges in the Architect will have the New, Save, Compile, and Build

buttons disabled.

DTB663: Use asynchronous axis processing when searchable measures are in play

Category: DeepSee
Platforms: All
Version: 2018.1.1

Searchable measures in Analyzer could time out during the resolution of the searchable measure. This is now one of the conditions that engages the asynchronous axis processing.

DTB669: Look at all pieces of %OR keys when examining dependsOn index in %Intersect

Category: DeepSee
Platforms: All
Version: 2018.1.1

Complex filters that included homogeneous %OR sets intersected a level that it dependsOn could incorrectly return no results. This is corrected.

DTB671: Set font style attributes in SVG nodes so that Batik can properly consume the output

Category: DeepSee
Platforms: All
Version: 2018.1.1

Some fonts would not print correctly in chart widget legends when using SVG printing. This change corrects this so a font that is installed and Zen enabled using

Set ^zenNavigator.UserFontListCSV = customFont

in the namespace serving the dashboard will now print in the widget legend.

DTB681: Fix problem where date range in slicer returns all results instead of null set

Category: DeepSee
Platforms: All
Version: 2018.1.1

Time ranges can use the special [NOW +/- offset]

syntax to define ranges and members that do not exist in the data. When this was used as the slicer, it could have the effect of logging an empty set on the slicer axis, equivalent to an empty slicer. This shows all results instead of the null results that would be correct.

This change now places a single member of the requested set of time members if the entire set contains no intersection with the set of facts in the cube.

DTB693: Improve heterogeneous %OR axis construction when containing nested intersection functions

Category: DeepSee
Platforms: All
Version: 2018.1.1

This fixes some problems that came up when handling complex heterogeneous %OR clauses in MDX queries. A particular focus is slicers of the form:

%OR({ CROSSJOIN(A,B), CROSJOIN(C,D) })

DTB694: Fix <UNDEFINED> error caused by a complex filter

Category: DeepSee
Platforms: All
Version: 2018.1.1

Under certain circumstances a complex DeepSee filter could cause a query to fail with an <UNDEFINED> error. This change corrects this problem.

DTB695: Convert CROSSJOIN with two %OR arguments into an explicit tuple in axis processing

Category: DeepSee
Platforms: All
Version: 2018.1.1

An MDX statement using %OR functions as the arguments of a crossjoin could end up OR'ing those arguments if the crossjoin itself was itself nested within a %OR. An example of this could look like:

%OR( { CROSSJOIN( %OR({A,B}), %OR({C,D}) ),...})

The handling of this statement is improved to emulate an explicit tuple, for example:

%OR( { ( %OR({A,B}), %OR({C,D}) ),...})

which is handled correctly.

DTB696: Limit payload testing to POST requests in DeepSee REST DataServer

Category: DeepSee
Platforms: All
Version: 2018.1.1

DeepSee REST requests sent to the

/api/deepsee/v1/Data/*

services using CORS would fail validation. This is corrected.

DTB697: Do not flatten %OR(<tuple>) query object in pre-processing

Category: DeepSee
Platforms: All
Version: 2018.1.1

Construction of a slicer that contains an %OR could produce incorrect results if that %OR contained a tuple that also had a %OR as one of its terms, for example:

%OR({([GenD].[H1].[Gender].&[Male],%OR({[AgeD].[H1].[Age Bucket].&[10 to 19],[AgeD].[H1].[Age Bucket].&[20 to 29]}))})

Removing the outer %OR from the slicer, for example:

([GenD].[H1].[Gender].&[Male],%OR({[AgeD].[H1].[Age Bucket].&[10 to 19],[AgeD].[H1].[Age Bucket].&[20 to 29]}))

would produce the correct result with an equivalent statement. Depending on how the query is created it is not always possible to control the presence of the outermost %OR, and this is now corrected even in the event that the %OR is added internally.

DTB698: Improve compressed date range handling when building queries for KPI plugins

Category: DeepSee
Platforms: All
Version: 2018.1.1

KPI Plugins rely on the results of a special DRILLTHROUGH or DRILLFACTS query constructed using the complete cell context for a single cell. Filters that included date ranges which could benefit from time folding could end up passing on the incorrect cell context and would subsequently compute their value from an incorrect SQL resultset. This is corrected.

DTB700: Reject deeply nested %OR/tuple query constructions in MDX queries

Category: DeepSee
Platforms: All
Version: 2018.1.1

There is a problem where the MDX engine cannot reliably process complex heterogeneous %OR statements that include more than two nested levels of %OR setFunctions and operations that represent a logical AND. Before this change, these constructs would be accepted but the results were not correct. This change now tests for these constructions and rejects them during query execution.

Note: By design queries using highly complex OR/AND constructions will now see those rejected. This is to prevent unpredictable results. You should rewrite any queries that are rejected as a result of this change. Any of these blocked queries can be rewritten and flattened so that any %OR within them contains only AND terms.

DTB716: Make sure pivotTable query re-initializes properly after previous error in axis processing

Category: DeepSee
Platforms: All
Version: 2018.1.1

A query that encounters an error in axis building for a related cube subquery would fail to recognize that problem in the axis initialization if reloaded in the pivotTable component. This adjusts the record keeping in the axis cache to ensure that the query re-executes.

DTB719: Avoid impacting other unrelated tasks when canceling DeepSee query

Category: DeepSee
Platforms: All
Version: 2018.1.1

Canceling a query in the DeepSee Resultset affected background tasks assigned to other DeepSee Agent operations. This includes operations that are not query related and directed to different cubes than the query being canceled. This change tracks the task subgroups and corrects this problem.

DTB724: Preserve original case of the member declaration in calculatedMember.%ToString()

Category: DeepSee
Platforms: All
Version: 2018.1.1

The call to reproduce the string representation of a calculated member would not always preserve the original case of the declared name of that member. In some instances the text is provided in upper case and in others it is in lower case. This change corrects this problem.

DTB725: Fix TaskMaster agents handling task cancellation when actively working on a task

Category: DeepSee
Platforms: All
Version: 2018.1.1

When canceling a task group assigned to %DeepSee.TaskMaster agents, only the tasks that had yet to be picked up by an agent were removed. Any tasks that were in process were expected to complete and move to other task groups. This could cause problems if a query with a very long-running background task was canceled and then attempted again before the background task completed. This could cause errors due to two processes attempting to work on contents of the same cache.

With this change each of the agents working on active tasks for a particular group being canceled are sent external interrupts to shut down the remaining work that has no further use.

DTB731: Widen Architect Details pane to accommodate all fields without a scrollbar

Category: DeepSee
Platforms: All
Version: 2018.1.1

A horizontal scrollbar was showing up in the Architect's Details pane in order to access only a few hidden pixels. This pane is widened in order to eliminate the need for the scrollbar altogether.

DTB737: Add validation to the RegistryMap object before saving to class

Category: DeepSee
Platforms: All
Version: 2018.1.2

This introduces a means of adding object validation to the %DeepSee.CubeManager.RegistryMap:SaveToClass method. In this release the validation prevents any duplicate group names in the RegistryMap before saving the object to the class.

DTB741: Do not call %CreateAgents for single-threaded %SynchronizeCube

Category: DeepSee
Platforms: All
Version: 2018.1.1

The call to %DeepSee.Utils:%SynchronizeCube would create background agent processes even if the method were executed in its default pAsync=0 mode. This is corrected so agents are only created if they are needed.

DTB742: Protect processing of tuple children from being called with a null parent

Category: DeepSee
Platforms: All
Version: 2018.1.1

In some cases when a related member is one of the members of a tuple, it could throw a <SUBSCRIPT> error should that related member resolve to NO MEMBER in the related subquery. This is corrected.

DTB743: Introduce user setting to toggle appearance of calculated members in searchBox filters

Category: DeepSee
Platforms: All
Version: 2018.1.1

Calculated members can be filed under existing cube dimensions. There is now a namespace-wide setting Admin > Settings > General Tab > [Show Calculated Members in Filters] allowing the DeepSee administrator to decide whether or not these calculated members appear in filters.

This setting has no effect on member lists for virtual dimensions that are created specifically by the definition of a calculated member.

DTB745: Preserve selected rowSpec through drill-down operations

Category: DeepSee
Platforms: All
Version: 2018.1.1

The chooseRowSpec control was not fully compatible with drill down. This change accounts for the effects of this control type when interacting with the pivot's drilldown.

The expected behavior is now:

• When the row level is set using chooseRowSpec, drilling down functions correctly from the chosen point of reference and drilling back up will ultimately land on the chosen level.
• If chooseRowSpec is used to change the start level while drilled down, it will clear the drill down state and start back at the top with the latest choice.

DTB751: Prevent name collision with registered groups when generating natural group names in Cube Manager

Category: DeepSee
Platforms: All
Version: 2018.1.2

In the Cube Registry users are allowed to pick any name they like for the registered groups. If one or more of those names used the naming convention Group <integer> an unregistered group could receive the same generated name and then it would not be possible to register that group. This is now corrected so that all natural groups will be assigned an unused <integer> if name collisions are detected between the generated unregistered natural groups and existing registered groups.

If a Registered group name is changed by the user in the registry to match one of the unregistered group names, the natural group name will be updated to avoid collision when the registry is saved to the server.

DTB752: Tighten search restriction application in memberData:%GetMembers

Category: DeepSee
Platforms: All
Version: 2018.1.1

DeepSee filters were not fully restricting to the desired search term in some cases. This tightens the generated SQL to more accurately limit member lists.

DTB756: More explicit grouping of SQL WHERE clause terms in %GetMembers

Category: DeepSee
Platforms: All
Version: 2018.1.1

In some cases order of operations was getting confused when there were many AND and OR operations being added to the WHERE clause in alternating order. This change adds more parentheses grouping as the SQL WHERE clause is being created from MDX FILTER terms to keep the order of operations straight.

DTB758: Add test of %reduce in memberData:%GetMembers to prune member list

Category: DeepSee
Platforms: All
Version: 2018.1.1

Basic filters that fetch all members of a level will not provide options that have no facts associated with them.

DTB761: Accept a literal null as a valid axis label in %GetOrdinalLabel, %GetOrdinalKey

Category: DeepSee
Platforms: All
Version: 2018.1.1

When reading the headers in a DeepSee resultset using the APIs %DeepSee.ResultSet:%GetOrdinalLabel and %DeepSee.ResultSet:%GetOrdinalKey, literal null strings would be ignored and cause an inaccurate label depth count in the return of a particular ordinal axis position. This change corrects this problem.

DTB770: Consult nonempty nodes in the results cache when using %CELL offset functions

Category: DeepSee
Platforms: All
Version: 2018.1.2

The details of execution for how a resultset arrives at the final axis members could affect the results of the %CELL functions. These details included

• Whether a related cube filter or a local filter was used
• Whether a member provided restriction context in a filter or an axis provided that context

DTB782: Implement clone clientmethod in queryChunk component

Category: DeepSee
Platforms: All
Version: 2018.1.1

A Zen exception could occur when rapidly clicking the Toggle listing control on a widget, particularly if the extra clicks occur while the widget is still waiting for the current result. This change corrects this problem.

DTB785: Always wait for joinindex task group if it was created in %ResolveRelationships

Category: DeepSee
Platforms: All
Version: 2018.1.1

It was possible for the DeepSee TaskMaster agents to queue up join index processing that might never complete on a very busy system. This is corrected.

DTB814: Introduce more robust SQL tokenizer and parser for managing listing field and orderBy lists

Category: DeepSee
Platforms: All
Version: 2018.1.2

This change introduces a more complete tokenizer and parser for analyzing the SELECT and ORDER BY lists that can be defined in DeepSee listing definitions. It also restores the support of the more complex functions that can be used in SQL SELECT terms within DeepSee listing definitions. The parsing supports the use of the special DeepSee listing macros ($$$TEXT, iknow macros, and $$$PMML).

DTB815: Fix DeepSee SQL parser issues

Category: DeepSee
Platforms: All
Version: 2018.1.2

This change fixes an issue when selecting a new property from the tree in the FieldList dialog. This also corrects another issue where a class-defined CAPTION of the property would erroneously get added to the property when the dialog was constructing an ORDER BY list.

DTB816: Enable autorefresh in PMML model tester page

Category: DeepSee
Platforms: All
Version: 2018.1.2

The PMML Model Tester page stopped working when the default for autorefresh of the page was changed. This is corrected.

DTB819: Clear header field when item is removed in field list dialog

Category: DeepSee
Platforms: All
Version: 2018.1.3

When a field list is deleted in the Field List dialog, the 'Edit Header' text box is cleared as well as the 'Edit Field' text box.

DTB836: Add timestamp and job information to log of DeepSee build errors

Category: DeepSee
Platforms: All
Version: 2018.1.3

DeepSee build errors now include the $H timestamp and $Job number under the subscript

  ^DeepSee.BuildErrors(CubeName,ID,"info") = $LB($H,$J)

These will also be printed when calling

  Do ##class(%DeepSee.Utils).%PrintBuildErrors(CubeName)

A recompile of the cube definition class is required in order for the new logging to take effect. The APIs

• %FixBuildErrors
• %PrintBuildErrors

are compatible with cubes compiled both before and after this change is in place.

PFS013: Remove fact from cube if update reason = 2

Category: DeepSee
Platforms: All
Version: 2018.1.1

Restore behavior of removing fact from cube if update reason = 2. A previous change DTB422 in Caché 2016.1.2 removed this behavior and only allowed you to remove a fact by deleting the record from the source table (the ID does not exist in the source class).

This change allows you to remove a fact from a cube under the following two conditions:

1) If the ID does not exist in the source class

2) If the update reason = 2

PFS020: Utilize $auto in Scorecard columns with display=label

Category: DeepSee
Platforms: All
Version: 2018.1.2

A Scorecard column that has display=label and label=$auto will now dynamically update the column header to reflect the data.

PFS024: Update pivot table controller name in Analyzer on initial save

Category: DeepSee
Platforms: All
Version: 2018.1.3

The pivot table controller name is now updated during the initial save. This means that locally stored calculated members will be immediately available.

PFS028: Improve handling of calculated members in compound subqueries

Category: DeepSee
Platforms: All
Version: 2018.1.2

Cube defined calculated members are rewritten for compound subqueries. This rewrite will replace elements that do not exist in the cube the subquery is being run against.

PFS032: Use source of property when determining SQLColumnName in Field List dialog

Category: DeepSee
Platforms: All
Version: 2018.1.1

The Field List dialog will now pass through the source of the property instead of the type of the property when determining the SQL column name.

PFS039: Add Shared Dimension local overrides to time levels

Category: DeepSee
Platforms: All
Version: 2018.1.1

Shared time dimensions now pass local override information to levels, preventing cases where errors would be thrown when properties did not exist in both source classes

PFS042: Generate correct subquery when using operators in advanced filters against related dimensions

Category: DeepSee
Platforms: All
Version: 2018.1.1

When a related dimension is used with an operator in an advanced filter, the subqueries were not getting generated properly. With this fix, the subqueries will be generated correctly and errors will no longer be thrown.

PFS051: Build remote spec for subqueries with $$$UPPER

Category: DeepSee
Platforms: All
Version: 2018.1.1

Sometimes an axis could generate different subqueries against related dimensions based on the original query text. Now subqueries will always generated the related spec with the upper case version of the spec.

PFS052: Fix error in %CanonizeRelationKey caused by advanced filter that selects many members

Category: DeepSee
Platforms: All
Version: 2018.1.1

Using an operator in an advanced filter against a related dimension where the operator causes many members to be selected will no longer throw an error.

PFS064: Fix error in %MDX and %KPI timefolded queries

Category: DeepSee
Platforms: All
Version: 2018.1.1

Using %MDX and %KPI functions within MDX with timefolded queries did not produce the correct results. This change corrects this problem.

PFS072: Do not allow multiple items to be selected when searchBox multiselect=false

Category: DeepSee
Platforms: All
Version: 2018.1.1

In the Advanced Filter, when populating a condition like <MEMBER> IS <VALUE>, <VALUE> can only be a single member. When using "Search" in the searchBox component, selecting a member while a different member that does not appear in the search results was already selected allowed for multiple values to be selected. The Advanced filter was not designed to handle this case, so an error will be displayed when trying to execute the query using this item.

PFS075: Match tIntersectIndex with LabelNode info instead of OrdinalKey

Category: DeepSee
Platforms: All
Version: 2018.1.1

Queries that use dimensions from a depth 2+ relationship and a filter that has a key that is not the resolved key in a query will no longer throw undefined errors.

PFS076: Construct proper related spec when resolving a current member against a related cube

Category: DeepSee
Platforms: All
Version: 2018.1.1

When using CurrentMember against a depth 2+ related dimension, the related spec was getting generated improperly, which could produce wrong results if the Null Replacement for the relationship were defined. This has been corrected.

PFS080: Build correct axis when subquery produces no results

Category: DeepSee
Platforms: All
Version: 2018.1.1

When a subquery against a related cube did not have any results, the axis for the base cube was not getting generated properly. This is now corrected.

PFS081: Handle complex %OR specs in Deep Relationships

Category: DeepSee
Platforms: All
Version: 2018.1.1

Using %OR() or some other specs in a query with related members of depth 2+ on both columns and rows would trigger an optimization that did not properly handle the %OR(). This is now corrected.

PFS083: When building related spec for subquery, add full spec context

Category: DeepSee
Platforms: All
Version: 2018.1.1

When running queries against related dimensions with depth > 1, the full spec context was not getting generated properly. At depth > 3, the full spec context was gone and it would be impossible to reference the correct member (at depth 2,3 it was likely to reference the correct member, but possible to reference the wrong member). This is corrected.

PFS084: Check moveEnabled before adding dragHandler

Category: DeepSee
Platforms: All
Version: 2018.1.1

%ZEN.Component.dragGroup:normalize() now checks if moveEnabled is true before adding the dragHandler.

PFS089: Map null replaced members in Deep Relationship queries

Category: DeepSee
Platforms: All
Version: 2018.1.1

Prior to this change, Deep Relationship queries would throw an undefined error if there was a null replaced member. Null replaced members are now handled properly.

PFS100: On chart redraw, do not apply selected style to line if markers are used

Category: DeepSee
Platforms: All
Version: 2018.1.1

During a redraw of a chart (caused by events like resizing), if a line with markers had a marker selected, the redraw would apply the selected marker style to the entire line. This no longer occurs.

PFS105: Improve performance of asynchronous synchronize by deleting facts in background

Category: DeepSee
Platforms: All
Version: 2018.1.1

When running an asynchronous synchronize, deletes are now passed through to be handled by the background process instead of being handled by the main process. This improves the performance of an asynchronous synchronize when many facts are deleted. This change requires you to recompile all DeepSee cubes after an upgrade. If you do not recompile the DeepSee cubes, some cubes will cause an error when they are built.

PFS108: In Excel export, do not convert empty string to date

Category: DeepSee
Platforms: All
Version: 2018.1.3

There was a case during Excel export that an empty string would be exported as "1840-12-31", this has been corrected. The cell is now exported with an empty value

PFS109: Handle nested %OR in %GetFiltersForRelationship

Category: DeepSee
Platforms: All
Version: 2018.1.2

There was a case where nested %OR functions were not getting added to subqueries properly. This was causing more members than expected to be in the results. Now, the subqueries are getting the proper filter applied and the expected members are being returned.

DTB675: Properly log folder name for nested folders when rendering User Portal folder list

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

If DeepSee folder items were organized in a folder structure where a primary folder contains only subfolders and no items directly, then collapsing that primary folder would still display the subfolders on screen in the User Portal Home page. This is corrected so that collapsing the top folder hides everything filed below it.

DTB709: Provide datasource cube extension to searchBox in Advanced Filter dialog

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.3

The searchBox in the Advanced Filter dialog would not display dimension members if the cube name contains a '.' character. While use of this character is discouraged in logical cube names, it is not rejected and users experienced a regression when this dialog switched to using the searchBox to display its members. This regression is corrected.

DTB711: Commit navigator's dashboard category to page property

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

The DashboardViewer navigator was not properly committing changes to the dashboard's Category setting and so save would not write the change to the definition. This is corrected.

DTB733: Change name parsing for shared calculated member deletion

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

A shared calculated member name containing a '.' character could be saved and edited, but could not be deleted. This is corrected.

DTB744: Adjust calculation of printed element positioning when applying SVG word wrapping

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

SVG printing was not properly positioning text that had been word-wrapped in the original html element. This change tunes the SVG word-wrapping algorithm so that printed text ends up where it is supposed to be.

DTB747: Reapply AddWidgetNames if sourcecontrol internally reloads a dashboard

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.2

When a loaded dashboard automatically filled in empty widget names on load, it would not properly reapply those names if the source control hooks reloaded the original definition. The same process is now used to regenerate the names when using source control.

DTB750: Account for Cube Registry row removal when firing rowClick

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

If a group were removed in the Cube Registry using the red 'x' and another group was immediately added it could throw a Zen exception. This is corrected.

DTB755: Protect check of component.disabled when editing Architect dialogs

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

A Zen exception could occur when trying to open certain property editing dialogs in the DeepSee Architect. This is corrected.

DTB765: Support commas in HTML select elements for choosing DeepSee dimensions

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

When defining a display name for dimensions or measures, the inclusion of a comma would cause the select elements in the Advanced filter editor and Calculated Member editors to split a single display name into two lines. This is corrected.

DTB784: Provide source pivot's measure settings during Excel export from widgets

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

Excel export from DeepSee widgets was not respecting the pivot's settings as defined in the Measure Options. This is corrected.

DTB793: Initialize output variables in %ParseMemberSpec

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.2

Filters could produce an Invalid Filter in some cases using multiple selections in deep relationships. This addresses a case where faulty parsing information caused a malformed subquery to be built.

DTB812: Freeze pivot table row/column headers while scrolling

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.2

When viewing a large pivot table that requires scrolling either horizontally or vertically, the row/column headers now remain in place so the context is easily referenced at any place in the table.

DTB828: Correct pivotTable's onclick behavior when paging

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.3

The onclick action for a multi-page pivot table would only reliably send the correct context from the first page. This change corrects the onclick context for all the later pages.

PFS004: Show meaningful message when a dimension has too many members to display in Analyzer Member Tree

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

If a level is expanded in Analyzer with more than 10,000 members, the message "Too many members to display" is now shown.

PFS026: Dynamically update Legend Title

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.2

If the Legend Title is not explicitly defined, the Legend Title will now be dynamically updated as the pivot sources change. This is true for the set/choose spec controls as well as the set/choose datasource controls.

PFS087: Print pivot table drilldown labels to PDF

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

Prior to this change, trying to print a pivot table to PDF while in a drilled down state, the row label text would not be displayed. This has been corrected

PFS091: Always update level caption when drawing pivot table

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

Prior to this change, it was possible that a level on a pivot table retained the old caption after replacing that level with a new one. When drawing the pivot table, the caption is now always updated, which will be reflected in the label updating in cases when it did not previously.

PFS092: Prevent failure printing pivot table to PDF

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

Prior to this change, printing a pivot table to PDF could fail if a cell were clicked before printing. This has been corrected.

PFS095: Ok button now closes Image Upload dialog after saving

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

Prior to this change, the OK button would not close the dialog after the Save button had been clicked. This has been corrected

PFS096: Cast searchBox NOW offset as int to prevent concat when we want addition

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

When loading the searchBox component members, it was possible to see the calendar load to an unexpected month when using NOW+<offset>. This has been corrected.

PFS101: Use disabled property to better control source property/expression editing in architect

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

The Source Property and Source Expression fields in Architect will now be more strictly controlled by the radio buttons. When the radio button is selected for either the Source Property or Source Expression, the text input for the other option will be disabled and the text will be cleared.

PFS102: Build searchBox list of values before any action is taken

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

There were certain cases where a searchBox could forget the current value when performing specific actions after the initial load of the searchBox. The state of the searchBox is now updated before any action is performed.

PFS103: Fix multi cell drillthrough filter generation

Category: DeepSee.User Interface
Platforms: All
Version: 2018.1.1

There was an issue preventing the correct filter from being generated when viewing a listing across multiple cells from different contexts. This has been corrected.

JGM589: Correct Ensemble recommendation for password recording of SSLConfig settings

Category: Ensemble
Platforms: All
Version: 2018.1.3

The Ensemble class documentation for the following classes EnsLib.EMail.InboundAdapter, EnsLib.EMail.OutboundAdapter, EnsLib.HTTP.OutboundAdapter,EnsLib.Telnet.OutboundAdapter,EnsLib.TCP.DuplexAdapter,EnsLib.TCP.Common stated that if a private key password is required for the SSL configuration then it can be appended to the SSLConfig name in the setting after a |. This is not recommended. It is recommended to use the Private Key Password property of the SSL Configuration and the call documentation has been amended accordingly.

JGM611: Support specifying local interface for EnsLib HTTP Outbound Adapter

Category: Ensemble
Platforms: All
Version: 2018.1.3

This change adds a configuration Setting called LocalInterface to the Ensemble HTTP Outbound Adapter. This setting controls binding of the Adapter's TCP connection(s) to a specific local network interface.

The default value for this setting is empty which means use any interface and which is compatible with the previous behavior of the Adapters.

JGM637: Creation of temporary and secondary databases for interoperable namespaces to trap remote default db

Category: Ensemble
Platforms: All
Version: 2018.1.3

When creating an interoperable enabled namespace in a non HS instance 2 extra databases are created - one for temporary non journalled data and a Secondary one for storing passwords. The code would trap an error if the default database was remote. The code now checks if the default database is remote and reports in the creation log that it is not creating the new database(s) on the remote instance. that is:

1. Examining if Ensemble temporary global mapping already configured
   1. Creating Ensemble temporary Data location
   2. Default Globals DB for Namespace is remote. Not creating Temporary Database
2. Examining if secondary global mapping already configured
   1. Creating Seconday Data location
   2. Default Globals DB for Namespace is remote. Not creating Secondary Database

JGM640: Ens.Alarm process to trap missing data

Category: Ensemble
Platforms: All
Version: 2018.1.3

The Ens.Alarm process could loop indefinitely if persisted alarm data was missing. This has now been corrected.

JGM643: HTTP, REST and SOAP Generic Messages are now stored in the message bank using XML projection

Category: Ensemble
Platforms: All
Version: 2018.1.3

When the Message Bank Operation banks HTTP, REST and SOAP Generic Messages the HttpHeaders array were not being included in the banked messages. This was because all sub classes of Ens.StreamContainer were banked as Ens.StreamContainer and not as an XML export. HTTP, REST and SOAP Generic Messages are now banked as XML Export projection so that the properties can be examined on the Message Bank.

It is now possible to resend Generic messages and Ens.StreamContainer messages from the Message Bank using the related change JGM798.

JGM712: EnsLib ValidateSAML to allow checking for unsigned Assertion element

Category: Ensemble
Platforms: All
Version: 2018.1.3

The utility api Ens.Util.XML.SecuritySignature provides some validation for the saml:Assertion element. It required that the assertion element was signed. It is now possible to carry validation of a stream containing an unsigned Assertion element but having an element that contains the assertion to be signed. There are 2 new options: u to require an unsigned Assertion and s that when used with u requires the unsigned assertion to be wrapped by a signed element.

Note this does not check the schema.

Check signatures and expiration as specified by pValSpec. This does not validate the XML schema used for the SAML token.

pValSpec Specifies types of Assertion validation to perform:

• t - must contain a signed token.
• a - token must contain a signed Assertion. If not found the error text is "No Assertion".
• u - token must contain an unsigned Assertion. If not found the error text is "No Unsigned Assertion". If both a and u are specified then either a signed or unsigned assertion needs to be present.
• s - combine with u - if unsigned assertions exist the s requires them be a children of signed elements. Note: The Assertion might be wrapped in a structure that does not follow from schema.
• r - require Assertions to contain both NotBefore and NotOnOrAfter time conditions.
• v - verify Assertion signature and, if present, NotBefore/NotOnOrAfter conditions. If option 'u' is specified and 'v' NotBefore/NotOnOrAfter conditions will also be checked.
• o - validate other signed nodes within the assertion such as TimeStamp. Signed reference elements with attribute name of ID or Id will be searched for.

Set pClockSkew to the desired number of seconds or to -1 to prevent NotBefore/NotOnOrAfter condition checking.

To carry out schema validation of the input stream create an instance of %XML.Reader, setting the appropriate properties for validation and pass in as optional parameter pXMLReader.

The ValidateSAML method also has 2 new optional parameters:

• The 7th parameter is an optional output of the information gathered during the reading of the input stream concering signed and unsigned nodes.
• The 8th parameter is an option instance of %XML.Reader that the method will use instead of creating one. This allows the caller to create an instance of %XML.Reader and setting the desired properties for schema validation and pass in as optional parameter pXMLReader.

JGM739: EnsLib SOAP Outbound Adapter to reset HTTP Headers after success or failure but only if setting SuperSession

Category: Ensemble
Platforms: All
Version: 2018.1.3

The Ensemble SOAP Outbound adapter would clear its soap client's HTTP Headers after a successful send.

If the adapter could not send and the host was set to retry the HTTP Headers would not be cleared. This led to a problem if Send Super Session was enabled since for each retry a Super Session header would be added.

This has been resolved by clearing the HTTP Headers after success or failure.

JGM765: Increase allowed length of Complex Record Map names

Category: Ensemble
Platforms: All
Version: 2018.1.3

Complex Record Maps names (see Using the Complex Record Mapper) were limited to 50 characters. The limit is now increased to 200.

JGM778: Modify %IO.FIleStream::NewTempFilename algorithm

Category: Ensemble
Platforms: All
Version: 2018.1.3

The %IO.FIleStream::NewTempFilename algorithm might return the same filename to concurrent jobs. The algorithm has been been modified to use the %Stream.FileBinary::NewFileName() algorithm.

JGM782: Interoperability Studio requires users to have execute privilege stored procedure Ens_Config.Production_Extent

Category: Ensemble
Platforms: All
Version: 2018.1.3

Developers using Studio in namespaces with interoperability productions enabled require execute privilege on the stored procedures Ens_Config.Production_Extent.

This is granted to the roles %EnsRole_Developer and %EnsRole_Administrator.

MC2563: Add JMS Inbound and Outbound Adapters and Business Service and Operation

Category: Ensemble Java Bindings
Platforms: All
Version: 2018.1.2

This change adds the capability to send and receive messages using the Java Messaging Service (JMS) in productions. The feature includes the following:

• EnsLib.JMS.Service Business Service
• EnsLib.JMS.InboundAdapter
• EnsLib.JMS.Operation Business Operation
• EnsLib.JMS.OutboundAdapter
• EnsLib.JMS.Message class for messages

The jar files for this feature are available in:

install-dir\dev\java\lib\JDK18\cache-enslib-jms-2.0.0.jar

The following client development files are also available:

install-dir\dev\java\jms\proxy-classes.xml

install-dir\dev\java\jms\wljmsclient.jar

install-dir\dev\java\jms\wlthint3client.jar

Javadocs documentation for the Java classes is available in:

install-dir\dev\java\doc\cache-enslib-jms\index.html

JGM767: Correct TCP Framed adapter reading data longer than 910286 characters

Category: Ensemble.Adapter
Platforms: All
Version: 2018.1.3

The EnsLib TCP Framed Adapter read inbound data in chunks of no more than 910286 characters at a time. If the inbound data is more than this length (including framing characters) and the ending framing characters are not included in a 'chunked' read then the last character read was duplicated. This is now corrected.

JGM799: EnsLib.HTTP.Service to let Web Gateway set Content-Length or send chunked

Category: Ensemble.Adapter
Platforms: All
Version: 2018.1.3

The EnsLib.HTTP.Service would set the %response Contentlength in OnPage() if there was a response object returned by ProcessInput. It was possible that it could set the wrong length depending on encoding.

The EnsLib.HTTP.Service now does not set the %response.ContentLength.

As a result the Web Gateway will either send the response using chunked transfer encoding, or calculate and add a content-length header. The default is for the Web Gateway to use chunked transfer encoding, where a content-length header is unnecessary and is not added. If the response is small enough for the Web Gateway to fit into its internal response buffer, then the content-length header is added automatically.

It is still possible to set %response.ContentLength in a subclass.

JGM801: Correct ASTM TCP Adapter handling of EOTOPTIONAL when one message and EOT delayed

Category: Ensemble.Adapter
Platforms: All
Version: 2018.1.3

The ASTM TCP Adapter supports receiving consecutive ASTM E1394 messages not separated by ENQ/EOT control characters but just run together on the wire over a TCP connection when the service class parameter EOTOPTIONAL is defined as 1.

If only one ASTM E1394 message between the ENQ and EOT control characters was sent and there was a delay before the EOT control character was sent the adapter might report the error "Received unexpected ASTM ENQ ACK character: Ascii <EOT>"

This is now corrected.

MC2560: EnsLib.JavaGateway.Service to report error from CmdLineForJava

Category: Ensemble.Adapter
Platforms: All
Version: 2018.1.3

While testing JMS, we encountered a problem on a machine where the Java version is wrong.

EnsLib.JavaGateway.Service:RunJava calls %Net.Remote.Service:CmdLineForJava. %Net.Remote.Service:CmdLineForJava notices this problem, and returns an error with correct description, stating the Java version is wrong.

However, in EnsLib.JavaGateway.Service:RunJava, after the call to %Net.Remote.Service:CmdLineForJava fails, it ignores the error returned, and just returns $$$EnsSystemError to its caller.

The result of this is that the error we see in Ensemble Event Log is: Failed to start the Java Gateway server: ERROR <Ens>ErrException: -- logged as '-' number - @''

EnsLib.JavaGateway.Service now returns the more useful error message that's returned from CmdLineForJava.

JGM657: Correct error with DTL FunctionWizard if function does not have parameters

Category: Ensemble.DTL
Platforms: All
Version: 2018.1.1

A JavaScript error would be thrown when selecting a function without parameters from the DTL Function Wizard. This is now corrected.

JGM685: Correct X12 parsing BIN & BDS segments*

Category: Ensemble.HL7/EDI
Platforms: All
Version: 2018.1.3

The parsing of X12 BIN & BDS segments was failing. This is now corrected.

JSL5241: Fix XMLVDOC failure when importing schema into system with non-standard collation

Category: Ensemble.HL7/EDI
Platforms: All
Version: 2018.1.1

Under certain circumstances importing an XML virtual document schema can fail on a system with a nonstandard collation. These schemas will not work correctly. This change corrects this error. With this change Ensemble imports the schema correctly, but the change does not correct schemas that were imported before the change.

JGM707: Correct JS error in Managed Alerts Viewer page on refresh

Category: Ensemble.ManagementPortal
Platforms: All
Version: 2018.1.2

When the Managed Alerts Viewer was set to automatically refresh a JavaScript error could be thrown. This is now corrected

JGM743: Correct Ensemble generation of Production Documentation

Category: Ensemble.ManagementPortal
Platforms: Windows
Version: 2018.1.2

The creation of production PDF documentation on Windows encountered an error due to using a banner image. This is now corrected.

JGM752: Do not delete uncompiled Rule in Rule Editor if not created in that page session

Category: Ensemble.ManagementPortal
Platforms: All
Version: 2018.1.1

The Rule Editor will delete an uncompiled rule on leaving the page or on issuing a Save As. This could lead to deleting a rule that existed before entering the Rule Editor page. This is now corrected.

JGM790: Correct UNDEFINED when exporting all event logs

Category: Ensemble.ManagementPortal
Platforms: All
Version: 2018.1.2

When exporting more than one page of event log entries an UNDEFINED error would be thrown. This is now corrected.

KDS433: Add Empty Option to Settings Dropdown For Non-Required Properties On Production Config Page

Category: Ensemble.ManagementPortal
Platforms: All
Version: 2018.1.3

If a configuration item in a production includes a setting for which the underlying class property has a VALUELIST (and possibly a DISPLAYLIST), then that setting's value appears on the Production Configuration page in a combobox. Prior to this change, the only options that could be selected in this combobox were the ones listed in the VALUELIST/DISPLAYLIST. Now, if the property is not marked as Required, the empty value will also be added to the options which can be selected as that setting's value.

JDN274: Handle Windows newline (\r\n) pattern correctly on Linux platforms

Category: iKnow
Platforms: Windows
Version: 2018.1.1

When text files are read in binary mode, the Windows end-of-line pattern '\r\n' is not translated to the newline pattern '\n'. The iKnow engine handled this double byte pattern as a newline, but only on Windows platforms. Handling such text files on Linux machines resulted therefore in possibly slightly different behavior, leading to different linguistic output. This change corrects this problem. All platforms treat the newline pattern in the same way.

ALE3190: Set correct version string in registry in custom install with all features selected

Category: Installation
Platforms: Windows
Version: 2018.1.1

This change solves a problem where Windows install was not setting product version string in custom install with all features selected.

ALE3239: do not re-create USER namespace in Windows upgrade

Category: Installation
Platforms: Windows
Version: 2018.1.3

Windows upgrade will no longer re-create USER namespace if it was deleting in the original instance.

ALE3278: Preserve "System Manager Machines" parameter in the Web Gateway on upgrade

Category: Installation
Platforms: Windows
Version: 2018.1.3

Windows upgrade will no longer reset "System Manager Machines" parameter in the Web Gateway on upgrade to "*.*.*.*".

ALE3286: Statically link openssl libraries in private web server

Category: Installation
Platforms: UNIX®
Version: 2018.1.3

Apache httpd on lnxrhx64 will have openssl libraries linked statically.

ALE3294: Copy files if they are the same version as existing files in WebGateway install on Windows

Category: Installation
Platforms: Windows
Version: 2018.1.3

Web Gateway install on Windows will replace existing CSPGateway files if they are the same version as kit files. In previous cases, it was not necessary to replace the files if they were the same version, but in going from CSP Gateway to Web Gateway it is required.

ALE3295: Install Core 2.1 packages on UNIX

Category: Installation
Platforms: UNIX®
Version: 2018.1.3

.NET Core 2.1 nupkg files will be installed on UNIX into the [INSTALLDIR]/dev/dotnet/bin/Core21 directory.

CDS3063: Prompt for database encryption key during upgrade installation

Category: Installation
Platforms: Windows
Version: 2018.1.2

When an instance with a database encryption key was upgraded, there was a "Data is missing" error and the encryption key was not activated when the instance was started at the end of the upgrade. The instance will now prompt for the encryption key file at the end of the upgrade.

TSL807: Health Connect UNIX silent install - default to Normal security

Category: Installation
Platforms: UNIX®
Version: 2018.1.3

Previously, an unattended installation of Health Connect would default to minimal security on Linux if normal/locked down was not specified. This would result in a broken instance.

Now a silent install provides the same security level options as a manual installation. If no password is specified, it will fail immediately with:

Password must be defined in Normal or Locked Down security installation.

HYY2100: Improve performance of journaling

Category: Journaling
Platforms: All
Version: 2018.1.2

This change provides substantial improvements to journaling performance.

HYY2282: Address an issue with dejournal prefetchers that could cause system to hang

Category: Journaling
Platforms: All
Version: 2018.1.1

With certain System events (e.g. "logout") enabled for Auditing, an exiting dejournal prefetcher may get stuck in HALT with swcheck set, which could cause the system to freeze because some process (such as database truncation) may set switch 13 before waiting for all the jobs with swcheck set to finish.

The change addressed the issue that caused exiting dejournal prefetchers to hang in HALT.

HYY2283: Address an issue that could cause rollback or dejournaling to fail

Category: Journaling
Platforms: All
Version: 2018.1.1

This change addresses an issue that could cause rollback or dejournaling to fail related to journal switches.

HYY2285: delegate jrnstop task to journal daemon

Category: Journaling
Platforms: All
Version: 2018.1.3

(This change and ALE3167 together address the stated prodlog.)

With this change, the user job that runs ^JRNSTOP to stop journaling no longer needs the write access to journal files.

HYY2296: suppress messages when new prefetchers failed to start due to limit

Category: Journaling
Platforms: All
Version: 2018.1.3

Addressed an issue that could result in spurious informative messages like "Mirror Prefetch exited due to halt command executed" from dejournaling tasks such as mirroring, journal restore or shadowing.

HYY2307: fix error in journal restore following backup restore

Category: Journaling
Platforms: All
Version: 2018.1.3

Addressed an issue that could cause journal restore following backup restore to fail with an error like this:

[***ERROR: InitShare+17^JRNRESTF *dest() Subscript 1 is ""]

if journal updates are restored to the original location (i.e., without database redirection).

The problem is present in 2017.2.0 and later.

HYY2326: Release lock on journal purging after Purge^JRNUTIL failed to access %SYS

Category: Journaling
Platforms: All
Version: 2018.1.2

This change corrects an issue that could prevent the system administrator from performing journal purge after a user without sufficient privilege for journal purging attempted to perform one and failed.

JournalingGroup2019: Multiple changes and corrections related to journaling and mirroring

Category: Journaling
Platforms: All
Version: 2018.1.3

Various issues associated with journaling and mirroring have been addressed. The changes associated with these issues are SML2776, SML2781, SML2782, SML2783, SML2785, JO2990, JO3117, JO3137, JO3140, JO3141, RJF391, RJF392, HYY2362, HYY2364, and HYY2373.

WAL385: Handle attempt to delete nonpersistent XEP class without error

Category: Language Bindings Java and .NET XEP
Platforms: All
Version: 2018.1.1

The Java EventPersister.deleteExtent and the .NET EventPersister.DeleteExtent methods provide a way to delete the extent of a class generated via XEP. In previous relesases, an error was thrown if the specified class was not persistent. With this change, the methods only attempt to delete an extent if the class is persistent. Otherwise, they ignore the class and return success.

WAL508: Fix ActiveX locking issue

Category: Language Bindings.ActiveX
Platforms: All
Version: 2018.1.3

In some cases, ActiveX locks were not freed on the server. Attempting to call the obj.sys_UnlockId(Me.RecordIDctrl.Text) method when using CacheActiveX.dll resulted in a runtime error. This is now fixed.

If your system has these locks that have not been freed, you should execute the following kill command in all effected namespaces after installing this change:

kill ^ISC.oddMETA in all effected namespaces

MC2479: %Net.Remote.Proxy to convert OREF to string when inserting to Gateway.Proxies

Category: Language Bindings.Java
Platforms: All
Version: 2018.1.3

Without converting OREF to string, Gateway.Proxies holds a reference count on the OREF, which causes %OnClose to never be executed. This change converts the OREF to a string when inserting into Gateway.Proxies.

WAL456: Fix Single Character Persistence in .NET XEP

Category: Language Bindings.Net
Platforms: All
Version: 2018.1.1

Prior to this change, if a .NET class had a char of Character valued property a roundtrip would not return the matching data. The property would be projected as %Library.String but instead of a string an integer would be stored. This is now fixed.

WAL461: Update Bindings Wizard to Include Option for Skipping/Including System APIs

Category: Language Bindings.Net
Platforms: All
Version: 2018.1.3

In previous releases, the Bindings Wizard would always default to not generating system APIs (that is, most methods that come from %Library.Persistent). This change adds a new checkbox to the wizard to control this setting -- if you want to generate system APIs such as the Extent query, uncheck the box labeled "Skip generation of system APIs".

DPV5499: Correct DBSRV DirectDialect for non-resultset statement

Category: Language Bindings.Net.ADO
Platforms: All
Version: 2018.1.3

A problem has been corrected with the ADO.NET Managed Provider when using the SQLDialect connection feature and executing a non-resultset statement (like an INSERT). The symptom was the client process would hang waiting on information from the server that the server never sent.

WAL509: Fix NeedsReset Bookkeeping for ADO Connection Pooling

Category: Language Bindings.Net.ADO
Platforms: All
Version: 2018.1.3

If customer C# code using ADO.NET and connection pooling neglected to close connections when finished with them, incorrect data could be inserted for streams (among other problems) because that connection would be recycled without being reset. This is now fixed. Users should close connections, but even if a pooled connection is not closed, it will always be reset before being recycled.

WAL465: Improve Relationship Reference Bookkeeping in .NET Binding Server

Category: Language Bindings.Net.ObjectBinding
Platforms: All
Version: 2018.1.1

Prior to this corrections, relationships and the bindings caching mechanism could run into problems for:

A -&g; C <- B

where objects A and B are both pointing to C. The code:

1. Opened object A

2. Accesses A.C

3. Opened Object B

4. Accessed B.C

5. Closed and reopened A, getting the prior swizzled version of A (another process made changes to A, these were not seen).

WAL504: Remove Out of Date Proxy Classes from .NET Binding Samples

Category: Language Bindings.Net.ObjectBinding
Platforms: All
Version: 2018.1.2

The .NET Binding samples included proxy classes. This is a problem for a few reasons:

1. The proxies can go out of date, meaning the samples appear unusable (although proxies just need to be regenerated).

2. Customers need to generate proxies for their own projects anyway.

WAL524: Improve Cleanup in Related Object Reference Bookkeeping for Bindings Server

Category: Language Bindings.Net.ObjectBinding
Platforms: All
Version: 2018.1.3

There was a problem in OREF reuse that could be exposed by particular related class structures. This issue first appeared in Caché 2018.1.1. This change fixes the problem.

WAL410: Fix ObjectScript projection for generated ID property

Category: Language Bindings.Net.XEP
Platforms: All
Version: 2018.1.1

In C# classes used for XEP, developers can specify an Id annotation that causes an Id property to be assigned a generated value.

[Id(generated = true)]
public System.Int64? id_property;

In some cases, schemas with the generated id annotation may encounter a problem. If you encounter this problem, remove the annotation and the behavior will be unchanged from the previous version.

CMT1693: Reinstate the ability to exchange raw 8-bit string data

Category: Language Bindings.Nodejs
Platforms: Windows
Version: 2018.1.3

This change reinstates the ability to exchange raw 8-bit string data with Cach&eacurte; and InterSystems IRIS. As the Node.js/V8 API has developed it has become the case that most string functionality has been geared towards either UTF8 or 2-Byte Unicode.

It remains the case that the default character encoding scheme for iris.node is UTF8, but in addition to UTF16, the module will now recognize the following character sets:

• ANSI
• ASCII (the 7-bit set)
• ISO-8859-1
• Windows-1252

For example, using one of the above character sets, it is possible to send strings containing character values in the range 128 to 255 without them becoming encoded as UTF8.

   var connection = db.open{path:path, username: username, password: password,namespace: namespace, charset: "ISO-8859-1"};
   var data = String.fromCharCode(128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149)
   var result = db.set("MyGlobal", 1, data);

Finally, there is a performance benefit in using one of the above character sets.

CMT1694: Ensure that the iris.node module can accept data passed to Caché and InterSystems IRIS from JavaScript buffers.

Category: Language Bindings.Nodejs
Platforms: All
Version: 2018.1.3

This cchange ensures that the iris.node module can accept data passed to Caché and InterSystems IRIS from JavaScript buffers. This enhancement will facilitate passing binary data to the database. For example:

   var data = new Buffer(10);
   for (n = 0; n < 10; n ++) {
      data[n] = n + 1;
   }
   var result = db.set("MyGlobal", 1, data);
 

CMT1743: Correct problems and inconsistencies encountered on returning Unicode text from Class Methods

Category: Language Bindings.Nodejs
Platforms: All
Version: 2018.1.3

This change corrects a number of problems and inconsistencies encountered on returning Unicode text from Class Methods.

For complete interchangeability between API and TCP based connectivity to Caché and InterSystems IRIS, all COS functions and methods should return non-7-bit ASCII text as UTF8 encoded regardless of whether the encoding scheme specified in cache.node and iris.node is UTF8 or UTF16.

For example:

ClassMethod MyClassMethod() As %String
{
   set result = [Unicode text]
   quit $zcvt(result, "O", "UTF8")
}

CMT1744: Correct a regression in the structure of the JSON object returned by the invoke_method() call

Category: Language Bindings.Nodejs
Platforms: All
Version: 2018.1.3

This change corrects a regression in the structure of the JSON object returned by the invoke_method() call.

CMT1753: Correct a regression in the optimized version of the Global API methods

Category: Language Bindings.Nodejs
Platforms: All
Version: 2018.1.3

This change corrects a regression in the optimized version of the Global API methods (such db.set() and db.get()).

Recent regression testing revealed that these methods would occasionally throw unexpected exceptions in some Node.js scripts.

CMT1754: Correct a regression in the optimized version of the Global db.get() method

Category: Language Bindings.Nodejs
Platforms: All
Version: 2018.1.3

This change corrects a regression in the optimized version of the Global db.get() method.

Recent regression testing revealed that the the (optimized) get() method did not correctly encode the output as UTF8 when this coding scheme was in force.

CMT1760: Correct a small memory leak in the language bindings for Caché Objects

Category: Language Bindings.Nodejs
Platforms: All
Version: 2018.1.3

A previous change introduced a template and container based approach for binding to the Object Classes with a view to hiding the mechanics of maintaining instances on the InterSystems IRIS side (the 'oref' values etc ...):

    var cclass = db.cache_class("MyClass");
    var result = cclass.MyMethod({arguments ...});

RFD2048: Fix error trap in License Monitor

Category: Licensing
Platforms: All
Version: 2018.1.3

This change fixes error handling of log file in License Manager code, preventing unnecessary restarts of License Server.

SML2762: Handle more than 10 ECP client waiters in ECP data server

Category: Lock
Platforms: All
Version: 2018.1.3

This change fixes a possible lock table corruption in data server when there are more than 10 app servers connect to the data server.

CDS3006: Provide better error message if new Client Application does not exist

Category: Management Portal
Platforms: All
Version: 2018.1.3

When defining a new Client Application in the Portal Security Management, if the application executable does not exist there would be an <UNDEFINED> error. This change provides a more useful error message.

SAM522: Correct status code trapping in CSP.UI.SYSTEMExpResultsPage

Category: Management Portal
Platforms: All
Version: 2018.1.3

This change corrects a latent defect where an uninitialized variable was silently tripping a Try-Catch and prematurely aborting the initialization of new namespaces.

SAM528: Suppress loss-of-connectivity pop-ups in Management Portal

Category: Management Portal
Platforms: All
Version: 2018.1.2

This change revises the behavior of Management Portal to allow optional suppression of JavaScript alert() pop-ups when connectivity to the server is lost.

This change introduces the global ^%SYS("Portal","DisableConnectivityPopup"). If this is left undefined or set to zero, the previous behavior is unchanged and loss-of-connectivity pop-ups are not suppressed. If set to 1, then errors resulting from a hyperevent that return a status code of 0 (not a real code, internal trap) or 400 will be routed to the less intrusive no-popups reporting logic. This change addresses the problem where Management Portal pages with background heartbeats displaying errors up during system restarts. Other conditions causing 400 and 500 series errors will continue to display the pop-ups since these conditions should stop client side execution and may require the user to respond.

YSD3559: SMP - Fix Mirroring for Async member and Monitor

Category: Management Portal
Platforms: All
Version: 2018.1.1

The following changes were made:

The "Update network addresses" message, when available, is now a link. Clicking it will take you to the dialog where you can modify the network addresses.

The "Edit Async" page is modified to include the validate failure logic.

YSD3577: Ensure doEdit() in Edit Async Mirror can handle certain failure conditions

Category: Management Portal
Platforms: All
Version: 2018.1.1

This change prevents an undefined error from the Editing Async mirror page. The mirror set can be edited if the local member in this mirror set has not failed or if it has failed it was because of TIMEOUT.

YSD3619: Mirroring fixes for when cloned system is detected

Category: Management Portal
Platforms: All
Version: 2018.1.1

This change ensures that the links for "Remove local mirror configuration" and "Join this mirror as a new member" behave properly whether user has or has not the resources required to perform the action. When they do not, an error message is displayed. When they do, the appropriate dialog is displayed.

When the "Remove" or "Join" is performed and the save is successful, the dialog is closed and the calling page, Edit Async page or the Monitor page, will be refreshed with new data. When the "Remove" or "Join" is performed and the save returned an error, the error message is displayed in an alert box. Then when OK is pressed, the dialog will be closed and the calling page, Edit Async page or the Monitor page, will be refreshed.

YSD3630: Mirror - Fix an error checking the SSL verification status

Category: Management Portal
Platforms: All
Version: 2018.1.2

This change fixes an error checking SSL verification status. The result of this error was that a mirror could be allowed to join the set even if the verification failed. This error was first encountered in Caché 2018.1.1.

YSD3646: Correct escape for URL on %CSP.UI.System.ExpResultPage

Category: Management Portal
Platforms: All
Version: 2018.1.3

This change corrects the URL used in var refreshpage.

DPV5295: FM2Class: Correct mapping of indices when the field also has an "A"-type index (FM2Class 2.35)

Category: Migration
Platforms: All
Version: 2018.1.1

This corrects a problem with the FM2Class mapper utility where an index might not be defined in the mapped class if the field also has an "A"-type index that was not defined in the class.

DPV5352: FM2Class: Correct references to fields that were omitted because of RECURSION="NONE"

Category: Migration
Platforms: All
Version: 2018.1.1

This correction is FM2Class version 2.36. A problem has been corrected when using the setting Recursion = 0 or Recursion = "NONE" where the creation of index maps might get an <UNDEFINED> error attempting to define an index map for a field that was not mapped because of the recursion=0 setting.

DPV5412: FM2Class: Revert duplicate field name handing behavior to v2.36 behavior

Category: Migration
Platforms: All
Version: 2018.1.2

In FM2Class version 2.37, a minor change was made to the naming convention for fields which ended up with duplicate SqNames in the class definition. This cause a compatibility issue with some customers who replied on the naming convention of the previous behavior. This change reverts the naming convention to the way it way prior to version 2.37.

This is FM2Class version 2.39.

DPV5459: FM2Class: Support new FileMan 22.2 datatypes, including TIME, YEAR, and UNIVERSAL TIME

Category: Migration
Platforms: All
Version: 2018.1.3

This is FM2Class version 2.40

The FM2Class utility now supports mapping the new datatypes supported by FileMan v22.2. For more information on these datatypes, see

VA FileMan 22.2 User Manual published by the United States Department of Veteran Affairs. This section includes some information from the User Manual.

The types supported are described as follows:

BOOLEAN Fields

A field defined as a BOOLEAN data type can have only two entry values: YES or NO. The internal values of the BOOLEAN DATA TYPE is set to 1 for YES and 0 for NO.

BOOLEAN fields first appeared in Fm2Class v2.35.

LABEL REFERENCE Fields

A field defined as a LABEL REFERENCE data type is designed to store a tag and routine entry of the format, TAG^ROUTINE. It is stored as a free-text field.

LABEL REFERENCE fields map internally as %Library.String.

TIME Fields

A field defined as a TIME data type can accept many of the date/time entries, but only stores the TIME portion.

For example, if the external value is 15:09:43, the internal value is 150943.

TIME fields map internally as %Library.FilemanTime (a new datatype class - see following).

YEAR Fields

A field defined as a YEAR data type can accept many of the date entries, but only stores the YEAR portion.

For example, if the external value is 2016, the internal value is 3160000.

YEAR fields map internally as %Library.FilemanYear (a new datatype class - see following).

UNIVERSAL TIME Fields

A field defined as a UNIVERSAL TIME data type can accept many of the date/time entries and stores the date/time in a format with the local time and includes an indicator showing the offset from Universal Time. The first 14 characters of the internal storage of the UNIVERSAL TIME data type are exactly like the current DATE/TIME data type that includes seconds. The three characters in position 15, 16, and 17 indicate the UTC time offset in five (5) minute increments. In the example following: (440-500)/12=-5, this is a negative five hour offset from UTC.

For example, if the external value is JAN 6,2016@08:03:36 (UTC-5:00), then the internal value is 3160106.080336440.

UNIVERSAL TIME fields map internally as %Library.FilemanTimestampUTC (a new datatype class - see below).

FT POINTER Fields

A field defined as a FT POINTER data type works similar to the POINTER data type, but internally stores the free text that was returned from the pointed-to value.

For example, if the external value is PATCH,USER, the internal value is PATCH,USER.

FT POINTER fields map internally as %Library.String

FT DATE Fields

A field defined as a FT DATE data type works similar to the DATE/TIME data type, but internally stores the free text that was input by the user to determine the date.

For example, if the external value is T-1, then the internal value is T-1.

FT DATE fields map internally as %Library.String.

RATIO Fields

A field defined as a RATIO data type is designed to accept two numbers with a colon “:” between the two numbers. It is formatted and stored like a mathematical ratio. For example, the external and internal value could be 1:7.

RATIO fields map internally as %Library.String

New datatype classes:

%Library.FilemanTime:

Custom Time datatype designed to handle internal FILEMAN format Time (HHMMSS).

A field defined as a TIME data type can accept many of the date/time entries, but only stores the TIME portion.

External: 15:09:43 
Internal: 150943 
ClientDataType = TIME, OdbcType = TIME, SqlCategory = STRING
Parameter COLLATION = "STRING";

%Library.FilemanYear:

Custom DATE data type designed to convert FILEMAN format YEAR fields.

A field defined as a YEAR data type can accept many of the date entries, but only stores the YEAR portion.

Example:

External: 2016 
Internal: 3160000 
ClientDataType = VARCHAR, OdbcType = VARCHAR, SqlCategory = STRING
Parameter COLLATION = "STRING";

%Library.FilemanTimeStampUTC:

Custom TimeStamp datatype designed to handle internal FileMan UNIVERSAL TIME datatype (CYYMMDD.HHMMSSZZZ).

This data type projects proper VARCHAR/STRING metadata to DISPLAY and ODBC Client software. The conversion methods of this datatype assume a full FIleMan 22.2 run-time environment is installed, and that the DUZ(2) variable is defined and DUZ(2) references an INSTITUTION that includes defined COUNTRY and LOCATION TIMEZONE values.

ClientDataType = VARCHAR, OdbcType = VARCHAR, SqlCategory = STRING
Parameter COLLATION = "STRING";

The main purpose of these datatypes is to provide internal (Logical) and external (Display/Odbc) values for the type. They are not set up with the SQL engine to be compatible with other date/time/timestamp types. For example: %FilemanTime will not compare properly with a %Time type in a query because the logical values of the two types are different. The logical value for these three types are strings, and they use STRING collation to force the compared value to be a string. If you want to do something like compare a %FilemanTime field with the current time, you must first convert the FM TIME field to a %Time format so the comparison is valid. An example of this is:

JO2818+YSD3541: Validate local network addresses at mirror startup to detect cloned systems

Category: Mirroring
Platforms: All
Version: 2018.1.1

When a mirror member instance starts up, its network address is validated by attempting to contact the instance at the configured mirror private address. If a different instance is contacted at the configured address, the local instance was very likely copied from another host, for example through backup and restore. If no instance is contacted, it may be that the network configuration of the local instance's host has changed and its mirror network addresses need updating. The Management Portal and the ^MIRROR routine both provide instructions for resolving these errors. For more information, see Resolving Network Address Validation Errors in the High Availability Guide.

JO3065: Add /IOTABLE="RAW" when opening a TCP device for mirroring

Category: Mirroring
Platforms: All
Version: 2018.1.1

Previously changing the default translation for TCP devices from RAW caused a problem with mirroring. This has been resolved.

JO3107: Restore ability to force a member to become the primary when the other member's agent is up but directory is not accessible

Category: Mirroring
Platforms: All
Version: 2018.1.3

Restore the ability to use Force Become Primary in the situation when the agent for the other mirror member is reachable but the installation directory is not accessible.

JO3111: Mirror Server dmns (send and ack) need to cooperate when cleaning up shared memory (mirrorsvr_share_free)

Category: Mirroring
Platforms: All
Version: 2018.1.3

A relatively rare problem where the mirror might enter a permanent trouble state when the connection to an async member has been lost has been resolved.

JO3114: Fix rare case where a crash during a Catchup operation causes journal data to be skipped

Category: Mirroring
Platforms: All
Version: 2018.1.2

If a system crashes during a Catchup operation, there was a small window where it was possible that some journal data would be skipped. This change corrects this problem. This problem was introduced in Caché 2017.2. If you have a Caché 2017.2 instance that crashed during a Catchup operation, contact the InterSystems Worldwide Resource Center for help in determining if you have encountered this problem.

JO3117: Remove code that lets a backup take over if it thinks the primary went down within the trouble timeout

Category: Mirroring
Platforms: All
Version: 2018.1.3

This fixes a problem where the mirror backup may incorrectly decide the primary has gone down within the trouble timeout period and take over without all of the journal data which has been committed to databases on the primary. In this case when the primary restarts it will not be able to rejoin the mirror because its databases will be out of sync.

RJF391: Fix "bad global reference" in mirror dejournaling due to dejournal stack corruption

Category: Mirroring
Platforms: All
Version: 2018.1.3

Prior to these fixes mirror dejournaling could, in rare cases, get a "bad global reference" error, or much rarer still, apply an update to an incorrectly (to the wrong global or with a bad value).

SML2618: Allow InterSystems IRIS instance to join Caché/Ensemble mirror set

Category: Mirroring
Platforms: All
Version: 2018.1.3

When an InterSystems IRIS instance joins a Caché/Ensemble mirror set while the Caché/Ensemble systems do not have InterSystems IRIS ISCAgent installed, the InterSystems IRIS with this change will be able to join the mirror set when the Caché/Ensemble mirror set is in UNICODE version. If the Caché/Ensemble is non-UNICODE then the InterSystems IRIS joins the mirror set but can't connect to primary, while the primary won't be able to add this new InterSystems IRIS member in its mirror set. Uses have to manually add the InterSystems IRIS member in the mirror set through ^MIRROR or SMP utility.

SML2626: Validate network address in Management Portal when primary modifying them

Category: Mirroring
Platforms: All
Version: 2018.1.1

The Management Portal was not validating the network address when the administrator changed it. This change corrects this problem.

SML2641: Ensure the the mirror manager master daemon does not wait for the ECP server

Category: Mirroring
Platforms: All
Version: 2018.1.1

Under certain circumstances, the mirror master daemon could wait for a nonresponsive ECP server. This change corrects this problem.

SML2642: Fix an unwanted message after failing to join mirror

Category: Mirroring
Platforms: All
Version: 2018.1.1

Under some circumstances, when the system failed to join the mirror set, a misleading message telling the administrator to authorize the mirror on the primary was displayed. This change corrects this problem.

SML2653: Fix failure to become primary even after force primary

Category: Mirroring
Platforms: All
Version: 2018.1.1

Under certain circumstances a mirror would fail to become primary and the administrator could not force the system to become primary. This change corrects this problem.

SML2654: Ensure that last journal file sent is not purged prematurely

Category: Mirroring
Platforms: All
Version: 2018.1.1

Under rare circumstances when the disk is full, a mirror could purge the last file sent when an async member had not yet received it. This change corrects this problem.

SML2655: Fix CatchupDB in backup member when the mirror set has only one backup member

Category: Mirroring
Platforms: All
Version: 2018.1.1

Under certain circumstances, such as caused by copying cache.dat from one system to another, a mirror could not immediately catch up when becoming primary. This change corrects this problem.

SML2656: Fix failure to restore with long database path and mirror database name in backup file

Category: Mirroring
Platforms: All
Version: 2018.1.1

Restoring a file with a long database path and mirror database name could fail. This change corrects this problem.

SML2664: Fix rare case where member is promoted to master but other mirror members do not recognize this

Category: Mirroring
Platforms: All
Version: 2018.1.1

Under rare conditions, a member is successfully promoted to master but the other mirror members do not recognize this promotion. This change corrects this problem.

SML2665: Ensure messages from Display Mirror Configuration are consistent with Manage 'Allow Parallel Dejournaling'

Category: Mirroring
Platforms: All
Version: 2018.1.1

In Display Mirror Configuration, the Management Portal displayed the internal values of the setting and in managing 'Allow Parallel Dejournaling', the Management Portal displayed the kinds of mirror members selected. This change ensures that the Management Portal displays the kinds of mirror members selected in both situations.

SML2666: Activate AllowParallelDejournaling changes in backup/async members when primary changed it

Category: Mirroring
Platforms: All
Version: 2018.1.1

Activating AllowParallelDejournaling did not automatically activate this on backup/async members. This change ensures that when AllowParallelDejournaling is activated on the primary, it is also activated on backup/async members.

SML2700: Fix CatchupDB in backup member when the mirror set has only one backup member

Category: Mirroring
Platforms: All
Version: 2018.1.2

Under certain circumstances if a backup member needed to catch up, it could not become the primary mirror because the database would not be marked as active. This change corrects this problem.

SML2720: Add SYS.Mirror.VerifyMirrorSSLCertificates() public API.

Category: Mirroring
Platforms: All
Version: 2018.1.3

This enhancement adds a new public API, SYS.Mirror.VerifyMirrorSSLCertificates(), to verify the Mirror SSL certificates across instances.

SML2736: Allow Caché/Ensemble to join/connect IRIS mirror set

Category: Mirroring
Platforms: All
Version: 2018.1.3

For Caché/Ensemble instances to join/connect to IRIS mirror set, all the Caché/Ensemble instances need to have this change installed.

SML2756: Support join mirror to a machine with same instance names in InterSystems IRIS and Caché/Ensemble registries

Category: Mirroring
Platforms: All
Version: 2018.1.3

This change allows a Caché/Ensemble instance to join mirror to a machine which has two instances with the same name on the InterSystems IRIS and Caché/Ensemble registries when the instance it intends to join is an InterSystems IRIS instance.

SML2765: Fix failure in backup member when primary setup and enabled SSL

Category: Mirroring
Platforms: All
Version: 2018.1.3

This change added a parameter for ValidateFailoverPartner^MIRRORMGR() when the MIRRORMGR daemon of backup member received shutdown message due to SSL update, and the daemon in backup member sync mirror configuration with primary and call ValidateFailoverPartner() without passing this new forceBecomePrimary parameter and caused the error.

RFD2001: Allow SNMP user extensions

Category: Monitoring
Platforms: All
Version: 2018.1.2

This change corrects a problem that caused problems with SNMP user extensions.

RFD2010: Fix time reported for Xecute commands by MONLBL

Category: Monitoring
Platforms: All
Version: 2018.1.1

MONLBL was including the time to execute the line after the Xecute command when reporting the elapsed time. This change corrects this problem.

GK1380: Unexpected database error on reverse $Query of SLM mapped global across ECP.

Category: Networking.ECP
Platforms: All
Version: 2018.1.1

A rare issue has been resolved where reverse $query raised database error on a SLM mapped global across ECP.

GK1405: Fix hung ECP server dmn cleanup rtn that may leave the clean up job in an invalid state

Category: Networking.ECP
Platforms: All
Version: 2018.1.3

In very rare conditions, when the ECP cleanup rtns detects that an ECP server dmn is hung it aborts the cleanup. The cleanup sets up some temporary storage for dmn cleaning, but aborting the cleanup leaves the process in an invalid state.

Leaving it in that state may raise an unexpected system error later during halting.

GK1410: Fix <UNDEFINED> error during startup of journal rollback when it tries to resume a previous rollback

Category: Networking.ECP
Platforms: All
Version: 2018.1.3

This change fixes <UNDEFINED> error during startup of journal rollback when it tries to resume a previous rollback.

MAK4765: If %Net.HttpRequest gets a READ error when reading the server response report this as an error %Status

Category: Object Library
Platforms: All
Version: 2018.1.3

If %Net.HttpRequest gets a READ error when reading the server response report this as an error %Status where as before it would return $$$OK.

MAK4842: Improve %File:CreateDirectoryChain to avoid permissions issue on Windows

Category: Object Library
Platforms: Windows
Version: 2018.1.3

On Windows, if a user does not have permission on a directory but does have permissions on a subdirectory and you called ##class(%File).CreateDirectoryChain to create a new directory in the subdirectory, it would fail. You do have the ccorrect permission on it, but it would fail when it attempted to see if the parent directory existed, but you do not have permissions on the parent directory. Now it scan backwards to avoid this problem.

SOH676: Fix Typo in %ZEN.Auxiliary.altJSONProvider method

Category: Object Library
Platforms: All
Version: 2018.1.3

The implementation of the %AbstractListToAET method in the %ZEN.Auxiliary.altJSONProvider class contained a typo. The call on the %New() method was incorrectly typed as "%SNew". This change fixes this problem.

CDS3080: Fix rare compiler crash caused by CONTINUE statement

Category: ObjectScript
Platforms: All
Version: 2018.1.1

Under rare conditions, depending on the underlying operating system memory layout and the level of nesting in the routine, the ObjectScript compiler could get an access violation when compiling a CONTINUE statement. This change corrects this problem.

CDS3111: Fix <STRINGSTACK> compiling string concatenation

Category: ObjectScript
Platforms: All
Version: 2018.1.3

Compiling a long string concatenation expression in direct mode or XECUTE, when some of the pieces contain Unicode characters, could result in a <STRINGSTACK> error. This change corrects this problem.

CDS3113: Fix access violation with indirection in new job

Category: ObjectScript
Platforms: All
Version: 2018.1.3

This change fixes a possible access violation if the first use of the ObjectScript compiler in a new job is for name indirection that resolves to a subscripted name with a special variable as the subscript.

MXT2179: Set CurrentAuthenticationScheme for Basic authentication in HttpRequest

Category: REST
Platforms: All
Version: 2018.1.1

The CurrentAuthenticationScheme for Basic authentication in an HttpRequest was being set to "". This change ensures that it is set to "Basic".

CTW001: Add auditing for %SYS.X509Credentials Class

Category: Security
Platforms: All
Version: 2018.1.3

This change enables security auditing of CUD operations to %SYS.X509Credentials objects.

DPV5443: SQL SECURITY: [GLOBAL] PRIVATE TEMP TABLES no longer allow xDBC login access to a namespace

Category: Security
Platforms: All
Version: 2018.1.3

A problem has been corrected where a user could connect via xDBC to a namespace even though they had no privileges on any SQL objects in the namespace except for a GLOBAL PRIVATE TEMPORARY TABLE or a PRIVATE TEMPORARY TABLE, which all users implicitly have access to because the owner of such temporary tables is _PUBLIC. Now the user must have some SQL privilege on an SQL object other than a [GLOBAL] PRIVATE TEMPORARY TABLE.

MXT2128: Do not return invalid redirect_uri error to the redirect_uri

Category: Security
Platforms: All
Version: 2018.1.3

With this change OAuth2 does not return invalid redirect_uri error to the redirect_uri. Instead it returns the error to the authorization code requester.

MXT2145: OAuth2: Allow unexpected methods in "token_endpoint_auth_methods_supported" property during discovery

Category: Security
Platforms: All
Version: 2018.1.3

OAuth2: This change allows unexpected methods in "token_endpoint_auth_methods_supported" property during discovery.

MXT2211: Make sure to updateJWKS on each client even if client secret is not set

Category: Security
Platforms: All
Version: 2018.1.3

Make sure to updateJWKS on each client even if client secret is not set. After executing "Update JWKS" on the server definition screen, the public jwks for the authroization server must be updated for each client even if the client does not have a client secret.

STC2606: Update Group Model for LDAP authorizations

Category: Security
Platforms: All
Version: 2018.1.3

This change updates the group model for LDAP auhtorizations. For details, see "About LDAP Groups and Caché" in the Caché Security Administration Guide.

STC2661: Add multiple LDAP domains

Category: Security
Platforms: All
Version: 2018.1.3

This change adds the capability to authenticate to more than one LDAP server. When the system is initially installed, a default LDAP configuration is created for you based on your default domain. You must then use the Management Portal to modify the default settings of the LDAP configuration which was created for you, such as a valid LDAP Search Username and password combination.

If you wish to authenticate to multiple LDAP servers, you must first turn on the feature "Allow multiple security domains". When you do this, all usernames in the user database are modified to be in the format username@defaultdomain.com, and any username prompts must be entered as username@defaultdomain.com.

Now to authenticate against a different LDAP server, you must create a new LDAP configuration in the Management Portal which points to a different server. For example, you may have a LDAP configuration called example.com which points to an LDAP server example.internal.com. To authenticate against this LDAP server, you would need to enter the username myuser@example.com. Now if you want to authenticate against a second LDAP server, you would create a new LDAP configuration called example.org, with a the second LDAP server called examaple.internal.org. To authenticate against this server, you would use a username of user@example.org. Note that when creating a new LDAP configuration, there is an option to copy an existing LDAP configuration which makes adding new configurations simple, especially if you have similar LDAP structures and the same search username/password on all your servers.

Once you create a new LDAP configuration, you can easily test your settings by clicking the Test LDAP Authentication button and entering a username@ldapconfig/password.

STC2669: Add LDAP configuration display to Management Portal

Category: Security
Platforms: All
Version: 2018.1.3

LDAP configurations can now be displayed from the Operator menu in the Management Portal.

STC2671: Return email and mobile phone from LDAP to the User Record

Category: Security
Platforms: All
Version: 2018.1.3

When using the built in LDAP authentication, the LDAP email address, mobile phone, and mobile phone provider are now returned and stored in the user record.

STC2675: Security.Domains database no longer used

Category: Security
Platforms: All
Version: 2018.1.3

When you have multiple security domains enabled on your system, it is no longer necessary to create a domain for your user before you can enter him into the user database. Previously you would have to go to the mgt port and create a domain "example.com" before you could enter a user in the user database from that domain, for example jimsmith@example.com.

Now you can directly create a username jimsmith@example.com without creating the domain name first.

Since the domains database is no longer used, it is removed from the security database. All the methods in Security.Domains have been deprecated, and when called perform no action.

STC2686: Remove %System/%Security/LoginRuleChange event

Category: Security
Platforms: All
Version: 2018.1.3

The %System/%Security/LoginRuleChange audit event has been removed.

STC2699: LDAP updates for operating system authentication

Category: Security
Platforms: All
Version: 2018.1.3

The following changes were made to LDAP authentication.

1. The first time an operating system LDAP authentication user logs in, they will be prompted for a username/password. Once they successfully log in, subsequent logins will not be prompted for.
2. For Active Directory LDAP servers, if the account is set to expire in the future, that date is now stored in the user record in the security database. If we are disconnected from the LDAP server, and using LDAP credentials cache authentication, the user will not be able to log in if we are past the expiration date.
3. The security scan task will now check all the LDAP users in the security database against the LDAP server and if the account is expired/pwchange set/disabled/ or deleted on the LDAP server, the account is deleted from the Security Database.
4. The Security.Users:Detail() query now included the Flags parameter. This makes it possible to examine a record and determine if it is an LDAP user.
5. The LDAP authentication checks PWDCHANGE/AccountExpires/Disabled before performing a bind and retrieving the users groups which speeds up authentication failures for these items.
6. If the user has the %All role and cannot authenticate properly, the test displays all the group information for the user. Previously the test would stop after the Authentication failure. If the account has an expiration date, it is now displayed in the test output.

STC2713: Increase size of CreateUsername in Security.Users

Category: Security
Platforms: All
Version: 2018.1.3

This change increases the size of the CreateUsername property in the Security.Users class to 128 characters. Previously it was 50.

STC2772: Add audit event %SYSTEM/%SQL/PrivilegeFailure

Category: Security
Platforms: All
Version: 2018.1.3

There is a new Audit Event added to the Audit table called %SYSTEM/%SQL/PrivilegeFailure.

STC2775: Continue to log message once certificate expires

Category: Security
Platforms: All
Version: 2018.1.3

Previously the system monitor would log when a SSL certificate was going to expire up to 31 days before it was due to expire. Once the certificate expired, it would stop logging this. It now continues to log that it has expired.

STC2832: Increase size of $username field to handle long domains

Category: Security
Platforms: All
Version: 2018.1.3

rnames can now be up to 160 characters long. If you have Multiple Domains enabled, the username consists of the domain appended to the username, for example user@example.com.

STC2835: LDAP InstanceId default now uses "_" rather than ":"

Category: Security
Platforms: All
Version: 2018.1.3

LDAP InstanceId default now uses "_" rather than ":" because the ":" character is not a valid character for the sAMAccountname field on an active directory server.

STC2901: 1-argument form of $SYSTEM.Security.Login() must be a Caché user or Kerberos user

Category: Security
Platforms: All
Version: 2018.1.3

In order to successfully login a user with $SYSTEM.Security.Login(Username), the user must be an Caché password user or kerberos user, and not LDAP, Delegated or other.

STC2960: Don't write to audit file while dismounted

Category: Security
Platforms: All
Version: 2018.1.3

Attempting to erase or encrypt/decrypt the audit database, dismounts the audit database. This change suppresses the attempt to create an audit record for this action, since it cannot be written to the dismounted database. After operation completes, audit events for the process are restored to their previous values. trw158

STC2991: Update LDAP test

Category: Security
Platforms: All
Version: 2018.1.3

This change updates this test. Note that this test only checks to see if LDAP is set up correctly for the system so that the instance can connect to the LDAP server and perform authentication checks for the entered user. It does not perform any authorizations or permission checks to determine if the user can actually successfully log into the system. The end user may need to add additional permissions to the user for them to successfully log in. If the "Test LDAP" succeeds for the entered user, but the user cannot actually log in, the audit record should be checked for the login failure.

WDS732: Increase maximum number of activated database encryption keys to 256

Category: Security
Platforms: All
Version: 2018.1.1

The maximum number of activated database encryption keys was 4. This change increase the maximum number of activated database encryption keys to 256. It slso increases the maximum number of keys in an encryption key file to 256.

WDS738: Prevent Windows ERROR_SHARING_VIOLATION when renaming files in CVEncrypt

Category: Security
Platforms: Windows
Version: 2018.1.1

If CACHE.DAT is renamed, the system could display an ERROR_SHARING_VIOLATION message. This change corrects this problem.

WDS741: Fix ability to save startup options with KMIP

Category: Security
Platforms: All
Version: 2018.1.1

Under certain conditions you could not save the startup options with ^SECURITY when enabling encryption of the audit database. This change corrects this problem.

WDS745: Improve detection of AES hardware instructions

Category: Security
Platforms: All
Version: 2018.1.1

On some platforms the AES-NI instructions were not being detected. This change ensures that the AES instructions will be detected on those platforms if they are present.

HYY2291: Addressed a rare case of shadow database discrepancy

Category: Shadowing
Platforms: UNIX®,Windows
Version: 2018.1.3

Addressed an issue that could result in data discrepancy between shadow and source databases in the rare circumstance where the source server of shadowing has 256 (or a multiple of) databases mounted in a short period of time.

The issue affected shadowing in all supported releases for Windows and Unix.

HYY2340: Addressed an issue with the query that lists incomplete transactions on a shadow

Category: Shadowing
Platforms: All
Version: 2018.1.3

This change addressed an issue that cause the query SYS.Shadowing.Shadow:IncompeteTransactions not to list any incomplete transactions.

DPV5074: Do not run TuneTable on a table mapped to a readonly database

Category: SQL
Platforms: All
Version: 2018.1.3

When running TUneTable, if the class that projected the table originates in a database mounted readonly, the tuning of the table will not occur. You will see a message like:

Table 'Ens_ServiceRegistry_External.Action' is mapped to a readonly datababase. No tuning will be performed.

DPV5496: Correct TuneTable setting of Selectivity and AverageFieldSize for serial properties

Category: SQL
Platforms: All
Version: 2018.1.3

A problem has been corrected with the TuneTable utility where in some cases running TuneTable would not store the Selectivity and AverageFIeldSize in the class definition properly for serial sub-fields.

DPV5502: Correct %SQL.Migration.Import.CopyData issue where ^CacheStream never gets cleaned up

Category: SQL
Platforms: All
Version: 2018.1.3

A problem has been corrected where using %SQL.Migration.Import.CopyData() method to copy a table's data via the ODBC gateway leaves temporary stream data defined in ^CacheStream if the data being copied contains stream fields.

DPV5516: Correct code generation of NextCode when global name contains the characters "NEXT"

Category: SQL
Platforms: All
Version: 2018.1.3

A problem has been corrected when compiling a class using %Storage.SQL that includes NextCode, and the map uses a global name that contains the characters "NEXT". The logic to replace the pseudo label NEXT was mangling the global name.

DPV5539: Correct %Date behavior when ZDateNull compatibility setting is 1

Category: SQL
Platforms: All
Version: 2018.1.3

Caché SQL now supports the Caché configuration setting ZDateNULL=ON. Dates outside of the range 01/01/1841 through 12/30/2098 will evaluate to null when used in SQL statements.

DPV5570: Correct <PROTECT> error when printing result sets from Management Portal

Category: SQL
Platforms: All
Version: 2018.1.3

A problem has been corrected where printing a result set from the Management Portal SQL query execution could result in a process stuck in a loop encountering a <PROTECT> error.

MAK5029: Do not record light weight SQL query stats on a mirrored system unless it is the primary

Category: SQL
Platforms: All
Version: 2018.1.2

In a mirrored environment when a system is not the primary there was potential for data to be recorded in the CACHE database that was never cleaned up and slowly used more and more database space. This change prevents this unlimited expansion.

A consequence of this is that lightweight SQL query statistics are not reported from a mirrored non-primary system. If you use a mirrored non-primary system for reporting use of SQL, the lightweight stats will not include these reporting queries.

TRW1586: Fix <UNDEFINED> errors caused by IN conditions on lists of composite row IDs

Category: SQL
Platforms: All
Version: 2018.1.3

Some queries with IN conditions on lists of composite row IDs could trigger <UNDEFINED> errors. This change corrects this issue.

DPV5460: Correct ALTER TABLE when adding a column with COMPUTEONCHANGE

Category: SQL.DDL
Platforms: All
Version: 2018.1.3

A problem has been corrected where the class definition is not updated properly when ALTER TABLE is used to add a computed field to a table with a COMPUTEONCHANGE clause.

JCN1995: Make PrepareHandle signature match between interface.h and main.cpp

Category: SQL.GateWay
Platforms: Windows
Version: 2018.1.3

There was a difference between the signature of PrepareHandle method in main.cpp and the same signature in interface.h. This difference could cause a signal 6 error on UNIX platforms, which causes an application termination. The difference did not have an impact on Windows platforms. This change makes the signatures the same in both files.

DPV5377: SQL Gateway: Allow for inserts into Oracle® database view to not use Auto Generated Keys logic

Category: SQL.JDBC
Platforms: All
Version: 2018.1.2

A problem has been corrected where an INSERT into an external table in an Oracle database might fail if the external table does not support returning auto generated keys. One example of this is the insert into an external table that is defined as a view in Oracle and has an INSTEAD OF trigger. In this case, Oracle does not allow the RETURNING clause on the insert statement. This returning clause is added when RETURN_GENERATED_KEYS is specified for the JDBC statement.

When the table is linked to Caché, there is no way for Caché to tell the table does not support auto-generated keys. To solve this problem, this change implements a class parameter that will determine when the compiled insert code should attempt to get auto-generated keys or not.

The new class parameter is:

/// Determines if INSERT statements for this external table attempt to retrieve auto-generated keys.  Set this to 0 if this external table does not support auto generated keys.
Parameter EXTERNALGENERATEDKEYS = 1;

The default for this parameter is 1, so if the parameter is not defined, auto generated keys will still be supported upon INSERT.

The Link Table Wizard will automatically generate this parameter with a value of 1 for JDBC gateway connections.

If the external table does not support auto-generated keys, and you need to perform inserts into this table, you should modify this class definition and change the value of the EXTERNALGENERATEDKEYS to 0 and recompile the class.

DVU3588: Fix parser tokeniser crash when using "order" as a table name

Category: SQL.JDBC
Platforms: All
Version: 2018.1.3

If 'order' was used as a table name at the end of statement, the parser tokeniser was assuming that more data should follow. This change corrects this issue.

JCN1876: Fix problem in readAhead logic leaving outstanding message

Category: SQL.JDBC
Platforms: All
Version: 2018.1.3

Under certain circumstances, SQL.JDBC would not consume a message. This could trigger an out of sequence error condition. This change corrects this problem.

JCN2045: Add hasStreamParameters to server side cache

Category: SQL.JDBC
Platforms: All
Version: 2018.1.1

Preserve hasStreamParameters in the server side CachedPrepare structure for reuse in a subsequent statement.

Statement message processing depends on many factors, one of which is "does the statement contain a stream in one of the parameters." If a statement has executed once, we cache the information about the statement for reuse, so when the statement is called again, it makes the performance faster. The statement variable "hasStreamParameters" was introduced to speed decision making when sending statements to the server, but because the variable was not preserved in the cache, the repeated statement did not have access to the information about the stream column. This led to missing a message exchange with the server causing the message sequence error.

This problem can only happen with stream parameters in a statement that is executed from the cache. This problem is corrected.

JCN2046: Fix potential hang in JDBC batch insert

Category: SQL.JDBC
Platforms: All
Version: 2018.1.1

Under certain circumstances, a JDBC batch insert could cause a hang. This change corrects this problem.

JCN2058: Proper String conversion for BigDecimal $list types

Category: SQL.JDBC
Platforms: All
Version: 2018.1.3

There were a couple of inconsistent cases where $list types 6 and 7 were not being returned consistently as BigDecimal. This could cause rounding errors if they were being cast to Java Floats which are single precision doubles. This change corrects this issue.

JCN1996: Fix access violation using SQLUnicodeTypes flag with SQLGetData

Category: SQL.ODBC
Platforms: All
Version: 2018.1.1

This change corrects an access violation in processing the rarely used SQLUnicodeTypes flag.

JCN2038: Fix rare error converting .NET timestamp to %TimeStamp

Category: SQL.ODBC
Platforms: All
Version: 2018.1.1

In rare cases a multi-threaded application could store an incorrect timestamp with more digits of precision than present in the .NET timestamp. This change corrects this problem.

HSU239: Fix the selectivity estimation for IN condition when BIAS is off

Category: SQL.Query Optimizing
Platforms: All
Version: 2018.1.3

The SQL query optimizer was incorrectly applying the selectivity of an outlier value for a field in its calculation of the selectivity of an IN condition on that field. This change corrects this problem.

HSU285: Fix nested inner join query that returned wrong number of records

Category: SQL.Query Optimizing
Platforms: All
Version: 2018.1.1

Under certain conditions an inner join subquery would return more records than should be selected. This change corrects this problem.

AK983: Fix rare case in which parallelized query returns incorrect results

Category: SQL.Query Processing
Platforms: All
Version: 2018.1.3

Fixed a problem where in rare cases, a parallelized query would return incorrect results. This problem first occurred in version 2016.2.0.

DPV5043: Correct <MAXNUMBER> error for %STARTSWITH/LIKE '1E1234' value

Category: SQL.Query Processing
Platforms: All
Version: 2018.1.2

A problem has been corrected where some queries might encounter a <MAXNUMBER> error at run time. These queries use a LIKE clause where the LIKE pattern is a host variable and the argument value is a string of the form "1E1234" and the number after the "E" is larger than 308.

This correction is to the SQL generated code, and it requires a recompilation of any embedded SQL and a purge of cached queries in order to correct the statement having this issue on your system.

DPV5452: Correct ORDER BY %ID DESC query when %ID is single field reference to table with a single field %String IdKey

Category: SQL.Query Processing
Platforms: All
Version: 2018.1.3

A problem has been corrected when order by %id desc is performed on a table where the table has a single field idkey that is a reference to a table which is also a single field idkey and the type of the idkey property in the references table is %String. For example, with these two classes:

Class Test.Class Extends (%Persistent, %Populate) 
{ 
   Property Name As %String; 
   Property MyId As Test.OtherClass; 
   Index PK On MyId [ IdKey, PrimaryKey, Unique ]; 
} 

Class Test.OtherClass Extends (%Persistent, %Populate) 
{ 
   Property MyId As %String; 
   Index PK On MyId [ IdKey, PrimaryKey, Unique ]; 
} 

select %Id,Name from Test.Class order by %Id desc 

DPV5467: Correct DATE(<timestamp>) and CAST(<timestamp> AS DATE) when <timestamp> is a subclass of %TimeStamp

Category: SQL.Query Processing
Platforms: All
Version: 2018.1.3

A problem has been corrected with the DATE() function and the CAST(... AS DATE) function when the argument to the function has a type that is a subclass of %TimeStamp, %PosixTime, %FilemanDate, %FilemanTime or %String. Similar fixes have also been made for other forms of the CAST function.

DPV5505: Correct query results with LIKE and a LoopInitValue on an index map

Category: SQL.Query Processing
Platforms: All
Version: 2018.1.3

A problem has been corrected where a query using LIKE '...%' or %STARTSWITH against a table using %Storage.SQL and that will use an index map that specifies a LoopInitValue might not return the correct results.

DPV5576: Correct frozen plan usage if statement is from version earlier than 2017.1 and uses TRIM function

Category: SQL.Query Processing
Platforms: All
Version: 2018.1.3

A problem has been corrected where a query using the SQL TRIM function might return an incorrect value for TRIM if the statement is using a frozen plan and the plan was frozen using a version of Caché/Ensemble prior to 2017.1.

MAK5003: Fix light weight stats leaving redundant nodes in the data structure

Category: SQL.Query Processing
Platforms: All
Version: 2018.1.2

The SQL light weight statistics get aggregated from a process into a central area and then from this central area into the SQL statement index where they are available to be viewed. The aggregator from the central area to the SQL statement index logic was leaving redundant nodes in the data structure. These redundant nodes take up space and the aggregator needs to $order over these to get to the statistics that actually have data in them. This change removes these redundant nodes and avoids the space overhead and the CPU cycles needed to constantly skip over these.

TRW1634: Check mt("c") constant conditions for references requiring evaluation

Category: SQL.Query Processing
Platforms: All
Version: 2018.1.1

Subquery correlated field references to constant expressions could trigger <UNDEFINED> errors. This change corrects this error.

TRW1645: Fix identification of row-level security predicates and propagation of complex logs in OR transformations

Category: SQL.Query Processing
Platforms: All
Version: 2018.1.3

This change corrects a problem where some parallel queries against tables with row-level security could produce a runtime error.

TRW1651: Correct outer join queries with TOP and DISTINCT or GROUP BY

Category: SQL.Query Processing
Platforms: All
Version: 2018.1.3

This change corrects a problem where some outer join queries with TOP in combination with DISTINCT or GROUP BY could return incorrect null-padded results.

DPV5328: SQL Filer: Correct generation of Normailze and ValidateField methods when methods contain MPP commands

Category: SQL.SQLFiler/TableCompiler
Platforms: All
Version: 2018.1.1

A problem has been corrected in the class compiler when a property has a Normalize or IsValid member method that includes macro preprocessor directives like #IF 0 ... #ELSE ... #ENDIF. In some cases, this might have caused bad code generation, and the class would fail to compile.

DVU3699: Fix occasional Studio crash when Output/Find in Files pane set to auto hide

Category: Studio
Platforms: All
Version: 2018.1.1

When Output and/or Find in Files pane is set to auto hide, Studio can crash while streaming output if output includes Unicode characters. This change corrects this problem.

MAK4930: Support HTTPS connections when creating a Studio template session

Category: Studio
Platforms: All
Version: 2018.1.3

If your internal web server only accepts HTTPS requests Studio, it failed to create a CSP template session. With this change if ^%SYS("WebServer","Protocol")="https" the CSP template creation logic will turn on HTTPS when making the request. As the %Net.HttpRequest class needs an SSL configuration in order to make an HTTPS connection this can be specified by setting the global ^%SYS("WebServer","SSLConfiguration") to the SSL configuration name.

You can also specify a default SSL configuration name for all %Net.HttpRequest objects using the ^%SYS("HttpRequest","SSLConfiguration") global setting, however the ^%SYS("WebServer","SSLConfiguration") is specific to creating CSP template sessions from Studio where as this other global will apply to any %Net.HttpRequest object that is created on this system.

CDS2974: Correct size of global buffer area for VIEW validation

Category: System
Platforms: All
Version: 2018.1.3

In some circumstances, seen primarily on a Ubuntu instance, a valid VIEW command in system code could throw a <COMMAND> error. This change corrects this issue.

CDS3049: ^%ETN will preserve state of <STORE> handling

Category: System
Platforms: All
Version: 2018.1.1

Calling LOG^%ETN or BACK^%ETN after a <STORE> error would change the state of the memory, causing a second <STORE> error. This change corrects this problem.

CDS3053: Issue proper error for <_CALLBACK SYNTAX>

Category: System
Platforms: All
Version: 2018.1.3

When incorrect callback syntax is used (a variable name with an underscore), the error <_CALLBACK SYNTAX> will be issued instead of <FUNCTION>.

CDS3060: Support long strings for symbol table save/restore

Category: System
Platforms: All
Version: 2018.1.3

The system code that saves and restores the symbol table for Weblink applications will now support strings larger than 32767 characters.

CDS3067: Fix <UNIMPLEMENTED> caused by low memory and argument passed by reference to args... formal argument

Category: System
Platforms: All
Version: 2018.1.2

If an argument is passed by reference to a formal argument like args... and the partition memory becomes full there could be an <UNIMPLEMENTED> error. This change corrects this problem.

CDS3068: Fix access violation when formal args... array is greatly increased

Category: System
Platforms: All
Version: 2018.1.2

If an argument is passed by reference to a formal argument like args... and many args(n) entries are added in the subroutine, there could be an access violation. This change corrects this problem.

CDS3086: Fix $ListValid() that could cause access violation

Category: System
Platforms: All
Version: 2018.1.1

In some rare circumstances an invalid string passed to $ListValid() could cause a memory access violation. This change corrects this problem.

CDS3092: Avoid string stack overflow with $Query() and $Name()

Category: System
Platforms: All
Version: 2018.1.3

This change fixes an issue where in rare cases a $Query() or $Name() (including the internal query used by the Merge command) on a global with an extended reference could result in an access violation.

CDS3096: Improve performance of CSP and other background processes

Category: System
Platforms: All
Version: 2018.1.3

A problem has been fixed that caused some background processes, particularly CSP processes, to have worse performance than an identical foreground process.

CDS3108: Fix access violation with large MultiValue arrays

Category: System
Platforms: All
Version: 2018.1.3

This change fixes an issue where a MultiValue program with a large array, DIM(n) with n>8187, could get an access violation.

CDS3118: Avoid premature end of Weblink symbol table restore

Category: System
Platforms: All
Version: 2018.1.3

This change fixes an issue where in some cases if a variable to be restored already exists, the Weblink restore operation could end prematurely without restoring everything, but with a success return code.

CDS3176: Correct rare object code problem on big endian systems

Category: System
Platforms: All
Version: 2018.1.3

Under a very rare circumstance involving the structure of a routine's object code, the routine could not be run on a system that has different endian than the system that compiled the routine. The result could be an access violation or <NOLINE> errors. The change fixes this problem and applies to big endian systems only.

GK1356: Fixed a routine cache corruption

Category: System
Platforms: All
Version: 2018.1.3

In rare conditions, if for any reason a large routine loader fails to load one of the large routine chunks, it may corrupt the routine hash table. This change corrects this rare problem.

GK1390: Corrected execution context when returning form a routine or method in a limited memory environment

Category: System
Platforms: All
Version: 2018.1.3

In very rare condition when returning from a method or a routine and the process has limited free memory, the execution context was unpredictable. This change corrects this issue.

GK1404: Fixed a rtn cache cleanup loop

Category: System
Platforms: All
Version: 2018.1.3

This change fixes a condition where in a rare condition the class and routine invalidation could get in an infinite loop during the cache cleanup on namespace switch or configuration change.

JLC2167: Ensure that a useful message is displayed after failure starting emergency administrator access mode

Category: System
Platforms: All
Version: 2018.1.1

A failure starting the emergency administrator access mode displayed a low-level error message which did not provide guidance on correcting the failure. This change ensures that a useful message is displayed under this failure condition.

JLC2191: Fix CPU count for AIX

Category: System
Platforms: AIX
Version: 2018.1.3

This change corrects a problem where, on some AIX systems, the number of CPU chips displayed by $System.CPU.Dump() and other system functions was the physical number of chips instead of the number allocated to the logical partition.

JLC2212: Remove the uppercase translation of the German sharp S character

Category: System
Platforms: All
Version: 2018.1.3

This change removes the uppercase translation of the German sharp S character that had been introduced in Caché 2018.1. It reverts the translation to the previous behavior, which is to assign the uppercase of this character to itself.

JO3121: Preserve journal files required for "delayed" transaction rollback operations

Category: System
Platforms: All
Version: 2018.1.3

A problem has been resolved where in the rare instance that a user suspended transaction rollback at startup, the system did not correctly preserving the journal files required to restart the rollback operation.

RJF329+JO3013: Enhancements to provide improved performance on large scale systems

Category: System
Platforms: All
Version: 2018.1.1

This change includes the following enhancements that improve performance on large scale systems:

• Improved performance handling mappings with a large number of subscripts.

• Reduced resources required to track statistics.

• Reduced contention managing global buffers

These enhancements cause minor changes in statistics displayed by utilities and the Management Portal.

RJF332: Fix free count recorded in integrity check (from Mgmt Portal, Task or $$CheckList^Integrity)

Category: System
Platforms: All
Version: 2018.1.1

A problem introduced in Caché 2018.1 caused integrity check to incorrectly report free blocks. This is corrected. An example of the incorrect output follows (note the last line)

Summary of blocks in /cache/iris/mgr/user/


       357 Pointer Level blocks        2856kb (10% full)
    36,586 Data Level blocks            285MB (88% full)
     1,436 Big String blocks             11MB (83% full) # = 524
    38,442 Total blocks                 300MB (87% full)
  0.020284 Free blocks                    0kb

RJF366: Relax global directory name check in $view(,-5) to improve REPAIR

Category: System
Platforms: All
Version: 2018.1.3

This change improves REPAIR in the case where bad global names occur. This change relaxes the global name check in $view(,-5).

SML2644: Fix a timing issue on starting a job while Caché is shutting down

Category: System
Platforms: All
Version: 2018.1.1

Under certain circumstances shutting down the system could cause an error if a job was being started. This change eliminates this error.

SML2660: Fix $zu(49) for databases with large size (16+ TB).

Category: System
Platforms: All
Version: 2018.1.3

SML2697: Fix access violation when releasing shared memory

Category: System
Platforms: All
Version: 2018.1.2

This change fixes an access violation when releasing shared memory. This violation typically occurred during start-up on systems with very limited memory.

STC2817: Fix installing into directory whose name has special symbols, such as the equals sign

Category: System
Platforms: All
Version: 2018.1.1

Installing Caché could create extra copies of the data files if the install directory has a special symbol in its path. This change corrects this problem.

CDS3167: Fix Windows csession extra output character

Category: System.I/O
Platforms: Windows
Version: 2018.1.3

This change corrects the output from csession on Windows, which included one extraneous character at the end of the session.

CDS3076: Reliability updates for Terminal

Category: Terminal
Platforms: All
Version: 2018.1.3

This change fixes some problems in Terminal that could cause a hung process or access violation, primarily during the start or end of a session.

CDS3124: Fix Kerberos terminal hang after Control-C

Category: Terminal
Platforms: Windows
Version: 2018.1.3

This change fixes an issue where a Windows terminal using a Kerberos connection could stop writing output after a Control-C interrupt.

CDS3132: Add Windows terminal escape sequences for screen size and title

Category: Terminal
Platforms: Windows
Version: 2018.1.3

The Windows terminal now supports these escape sequences:

ESC [ 1 t  - restore window
ESC [ 2 t  - minimize window
ESC [ 11 t - report window state
ESC [ 8;rows;columns t  - set window size
ESC [ 18 t  - report window size

normal: ESC [ 1 t
minimized: ESC [ 2 t

ESC [ 8;rows;columns t

If rows or columns is 0 in the set command, the current value is not changed.

Range of values supported is rows: 10-120, columns: 10-160

One consequence of changing the size is that the scroll-back buffer is cleared by the reset. Another is that for larger row values the font size is decreased to make the window fit on the screen.

This sequence is now supported to set the window title:

OSC 2; title ST

OSC, Operating System Command, is the 7-bit sequence ESC ] or the 8-bit character $C(157).

ST, String Terminator, is the 7-bit sequence ESC \ or the 8-bit character $C(156).

The maximum length of the title is 80 characters.

RFD2050: Fix handling of remote databases for GLOBUFF

Category: Utilities
Platforms: All
Version: 2018.1.3

This change corrects handling of remote database in ^GLOBUFF utility.

RJF324: Fix CheckList^Integrity returning an additional and spurious "Zwait" error if there were no globals found

Category: Utilities
Platforms: All
Version: 2018.1.1

If CheckList^Integrity found no globals to process (perhaps due to a global directory problem), the error status it returns could include a spurious "<Zwait>" error. This change corrects this problem.

SML2646: Fix errors when recompiling user's classes during upgrade

Category: Utilities
Platforms: All
Version: 2018.1.1

When upgrading a system, the upgrade could enounter problems recompiling user classes because the class compiler was not handling the dependencies correctly. This change corrects this problem and user classes will be recompiled correctly on upgrade.

SML2647: Fix $SYSTEM.INetInfo.CheckAddressExist() in Windows if the Windows directory is not 'C:\Windows'

Category: Utilities
Platforms: Windows
Version: 2018.1.1

On Windows systems, $SYSTEM.INetInfo.CheckAddressExist() could fail with a nonstandard Windows directory. This change corrects this problem.

SML2683: Fix process info not refreshed after viewing variables in JOBEXAM.

Category: Utilities
Platforms: All
Version: 2018.1.3

STC2631: Remove EMS Audit events

Category: Utilities
Platforms: All
Version: 2018.1.3

This change removes the two EMS audit events EMSChange and EMSError. These events were created for a feature that was never implemented. This change also increments the security tables version to 2018.1.

STC2707: Add Audit entries for Job commands and Task Manager jobs

Category: Utilities
Platforms: All
Version: 2018.1.3

This change adds the following four new audit events have been added to the system:

%Security/%Login/TaskStart - Audit processes started by the Task Manager
%Security/%Login/TaskEnd
%Security/%Login/JobStart - Audit processes started with the JOB command
%Security/%Login/JobEnd

JGM757: Do not construct Basic authentication token in %Net.HttpRequest if Username is blank

Category: Web Services
Platforms: All
Version: 2018.1.1

When making %Net.HttpRequest calls it was possible for a FRAMESTACK error to be thrown if Basic authentication was required but no Username was specified. This is now corrected. Also prevented multiple sends if Basic scheme and username/password failed authentication.

MXT2243: Allow entity resolver and sax flags to be specified for WSDL reader and XML schema reader

Category: Web Services
Platforms: All
Version: 2018.1.3

Two new properties are added to both %SOAP.WSDL.Reader and %XML.Utils.SchemaReader to allow additional control of the SAX parser calls:

/// This property should be set to a combination of flags (see %occSAX.inc for details) if
/// the default behavior of the parser is required to be modified.
/// The $$$SAXVALIDATIONPROHIBITDTDS flag is added by default in order to not allow DTDs.
Property SAXFlags As %Integer [ InitialExpression = {$$$SAXFULLDEFAULT+$$$SAXVALIDATIONPROHIBITDTDS} ];

/// This property should be set to an instance of %XML.SAX.EntityResolver OR a user-defined
/// subclass IF the default EntityResolver is not required.
Property EntityResolver As %XML.SAX.EntityResolver;

JN1751: Correct Escaping of Query Parameters in SAX Parser ParseURL()

Category: XML
Platforms: All
Version: 2018.1.3

The SAX parser's ParseURL method accepts URL encoded or plain URLs as a convenience for our users. This change corrects a problem where certain characters such as & and = were causing the query part of the URL to be corrupted.

SAM512: Add looping structure to calls to ZU(177,3) in EndChangeTracking of Zen Controller

Category: Zen
Platforms: All
Version: 2018.1.3

This change corrects an issue where change tracking for page updates could overflow if more than 8191 (2 to the 13th minus 1) Orefs are touched between refresh cycles.

SAM530: Correct tablePane confusion between doubleClick and toggle behavior

Category: Zen
Platforms: All
Version: 2018.1.3

This change corrects a problem where, depending on the speed of clicking multiple times on the same row of a table (when in certain operating modes) caused the table to confuse double-click behavior with toggle selection behavior, incorrectly leaving visual artifacts on screen as a result of aborted toggling attempts.

SAM557: Create EDGE-specific override to default layout tables in %ZEN.LayoutManager

Category: Zen
Platforms: All
Version: 2018.1.3

This change adds special handling for default vertical layouts under Microsoft EDGE browser to address its current, non-standard rendering behavior.

JSL5237: Enhancement: ZR: allow adjusting page format

Category: Zen Reports
Platforms: All
Version: 2018.1.1

The report and section elements of a ZEN Report have a new property, pageNumberFormat.

JSL5242: Fix string appearing at end of HTML reports

Category: Zen Reports
Platforms: All
Version: 2018.1.1

Under certain conditions an incorrect text would be appended to the html output. This change corrects this problem.