Headline
CVE-2021-46830: GoAnywhere MFT Release Notes
A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile information to gain access to files at a higher directory level than intended.
- Home
- Support
- Release Notes
Version 7.0.1
June 28, 2022
New Features
- Added ability to select and install multiple add-ons in the marketplace.
Enhancements
- Added save detection to the Administration Edit page.
- Added save detection to the Service Edit pages.
- Added save detection to the Holiday Calendars page.
- Added the ability to filter and scroll transaction sets when selecting them in the read and write EDIFACT and X12 tasks.
- Added support for the GoFast service to Global Antivirus.
- Added the ability for Gateway proxies to start and stop dynamically when the associated service listener starts and stops.
- Enhanced the efficiency of the Support Bundle Download Zip process.
- Enhanced GoFast Task (V3) logic to print out tuning information to the job log.
- Enhanced job queue processing for clustered systems so that jobs are better balanced across the available nodes.
- Enhanced GoFast file transfer performance utilizing FileCatalyst architecture.
- Improved error messages for ICAP uploads.
- Improved the multi-row actions on the list pages to be separated from the footer.
- Adjusted Link to Listener functionality to link to the Listener Name so that port changes are resolved by the listener name at the time the service status is checked.
- Cleaned up logging for expected exceptions in WebClient invitations.
- Removed Admin from the ‘Service’ choices when configuring gateway mapping to 'Link to Listener’.
- Updated the Main menu to collapse to current section on navigation.
- GoFast and FileCatalyst now support encrypted folders.
Updates
- Updated JNQ library from version 1.4.1 to 1.5.1.
- Updated Guava library from version guava-26.0-jre.jar to guava-30.0-jre.jar.
- Updated jgroups library from version 4.1.2 to 4.2.21.
- Updated the GoAnywhere logo on reports.
- Updated the Queued Jobs page by removing the extra delete icon.
Fixes
- Fixed an issue where having more than one thousand Job Queues would cause job processing to stall on systems using SQL Server.
- Fixed an issue where updating a job queue from held to active via the edit screen would not trigger job queue evaluation.
- Fixed an issue that could cause Antivirus transactions to be improperly logged when GoAnywhere is configured to skip scanning an uploaded file.
- Fixed an issue that could cause Antivirus transactions to be improperly logged when scanning a file uploaded via Secure Forms.
- Fixed a sorting issue when a Web User sorts by ‘Modified On’ in the IP Filter page.
- Fixed issue with navigation links not being displayed and not prompting users to save.
- Fixed a translation issue where the ‘Save’ button label was not rendered properly in Portuguese.
- Fixed an issue where the field to disable a project component was itself disabled.
- Fixed an issue causing missing device status.
- Fixed a missing information message when deleting a single Key Management System certificate using the cog menu.
- Fixed issue where the number of clients for FileCatalyst tasks was not properly using the default value.
- Fixed alignment issues in the SQL Wizard data tables for the Where, Join, and Order tabs.
- Fixed large file displaying issue in the GoFast download subtask source directory list.
- Fixed an Issue where the configure admin page would become misaligned when the ‘Restrict to Home Directory’ checkbox text was clicked.
- Fixed an issue where 0 byte uploads over SFTP would skip Global Antivirus scanning.
- Fixed an issue where Gateway Client configurations would not connect if Gateway IP filtering was disabled.
- Fixed an issue where you couldn’t browse to network shares when working with Agent projects.
- Fixed an issue which could cause improper validation of Web Client Brand configurations.
- Fixed an issue which could cause improper validation of Log Settings configurations.
- Fixed an issue with the PeSIT client and service where transfers using a Record Format of Fixed would always return an error code of 220.
- Fixed styling issues for numbered and bulleted lists.
- Fixed an error that would occur when trying to write an EDI record when there are no records in the RowSet being written from.
- Fixed missing background color and other styling on the center aligned login page.
- Fixed a text field alignment issue when adding a Master Encryption key.
- Fixed an issue with properly exiting the Agent Console by clicking on the Home link in the product header.
- Fixed a validation issue which could allow duplicate Gateway configurations using the same controller address/port.
- Fixed the “Change Password” button text to prevent wrapping.
- Fixed an issue where the GoFast task would not wait to cleanup resources thus consuming too many resources when ran within a tight loop
- Fixed an issue where IP filtering was not working correctly with Gateway.
- Fixed an issue preventing Antivirus Audit Log preferences from being retained.
- Fixed an issue where the length of the Secure Form Parameter field was not correctly set to 256 characters when using a DB2 database.
- Fixed an issue where save messages where not appearing on the current page after navigating away form a page with changes.
- Fixed issue where Change History log for the FileCatalyst Resource would show an encrypted password value instead of "Password changed".
- Fixed an issue where download locations for FileCatalyst tasks were not properly establishing destination paths.
- Fixed an issue where downloading from FileCatalyst resulted in an error if the destination specified is an SFTP or FTP external link.
Version 7.0.0 (Beta)
April 18, 2022
As of the 7.0.0 beta release, HelpSystems is discontinuing support for GoAnywhere MFT 32-bit installers.
New Features
- Added new FileCatalyst Task and Resource.
- Secure and rapid transfers.
- Utilizes a patented UDP-based file transfer technology.
- Added support for Java 11.
- Added a new Read EDI X12 Envelope task.
- Introduced new header and navigation to user interface.
- The Admin Log now produces records for the creation, deletion, and modification of Admin User API Keys. API Keys now have change history.
- Added support for antivirus integration to services within GoAnywhere.
- Added support for HelpSystems One integration.
- Added a new diagnostics page that allows admins to generate logs, system reports, and thread dumps quickly.
- Added Documents to Partners, simplifying configuration for the reading and writing of EDI X12 documents.
- Added the ability to create an agent using GACMD CLI/Rest/SOAP.
- Added the ability to delete an agent using GACMD CLI/Rest/SOAP.
Enhancements
- Enhanced GoFast file transfer performance utilizing FileCatalyst architecture.
- Added licensed feature quantity support for FTP, FTPS, GoAnywhere HTTPS, HTTP, HTTPS, REST, SOAP and SSH (SFTP/SCP/SSH) resources when created or used in appropriate workflow tasks.
- Added support multiple domains in MFTaaS.
- Enhanced the PeSIT Client and Server so that the Record Length is negotiated and no longer needs to be an exact match.
- Added save detection to prompt users to save before navigating away from the Audit Log Rule configuration page.
- Added Save Detection to File Based Certificates.
- Added Save Detection to File Based SSH Keys.
- Added Save Detection to File Based PGP Key pages.
- Domains are now listed alphabetically on the Domains and Projects pages, and in dropdown and dual list menus across the Admin Client.
- Enhanced support for Java 11 by removing the use of the Endorsed Standards Override Mechanism.
- Added the ability to sort log files on the Server Log page by last modified date.
- Added Save Detection to the Edit Database Configuration page.
- Added Save Detection to Job Queue Manager.
- Enhanced support for Java 11 by removing the VM Option UseVMInterruptibleIO.
- Enhanced support for Java 11 by replacing VM option MaxPermSize with MaxMetaspaceSize and adding a Metaspace Usage section under About GoAnywhere’s System Resources tab.
- Enhanced two factor login page logging and error message accuracy.
- Replaced all customer facing references of the terms “blacklist” and “whitelist” to “block list” and “allow list” to better adhere to HelpSystems DEI standards.
- Enhanced the Read JSON Task with a new Parse Type field that resets fields based upon order found(new) vs depth of field(existing).
- Enhanced validation for Web Client Brand configurations.
- Enhanced validation for Log Settings configurations.
- Added the ability for Gateway proxies to start and stop dynamically when the associated service listener starts and stops.
- Enhanced the Triggers page to include filtering, pagination, and column selection. Moved the Reordering of triggers to its own page.
- The System Name/Environment label on the Admin login page no longer wraps in certain languages.
- Enhanced the UI to provide a processing dialog while LDAP Groups are loaded when creating Admin or Web Group LDAP associations.
- Added option to add the file delimiter to the end of the last file in the Merge File task.
- Enhanced the processing around agents connecting/disconnecting to ensure large scale deployments don’t exhaust the database connection pool.
- Added Save Detection to the Add IP Filter page.
- Added Save Detection when adding Automatic IP Block Exemptions.
- Added restrictions to prevent the deletion of addon documents when they are being used for a partner document.
- Added the ability to export and import EDI Addons.
- Added 3 new functions: PadLeft, PadRight, and PadCenter. These functions add spaces or a character to the sides of text, to return text of a specified total length.
- Added additional fields to Partner Objects to assist in writing X12 documents.
- Added the ability to configure a partner on the Write X12 task which will use partner information to assist in writing the data.
- Added a validation flag to the Read X12 Envelope Task that will verify there are Partner Documents created in MFT that are associated to every GS envelope in the X12 file.
- Added the HelpSystems One logging component to the Admin User Activity Details report task.
- Added support to the Read X12 Envelope task to validate that incoming document control numbers are not reused within a configurable time period.
- Updated user interfaces to utilize the latest corporate branding.
- Added Save Detection to Gateway Manager page.
- Enhanced the processing efficiency used to rebuild the cache that stores user permissions.
Updates
- Updated Apache Log4j from version 2.16.0 to 2.17.1.
- Updated Tomcat configuration to limit HTTP/S methods allowed by the server.
- Updated Help Center and Getting Started Widget with HelpSystems Insiders link and description.
- Updated the agent and agent group name columns and filters to match and only display when appropriate in the agent and agent group console.
- Updated page names to consistently match menu names .
- Updated the Japanese version of the software with the latest translations from Solpac.
- Removed prettyfacesfaces-jsf2-3.3.0.jar to address a security issue within that Jar.
- Removed some button icons on admin client pop-up screens to align with UI design standards.
- Updated alignment of the ‘ok’ button on the file chooser error dialog.
- Updated Network Resources to show a warning when creating or editing Network Shares with Client Type of 'SMBv1’. This client type is deprecated and will be removed in a future release.
- Updated the Spring Framework jars from version 5.2.9 to 5.3.18.
- Replaced the existing folder containing third party license documentation with a single open source attributions file.
- Updated Apache Santuario jar from version 2.1.4 to 2.1.7.
- Updated JNQ from version 1.3.6 to 1.4.1.
- Update PeSIT File Templates to no longer allow misconfiguring of Binary Data Encoding with Variable Text or Fixed Text File Structures.
Fixes
- Added ability to close a socket immediately if Gateway forward proxy connection times out.
- Fixed an issue with the error messages pertaining to required fields in PeSIT Send/Receive Tasks not referencing the correct task to complete a required field.
- Fixed an issue where the PeSIT client and server would fail to run if the remote partner was not supplying default PI values.
- Fixed issue where OnError Panel is not expanded when Project Editor is first loaded.
- Fixed an issue with file name comparisons in PeSIT Receive Triggers.
- Fixed an issue where an unexpected ICAP exception didn’t propagate correctly.
- Fixed error within Write X12 Task that was incorrectly referencing the Sender ID Qualifier field when excess characters were added in the Sender ID Field.
- Fixed an issue where renaming or deleting a saved filter on the List Partners page was not reflected after navigating from the Manage Filters page.
- On the Agent Permissions pages, scrollbars now appear on Admin and Admin Group dropdown menus when there are more elements than can comfortably fit on the screen.
- Updated the AS4 asynchronous push mode message reply connection timeout from 6 seconds to 60 seconds.
- Fixed a language translation issue on the Add-ons page by externalizing the Column Header.
- Fixed an issue with Agent/Agent Group Schedules defined with a non-existent run user would fail to reset its next fire time.
- Enhanced the Agent/Agent Group Schedule process to be more efficient.
- Fixed rare issue in GHTTPS/AS2/AS4 Services related to active sessions management.
- Fixed an issue with the ICAP task where the Preview header was not being applied when needed.
- Fixed an issue in the FTPS Service that caused certificate authentication to be disabled when non-default cipher suites were enabled.
- Fixed the project category change history navigation when within Agent/Agent Group Consoles.
- Fixed the logic in the v2 Send Email task to ensure certificate trust checks run properly.
- Fixed an issue where the Save Handler prompt would arbitrarily pop up on header links.
- Fixed issue where folders defined on a Web User Group could only be shared by a single user.
- Fixed an issue where Web Users still had access to virtual folders that were defined on a Web User Group after the group was deleted.
- Fixed an issue where adding trailing space to a username when logging in with LDAP caused the user to be disabled.
- Increased Time-based One Time Password secret length to resolve an issue with BC FIPS mode.
- Fixed a dynamic tooltip styling issue associated with text fields.
- Fixed an issue where Admin Users could see API keys they did not have permissions for.
- Fixed an issue that would cause Resource lookup failures within jobs due to a timing issue. Timing is no longer relevant to the Resource lookup.
- Fixed an issue that would prevent the Gateway Manager page from loading if the configuration was enabled but not set to autostart.
- Fixed a null pointer exception that occurred when importing a project or cloud connector with an invalid xml file.
- Removed an additional, unnecessary MDN Receipt “Date” header.
- Fixed issue where the PeSIT server is now properly shutdown as part of the switch database process.
- Fixed an issue where a Secure Form Drop Down Component would not always show the drop down options when a Web User Variable was used as a database query parameter.
- Fixed improperly escaped characters in French messages.
Version 6.8.7
April 19, 2022
- Added configuration for amount of entropy required by GoAnywhere MFT from the Operating System for cryptographic random number generation.
- Upgraded the Postgres JDBC Driver from version 42.2.14 to version 42.3.3.
- Updated Spring Framework from 5.2.9 to 5.3.18.
- Updated Apache Log4j from version 2.16.0 to 2.17.1.
- Fixed an issue where the toolbar in Secure Folders would not properly refresh when navigating to virtual folders with different permissions. Breadcrumb navigation was also updated to refresh the toolbar.
Version 6.8.6
December 16, 2021
- Updated Apache Log4j from version 2.13.3 to 2.16.0.
Version 6.8.5
October 6, 2021
Enhancements
- Enhanced agent connection log purging.
- Enhanced the uninstaller to remove additional executable and temp files.
- Enhanced the Import Project and Import Project ZIP commands to provide the ability to import into an Agent or AgentGroup.
- Enhanced the indexes and queries used within Secure Forms to avoid deadlocking under heavy load.
- Improved the performance of validating Agent user permissions.
Updates
- Upgraded Apache Tomcat from version 9.0.41 to 9.0.52.
Fixes
- Fixed an issue with the Write EDIFACT task where some composites were not saving mappings correctly, resulting in invalid errors or no data being written.
- Fixed issue where the Copy task would fail if using flatten = false and certain network resources.
Version 6.8.4
September 2, 2021
New Features
- Added new Get Agent Group Information task.
- Added new Get Agent Information task.
Enhancements
- Enhanced database configuration to allow for a separate connection pool dedicated to retrieving primary keys, preventing deadlocks when spikes occur.
- Improved database efficiency during initial processing when an Agent connects.
- Enhanced the agent registration process to be more efficient.
- Enhanced the Active Sessions page to use the new filter framework.
- Enhanced the efficiency of listing Agents within the Agent Manager page.
- Enhanced the Active Sessions page to paginate the results to support a better experience when many sessions exist.
- Enhanced the Job File Event processing to occur on a separate thread to alleviate the strain on the database connection pool when under heavy load.
- Enhanced upload processing from Agent to GoAnywhere. Requires 1.6.3 or Later of GoAnywhere Agents.
- Reduced the amount of application logging for cluster messages. This logging is now at DEBUG log level.
Updates
- Upgraded Apache Commons Compress library from version 1.19 to version 1.21.
- Upgraded the Commons IO library from version 2.6 to 2.11.0.
Fixes
- Adjusted the logic that truncates a file within the SFTP server ensuring write permission is adhered to. This was introduced in 6.8.2.
- Fixed an issue where the sessions were not refreshed upon terminate action.
- Fixed the submit time and end time job related email template functions to refer to the proper fields.
- Fixed an issue with Write EDIFACT and X12 tasks where an invalid error would be returned if mapping to both a composite and an element within a repeating segment.
- Fixed an issue with the Write EDIFACT and EDI X12 tasks where repeating segments could cause their parent loop to not iterate correctly.
- Fixed an issue with the Write EDIFACT task where validation for the Interchange Date would fail if using the format yyMMdd.
- Fixed an issue with the Write EDIFACT task where validation for the Segment Terminator would fail if using the option New Line.
Version 6.8.3
June 28, 2021
- Fixed an issue where invalid characters could be used in certain Web User configurations.
Version 6.8.2
May 27, 2021
Enhancements
- Updated the SFTP server to overwrite files when uploading a zero byte file to the same path.
- Enhanced the efficiency of the process that applies file/folder permissions to avoid unnecessary lookups.
- Enhanced LDAP Managed Login Methods sync queries when filtering group/user relationships to run multiple queries instead of a large query based upon an arbitrary threshold.
- Improved threading usage within Agent transfers.
- Enhanced SFTP server event processing to not block other clients when event processing occurs.
- Enhanced the Execute SSH Task to support the alternate proxy host.
Updates
- Upgraded the Apache Batik libraries version from 1.10 to 1.14.
- Upgraded the Jasper Reports libraries version from 6.7.0 to 6.16.0.
- Upgraded the XML Graphics library version from 2.2 to 2.6.
Fixes
- Fixed an issue with the PeSIT Tasks where the error “Connection was closed unexpectedly” was reported incorrectly.
- Fixed an issue with the PeSIT Client where threads would not close after performing a transfer.
- Fixed an issue when sending very large messages to Agents. This was introduced in 6.8.0.
- Fixed an issue with the isNumber function that would prevent ‘08’ and ‘09’ from returning true as a number.
- Fixed an issue where failing a Multi-Factor Authentication check would leave a session associated with the user.
- Fixed issue with the FTPS Resource/Task when configured to use TLS Resumption along with using a Proxy. This was introduced in 6.8.1.
- Fixed an issue where admin users wouldn’t be able to view trigger log details for ‘Before’ events.
- Fixed an issue that would prevent Rest API access when Content Type contained more than the media type directive.
- Fixed an issue with the SOAP builder that was preventing the SOAP wizard from generating WSDLs.
- Fixed an issue that would prevent secure form submission when the form contained an empty dropdown.
- Fixed an issue where some some non-English characters were obscured in report headers due to a spacing issue.
Version 6.8.1
April 14, 2021
New Features
- Added the ‘Trust Store Algorithm’ field to the SSL tab of the HTTPS and Admin Listeners and updated the label of the ‘Algorithm’ field to 'Key Store Algorithm’.
Enhancements
- Enhanced SFTP transfer speeds by setting the default SFTP buffer size to 1MB. Upgraded copies will have a system property that uses the old size to prevent any issues after upgrade. Customers should consider adjusting the system property value once they have verified it will not negatively impact their environment.
Updates
- Added the truststoreAlgorithm property to secured listeners in the HTTPS and Admin Client services to fix a configuration issue introduced in 6.8.0.
- Updated the shutdown process to reduce the amount of time it takes for a node to leave the cluster.
- Updated the AS2 MDN Message ID format to ensure there are no duplicates when a server is under heavy load.
- Improved security around running Agent Group Projects.
Fixes
- Fixed an issue where variables passed to a Project from a Monitor or Secure Form were not respecting the ‘Is Value Encrypted?’ setting on overridden variables.
- Fixed an issue where Shared File records could end up orphaned during Web User deletion.
- Fixed an issue where the X12 997 Receipt was populating the GS Sender and Receiver with the incorrect information.
- Fixed the error message that appears when creating the initial user on a new installation, where the username supplied matches the default root/administrator.
- Fixed an issue causing failed SSL connections for the Admin Client and Web Client on IBM i. This issue was introduced in 6.8.0.
- Fixed an issue where 997 Receipt control numbers were not meeting minimum length requirements.
- Fixed REST/SOAP Resources and Tasks default connection timeout to use a default of 60 seconds rather than 0.
- Fixed a connection leak related to Web Client Shared Files.
- Fixed an issue where Monitor and Scheduler emails failed to send due to a missing field.
- Fixed an issue on the PeSIT File Templates page where changes to saved filters would not persist.
- Fixed an issue where certain tasks and resources were not properly applying a connection timeout when connecting through a forward proxy.
- Fixed bug related to displaying Repeat Segment options in the Read EDIFACT task Data Mapper introduced in 6.7.0.
- Fixed an issue in the EDI Write X12 task where mapped elements separated by a non-mapped element would not be written out. This issue was introduced in 6.8.0.
Version 6.8.0 (Beta)
March 2, 2021
New Features
Added support for mappings to previously hidden elements in the Write EDI X12 and Write EDIFACT tasks.
Default values are now displayed in the Write EDI X12 and Write EDIFACT task Data Mapper.
Added the ability to authenticate against Admin User REST and SOAP endpoints with API Keys.
Added support for forward proxies to PeSIT client.
Enhancements
- Updated the Web User View Page to display PeSIT configurations.
- Added ‘PeSIT’ to the list of services on the Admin User list page.
- Updated the Requester Password field for PeSIT to no longer be required.
- Added functionality that allows Admin Users authenticated using SAML or a Certificate to execute jobs.
- Enabled the Azure Blob Storage URL to be customized by adding an Endpoint Suffix.
- Enhanced the PeSIT File Templates page with filtering, filter management, sorting, column selection and pagination with navigation rules.
- Improved the efficiency of Network Shares that use the SMB (all versions) Client Type.
- Added change detection to System Alerts page.
- Enhanced Add-on Details by adding an Add-on UUID.
- Added support for un-authenticated AS4 push pmodes.
- Configured AS4 to accept encrypted keys using RSA15 key transport style.
- Enhanced request processing for Gateway Client to improve efficiency.
- Added caching of Key Vaults to improve performance.
- Improved efficiency when sending messages to Agents.
Updates
- Updated Apache HTTPClient from version 4.5.3 to 4.5.13.
- Updated Jackson Databind library from version 2.10.1 to 2.10.5.1.
- Updated Tomcat from version 7.0.105 to 9.0.41.
- Updated JNQ from version 1.2.6 to 1.3.6.
Fixes
- Fixed a bug where the Message Reference Number in the Write EDIFACT task was the same as the segment count.
- Fixed missing Receiver ID Qualifier field in the Write EDIFACT task.
- Fixed an issue where Agent monitors could get stuck if there were communication issues with the server. This requires Agent version 1.6.0 or later.
- Removed unnecessary field ‘RefToMessageId’ from AS4 user messages in response to pull requests.
- Fixed an issue where AS4 push pmodes would not send asynchronous receipts for messages using certificate authentication.
- Fixed an issue with supporting AS4 authentication formats from other AS4 platforms.
- Fixed an issue with support for AS4 SOAP Body xml payloads from other AS4 platforms.
- Fixed an issue where the mpc attribute was not included in the AS4 user message in response to a pull request.
- Fixed an AS4 receipt validation error that required unnecessary fields in NRR information.
- Fixed incorrect AS4 error message formatting.
- Fixed an issue where empty type attributes in AS4 receipts were being inserted as empty strings instead of being left out of the message.
- Fixed issue where AS4 message XML did not contain proper namespace or mustUnderstand attribute.
- Fixed issue where AS4 asynchronous receipts sent before the original message was replied to.
- Added ‘User-Agent’ to request header to prevent potential issues when using the ‘News and Tips’ gadget and ‘Check for Updates’ feature.
- Fixed attribute validation in the PeSIT task to avoid an error caused by missing required attributes.
- Fixed an issue when running projects with a Network Share (version all) defined to use logged in credentials would fail when user had valid credentials.
- Fixed an issue where shared virtual folders with the ${homeDirectory} variable could not be viewed by the receiving Web User.
- Fixed an issue where transferred data could end up corrupted if Max Data Block Length was not set to twice the size of the Record Length on the PeSIT Server Resource.
Version 6.7.1
January 13, 2021
New Features
- Added Allow Implicit Trust (SSH) setting to globally allow or deny implicit trust in SSH connections.
- Added support for WS-Trust 1.3, allowing SAML users to log in to non-HTTPS services.
Enhancements
- Added support for 384-bit and 521-bit ECDSA key sizes in the SFTP/SCP/SSH client.
- Improved memory usage when using Local/Network Monitors.
- Improved hostname verification handling when there is no host information to check.
Updates
- Updated the default buffer size for the Copy Task to 1MB. This can be adjusted via a system property and upgraded copies will retain the 16KB buffer size to avoid memory issues.
- Enabled usage of RSA encryption algorithm for PGP keys which was previously not allowed in BCFIPS mode.
- Updated the following BouncyCastle FIPS APIs:
- Mail from 1.0.2 to 1.0.3
- PGP from 1.0.4 to 1.0.5
Fixes
- Fixed an issue with the PeSIT client and server where the incorrect encoding was being used resulting in international characters being lost.
- Fixed issue where not all Web User Template settings were getting applied correctly to new Web Users.
- Fixed an issue where the disconnect event of the SFTP server would take longer than needed.
- Fixed issue related to incorrect JVM default trust store types when loading trust stores introduced in 6.7.0.
- Fixed an issue connecting to the FTPS service while running in BCFIPS mode where no cipher suite could be negotiated.
Version 6.7.0 (Beta)
November 25, 2020
EDI
- Added a Partner Management system.
- Added a new PartnerInfo function to lookup information from a Partner within a Project.
- Added the ability to auto generate a 997 response to the ReadX12 task.
- Added feature to copy EDI X12 and EDIFACT Add-ons.
- Added the ability to copy EDI Definitions.
Other New Features
- Added ability to specify the File Label (PI-37) to the PeSIT Send File task.
- Added the ability to give Admin and Web Users Authentication Aliases.
- Added support for Network Share resources within File Monitors for Agents, including support for Agent transfers. This requires Agent version 1.5.0 or later.
EDI Enhancements
- Added new options to the EDIFACT Write Task to reset RowSets, allowing loops and segments to repeat.
- Added settings for EDIFACT loops and segments to evaluate a condition before a loop or segment is processed.
- Improved support for FPDU_ABORT and FPDU_IDT messages for PeSIT tasks and the PeSIT Service.
- Enhanced Data Mapper to add new containers at the location of the context menu.
Agent Enhancements
- Improved performance when new connections occur on the Agent Server.
- Added the ability to override threads for Agent Server and Agent Proxy settings.
- Updated exception handling logic for Agent transfers when under heavy loads to ensure connections are closed.
- Improved performance when new connections occur on the Agent Proxy.
Other Enhancements
- Increased the maximum character length to 24 on the Web User’s PeSIT requester ID field.
- Added a new option that allows admins to display or hide the ‘Powered by GoAnywhere’ hyperlink on the Web Client login and main page footer.
- Added the ability to place Output Components into Secure Form Component Groups.
- Improved performance when adding/editing a Web User.
- Enhanced the Tomcat configuration to offer better protection against CSRF attacks.
Updates
Discontinued the use of sessionExpiry and serverTime cookies.
Updated Administration Log screen to display navigation buttons at the bottom of the screen.
Updated ‘Prev’ button to ‘Previous’ on the Global Search screen.
Updated HTML ‘lang’ attribute to be dynamic to adhere to WCAG standards and improve user accessibility.
Updated the Data Mapper menu items to include an ‘Edit’ option.
Updated Apache MINA 2.0.9 to 2.1.4.
Updated Maverick server from version 1.7.29 to 1.7.34.
Updated Spring Framework jars from version 4.3.25 to 5.2.9.
Updated Bouncy Castle FIPS APIs:
Mail to 1.0.2
PGP to 1.0.4
PKIX to 1.0.4
TLS to 1.0.10.3
Fixes
- Fixed an issue where the response code was not being reported for PeSIT tasks.
- Fixed an issue where PeSIT transfer priority was always logged as ‘Medium’ regardless of what was set by the client.
- Fixed an issue where the PeSIT transfer ID was not being audit logged correctly.
- Fixed an issue and boosted performance when saving changes in the Data Mapper.
- Fixed an issue with the Data Mapper where errors would not be presented correctly.
- Fixed an issue where certain PGP keys failed to load the expiration date when being imported.
- Fixed an issue with Request Files so Send Secure Mail permission is no longer required for a Web User to reply.
- Fixed an issue where proxied Agent connections taking longer than five minutes to setup could cause transfers to hang.
- Fixed an issue where the AS4 Service was not showing up as selected on the View Trigger page when ‘Any Service’ is selected.
- Fixed IAM Actions to save permissions that contain ‘/’ in the name.
- Fixed an issue with the SFTP server that could occur when an SFTP client provides an invalid message length.
- Fixed logging statement when saving security settings in a cluster.
- Fixed loss of omitted permissions in sub folders by the parent folder when adding new permissions and using 'Apply to Sub Folders’.
Version 6.6.2
October 20, 2020
- Moved the PeSIT Server ID field from the Web User configuration page to the PeSIT Service configuration page.
- Updated the embedded web help documentation to use JQuery 3.5.1.
Version 6.6.1
September 17, 2020
Enhancements
- Added support for adding and deleting EDI components in the Edit EDI Definition mapper.
- Updated Mail Box resource and Retrieve Mail task to support OAuth2 for IMAP protocol.
- Added additional audit logging to the Quick Upload and Quick Download features.
Updates
- Removed unused geronimo-mail and geronimo-stax jars.
Fixes
- Fixed an issue causing private key lookup via alias to fail. This issue was introduced in 6.6.0.
- Fixed issues with enforcing Strict Hostname Verification policy. This was introduced in 6.6.0.
- Fixed a threading issue related to setting up proxied agent requests.
- Fixed an issue where passwords in project tasks failed to decrypt in certain scenarios.
- Fixed an issue where new SAML Login Methods would fail to be created in certain scenarios.
- Fixed an issue that could cause monitors to fire when changing the Client Type of the Network Share resource in certain situations.
- Fixed columns on the Project Execution History and Scheduled Job History pages to remain persistent according to user preference.
- Fixed an issue where file based JKS trust stores were not being loaded on admin service listeners if a provider was not specified.
- Fixed an issue where hostnames were being resolved to IP addresses resulting in failed hostname validation for FTPS connections.
- Fixed an issue where hostnames were being resolved to IP addresses resulting in failed hostname validation for database connections.
- Fixed issues where an error would occur when exporting multiple projects or submitting multiple projects to batch.
Version 6.6.0 (Beta)
August 12, 2020
New Features
- Added a new Strict Hostname Verification option which enforces all SSL/TLS connections to a remote server to properly validate the CN or SAN/DN values of the certificate regardless of the communication protocol.
- Added support for ECDSA host keys on the SFTP server.
- Added options to mask and encrypt data in Secure Form text fields.
- Added the ability to create users automatically from SAML login methods.
- Added a new REST API for quick uploads to Secure Folders.
Enhancements
- Improved the performance of pages that list actions on Projects, Resources and Triggers.
- Added a Search Filter to the Scheduled Job History page.
- Added a Search Filter to the Project Execution History page.
- Enhanced database sequence retrieval process to be more efficient and prevent lockups under heavy load.
- Added Encrypted Folders support to the PeSIT service and tasks.
- Added Active Transfer support to the PeSIT service and tasks.
- Improved auto blacklisting on PeSIT connections to terminate the connection at an earlier point.
- Added Active Session support for PeSIT user sessions.
- Added the ability to specify the same name on PeSIT file templates with different transfer types.
- Enhanced message processing within a clustered system to be more efficient.
- Enhanced cluster communication Attack Monitor processing to be more efficient.
- Enhanced the Agent Server to support more than 3 concurrent requests at a time.
- Updated the Create JWT Task to support additional SSH key types.
- Added the trust store provider to JVM default trust store definition. This fixes an issue where the admin server SSL listener may fail to startup in certain configurations.
- Created a new Dashboard Quick Link for Service Level Agreements.
- Enhanced the dropdown component by increasing the max length of labels and values to accommodate larger values.
- Enhanced Audit Log remarks for Admin Users authenticating with certificates.
- Added Permission Checks to the Scheduler Job History and Project Execution History pages.
- Added ‘Allowed Values’ for the Secure Forms Date component in dynamic help page.
Updates
- Updated the forgot password email to no longer rely on the request host header value to populate links.
- Added separate fields for error code and error description on the PeSIT audit log detail page.
- Added PeSIT data to Dashboard Gadgets.
- Added the option to show GoDrive transfer ownership dialog even when there is only one available owner.
- Added AS4 Auth Type and AS4 Fingerprint to GoAnywhere Command (GACMD) Add and Update Web User actions and Web User Self Registration.
- Added filtering of both formatted and unformatted audit log event ids.
- Updated client X.509 certificate SAN email address validation for Common Criteria.
- Updated the secure language cookie on the Web Client so that it is correctly handeld by the Web Client locale filter.
- Upgraded Postgresql JDBC jar file from version 42.2.7 to 42.2.14.
- Upgraded commons-codec from version 1.10 to 1.14.
- Upgraded the log4j libraries from version 2.10 to 2.13.
- Upgraded Apache Tomcat from version 7.0.100 to 7.0.105.
- Upgraded JavaMail version from 1.4.4 to 1.6.2.
- Upgraded jNQ SMBClient version from 1.2.5 to 1.2.6.
- Upgraded Primefaces from version 7.0.4 to 7.0.14 to address a jQuery vulnerability among other fixes.
Fixes
- Fixed an issue with the PeSIT Server and Client where sending a Free Text (PI-99) greater than 127 characters would cause a NegativeArraySizeException.
- Fixed an issue where the PeSIT service was not showing up as selected on the View Trigger page when ‘Any Service’ is selected.
- Fixed an issue with some fields on a PeSIT table in the PostgreSQL DDL.
- Fixed an issue where PeSIT file templates were not respecting domain folder restrictions.
- Fixed an issue where the transfer time was not accurate on PeSIT file transfers.
- Fixed issues with file label and free text on PeSIT file transfers.
- Fixed an issue where failed PeSIT connections were not being cleaned up on the client side on SSL handshake failure.
- Fixed an issue where auto-created LDAP users did not have the IP Filter and Time of Day limits respected on their initial login.
- Fixed an Issue with AS4 Pull Pmodes on a Web User where only Key-Pairs could be used as encryption keys.
- Fixed Issue where specific AS2/AS4 fields within a web user template were not being applied to web user creation when using AddWebUser GACMD command or importing web users via CSV.
- Fixed subject dropdown to display ‘AS4 Logs’ as a subject option when adding or editing an Admin User Role.
- Fixed an issue where the file size was not getting set on PeSIT audit log data.
- Fixed an issue that prevented the reading of some X12 documents when the ISA line contained the characters 'GS’.
- Fixed an issue where the Read EDIFACT task was only reading the first record in certain cases.
- Fixed a display issue on Active Sessions that would prevent the Gateway column from appearing checked when connection is routed through Gateway.
- Fixed an issue where changing the Run Mode for a Call Project/Call Remote Project action on a Trigger did not allow user to save.
- Fixed page heading when adding a new Admin User Role.
- Fixed the exportWebUser API to retain the original ‘Created By’ and ‘Modified By’ fields rather than replacing them with the username of the user executing the command.
- Fixed an issue when cancelling a repeatable job or shutting down the scheduler could throw an exception if a new repeatable job was added at the same exact time.
- Fixed an issue with GoAnywhere Command where specifying duplicate permissions for virtual files/folders would result in incorrect permissions.
- Fixed an issue where older versions of MFT would be unable to download EDI definitions from the Addon Marketplace after new EDI definitions were deployed.
- Fixed an issue where exporting private keys in the PKCS12 format while in FIPS 140-2 mode caused an error. Keys are now exported as BCFKS (Bouncy Castle FIPS-Approved Key Store) keys.
- Fixed the ‘BCSSLSocketFactoryWrapper not found’ exception that would appear in logs when starting up GoAnywhere in FIPS 140-2 mode.
- Fixed an issue where admin users were unable to login to the admin client using client authentication in FIPS 140-2 mode.
- Fixed an issue where importing an FTP/FTPS/SFTP monitor via GACMD would fail in certain cases.
- Fixed an issue where importing PEM certificate files fails in FIPS 140-2 mode.
- Fixed an issue opening the data mapper in the Read XML task.
- Fixed an issue where GoDrive shared file Owners were able to remove themselves from a folder when they were the only owner who had access. This resulted in nobody having permission to delete the folder or manage permissions.
- Fixed an issue where sharing a shared folder in Secure Folders was not correctly applying permissions or Share Name.
- Fixed an issue that removed the ability to add certain components in Cloud Connectors.
- Fixed an issue where the X12 and EDIFACT write tasks would sometimes write out the data for transaction sets out of order.
- Fixed an issue where adding the REST Post task to a newly created Cloud Connector resulted in an error.
Version 6.5.3
August 11, 2020
- Fixed an issue where a Secure Form saved draft could get out of sync with its uploaded file locations.
Version 6.5.2
July 24, 2020
Updates
- Removed an obsolete Web Services Resource Framework jar file.
Fixes
- Fixed an issue where EDI tasks would not reset loop indices between transaction sets.
- Fixed an issue with a few EDIFACT UNA and UNH elements that were not processed in the Read EDIFACT task.
Version 6.5.1
June 9, 2020
Enhancements
- Added support for dynamic paths for PeSIT File Templates.
- Added PeSIT events to audit log exemptions.
- Added file structure data to PeSIT file template view page.
- Included more relevant data when audit logging PeSIT events.
- Added archiving and purging capabilities for PeSIT audit logs.
- Restricted File Structure options on PeSIT file templates based on the selected transfer type.
- Added new Triggers for PeSIT send and receive events.
- Added the capability to search for PeSIT logs in the Global Logs.
- Added PeSIT authentication types to Web User templates.
- Enhanced EDI mapping to include the section (header, detail and summary) for each segment to prevent issues when mapping some segments in certain documents.
- Added new File Label and Free Text dynamic path variables for PeSIT File Templates with a Transfer Type of Receive.
- Added new File Label and Free Text fields to PeSIT File Templates with a Transfer Type of Send.
- Added support to import SMS connectors through the GACMD client using the import Cloud Connector action.
- Improved the REST API to include the default country to use when sending a password protected Secure Mail package set to notify recipients over SMS Text Message of the password.
- Cleaned up error logging in specific cases where Web User Devices could request unavailable information.
Updates
- Updated the EDI read tasks to specify the metadata datatype to varchar whenever formatting a value being read in.
- Implemented the System.executionId for SMS provider Add-ons.
- Updated the Web Client Applet to be signed with the new HelpSystems code signing certificate. The applet signature is now valid until 2021.
- Updated Network Share API to version 1.2.5.
- Removed Padding Character field when configuring PeSIT file templates.
- Removed PeSIT configuration options from the anonymous Web User.
- Added additional authentication for PeSIT requester passwords as well as require requester password on Web Users for certain PeSIT authentication types.
Fixes
- Applied a number of fixes for both the PeSIT Server and PeSIT Client.
- Fixed an issue with uploading files on a Request Files reply message.
- Fixed an issue with the ‘Session Tracking ID’ filter on the PeSIT audit log page.
- Fixed an issue with the X12 and EDIFACT write tasks where data would end writing prematurely.
- Fixed issue where AS2 server was not respecting the Require Encryption setting. This issue was introduced in 6.3.0.
- Fixed issue where AS4 Pull Processing Modes could not be deleted under certain circumstances.
- Fixed an issue where the ‘Add an Action’ menu item would improperly appear when configuring a SMS provider add-on.
- Fixed an issue where copying a PeSIT File Template doesn’t allow user to save immediately.
- Fixed Translation for PeSIT in Indonesian.
- Fixed issue where some REST endpoints returned an invalid Set-Cookie header.
- Fixed issue in PeSIT where invalid requester ID’s were not treated as failed logins.
- Fixed an issue with unnecessary validation on Request Files.
- Fixed a number of change history issues on PeSIT resource.
- Fixed issue with Requester ID field on PeSIT tasks not allowing more than 16 characters.
- Fixed an issue where testing a SMS Provider Add-on wouldn’t show an error if one occurred on Global Settings in certain situations.
- Fixed an issue with the EDI readers only reading in one row when it is supposed to be reading multiple.
- Fixed an issue where the EDIFACT read task was not actually reading in any data. This issue was introduced in 6.5.0.
- Fixed issue with upgrader that caused upgrade failures for MFT versions older than 6.3.0 that do not have secure admin client listeners configured with a trustStoreFile.
Version 6.5.0 (Beta)
May 1, 2020
New Features
- Added support for new PeSIT service.
- Added support for CC and BCC recipients in Secure Mail.
- Added the ability to use mapped values in expressions in all EDI tasks.
- Added a new SMS Provider Add-on type to allow for the installing and/or connecting to custom SMS providers that can be configured in the Global Settings.
- Added admin revision history and logging to Project Folders.
- Added Query parameter properties to the Dropdown component in Secure Forms to allow for the use of SQL query parameters in database powered Secure Forms.
- Added the ability to configure the public key signature algorithms allowed by the SFTP Server, which applies to the server’s Host Key and when a Web User authenticates with a public key.
- Added automated process to delete old, consumed AS4 Message Channel messages.
- Added SAN/DN validation to PeSIT partners.
Enhancements
- Added new Component Group Component type to Secure Forms.
- Added support for Requester Password in the PeSIT Resource.
- Added new Repeat Options to Secure Form Components.
- Added Options to the Secure Form Response Task to allow for redirection to different Secure Forms or a URL upon successful form submission.
- Increased the minimum width of the 'To’, 'Subject’, and ‘Message’ fields when composing a Secure Mail message. Also enabled resizing on the ‘To’ field.
- Added support for the upcoming GoAnywhere Outlook Plugin release to be managed as a Web User Device.
- Enhanced the server-side REST API endpoints for Secure Mail features in the Web Client.
- Added support for diffie-hellman-group14-sha256 and diffie-hellman-group16-sha512 to the SSH resource.
- Added support for rsa-sha2-256 and rsa-sha2-512 public key algorithms.
- Enhanced password popup in View Package Details to be dynamically sized.
- Enhanced the teaser text for the Limit Bandwidth text in Global Settings to better convey what this setting applies to.
- Added functionality for event IDs to display in the same format in the syslog as in the log pages.
- Added functionality for event IDs to display the same format in archived logs as in audit log pages.
- Enhanced table formatting on the Secure Form Rest Dynamic Help page.
- Added the ability to run a Docker container as a non-root user.
- Improved the Read EDIFACT and Read EDI X12 tasks to loop over transaction sets and high-level loops without explicitly mapping them.
Updates
- Updated the Log Level labels to be consistent between the values and the audit history.
- Upgraded Apache Tomcat from version 7.0.99 to 7.0.100.
- Updated Maverick Server to version 1.7.29.
- Updated the JNQ Network Share API from version 1.0.2.br-1.1 to 1.2.3.SRC.
- Updated DB2 JDBC driver to version 3.72.24.
- Updated the text on the Global Settings HTTP Proxy tab.
Fixes
- Fixed an issue with SFTP where failed authentication attempts did not cause blacklisting.
- Fixed tooltips for Text Area inputs not being properly displayed on Secure Forms.
- Fixed an issue where custom report date ranges were not being applied correctly.
- Fixed an issue where SLA reports would not run when submitted to batch.
- Fixed false detection of Log Tampering in the HTTPS Audit Log due to the Web Client session timing out using Oracle Database.
- Fixed an issue when importing/promoting a Secure Form would not include the ‘Optional Text’ data.
- Fixed an issue in the Modify Row Set task where the Include Current Row and Exclude Current Row components would not work properly.
- Fixed an issue where calendar components would not translate properly.
- Fixed an issue where active Monitor Service Level Agreement events were not updated when the Service Level Agreement was updated.
- Fixed the error message for a duplicate fingerprint to allow for different languages based on locale.
- Fixed an HTTP 500 error resulting from attempting to restore previous EDI add-on versions.
- Fixed unauthorized message to display ‘SLA Manager’ instead of ‘Product Administrator’ when trying to run a Service Level Agreement Summary Report as an unauthorized role.
- Fixed tracking of host and user name in Job File Audit Log for session persistent GoFast tasks.
- Fixed an issue where a device could attempt registering to a deleted Web User.
- Added missing tooltip label for JDBC URL Wizard button when switching databases.
- Fixed ‘created by’ and ‘modified by’ values to use the appropriate user name where possible.
- Fixed an issue where a Web User would not be navigated to a specific Secure Form when using a private URL and the Secure Form permission is only enabled on a group the Web User is a member of.
- Fixed offset errors in Read EDI X12 and Read EDIFACT tasks caused by missing segments in multiple transaction sets.
Version 6.4.3
April 21, 2020
- Updated Gateway Manager to support SSL termination and SSL rewrap for GoAnywhere Gateway version 2.8.0.
- Upgraded the Netty library from version 4.1.42 to version 4.1.48.
- Fixed an issue where an input stream was left open causing Agent server threads to get hung up.
Version 6.4.2
March 24, 2020
- Added support for IP blacklisting/whitelisting for IPs resolved from X-Forwarded-For headers.
- Updated AS3 Process Message Task to process single-part messages.
- Updated AS3 Create MDN Task status field values to 'processed’, ‘processed/error’ and 'failed’. Added an error type field for the ‘process/error’ status.
- Updated the AS3 Process Message ID output variable to include surrounding brackets.
- Updated AS3 version from 1.0 to 1.2.
- Relaxed the restriction on the compressed to uncompressed data ratio for reading and writing Excel documents.
- Removed an unnecessary MIME messaging layer from the AS3 Create Message Task.
- Fixed an issue with AS3 Process Message Task where the Signature Verification Key had to be a key pair instead of just a public certificate.
- Fixed an issue with the AS3 Create Message Task that changes content type for encrypted messages to Base64.
- Fixed an issue where the MFT Servers Resource Change History would cause a 500 error when saving in certain situations.
- Fixed an issue where the SOAP Task was not handling a relative schema location in the WSDL.
- Fixed an issue that would occur when sorting by mobile number in a Web User address book.
- Fixed an issue where editing AS4 Resource permissions failed to save.
- Fixed an issue where using a SAML provider with query parameters in the configured redirect URL was not working.
- Fixed an issue where the workbook object was not closing properly in the Read Excel Task.
- Fixed an issue with the Password Protect Excel Task not producing a usable file.
Version 6.4.1
February 25, 2020
- Added support for the X-Forwarded-For header on Admin and Web Clients.
- Fixed an issue where the language would display English and would not change to the selected language on the Admin Client.
- Fixed an encoding issue when submitting large Agent projects where JVM file.encoding is not UTF-8.
- Fixed the behavior of inputting a single variable into the From field for a Send Email Task.
- Fixed an issue where Agents would fail to connect to the MFT server if RSA FIPS was enabled.
- Fixed an issue that could cause a null pointer error to occur during Web User self-registration.
- Fixed an incorrect label on the Switch Database configuration page.
- Fixed an issue where deleting an Excel file fails after running the Write Excel task with append.
- Fixed an issue where the ‘Remove my Access’ menu item would not appear for a file owner in GoDrive. This issue was introduced in 6.4.0.
Version 6.4.0 (Beta)
February 6, 2020
New Features
- Added a reception awareness feature to AS4 servers to monitor for asynchronous receipts.
- Added Triggers for AS4 events.
- Created a new GoAnywhere Command Get Job Status API. This includes new GoAnywhere Command Get Job Status SOAP and REST web services.
- Added a file chooser to the Web Client Brand configuration page.
Enhancements
- Added authentication type to Admin User templates.
- Added the ability to use KMS for the Admin server certificates and trust.
- Improved the AS4 server so attachment files are processed more efficiently.
- Enhanced the UI PostgreSQL Switch Database steps. They now include an option for creating a schema.
- Added support for routing unauthenticated AS4 messages to the anonymous Web User.
- Updated the PGP Sign and Encrypt Task to not require that the key name be specified if there is only one PGP key in the KeyRing or Key Vault.
- Added the ability to bypass routing rules on the Admin Client allowing users to login based upon their login method instead of routing rules in case of a misconfiguration.
- Enhanced the LDAP Auto Creation logic when using Routing Rules to use the login method specified by routing rules first when user doesn’t exist.
- Enhanced French translations in the Web Client.
- Updated the Trigger Call Project action - the Job Queue text field is now a drop-down list that displays all available Job Queues.
- Improved error messages for sharing Secure Folders and made the Audit Log remarks more descriptive.
- Enhanced the file name pattern field on Monitors to allow regular expressions of up to 255 characters.
- Enhanced the license refresh process to log validation errors during startup of MFT.
Updates
- Upgraded the TinyRadius API to version 1.1 to fix an issue with passwords greater than 16 characters.
- Updated the Write EDI X12 task so that the sender and receiver no longer receive extra padding in the GS segment.
- Updated the Read EDI X12 and Read EDIFACT tasks to optionally handle repeating segments as loop type data.
- Updated the Global Logging to ensure all IndexReaders are closed after searching.
- Updated the View Certificate page to display the certificate serial number when viewing a KMS certificate.
- Updated some Japanese messages in the Admin client with correct context.
- Updated existing French translations to be more accurate.
- Improved error logging for incoming AS4 messages.
- Added the ability to configure the Admin Site URL for Admin Single Sign on settings.
- Upgraded Apache Tomcat from version 7.0.96 to 7.0.99.
- Upgraded the commons-beanutils library from version 1.9.3 to 1.9.4.
Fixes
- Fixed an issue with Job File Auditing where Host and User Name information wasn’t being tracked.
- Fixed an issue that allowed users to enter the Master Encryption Key name with leading spaces.
- Fixed an issue where the PGP Sign task would sometimes throw a Null Pointer.
- Fixed an issue where a large session timeout caused logout to occur.
- Fixed an issue where certain fields were being logged incorrectly in the AS4 Audit Logs.
- Fixed an issue where a Web User could not be deleted unless all AS4 messages on their subchannels were deleted.
- Fixed an issue where the expression descriptions in the Project Designer Expression Wizard would not display in the selected language.
- Fixed an issue where the Write Excel Format background and foreground color options were displaying two ‘Olive Green’ options. One of the options is now labeled 'Maroon’.
- Fixed an issue with the FTP service where listing files and directories with -a option resulted in a null pointer exception.
- Fixed an issue with Schedules where certain repeat conditions would prevent saving.
- Fixed an error authenticating Users before running an Agent Scheduler or Agent Monitor.
- Fixed an issue with EDI X12 where the maximum number of loop iterations was not being validated when the loop was required.
- Fixed an issue where the AS4 Push task did not correctly validate receipts in certain scenarios.
- Fixed an issue where a bad response was returned when an a decryption key was not specified on an AS4 Processing Mode.
- Removed an unnecessary edit icon on the Custom Tasks page.
- Corrected the Japanese translation of the word 'Japanese’.
- Fixed an issue where audit logs would load Service Level Agreement Log View modules without the Admin User having Service Level Agreement Log View permissions.
- Fixed an issue where changes to non-password fields in Global Settings would incorrectly trigger an admin log “password changed” entry after rotating master keys.
- Fixed an issue where deactivating a domain would not check use by Agents, Agent groups, and Agent templates.
- Fixed an issue that when using the PGP Encrypt task, the file sizes in the File Audit log details were incorrect.
- Fixed an issue where the Send Email task would add extra brackets to the From field when other fields were updated.
- Fixed an issue where Request Files would try to send a password to a mobile number. This is not an option for Request Files.
- Fixed an issue where users would follow the SAML Logout URL when they should be returned to the Login page instead.
- Fixed the display of certificate attributes when editing a signed certificate in KMS.
- Fixed an issue where the Retrieve Email task failed on attachments with Chinese characters in the file name.
- Removed unnecessary table columns for Monitors in the Agent console.
- Fixed an issue that when an Admin User failed Two-Factor Authentication (2FA) on login, a Web User with the same user name would be locked out.
- Fixed an issue where an error was thrown when adding a variable in the GACMD Cloud Connector Run Project action.
- Fixed an issue where Web Users could have AS4 processing modes without an AS4 Partner ID.
- Fixed an issue where the Admin Client and Web Client were not setting the language cookie to secure when connecting over HTTPS.
- Fixed an issue where the Web Client was not setting the language cookie correctly over HTTP.
- Fixed an issue that prevented the license from refreshing in certain scenarios.
Version 6.3.4
January 21, 2020
- Fixed an issue where MFT would fail to proxy communication to Agents that are connected to other MFT nodes.
- Fixed an issue where IP blacklist messages would fail to notify other nodes in a cluster.
- Fixed an issue with saving syslog setup with structured data.
Version 6.3.3
January 16, 2020
- Fixed an issue where database index name was too long for Oracle 12c R1.
- Fixed an issue where not specifying a FTPS Resource server certificate key store resulted in a null pointer exception.
- Fixed an issue with the upgrade process where the Key Store and Trust Store Type field were not properly set upon upgrade.
- Fixed an issue where admin ldap users weren’t automatically created.
Version 6.3.2
December 18, 2019
Enhancements
- Improved the validation logic for AS4 tasks.
- Added new message properties RowSet to the AS4 Pull Task Output Variable.
- Added the ability to specify a new certificate for the Agent server.
- Made several user interface enhancements to the EDI Definition Mapper.
- Enhanced the Web User Device authentication process to allow the previous step to be retried if there was a failure.
- Enhanced the Web User Device registration to allow for the Authorization Code to be displayed to the screen when on MacOS because Safari won’t automatically redirect back to the client.
- Newly registered agents now receive a version 3 certificate with the client authentication extended key extension.
Updates
- Added missing AS4 fields to the View Web User and View Web User Template pages.
- Updated reports and gadgets to properly account for AS4.
- Updated HTTPS service licensing checks to include AS4 feature.
- Updated the AS4 Resource to correctly override display of passwords when being imported.
- Updated the AS3 and AS4 tasks to be in a sub-category in the Project Designer Component Library.
- AS4 Push Processing Modes can now properly send synchronous and asynchronous receipts, or no receipt at all.
- Updated the Web Client interface so certificate authentication will be used even when SAML is configured.
- Added versioning to some JS and CSS files that were updated.
Fixes
- Fixed a bug where signing an AS4 message without specifying a key resulted in a null pointer exception.
- Fixed an issue where an AS4 preferences object could not parse correctly, causing the user preferences to be reset.
- Added a missing property for AS4 error messages.
- Fixed a typo in the AS4 task error message for bad HTTP status code.
- Fixed an issue where too much information was included in an AS4 message.
- Removed an unnecessary validation check for decryption key name in the AS3 Process Message task.
- Fixed an issue that could occur when attempting to fetch an expired CRL using HTTPS.
- Fixed AS3 Create MDN task to only add ‘Received-Content-MIC’ header when signing the MDN.
- Fixed an issue where viewing AS3 Partners on the Resource List page would not indicate the Resource type in the heading.
- Fixed an issue where the AS2 Service could fail to sign an MDN receipt if using a file-based key.
- Fixed an issue where AS2 certificate authentication could fail if using a file-based key.
- Fixed an issue where new lines could not be entered in Secure Mail messages. This bug was introduced in 6.2.0.
- Fixed an issue where the Create JWT task did not work with new SSH keys. This bug was introduced in 6.3.0.
- Fixed issue where the Cloud Connector designer would not load. This bug was introduced in 6.3.1.
- Fixed an issue where a user would get a blank screen when trying to do an IDP initiated login with SAML disabled.
- Added a null check for Single Sign On settings when using SAML to login to the Admin and Web Clients.
- Cleaned up CRL setting functionality on the Security Settings page.
- Fixed an issue where Azure Resources rejected hostname verification in BouncyCastle FIPS mode.
- Fixed issue where default message channels were not being created for new domains and message channels were not being deleted for deleted domains.
- Fixed bug where Windows upgrader fails if there is a space in installation directory name.
Version 6.3.1 (Beta)
December 10, 2019
Applicability Statement 4 (AS4)
Added support for the Applicability Statement 4 (AS4) file transfer protocol. The AS4 tasks work with the existing GoAnywhere HTTP/S server as the message transport mechanism.
Added a new AS4 Resource for defining partner information, such as URLs, authentication, certificates, etc…
Added a new AS4 service, along with configuration pages for AS4 Message Channels.
Added a new AS4 Pull task for retrieving messages from an AS4 server.
Added a new AS4 Push task for sending messages to an AS4 server.
Added a new AS4 Send Error task for returning an error if validation of an AS4 message fails.
Added a new AS4 Send Receipt task for sending receipts in response to AS4 pull requests.
Added a new AS4 Enqueue Message task for adding messages to Web User Message Channels.
Added new Web user configuration options for AS4.
Added new AS4 server-side logs.
Fixes
- Fixed an issue where MFT would fail to start up due to a missing security property. This issue was introduced in version 6.3.0.
- Fixed a UI alignment issue in the SAN/DN section of Web User settings. This issue was introduced in version 6.3.0.
- Fixed an issue where encryption GoFast file accelerated transfers would fail during key generation when running in FIPS mode using the new Bouncy Castle FIPS 140-2 certified security provider. This issue was introduced in 6.3.0.
- Fixed an issue where encryption updates to the service keystore passwords were causing the Security Audit Report generation to fail. This issue was introduced in 6.3.0.
- Fixed an issue where SOAP and REST tasks were not correctly handling implicit trust. This issue was introduced in version 6.3.0.
- Fixed an issue where email and username validation was not properly enforced when performing SAN/DN verification during Web User authentication. This issue was introduced in 6.3.0.
Version 6.3.0 (Beta)
November 26, 2019
Applicability Statement 3 (AS/3)
- Added support for the Applicability Statement 3 (AS/3) file transfer protocol. The AS3 tasks work with the existing GoAnywhere FTP/S server as the message transport mechanism.
- Added a new AS3 Resource for defining partner information, such as IDs, authentication, certificates, etc…
- Added a new Create AS3 Message File task for generating messages to be sent to a trading partner.
- Added a new Process AS3 Message task for processing messages received from a trading partner.
- Added a new Create AS3 MDN task used to generate the Message Disposition Notifications, or receipts, to be sent back to the trading partner after a message is received.
- Added a new AS3 Message Integrity Check task that generates the message digest for nonrepudiation checks.
EDI X12 and EDIFACT Data Translations
- Added the ability to edit EDI X12 and EDIFACT Transaction Set definitions.
- Added support for Network Share files in the Read EDI X12 and Read EDIFACT tasks.
- Updated references of ‘X12’ to ‘EDI X12’ in the Read and Write EDI X12 tasks.
- Removed the invalid ‘Add Segment’ option from group menus in the Write EDI X12 and Write EDIFACT tasks.
User Authentication
- Added support for multiple SAML IDP configurations that are now defined per HTTP/S listener. Each HTTP/S listener can have a unique SAML IDP configured for handling authentication of users that access that endpoint.
- Added a new login routing policy that can be used to dynamically determine how admin and web users authenticate based on their user name.
- Added the ability for Admin Users to authenticate using digital X.509 certificates.
Language Support
- Added support for the Dutch language in the Admin Client and Web Client.
- Added support for the Italian language in the Admin Client and Web Client.
- Added missing translated messages when configuring an Admin User Group.
- Enhanced German translations for the Admin Client.
Other Enhancements
- Added new global SSL/TLS security configuration options to enforce client and server certificate validation.
- Added a new verification check for X.509 CA certificate Basic Constraints.
- Added support for Certificate Revocation Lists (CRLs) verification for all SSL/TLS connections.
- Implemented new certificate extended key usage validation for server authentication, client authentication, and email encryption and signature certificates.
- Added a date validity check to ensure certificates are valid and not expired.
- Added user name and email SAN/DN validation for Admin Users and Web Users that authenticate using digital X.509 certificates.
- Added process upon startup to rotate the Agent Server Certificate if it expires within one year.
- Added a Software Identification (SWID) tag.
- Added the ability to specify a custom configuration directory during installation on Windows, Linux, and Unix operating systems.
- Added support for encrypting the shared secret password in the gateway.xml configuration file.
- Added support for encrypted key store passwords in the server.xml of the embedded Tomcat webserver.
- Added the ability to define the encryption sub key algorithm and size for PGP keys.
- Enhanced clustering communication to use stronger encryption.
- Enhanced clustering communication to use external source for authentication tokens.
- Added the ability to run upgrades using a signed executable (exe) upgrade file for Windows installations
- Improved the performance of event ID generation for Service Audit Logs.
Other Updates and Fixes
- Upgraded Apache Tomcat from version 7.0.94 to 7.0.96.
- Updated JSTL libraries from version 1.2.0 to 1.2.3.
- Updated the AWS S3 libraries from version 1.11.14 to version 1.11.631.
- Updated the JGroups API from version 3.3.3 to 4.1.2.
- Upgraded the Netty library from version 4.1.33 to 4.1.42.
- Upgraded Jackson Databind, Core, and Annotations libraries from version 2.9.9 to 2.10.1.
- Upgraded PostgreSQL JDBC library from version 9.4.1212 to version 42.2.7.
- Upgraded the Apache HTTP Client libraries from versions 4.5.2 to version 4.5.3.
- Upgraded the Apache POI Excel libraries from version 3.17 to version 4.1.1.
- Upgraded Apache Commons File Upload library from version 1.3.3 to 1.4.
- Upgraded the embedded Apache Derby database from version 10.12.1.1 to version 10.14.2.0.
- Upgraded the UnboundID LDAP SDK from version 4.0.5 to 4.0.11.
- Removed the dom4j XML parsing library as it was no longer needed.
- Fixed a potential cross-site scripting issue on the Compose page for Secure Mail.
- Fixed an issue where preferred algorithms weren’t listing correctly when adding a PGP key pair in KMS.
- Fixed an issue where the version number in the Write EDI X12 task was being written improperly.
- Fixed an issue when using AddWebUserIP or RemoveWebUserIP GACMD commands would inadvertently remove web groups from the web user.
- Fixed an issue with REST APIs where an invalidated session ID was being returned to client.
- Fixed an issue where the same Project or Trigger SLA can fail when processing at the same time in certain situations.
- Fixed an issue with formatting of the ‘Last Updated’ label on the System Resources tab.
Version 6.2.4
November 7, 2019
- Enhanced Cloud Connector ForEachFilePartLoop task to work within existing loop structures.
- Fixed an issue that would prevent Admin Users from resetting their password when it had expired. This issue was introduced in version 6.2.0.
Version 6.2.3
October 1, 2019
- Updated the SAML response XML parser to prevent access to external entities by default for enhanced security.
- Improved the audit log indexing process to better handle very large data sets that were causing memory issues during a full index rebuild on certain databases.
- Added missing labels to the protocol filter on the Job File Audit log page.
- Fixed issue with Quick Downloads REST API where an invalidated session ID was being returned to client.
- Fixed an issue where user role access was not properly updated after deleting an Admin Group.
- Fixed an issue where user role access was not properly updated after LDAP group synchronization.
- Fixed an issue where a 500 error would occur when redirecting a SAML authenticated user to the logout page on session timeout. This was introduced in version 6.2.2.
Version 6.2.2
September 9, 2019
- Added a session timeout warning that appears one minute before a user’s session expires. When a session expires, the user will automatically be redirected to the login page.
- Added new options to the Write EDI X12 Task to reset RowSets, allowing loops and segments to repeat.
- Added settings for EDI X12 loops and segments to evaluate a condition before a loop or segment is processed.
- Fixed an issue with versions 002xxx and 003xxx of the EDI X12 transaction sets that was causing segment looping to fail.
Version 6.2.1
August 22, 2019
- Added EDI X12 transaction sets for versions 002xxx and 003xxx to the online marketplace.
- Added support for EDI X12 versions 002xxx and 003xxx in the Read and Write EDI X12 tasks.
- Added indexes to the Secure Form payload table to improve efficiency and processing speed of the database queries.
- Added additional validation when loading a sample XML document in the UI Data Mapper.
- Added some missing translated messages on the edit Admin User and edit Admin Role pages.
- Added missing translation text to the multi-row selection footer menu.
- Updated some message translations on the Admin Client to be more accurate in Spanish.
- Updated the Resource Test Dialog height to better display within all monitor sizes.
- Updated the Secure Form REST API endpoints for uploading attachments to be more efficient.
- Updated the Secure Form submission process to use database connections more efficiently.
- Updated the purge process for submitted Secure Forms to delete records more efficiently.
- Updated several message translations in the Admin Client for French.
- Updated the styling of the main menu to properly handle the adjusted length of translated menu labels.
- Updated the logout message to properly display in the Admin User’s selected language.
- Updated the ‘Edit’ action on the context menu in the project designer to show the properly translated label.
- Updated the ‘HelpSystems’ text in the footer to always display in English, regardless of the currently selected language.
- Improved the styling of the Load Sample Document dialog in the data mapper.
- Improved the German translations for ‘Save’ and ‘Cancel’ button labels across all screens.
- Updated ‘GoFast’ labels and references to stay in English and not be translated on the Admin Client.
- Fixed an issue in the Project Designer where the Execute, Debug, and Show XML buttons would disappear when changing the Project name. This issue was introduced in version 6.1.0.
- Fixed an issue where public Secure Forms were not displaying the correct error message when website embedding is misconfigured.
- Fixed the message shown to the user when deleting Contacts in Address Books to include the contact name.
- Fixed an issue where the Environment label within the Admin Client page header would only render if the Admin User was a Trigger Manager.
- Fixed a UI issue with the Date component in Secure Forms by using four digits instead of two digits for years.
- Fixed an issue where an error would sometimes occur when updating the Read XML Task from the Data Mapper.
- Fixed an issue where Asynchronous MDN messages were improperly flagged as tampered.
- Fixed an issue with the custom logo alignment in the Web Client. This issue was introduced in 6.2.0.
- Fixed an issue where log entries for admin user login with two-factor authentication were missing the Submitted From value.
- Fixed issue where EDI X12 and EDIFACT transaction sets would expire 30 days after installing them from the Addon Marketplace. This issue was introduced in 6.1.0.
- Fixed an issue where the Write EDI X12 and Write EDIFACT tasks skipped empty composite elements followed by a mapped value.
- Fixed some UI issues on the Browse Projects and other layout pages with resizable sections. This issue was introduced in version 6.2.0.
- Fixed a UI issue with the Admin Client main menu bar where hovering would not work properly for some languages.
- Fixed an issue with context menu widths to support longer phrases due to internationalization.
- Fixed an issue where task attribute values were sometimes lost when applying values from the UI Data Mapper.
- Fixed an issue on the Read and Write EDI X12 tasks where validation incorrectly flagged separate iterations of a loop as repeating segments.
- Fixed an issue on the Read EDIFACT Task where the repetition delimiter was improperly used as an escape character.
- Fixed an issue where the Share Folder and File events in GoDrive would indicate a false positive within the tamper evident logging.
- Fixed some labels in the filter component on various list pages that were not properly translated.
- Fixed an issue where required fields submitted without a value resulted in an error message containing extraneous random characters. This issue was introduced in 6.2.0.
Version 6.2.0 (Beta)
August 8, 2019
Language Support
- Added the ability to view the Admin Client interface in 8 additional languages. This includes support for German, French, Spanish, Indonesian, Danish, Japanese, Portuguese, and Chinese.
- Enhanced the product installer to also support the 8 additional languages.
- Added support for the Danish language in the Web Client.
- Added a language selection option to the Web Client interface for Web Users to select a language rather than relying solely on the browser language settings.
- Added the ability to specify intended languages on Secure Forms. For example, you can create two forms that serve the same purpose but one could be in French and the other is in English. As the user toggles their preferred language in the Web Client, it will only show the forms that are applicable to the selected language.
EDI X12 and EDIFACT Data Translation
- Added a Read EDIFACT Task to read EDIFACT files into RowSet variables, which can then be used in subsequent tasks to insert the data into a database or converted to other file formats.
- Added a Write EDIFACT Task that reads data from RowSets and writes it to an EDIFACT formatted file.
- Added 8,000 EDIFACT Transaction Set definitions to the Add-on Marketplace.
- Added validation to the Read EDI X12 task to validate the data matches the X12 definition.
- Added validation to the Write EDI X12 task to validate the data matches the X12 definition.
- Added validation to the Read and Write EDI X12 tasks to ensure at least one value is mapped.
- Added the ability to save and close dialogs in the Data Mapper with the keyboard.
- Added teaser text to the Load Sample Document dialog of the UI Data Mapper to make it more intuitive.
- Improved the scrolling capabilities of the UI Data Mapper to better handle large data mapping definitions.
- Enhanced the UI Data Mapper to keep user sessions alive when actively working within the framework.
- Updated the X12 Data Mapper to prevent mapping root nodes.
- Fixed an issue with the drag and drop functionality in the UI Data Mapper that would allow more than one RowSet with the same name to be created.
- Fixed a minor UI issue in the EDI Data Mapper where it was possible to have a hover effect on more than one item at a time.
- Fixed an issue with the Read EDI X12 Task to properly parse data into the configured data type.
- Fixed an issue with the Write EDI X12 task where a big decimal data type was improperly converting the data to a long data type.
- Fixed an issue where the XML and EDI Data Mapper would fail to load when the Project has validation errors.
Other Enhancements
- Added new configuration options on Secure Forms to control the position of the form buttons (top, bottom, or both).
- Added the ability to override the button labels, the characters remaining text shown on Text Area components, and the drop zone text on File Upload components.
- Added the ability to use the UI Data Mapper for the Read and Write XML tasks on Agents.
- Added additional branding options to the Custom Report task to customize the logo, modify the footer text, and exclude the Generated On date in the report.
- Added new settings on the Admin Server configuration page to enable additional languages for the Admin Client. Also, a Default Language setting can determine which language to is selected for users that access the Admin Client for the first time.
- Added a View Details page to the Administration Log to view the Remote IP, Submitted From, and other details of the Admin User performing the action.
- Added a confirmation prompt when deleting an Admin User Role.
- Added arbitrary tracking IDs for identifying sessions in the Administration and HTTPS logs.
- Added new audit log entries when a Web User fails to send Secure Mail or share files to contacts that are not in a shared address book and they are restricted.
- Added the missing Allow Personal Address Book and Restrict to Shared Address Book settings to the view detail pages for Web Users, Web User Groups, and Web User Templates.
- Added new audit log entries to the Administration Log when Admin Users login and logout. These events were previously stored in the System Log.
- Added page filter options for Address Books, Contacts, and Contact Groups on the Manage Filters page.
- Added logic to terminate the Admin User session after a GoAnywhere Command action completes.
- Added validation on the mobile phone number field to match the expected format of the supplied country for the Add Contact and Update Contact actions in GACMD.
- Added trimming for leading and trailing spaces when updating Address Book Contacts from GACMD.
- Added a message to the screen that notifies Web Users and Admin Users when they have successfully logged out.
- Added UI validation for required fields during Multi-Factor Authentication on the Admin and Web Client.
- Added ability to load the UI Data Mapper from a sample file on the Read XML task.
- Added the server host and user information to the Job File Audit log when files are accessed via the Resource file system syntax.
- Added the ability to post a sample file on the AS2 Resource to perform a better test of the connection information.
- Added the ability to limit the maximum size of a file uploaded using the SFTP Service.
- Added a new REST endpoint for Quick Download of Secure Folders content. This API can be enabled in the HTTPS service settings and supports HTTP Basic Authentication.
- Added validation to prevent folders from being created or renamed with trailing periods in Secure Folders.
- Enhanced the Export Web User action for GACMD, REST, and SOAP to now accept search criteria for exporting multiple Web Users
- Enhanced the Update Web User API action to support updating most configuration options on Web Users.
- Enhanced the color of links on the Quick Download page to have higher contrast ratio for 508 compliance.
- Enhanced the performance when logging into the Web Client by no longer expanding the root folder of the Secure Folders menu.
- Improved the performance of listing virtual folders and files mapped to remote systems when a resource is invalid or offline.
- Improved the performance of listing virtual folders and files mapped to remote systems when first logging into the Web Client and SFTP, FTP, FTPS servers.
- Improved the implementation of the SFTP server to support more streamlined API updates in the future.
- Updated the Add Admin User page to give cursor focus to the first field when the page is loaded.
- Updated the REST endpoint for the Delete Contact action to be /rest/gacmd/v1/addressBooks/[addressBookName]/deleteContact.
- Updated the Add Contact and Update Contact actions to require the country name to be specified with the mobile phone number.
- Updated the labels in the GoAnywhere One-Time Passwords feature to not have ‘Verification Code’ capitalized.
- Upgraded the Maverick SFTP server library from 1.7.18 to 1.7.22.
- Updated the device approval emails to reference the recently renamed Web User Devices page.
- Updated the Mobile Phone field on several screens to be disabled until a country code is selected.
- Updated the default Secure Mail email templates to no longer include the list of all Secure Mail recipients. The email template variable that contains a list of recipients is still available and the email templates can be overridden to include the Secure Mail recipients if needed.
- Updated the error message to be more clear when sharing a file or folder within Secure Folders to a user that already has access.
- Renamed the Partial Login event name in the HTTPS Audit Logs to be MFA Initiated.
- Improved the directory listing performance of Agent file systems by limiting the listing results to only directories when appropriate.
Fixes
- Fixed an issue where authorized users with view only permissions to certain pages would be logged out when accessing those pages.
- Fixed an issue when pasting a Network Share resource path into the file chooser would result in the path being updated with a ‘null’ value.
- Fixed the Service Level Agreements page to store the preferred columns, sort column, and sort order by user.
- Fixed some formatting issues with the Address Book Contact entries in the Administration Log.
- Fixed invalid data that was logged when updating Address Book Contacts in certain cases.
- Fixed an issue on the Edit Web User page where clicking on the Send Secure Mail field label was not properly selecting the related checkbox.
- Fixed a minor issue where an unauthenticated session was being removed unnecessarily after a logout event on the Admin Client.
- Fixed an issue that would allow an Admin User to save changes when their permissions were removed while configuring a Resource.
- Fixed a javascript popup error that occurred in certain browsers when navigating away from the SQL Wizard page.
- Fixed a minor UI issue when accessing the Manage Filters page from within the Agent console in how it would show the typical MFT page header section at the top.
- Fixed an issue that allowed contacts to be modified on Address Books via GoAnywhere Command where the Admin User does not have proper Domain access to.
- Fixed an issue with Monitor misfires and next run time calculations when MFT is shutdown for an extended period of time.
- Fixed an issue where enabling a disabled Monitor could cause it to execute immediately, outside of its scheduled run time.
- Fixed an issue where switching the backend database to International DB2/400 would result in failure to create some tables.
- Fixed an issue with the OAuth authentication process for mobile apps that could result in a NullPointerException if an authenticated session already exists.
- Fixed an issue where a duplicate event ID could be generated for the Administration Log when switching the backend database and not migrating existing data or using default data.
- Fixed an issue in SAML where Admin Site URLs starting with https://goanywhere.* would cause SAML SSO responses to fail.
- Fixed an issue that prevented non-ASCII characters from being used in passwords on the WebDAV, SOAP, and RESTful web services tasks.
- Fixed an issue where some dialogue popups would not redirect to the login page on session timeout.
- Fixed an issue that would allow an Admin User to delete the root Project folder. This issue was introduced in 6.1.0.
- Fixed an issue where the output variables of the Create JWT task were not added to the Variables section of the Project Designer.
- Fixed an issue where the literal ‘?’ character was not properly escaped in certain cases for EDI tasks.
- Fixed the Admin User Activity Details Report task to limit the number of output records based upon the specified Number of Rows field.
- Fixed an issue in the Security Settings Audit Report where a PCI/DSS item referenced the wrong number.
- Fixed an issue in the REST API that occurred when sending Secure Mail packages to an address not available in a restricted address book. This issue only applies to the new GoAnywhere for iOS version 2.0 mobile app.
- Fixed a message localization issue with the Include Password option when composing a Secure Mail message.
- Fixed an issue where GoFast uploads using a part size greater than 2000 would truncate the data being sent. This issue was introduced in 6.1.0.
- Fixed an issue where a rejected SFTP upload would be marked as a success when disk quota was exceeded.
- Fixed an issue where Web Users could be disabled due to inactivity when using the new GoAnywhere Desktop Client for Windows version 3.0.0 application.
- Fixed an error message when regenerating a PIN in Web User Devices that was missing an apostrophe.
- Fixed an issue where a validation message when updating Web User Settings still referenced GoDrive Managers.
- Fixed some behavior issues with sharing a Web User’s home directory that were inconsistent with sharing other files or folders within the home directory.
- Fixed an issue where the number of shared users on GoDrive documents could display incorrectly in certain cases.
- Fixed the footer menu from overlapping the context menu on list pages.
- Fixed a message localization issue on the Manage Permissions dialog of the Shared Files page in the Web Client.
Version 6.1.7
July 2, 2019
- Fixed an issue that would prevent Online licenses from validating when in FIPS mode.
- Enhanced the browser-based File Uploader component to offer better CSRF protection.
- Fixed an issue that would prevent GoAnywhere from properly starting up when the SLA Engine was disabled.
Version 6.1.6
June 14, 2019
- Fixed a security issue with the SFTP server that was introduced in version 6.0.0.
- Fixed a bug that occurred when trying to activate multiple monitors at once.
- Fixed an issue where a 500 error would occur after a new Admin User was added following an LDAP sync.
Version 6.1.5
June 12, 2019
- Added a new, mobile friendly login page for accessing the Web Client from a mobile device.
- Updated Secure Mail REST API to be consistent with the Web Client when creating and editing Secure Mail packages.
- Added Secure Mail as a supported feature in the Web User Features REST API.
- Fixed an issue where the PeSIT task was not able to download files directly to a remote file system.
- Fixed an issue where Gateway control connections configured with SSL/TLS would not properly reconnect after restarting the GoAnywhere Gateway server.
- Fixed a resource leak with the PeSIT Task and Resource that would prevent GoAnywhere MFT from properly shutting down.
- Fixed an issue where HTTPS transfers through GoAnywhere Gateway could result in memory exceptions in certain cases.
- Fixed in issue with the Agent upgrade process where pushing the upgrade file to an agent would result in a corrupt file. This issue was introduced in 6.1.0.
- Fixed an issue where page titles in the Web Client were not shown in the proper language in all cases. This issue was introduced in 6.1.0.
- Fixed an issue where setting the Web Docs directory on a domain to a folder on Azure could result in a NotSerializableException.
- Fixed some odd validation issues with the new Web User AS2 settings added in 6.1.0.
- Fixed an issue where Agent permissions were not properly consolidated from Agent Groups. This issue was introduced in 6.1.0.
- Fixed a NullPointerException that could occur when updating a Secure Mail draft using the Secure Mail REST API.
- Fixed a concurrency issue with the SFTP server where files being added or removed by another process while a server performs a directory listing could cause unexpected results.
- Fixed an issue where the Web Client User Preferences page was not displaying in the correct language in all cases.
- Fixed an issue where restoring a project for an Agent would allow the user to select a different domain, resulting in a 500 Internal Server Error.
- Fixed an issue with the Secure Mail REST API where drafts could not be created with the password notification setting turned off.
- Fixed an issue with the Secure Mail REST API where untracked package attachments would get created in certain cases.
- Fixed a case sensitivity issue with accessing the Content-Id header of a message in the Web Service SOAP Task.
- Fixed an issue with the SFTP audit logs where the Virtual Path column was displaying the content of the Remarks column.
- Fixed an issue where copying an FTP/S or SFTP file from one resource to another would fail if the relative path to the files on the two servers was the same.
- Fixed an issue where GoAnywhere MFT would no longer automatically reconnect to the GoAnywhere Gateway server in certain cases.
- Fixed a NullPointerException with the PeSIT Task and Resource that could occur when a connection to a server fails.
Version 6.1.4
May 21, 2019
- Updated the Read EDI X12 Task to properly handle files with multiple transaction sets.
- Fixed an issue where public access to Secure Forms was no longer working. This issue was introduced in 6.1.2.
- Fixed an issue with the Secure Mail API where creating a package was inaccurately overriding default settings.
Version 6.1.3
May 14, 2019
- Fixed an issue where the Secure Mail Packages directory was not being resolved properly.
Version 6.1.2
May 14, 2019
Added the ability to create shared Address Books.
Create Address Books and assign them to Web Users and Web User Groups.
Create and share contacts and contact groups.
Control Web User access to personal and shared address books.
Limit users to sending to contacts in shared Address Books only.
Added a new Auditor role that has access to view all features and functionality. The existing Auditor role, which previously had access to view audit logs, was renamed to Log Viewer.
Added a Navigate button on the Secure Folders toolbar in the Web Client to allow users to navigate directly into a folder by specifying the complete virtual path.
Added the ability to prevent the FTP/S GET and PUT sub-tasks from automatically sending a TYPE command to the server before transferring files.
Added the ability to update installed EDI X12 add-ons when a newer version of the definition when released.
Added support for files with an Undefined Length record format when performing an FTP directory listing directory against an MVS FTP server.
Added the ability to customize the SPNameQualifier attribute when configuring SAML.
Added a Manage action for Resources to allow users with appropriate roles to perform non-view related actions on Resources.
Added functionality to properly refresh an Online type license manually from the License page.
Enhanced the styling of the GoAnywhere One-Time Password login pages for multi-factor authentication.
Enhanced the contrast ratio of Info and Error messages in the Web Client for 508 compliance.
Enhanced the Permissions dialog in the Web Client to be keyboard accessible for 508 compliance.
Enhanced the color of some hyperlinks in the Web Client to have a higher contrast ratio for 508 compliance.
Improved the contrast ratio of the menu links and hover effects of the folder navigation in the Web Client for 508 Compliance.
Enhanced the view of the License page when using an Online license and running in Limited mode.
Improved validation of the GoAnywhere One-Time Password settings.
Updated various role actions to be better consolidated and have clearer labels.
Update SLAs to properly handle events when working in a clustered environment.
Updated the Security Audit Report to include checks for the new GoAnywhere One-Time Password feature when validating users for multi-factor authentication.
Updated the layout of the EDI X12 Transaction Set field in the Project Designer.
Updated the Write EDI X12 task to support the x00 syntax for hexadecimal characters in the appropriate fields.
Updated the Secure Form submit button to be disabled while files are actively being uploaded to the form.
Updated the login process for new GoAnywhere Client devices to properly reset the invalid login attempts on successful login.
Updated Secure Mail licensing to allow user-based limits. Web Users with the ability to send Secure Mail messages will consume a license in this mode.
Updated the order of the columns in the Service Level Agreement audit logs.
Updated the deletion of Admin Users and Admin User Groups to delete the hidden object based Admin User Roles they may have to specific objects.
Updated the new Secure Folders REST APIs added in version 6.1.0 to provide a better error message when an invalid JSON payload is submitted.
Updated access and error pages on the Web Client to have better page titles.
Upgraded the embedded Apache Tomcat web server from 7.0.90 to 7.0.94
Made several improvements to the new PeSIT Resource and Task.
Fixed an issue where enabling cipher suites on the FTP Server configuration overrides the client authentication setting.
Fixed an issue where a NullPointerException could appear in the logs if a user logs out before the Dashboard is fully rendered.
Fixed an issue where the Manage Filters page would show saved filters for all admin users.
Fixed an issue where a user with view only access on the Gateway Manager page would not see the Controller Address when a Gateway connection is not active. This issue was introduced in 6.1.0.
Fixed an issue where a user with the Project Executor role was able to view job logs for all jobs instead of being limited to the jobs executed by that user.
Fixed an issue where Key Name on AS2 Recipient gets wiped out when switching tabs on the AS2 configuration page.
Fixed an issue where the switch database process would not insert the default keys, certificates, and roles when using default data.
Fixed an issue where the ping process of Online licenses could cause features to behave as if they were not licensed.
Fixed an issue where the Completed Jobs filter wasn’t working properly with the Run User component in all cases.
Fixed an issue the SAML configuration page was not saving changes in all cases.
Fixed an error that would occur when clicking the Activate license button for Online type licenses when running in Limited mode.
Fixed an issue where the JDBC URL Wizard was not working properly on the Agent project/resource designer. This issue was introduced in 6.1.0.
Fixed an issue where the Web Client was not functional if the GoDrive feature was enabled on the web user but not available on the licensed.
Fixed an issue where a RowSet created by the Read EDI X12 task was not properly configured as scrollable and could only be used once by another task.
Fixed some odd rendering behavior that would occur if both Allow and Deny policies are applied on the same action for a single page.
Fixed an issue where audit logs that shorten long values could cause tamper evident logging to indicate a failure.
Fixed an issue where newly created SLAs would not fire at the expected end time.
Fixed Project and Trigger SLAs to only monitor on the days configured for the SLA.
Fixed Project and Trigger SLAs to ensure they fire met or not met at the configured end time.
Fixed issue where SLAs would indicate they are met or not met up to minute late.
Fixed an issue where SLAs could be configured to have the Start Time after the defined End Time.
Fixed navigation when editing an SLA from the audit log to return to the appropriate log page instead of going back to the SLA list page.
Fixed an issue where users authorized to the Export action of the SLA Log subject were able to view audit logs.
Fixed a NullPointerException that could occur when using GoAnywhere One-Time Passwords with the Twilio SMS provider configured with an invalid authentication token.
Fixed a potential memory leak with GoFast transfers. This was introduced in 6.1.0.
Fixed an issue with drag and drop linking for port adornments in the graphical data mapper in the Project Designer.
Fixed a NullPointerException that would occur when trying to write Excel and CSV files using data inaccurately mapped from an X12 document.
Fixed an issue where the Output File Variable in the Write EDI X12 Task was not working properly.
Fixed an issue where hidden components in the Secure Form designer leave an empty space in the layout, which can cause undesired behavior.
Fixed an issue where Project and Resource permission settings were showing up in the Consolidated Roles section of the View Admin User page.
Fixed an issue where an extra space was included at the end of the password in the default email sent to a user when using GoAnywhere One-Time Passwords.
Fixed an issue where a Web User login could produce a NullPointerException if the Web User’s home directory is configured with no permissions.
Fixed a NullPointerException that could occur in the Web Client when a web user shares the home directory.
Fixed an issue where updating an IP Filter in GoAnywhere MFT was not properly notifying GoAnywhere Gateway.
Fixed an issue where deleting an IP Filter in GoAnywhere MFT was not properly notifying GoAnywhere Gateway.
Fixed an issue in which GoFast transfers through GoAnywhere Gateway would occasionally fail. This issue was introduced in 6.1.0.
Fixed an issue with the Web User file system API that could produce a NullPointerException in certain cases.
Disabled unnecessary key shortcuts in the graphical data mapper available in the Project Designer.
Removed duplicate log messages that occurred when the online license ping process refreshes a license.
Version 6.1.1 (Beta)
April 24, 2019
- Enhanced the Write EDI X12 task to provide the ability to write values from static text or variables.
- Improved the performance of the XML and EDI X12 data mapper interface.
- Enhanced the Project Folder deletion process to ensure there are no subfolders prior to deletion.
- Removed legacy user interface files from the Web Client that were no longer being used.
- Added extra padding above the Secure Form instructions area in the Web Client.
- Updated the Administrator and Web Client Login pages to fix alignment issues that appear when the GoAnywhere One-Time Password feature is used.
- Removed extra spacing on the Dropdown field configuration in the Secure Form Designer. This issue was introduced in version 6.1.0.
- Added some missing page titles in the Web Client.
- Updated the Switch Database wizard to shutdown the SLA engine when switching databases.
- Fixed an issue where the Trigger Logs ‘Export Results’ button was not hidden for users with only Trigger Logs - View permission. The button should only appear for users with the ‘export’ permission.
- Improved some French, German, and Portuguese language translations in the Web Client.
- Modified IAM Permissions to use object IDs instead of object names.
- Enhanced the Resource’s View File Activity page to be accessible using the View Jobs permission on Admin User Roles.
- Fixed an issue where the Test Resource button was not appearing on the Add Resource page.
- Removed the pricing information from the Add-on marketplace.
- Removed a Product Administrator’s ability to see Key Management events in the Admin User Activity Log.
- Updated the default sort order for the Service Level Agreement logs to be descending on the event ID.
- Updated the Secure Folder REST API’s delete response to return a count of deleted items. This count allows client applications to verify the status of the delete request.
- Updated how Service Level Agreement scheduled tasks are canceled to allow them to finish execution.
- Fixed an issue where the Write EDI Task help link was incorrectly launching the Write XML Task topic.
- Fixed an issue were a Secure Form could be submitted before files being uploaded by the user had finished.
- Fixed an ajax error that was appearing in the web browser’s console log when selecting a Web User’s home directory in their profile.
- Fixed an issue where a Trigger’s Move Down action was not updated after a Trigger was reordered.
- Fixed an issue where the Web Client’s Logout and Help buttons can be given keyboard focus at the same time.
- Fixed a timing issue where some SLAs were ending 59 seconds before the end of their schedule.
- Fixed a timing issue where SLA ‘not met’ events were executed before the monitored Project had finished processing.
- Added an error message to the Project Designer to appear when a read or write EDI X12 task is using a Transaction Set that is not installed on the system.
- Fixed an issue where the Service Level Agreement Logs - View permission does not cause the ‘Audit Logs’ image in the Quick Links gadget to become enabled or link to the corresponding log page.
- Fixed an issue where mapping EDI X12 ISA Headers to RowSet variables was causing index out of bounds errors.
- Fixed a permission denied message that incorrectly stated the Security Settings Audit report can viewed by a Security Officer or Product Administrator. The report can only be ran by a Security Officer.
- Fixed a permissions issue that allowed a Project Executor to see the Project Search button.
- Fixes various permissions issues with the Agent Manager. These issues were introduced in 6.1.0.
- Fixed a permissions issue to ensure Project management features were not appearing to Admin Users who do not have permission to view the Project folder. This issue was introduced in version 6.1.0.
- Fixed an issue where pasting a Project location in the Add or Edit SLA page caused an error.
- Fixed an issue on the Read EDI X12 data mapping tool that made it possible to map multiple inputs to a single output column.
- Fixed the formatting of an error message that appeared when saving a custom Admin User Role.
- Fixed an issue where importing Projects from a ZIP file was not importing nested Projects and folders properly. This issue was introduced in version 6.1.0.
- Fixed an issue where database connections were not properly closed after AS2 file transfers. This issue was introduced in 6.1.0.
- Fixed an issue where the SLA Email action would cause an invalid error if no email address was specified on the action.
- Fixed an issue where the SLA would incorrectly appear as ‘not met’ because the monitored Project was called by a Call Project task.
- Fixed an issue that prevented file uploads to be canceled in the Administrator and Web Clients. This issue was introduced in 6.1.0.
- Fixed an issue that prevented the Service Level Agreement from executing the Project action if the condition was ‘Met’ or ‘Not met.’
- Updated the Web User Devices page so the Force User to Reauthenticate action item only appears for new device client types.
- Added a flag to device sessions to require access tokens and check for forced reauthentication after a GoDrive device migrates to the new desktop client authentication scheme.
- Fixed an issue where the Read EDI X12 task was not handling date values as the correct data type.
Version 6.1.0 (Beta)
April 11, 2019
EDI X12 Data Translation
- Added a Read EDI X12 Task to read X12 files into RowSet variables, which can then be used in subsequent tasks to insert the data into a database or converted to other file formats.
- Created a Write EDI X12 Task that reads data from RowSets and writes it to an EDI X12 formatted file.
- Added a new data mapping wizard that allows you to visually map your data between RowSets and files.
- Enhanced the Marketplace to include EDI X12 Transaction Sets.
- Enhanced the Cloud Connector Manager to become the Add-on Manager to support both Cloud Connectors and EDI X12 Transaction Sets.
- Added over 6,000 X12 Transaction Set definitions to the online marketplace. Simply download the definition and use it in a Project to translate X12 files.
Granular Admin Permissions
- Added the ability to create custom Admin User Roles to allow administrators to control permissions on a per page level, granting an Admin User access or deny rights to create, view, update, promote, delete, or make other actions.
- Resource and Workflow Permissions were enhanced to provide granular permissions to actions that can be taken on those items.
- Modified all security checks in the Admin Client interface and in GoAnywhere Command to utilize the new granular permission scheme.
- Updated the existing Admin User Roles with the following permissions and considerations:
- Product Administrators can no longer hold, release, or clear job queues. This is a permission of the Job Manager role exclusively.
- Product Administrators can now access the System Key Vault and run the Product Usage Report.
- Key Managers have access to manage user defined Key Vaults.
- Master Encryption Keys are now available to both Product Administrator and the Security Officer.
- Web User Manager can now view service logs and send MDN receipts for AS2 logs.
- Security Officers can run the Security Audit Report.
GoAnywhere One-Time Passwords
- Added a new multi-factor authentication option that utilizes SMS text messages and email to deliver One-Time Passwords to authenticating users. These settings can be enabled in the Login Settings page.
- Added options to Web Users and Admin Users to set their two-factor authentication option to the new GoAnywhere One-Time Password.
- Added additional fields on Admin Users to configure their Office Phone and Mobile Phone numbers.
Service Level Agreements
- Added the ability to specify Service Level Agreements (SLAs) for Monitors, Triggers and Projects. If they do not execute as expected, the SLA will not be met and alerts can be sent, or Projects can be executed to perform additional actions.
- Created a new Admin User Role for SLA Manager.
- Added a new Service Level Agreement log page to view SLA statuses on whether they were met or not met.
- Created new Service Level Agreement dashboard gadget and report to show SLA statistics over time.
- Added additional Global Settings to control the SLA runtime threads.
Page Filters
- Added the ability to save and manage search filters for audit logs and other list pages.
- Added a new simple date range selector to the filter framework on search pages.
Web Service APIs
- Added a new device-based OAuth authentication process for Web User Devices. This authentication option launches a browser for the user to complete the device registration allowing support for SSO and MFA.
- Added RESTful web service endpoints for Secure Folders functionality in the Web Client.
- Added RESTful web service endpoints for Secure Mail features in the Web Client.
- Added the ability to add or remove Web Users from Web User Groups using GoAnywhere Command.
- Added actions for importing, promoting, exporting and deleting Admin Users using GoAnywhere Command.
Accessibility and 508 Compliance
- Improved keyboard accessibility of the Web Client left navigation.
- Improved contrast ratio of text that displays on page headers in the Web Client.
- Added relevant page titles to each page in the Web Client.
- Improved keyboard accessibility of the Account menu in the Web Client.
- Improved keyboard accessibility of the More Actions menu on table rows in the Admin and Web Client interfaces.
- Fixed an issue where hidden items in the Web Client footer can receive keyboard focus when they should not be accessible.
Tasks and Resources
- Added a new PeSIT file transfer Resource and Task.
- Created a new data mapping graphical interface for the Read XML task in the Project Designer.
- Created a new data mapping graphical interface for the Write XML task in the Project Designer.
- Added support for AWS IAM role-based authentication to S3 Buckets when running GoAnywhere on an EC2 instance.
- Added support for AWS Security Token Service authentication to S3 Buckets where the account with the GoAnywhere MFT EC2 instance is in a different account than the bucket.
- Updated newly created SSH Resources to have password and public key authentication options selected by default.
- Updated newly created FTP and FTPS Resources to use passive data connections by default.
- Fixed an issue where the Encrypt PGP task would not use the correct key location after the Domain was switched to allow file-based keys.
Licensing
- Added a new type of licensing option to accommodate scripted deployments, auto-scaling, built-in DR, and other situations where the physical servers are ephemeral and could change often. This is especially useful for AWS, Azure, and other cloud-based deployments.
- Added the ability to programmatically license an instance of GoAnywhere MFT using an online activator from the GoAnywhere Customer Portal.
Agents
- Added an option to configure the max threads for the Monitor runtime on Agents.
- Added an option to configure the max threads for the Project runtime on Agents.
Other
- Added the ability to populate Secure Form dropdown fields with data stored in a database.
- Added a new tamper-evident logging feature to indicate if audit log records have been modified.
- Added new settings to Web Users and Web User Templates to override the AS2 decryption certificate and MDN signature certificate on a per user basis. By default, the certificates specified on the AS2 server settings are used.
- Enhanced the PCI Security Settings audit report to check for multi-factor authentication configuration.
- Modernized action icons across the Web Client and Admin interfaces.
- Updated the Web User Device Settings page to clarify that offline password verification settings apply to devices that support only GoDrive capabilities.
- Adjusted the layout of the Get License and Create Admin User Account pages.
- Disabled auto-complete on the initial account setup page.
- Removed an unnecessary uninstall license page from the Admin Client.
- Upgraded the Jackson Databind, Core, and Annotations libraries from version 2.9.7 to 2.9.8.
- Updated the Java Requirement in the PCI DSS Security Audit Report from 1.7 to 1.8.
- Upgraded the Jasper Reports Library from version 6.7.0 to 6.7.1.
- Upgraded the Netty library from version 3.10.4 to 4.1.33.
- Updated the Web Client dashboard icons.
- Updated the order of the options available in the Web Client preferences dropdown menu.
- Updated the error message to be more specific when sharing a file to an unregistered user within the Web Client.
- Removed an unused API endpoint for uploading files to Secure Folders.
- Fixed an issue where some sub elements on tasks were not correctly displaying when added before or after in the Project Designer.
- Fixed issue with the Component Library in the Project Designer where previous search terms were failing to clear on a new search.
- Fixed a misspelled certificate label on the Add Web User page.
- Fixed an issue where clicking on a nonexistent user in the Administration audit log generated a missing bundle message error.
- Fixed an issue where adding a certificate with an expiration greater than 9999 to a file based or KMS key store caused an unhandled exception.
- Fixed an issue where the ‘Update Profile’ menu was available for the anonymous user in the Web Client.
- Fixed an issue where removing a virtual folder using an SFTP Resource would cause an error in the Web Client navigation panel if logged in to both interfaces at the same time.
- Fixed an issue where drag-and-drop was failing in the Web Client for file names containing a comma.
- Fixed a case-sensitivity issue in the Web Client where folders with the same name but with different case would fail to be shared.
- Fixed an issue in the Web Client where removing shared status from a folder was not reflected in the side navigation pane.
- Fixed an issue in the Web Client where sharing a home directory would fail in some cases.
- Fixed an issue where the Secure Form Designer was displaying a method not found exception in the system log in certain cases.
- Fixed an issue with the Secure Form Designer where the drag and drop feature causes visual glitching in some browsers.
- Fixed an issue where the active transfer progress bar in Secure Mail falsely shows complete in some cases which allows the message to be sent with a partial file.
- Fixed an issue where Secure Mail messages sent from a saved draft were not properly using the default password configured in the web user preferences.
Version 6.0.4
April 1, 2019
- Added a Description variable to Monitors that can be passed to Projects and Monitor Email notifications.
- Expanded the length of the Monitor description from 256 to 512 characters.
- Fixed an issue where PGP tasks could fail to parse a PGP key from KMS when the Key ID is less than 16 characters.
- Fixed an issue where some Web Users could not reset their passwords if their account password expired prior to a GoAnywhere upgrade to 6.0 version.
Version 6.0.3
February 7, 2019
- Added the ability to specify the encoding when writing to a file using the Print Task.
- Updated the file reader tasks to ensure the processed input files variable is properly set in all cases.
- Fixed an issue where Network Shares Resource defined as type “Native” would fail when defined as a Web User Virtual Folder.
- Fixed an issue where the ICAP Task was ignoring the “Connection: close” headers on the response of the Options request.
- Fixed an issue where downloading multiple files and folders as a zip file from Secure Folders in the Web Client would sometimes display an index out of bounds exception.
- Fixed an issue that could cause the PGP Task to fail validation after switching from PGP key ring resources to the Key Management System.
Agents Version: 1.3.1
These features require GoAnywhere MFT 6.0.3 minimum.
- Added the ability to specify the encoding when writing to a file using the Print Task on Agents.
- Updated the file reader tasks on agents to ensure the processed input files variable is properly set in all cases.
- Updated the Agent Installer for Windows to ensure the path to executable on the service is quoted.
Version 6.0.2
January 21, 2019
- Added the ability to remove the CMS Algorithm Identifier Protection attribute when signing AS2 Messages or AS2 MDN Receipts.
- Upgraded the jackson databind, core, and annotations libraries from version 2.9.5 to 2.9.7.
- Fixed an issue where Secure Mail could sometimes not send an SMS text message password when GoAnywhere is in a clustered environment.
- Fixed an issue where the query parameters of a non-public Secure Form where not initializing when the Web User logged into the Web Client.
- Fixed a navigation issue that occurred when a Web User saved a Secure Form as a draft.
- Fixed an issue with the Secure Mail Outlook plugin where packages with a blank message body would fail.
- Fixed an issue where the Web Client can become non-responsive when logged in using the Anonymous Web User account.
- Fixed an issue where Advanced Reports were not using UTF-8 characters in report titles and headings.
- Fixed an issue where a Request Files package for Secure Mail was not properly enforcing Certified Delivery access in all cases.
- Fixed a domain validation issue with Network Share Resources when running on GoAnywhere Agents.
- Fixed an issue where the free 7-day trial license was only allowing 9 Web User accounts when it should have allowed 10.
- Fixed an issue with the Write Excel task where the Project could fail if the user was trying to span the header row across a single column.
Version 6.0.1
December 12, 2018
Administration
- Added a wizard to create a unique Admin User account on first access after GoAnywhere MFT is licensed. The administrator and root accounts are disabled by default on new installs.
- Added the ability to specify a default date range for audit logs in the Global Settings page. By default, all audit logs return 7 days of data.
- Added max length validation when configuring SMS country code in the Global Settings.
- Enhanced the admin audit log to include changes made to SMS country codes in Global Settings.
- Enhanced the style of the multi select checkbox and spinner input fields to be more modern.
- Fixed an issue where the More Info page for Projects was not showing the Last Executed On and Last Executed By fields correctly.
- Fixed an issue where the Resources page fails to load when using a domain that is disabled and does not allow file based keys.
- Fixed an issue where deleting a Web User with the same name as a logged in Admin User would result in the Admin User being logged out.
- Fixed an issue where Monitors can get stuck in the monitors queue if the back-end database becomes unavailable.
- Fixed an issue where viewing the Active and Queued Monitors page would fail to load all entries in some cases when in a clustered environment.
- Fixed an issue where the Global Settings were not retaining the selected default country code. This issue was introduced in 6.0.0.
- Fixed an issue where the message was removed from the ClusterMembershipChanges.xml email template. This was introduced in 6.0.0.
- Fixed an issue where the FailedMonitorJob.xml and FailedScheduledJob.xml email templates were missing the complete message. This was introduced in 6.0.0.
- Fixed an issue where the ShareVirtualFile.xml email template had inconsistent spacing. This issue was introduced in 6.0.0.
- Fixed an error that could occur when refreshing a background cache for virtual folders when updating a Web User.
- Fixed an issue where user names were required to be case sensitive. This issue was introduced in 6.0.0.
- Fixed an issue when editing a Web User where the Certificate Key Vault field was improperly required in certain scenarios.
- Fixed a javascript error logged to the console when testing the global SMTP settings.
- Fixed an issue where an error would incorrectly appear after uploading a file to the Secure Form Ignored Attachments page if the file was greater than 1MB.
Web Client
- Added support for a right-click context menu when multiple rows are selected in the Web Client.
- Enhanced the Web Client Brands configuration to no longer require a restart of the HTTPS service for the changes to take effect.
- Enhanced the navigation folder tree menu to better support thousands of folders. A new ‘Show More…’ option appears in the side navigation when the selected directory contains more than 50 folders.
- Enhanced the layout of the Secure Mail send dialog to better handle new options including phone numbers for sending passwords in SMS text messages.
- Enhanced the Secure Folders feature to prohibit Web Users from sharing subfolders and files from a parent directory that is already shared.
- Organized the Web Client’s dashboard quick links to match the order of the tree view navigation.
- Translated the GoDrive Home directory for international languages in the Web Client.
- Improved performance of the left navigation menu in the Web Client by avoiding duplicate directory listings when possible.
- Improved updates to the Web Client tree navigation when only one feature, such as GoDrive or Secure Folders, is enabled for the Web User.
- Improved the clickable area around folders in the Web Client tree navigation to reduce the wrong folders being selected by a user.
- Updated the Web Client tree in the left panel to no longer update when navigating using the file listing in the right panel.
- Fixed an issue where some language translations caused scroll bars on pop up dialog windows in the Web Client.
- Fixed a screen flicker that occurs when the Copy to Files or Copy to GoDrive popup appears in the Web Client.
- Fixed an issue where some instances of “Secure Folders” still appeared in international language translations in the Web Client. Secure Folders was changed to “Files” in version 6.0.0.
- Fixed an issue where an authorized Web User could not directly access a non-public Secure Form after logging in.
- Fixed an issue where some languages in the Web Client would cause the Upload menu dropdown to display incorrectly.
- Fixed an issue where success messages were not appearing correctly when files where shared in the Web Client.
- Fixed an issue where dragging a file or folder to an FTP, SFTP, or Azure folder does not properly remove the folder from the left navigation tree.
- Fixed an issue where the When File Exists setting on the upload dialog in the Web Client was not large enough to display the values when viewing the Web Client in Spanish.
- Fixed an issue where a shared file or folder could not be removed if the Web User it was shared with is deleted before accepting the share.
- Fixed an issue where navigating to a folder with a comma in the name from the left tree menu would fail.
- Fixed an issue where new Web Client images were not properly rendered after upgrading to 6.0.0 due to web browser caching.
- Fixed a styling issue where the scrollbar on some dialogs with a data table was not properly rendered. This issue was introduced in 6.0.0.
- Fixed an issue where the Secure Mail attachment count could be incorrect when files were attached from multiple sources, such as GoDrive and Secure Folders.
- Fixed an issue where the Package Manager fails to delete a package when it is stored in directory accessed through an SMB Network Share.
- Fixed some layout and styling issues with the Secure Mail Compose page.
- Fixed an issue where the default password configured for Secure Mail packages would fail to be used in certain scenarios.
- Fixed an issue where sending a Secure Mail package would display an empty options dialog when Secure Mail is configured to only allow URL protected packages and not allow replies.
- Fixed an issue where uploading an attachment on the Secure Mail compose page would fail if the user clicked the Send button too quickly. This issue was introduced in 6.0.0.
- Fixed an issue where uploading an attachment to a Secure Form using the REST API could fail due to user name case sensitivity.
- Fixed an issue where output text on a Secure Form was not properly wrapping in all cases.
- Fixed an issue where sharing a file in GoDrive could fail if GoAnywhere is using SQL Server as the back-end database.
- Fixed an issue with the Web Client where drag and drop was not working properly on a multi-page file listing.
- Fixed an issue where sharing a GoDrive item to an email address that is configured on more than one Web User with GoDrive access would cause a leak in database connections.
- Fixed an issue in the Web Client where clicking Logout had to be done twice before being logged out.
- Fixed an issue where a SAML authenticated session was unable to access a protected Secure Form.
Agents
- Added SOAP, REST, CreateJWT, Base64Encode and Base64Decode tasks to Agents.
- Added Amazon S3, WebDAV, Azure Blob Storage, and SMB Network Share resource support to the file chooser dialog when configuring projects on Agents or Agent Groups.
- Enhanced the Agent connection process to better handle situations where a disconnected Agent cannot reconnect because the previous session is still authenticated. The server will now properly detect when the previous connection has been dropped and allow the new connection to authenticate.
- Enhanced the Linux Agent installer to allow users to specify a path to the server certificate.
- Enhanced the Agent installer to allow users to add restrictions for new tasks and resource file locations.
- Updated the Agent messenger service to have a timeout of 60 seconds when receiving an acknowledgment from the server. This resolves an issue where a file being uploaded can become locked if the network connection drops during a very specific point in the transfer.
- Fixed an issue on the Software Library page where the Agent Installer context menu improperly wrapped the Configure Installer action to two lines.
- Fixed an issue that prevented Agents from updating the Last Executed On field in the project execution history.
Project Workflows
- Added the ability to configure the enabled SSL/TLS protocol versions on the Mail Boxes resource and Retrieve Email task.
- Enhanced the ICAP resource and task to better handle improperly folded headers.
- Enhanced the Cloud Connector marketplace to display all Cloud Connectors, even if they are not supported for the version of the installed copy of GoAnywhere MFT. Customers will not have the option to install a connector that is not supported in their version of GoAnywhere.
- Updated the loading of Cloud Connector definitions to use UTF-8 to better support non-ascii characters.
- Fixed an issue where the Monitor Status Code in REST tasks ignores the log level setting specified on a parent task.
- Fixed an issue where the active system worker would try to update the active system table too aggressively when the database is no longer accessible.
- Fixed an issue where the Merge Reports task was not properly closing the input stream which prevented the source files from being deleted on certain operating systems.
Version 6.0.0
November 20, 2018
Web Client
- Overhauled the Web Client with a more modern look and feel, which includes the following enhancements:
Revamped the navigation menu in the Web Client to display a unified view across all features. The new side menu navigation makes it easier for users to see folders in GoDrive and Secure Folders at the same time while also being able to quickly jump between Secure Forms and Secure Mail items.
Added drag and drop integration for files and folders between Secure Folders, Secure Mail, and GoDrive through the new side tree navigation.
Added right-click context menus to files and folders in GoDrive and Secure Folders to access additional actions like Rename, Download, Share, etc.
Overhauled the Media Viewer for GoDrive with a more modern look and feel.
Added a new User popup menu accessible in the top right corner of the page.
Moved the Address Book, Preferences, Update Profile, and other menu items to the new User popup menu.
Adjusted the design of the toolbar menu on the Secure Folders section to support the new Web Client layout better.
Enhanced the self-registration pages, the view Secure Mail message, and other non-authenticated pages with a more modern look and feel.
Updated all email templates used to send emails to Web Users and Secure Mail recipients with a new look and feel to match the Web Client interface.
Important: The new Web Client user interface provides an enhanced user experience, which includes new logos, images, and tools for customizing the interface. HelpSystems suggests you test the new interface in your GoAnywhere test or development environment prior to upgrading your production environment.
- Added additional Web Client Brand settings to control the look and feel of the Login page. The login panel can now be left, right, or center aligned and the background color of the panel can be customized. An optional page background image can be added to enhance the overall look and feel or to provide additional brand recognition when users visit the page. The custom logo field was split into two so that the logo on the login page and the one used in the header section on authenticated pages can be different sizes.
- Added an additional Two-Factor Authentication (2FA) method to the Web Client to use Time-based One-Time Passwords (TOTP) for Web User authentication. Users can now use popular mobile applications like Google Authenticator as a second form of authentication.
See TOTP in action:
- Added the ability for Web Users to see who they have shared files and folders with, who has shared files and folders with them, and the ability to manage access for those shared items.
- Added the ability to cancel active file transfers in the HTML file uploader.
- Enhanced the HTML file uploader and Secure Form pages inside the Web Client to meet 508 compliance for keyboard tabbing to ensure items with focus are visually indicated.
- Fixed an issue where the Forgot Password page in the Web Client confirms when valid user names are entered. The Web client will no longer reveal if the specified user name is valid.
Administration
- Streamlined the licensing process for GoAnywhere MFT. An unlicensed server will now step administrators through the account registration and licensing process.
- Added the ability for new customers to GoAnywhere to get a 7-day limited trial license automatically upon registration with the Customer Portal. This license will be upgraded to a full 30-day trial after the account has been validated by HelpSystems.
- Added support for using Time-based One-Time Password (TOTP) applications, such as Google Authenticator, for two-factor authentication for Admin Users.
- GoAnywhere MFT 6.0.0 requires Java 8. The GoAnywhere MFT 6.0.0 Upgrade Guide contains instructions for updating your JRE.
- Enhanced the Admin Client user interface with a more modern look and feel, which includes the following enhancements:
- Enhanced the default email notification templates with a more modern look and feel.
- Enhanced the user interface of the embedded help documentation to match the new Admin and Web Client interfaces.
- Enhanced the hover effects on table rows, the More Actions menu, buttons, and input fields in the Web Client and Admin Client interfaces with a more modern look and feel.
- Updated the main menu in the Admin Client with new colors and better spacing.
- Added a new page for Admin Users to quickly view all file system folders that Web Users and Groups have access to through Secure Folders. Administrators can browse the file system using the new View Web User Folder Access page accessible from the Web User list page. Each folder will indicate which users and groups have access to the folder along with their associated permissions.
- Added the ability for Admin Users to use two-factor RADIUS (RSA SecurID) authentication.
- Added a new Product Usage Report that shows the total number of transfers, Projects defined, number of users, and more.
- Enhanced the Send Email action on Triggers to give administrators the ability to specify a priority on the email.
- Added official support for the Azul Zulu JRE.
- Added the ability to see active sessions for Admin Users.
- Added admin logging for when an Admin User changes their own password.
- Added admin logging and revision tracking to the FIPS 140-2 Compliance settings page.
- Added the ability to send Administrator audit log events to a syslog server.
- Added support for additional Mac and Key Exchange algorithms that can be used with the SFTP service.
- Added prevention for SAML assertion replay attacks.
- Enhanced password hashing to use the PBKDF2 (Password-Based Key Derivation Function 2) algorithm for Admin and Web Users. Existing users will automatically be updated to PBKDF2 password hashing on next login.
- Enhanced the disable Web User process to immediately terminate active sessions for the user.
- Upgraded the Maverick SFTP server API from 1.6.40 to 1.7.18.
- Updated the embedded web help documentation to use JQuery 3.3.1.
- Added the ability to import PKCS#5 encrypted private keys into the key management system.
- Removed an extra database query that wasn’t necessary during user authentication to improve performance under heavy load.
- Upgraded the Microsoft SQL database driver to version 6.4 to support TLSv1.2.
- Improved the documentation to include more information and procedures on how to renew expired certificates.
- Removed a database query to get the Domain information that wasn’t necessary during project execution which improves performance under heavy load.
- Upgraded the Bouncy Castle API used for PGP, SSL, AS2, and more from version 1.48 to 1.60.
- Upgraded the OWASP Enterprise Security API to version 2.1.0.1 and the XML Tooling library to version 1.4.6.
- Upgraded the Apache Batik libraries version from 1.6 to 1.10.
- Upgraded the Jasper Reports libraries version from 6.0.0 to 6.7.0.
- Added the IECompatibility=/EDGE properties in the system.properties file by default for new installations.
- Upgraded the guava library from version 17.0 to 26.0.
- Fixed an issue with the switch database process that was resetting the Maximum Idle Connections setting to 2.
- Fixed an issue where Encrypted Folders could not be deleted if they were created using a network resource that no longer exists.
- Fixed an issue with report generation to properly handle international characters.
- Fixed an issue where disabled Domains may still show up in some cases when trying to add new items.
- Fixed an issue where REST tasks using file-based keys were not properly validated when changing a domain to use the Key Management System.
- Fixed an issue where enabling or updating the anonymous Web User account would cause an unnecessary error in the error log.
Agents
- Added the ability to work with Amazon S3, WebDAV, Azure, and SMB Network Shares on GoAnywhere Agents.
- Enhanced the Completed Jobs page on the Agent console to display jobs that were invoked by an Agent Monitor that called a project on GoAnywhere MFT.
- Upgraded the Bouncy Castle API used in Agents from version 1.48 to 1.60.
- Updated the Basic and Standard licenses on Agents into a single Standard license.
- Updated the Agent log to record the operating system and JVM information at startup.
- Fixed an issue where an Agent file monitor will hang if the connection between GoAnywhere and the Agent is broken.
- Fixed an issue where Agents could not always delete a source file after it was moved to another system.
GACMD
- Added a new Delete Secure Form command that can be used from GAcmd command line, REST, and SOAP interfaces.
- Added new commands to configure a Web User’s whitelisted and blacklisted IP addresses that can be used from GAcmd command line, REST, and SOAP interfaces.
GoDrive
- Added the ability to generate and share public links to files and folders stored in GoDrive. Users can protect the URLs with a password, set expiration dates on them, and indicate whether recipients can upload files or download only. Recipients can view the files and folders without being a registered user in the system.
- Renamed GoDrive Devices to Web User Devices in the GoAnywhere Administrator. Moved the device manager from the GoDrive menu to the Users > Web User Devices menu.
- Renamed the GoDrive Manager admin user role to Web User Device Manager. The Product Administrator will role will now manage GoDrive settings and the Web User Device Manager will only manage Web User devices.
Project Designer
- Added the ability to include directories in File Sets which includes the following enhancements:
- Modified the Rename Task to rename directories when included in a File Set.
- Modified the PGP Decrypt, Encrypt, Sign, and Verify tasks to ignore directories when processing File Sets.
- Modified the Copy Task to copy directories when included in a File Set.
- Modified the AS2 task to ignore directories when processing a File Set.
- Enhanced the Move Task to recursively move directories when included in a File Set.
- Enhanced the Delete Task to recursively delete directories when included in a File Set.
- Enhanced the file transfer tasks for FTP, FTPS, SFTP, and more to create directories when they exist in a File Set on the Upload and Download actions.
- Modified the Gzip, Gunzip, Unzip, and Untar tasks to ignore directories when unarchiving files or folders.
- Enhanced the FTP Set Permissions task to include directories if they exist in a File Set.
- Enhanced the remote server tasks for FTP, FTPS, SFTP, and more to create or remove directories when they exist in a File Set on the Move and Delete actions.
- Enhanced the file transfer tasks for FTP, SFTP, HTTPS, GoFast, and Send Email to give the user the ability to ignore directories when they exist in a File Set.
- Modified the Merge Files Task, Search And Replace Task, and Merge Reports Task to ignore directories when processing a File Set.
- Enhanced the remote server file rename tasks for FTP, FTPS, SFTP, HTTPS to properly handle directories when they exist in a File Set.
- Modified the Read CSV, Read Excel, Read Fixed Width, Read Flat File, Read XML, and Read JSON tasks to ignore directories when processing File Sets.
- Enhanced FileSet input and output variables to better support working with directories in Project Workflows.
- Created a new DateMillis function for project workflows that converts a specific date and time into milliseconds.
- Created a new DateDiff function for project workflows that compares two dates and times and returns the difference between them.
- Added two new tasks to Base64 encode and decode files.
- Added placeholder text to display the default values of fields in Resources and Tasks within the Project Designer.
- Improved the performance of the project execution life-cycle by reducing the overhead required for looking up projects, project folders, and permissions.
- Increased the width of wildcard pattern fields to display 60 characters.
- Fixed an issue where a certificate error in the AS2 Task would indicate the certificate was located in the File Based Default Trusted Certificates Key Store instead of the Key Management System.
- Fixed an issue where Project definitions could be deleted if they were used by an Agent Monitor.
Resources
- Added a new action on the list page for Resources that allows you to test the Resource connection without going into the edit page.
- Added the ability to click on labels for Resource attributes to get additional information about the field.
Secure Mail
- Added a recipients variable to Secure Mail Email templates so each recipient can see all other recipients of the Secure Mail Package.
- Added the ability to send Secure Mail Package passwords to recipients using SMS text messages.
- Added a new Ignored Attachments tab to the Secure Mail settings to provide the ability to ignore specific attachments, such as company logos in email signatures, from being sent with the Secure Mail Package.
- Enhanced the Web Client to only show the Secure Mail menu item for Web Users when they have the ability to send messages or when they have items in their inbox.
- Fixed a typo in the confirmation dialog when deleting an entry in the Address Book.
Services (FTP, FTPS, SFTP, AS2, GoFast)
- Added the ability to restrict GoFast, SFTP, FTPS, FTP and HTTPS listeners to a specific Domain, which allows administrators to assign Web Users to specific Web Client Brands.
- Increased the performance significantly for Web Users that log in frequently by caching the virtual file system for that user. For example, automated processes that log in to FTP or SFTP every second.
- Fixed an issue in the asynchronous receipt validation process for AS2 where the key used for trust was being pulled from the default trust store file rather than using KMS.
- Fixed a spelling error in the SFTP Permission Denied message.
- Fixed an issue where the JVM maximum memory for GoFast was not calculated correctly when displayed in error messages.
Version 5.7.7
October 31, 2018
- Updated the SFTP client to properly handle signature verification failures that occasionally occur against some servers. This was added in version 5.6.5 and was enabled by including a system property. In this version, this fix is included as the default behavior.
- Updated the JNQ API used by SMB Network Shares from version 1.0.1 S7 R2750.7 to jNQ-1.0.2.br-1.1
- Fixed an issue with SCP where certain special characters in a file name could cause a file transfers to fail.
- Fixed an issue where an API call to the Secure Mail Request Files feature would not send the file request if a message was not supplied.
- Fixed an issue in the Project Designer where copy and paste operations were no longer working. This issue was introduced in version 5.7.6.
Version 5.7.6
September 17, 2018
- Added a missing message for the Configure Domain page to display when failing to validate Web User’s home directories.
- Enhanced the performance and responsiveness of the Cloud Connector Project Designer when working with a large Cloud Connector definition.
- Updated the “Powered By” link in the web client footer to navigate users to a new web page with information about GoAnywhere and additional web client help.
- Updated the debug logging of SMTP and POP3 tasks and resources to only log extra verbose information to the system log when the ‘mail.debug=true’ system property is added.
- Fixed an issue with Cloud Connectors where having two or more list input variables could cause a NullPointerException in certain scenarios.
- Fixed an issue where authenticated web users could access the public link of a Secure Form after public access is removed.
- Fixed an issue in the FTP/S Services were Active Sessions could become stuck when certain failures occur during client disconnection.
- Fixed an issue where the batch size setting in the SQL Query task was not properly applied in all cases.
- Fixed an issue with the handling of the Cloud Connector List Input Variable component when the value contains commas.
- Fixed an issue where the XML Read Task could not process a file accessed from a network share resource using the SMB All Versions option.
- Fixed an issue where creating a master encryption key with an id greater than 20 characters would fail when using the DB2/400 database and supporting international character sets.
- Fixed an issue where the Get action of the HTTPS Task was not using the read timeout configured on the parent task.
- Fixed an issue where the Global Search log and the Global Activities report would show a ‘null’ email recipient for Invite User events.
- Fixed an issue where the Authentication Types Allowed configuration on an SFTP service listener was not properly handling Web Users requiring both password and public key authentication.
- Fixed an issue where the Complete Jobs - Resolution filter was incorrectly displaying unresolved jobs.
- Fixed an issue where Network Share Resources configured to use SMB All Versions were not properly handling directory listings from an IBMi system using SMBv2.
- Fixed an issue where the PGP Encrypt Task would fail to work with a Network Share resource when using SMB All Versions.
- Fixed an issue with Scheduled Jobs on Agents not utilizing Repeat Options when the Agent is disconnected.
- Fixed an issue where failures to add a new Web User could result in the password not being properly hashed.
- Fixed an issue where completed jobs for an Agent group were not properly showing in all cases.
Version 5.7.5
August 8, 2018
- Added a new function to generate a Message Authentication Code (MAC) of a value using a key.
- Added a new function to Hex encode a value.
- Added a new function to decode a Hex value.
- Added a new function to generate the Hash of a value.
- Added the ability to configure the SSL/TLS protocol version used when connecting to an SMTP server using SSL/TLS encryption. This enhancement was made to SMTP Resources, Email Tasks, and the Global SMTP configuration.
- Added support for importing web users with passwords hashed using the PBKDF2 (Password-Based Key Derivation Function 2) algorithm.
- Improved the efficiency of loading keys from a Key Vault by reusing already open DB connections when available.
- Updated the WebDAV Resource to omit the port in the Host header of the HTTP/S request when the Port field is left blank.
- Updated the Base64 encode function to accept raw binary input.
- Upgraded the embedded Apache Tomcat web server from 7.0.85 to 7.0.90
- Upgraded the Spring libraries from version 4.3.14 to 4.3.18.
- Fixed an issue with viewing the Completed Jobs log for an Agent or Agent Group where certain databases would show no results when the paginated queries are bypassed.
- Fixed an issue with the Expiring Certificates gadget where sorting of the certificates fails on later versions of Java.
- Fixed an issue where an expired PGP in the key management system with a stored password could prevent PGP decryption projects from running.
- Fixed an issue where invalid query syntax was used on Oracle 11g for loading job log and audit log pages.
- Fixed an issue where AS2 messages sent requesting an asynchronous MDN would not properly log the calculated MIC to the job log or the message output variable.
- Fixed an issue where the primary proxy host was logged to a job log when the alternate proxy host was used during a connection.
- Fixed an issue where Secure Mail package passwords where not properly encoded when sent in an HTML formatted email.
- Fixed a message typo that appeared when no Cloud Connectors match the search criteria in the Cloud Connector Marketplace.
- Fixed an issue where passwords emailed for new Web Users and reset Web User passwords where not properly encoded for HTML formatted emails.
- Fixed an issue where the SOAP task was not properly applying the content encoding when sending an MTOM formatted message.
- Fixed an issue with the page load speed of the Triggers list page when a large number of triggers are defined. This issue was caused by upgrading JQuery UI in version 5.7.0.
- Fixed a NullPointerException that would occur when verifying the signature of a PGP signed file and the public verification key does not exist.
- Fixed an issue where the allowed authentication types feature of the SFTP service and Web Client branding for the HTTPS service were not working properly in IPv6 environments.
Version 5.7.4
June 28, 2018
- Added the ability to specify the character encoding in the Write JSON task’s output files.
- Added the ability to specify the character encoding in the Read JSON task’s input files.
- Fixed an issue where selecting a user from a gadget or audit log would not properly filter the destination list page for the selected user.
- Fixed an issue with the Cloud Connector cleanup process that caused extra background processes to unnecessarily run.
- Fixed an issue in the Software Library where new versions of Agent Installers were not removing all install files from previous Agent versions.
- Fixed an issue where the SFTP service was not logging audit entries for failed uploads and failed downloads in some cases.
- Fixed an issue where the FileInfo function for Agent files was not returning any file information.
- Fixed an issue where the FileInfo function, when used to lookup Resource file objects, was not properly handling authority checks in certain cases.
- Fixed an issue where the Web User Manager page could generate null pointer errors to the server log.
- Fixed an issue where some images do not appear in Internet Explorer 11 within the GoAnywhere web help. This issue was introduced in 5.7.0.
- Fixed an issue where the Agent upgrade process can fail if the transfer of the upgrade file takes longer than 60 seconds.
Version 5.7.3
June 20, 2018
- Updated the LDAP login method implementation to use certificates from the Key Management System instead of the default trusted certificates file.
- Upgraded the jackson databind, core, and annotations libraries from version 2.9.4 to 2.9.5.
- Fixed an issue where deleting a file on an agent would fail after the file is uploaded to the GoAnywhere MFT server. This issue was introduced in version 1.2.0 of GoAnywhere Agents.
- Fixed an issue where SMB (all versions) Resource information was not appearing in the help documentation. This issue was introduced in 5.7.0.
- Fixed an issue where some functionality, such as the Azure Blob Storage Resource Test and the Dashboard News and Tips gadget, would not function correctly when GoAnywhere was in FIPS mode.
- Fixed an issue where the Amazon S3 file chooser would display a 500 error when accessed from an IBM i or Unix/Linux installation.
- Fixed a cross site scripting issue where some user configuration fields were not properly escaping the contents of the field when rendered to the administrative UI. This issue was introduced in 5.7.0.
- Fixed an issue where the IP Filter settings could not be saved when GoAnywhere was using a database that is case sensitive.
Version 5.7.2
June 11, 2018
- Added support for MySQL 8.
- Added the Close RowSet task to the Cloud Connector Designer.
- Fixed an issue with the new date filter where date formats in certain locales were failing. This was introduced in 5.7.0.
Version 5.7.1
June 4, 2018
- Added the ability to filter the Web User list page by first name, last name, description, email address, and organization. This page was also updated to use the new page filter style.
- Added the ability for Web Users to download previously sent attachments from the Sent Items page in Secure Mail.
- Added the Close RowSet task to Agents.
- Added the ability to view change history for Web User Templates.
- Added the ability to specify the SSL Context Protocol for the Box Cloud Connector on the Box Resource. The default is TLSv1.2.
- Added support for using trademark symbols (â„¢) in Project XML files.
- Added the ability to import encrypted keys into the Key Management System.
- Added support for double and triple byte characters with the new URL Encode and Decode functions.
- Enhanced the GoAnywhere Command Cloud Connector to include the Test Resource functionality.
- Enhanced the SQL Wizard to only allow a single table to be selected when building Insert, Update, and Delete queries.
- Enhanced the SQL Wizard to ensure values for insert and update fields are qualified with surrounding quotes when needed.
- Enhanced the process that updates the Last Executed On date of a Project to be an auto-commit database transaction.
- Enhanced the Job execution life cycle to use auto-commit database transactions when applicable.
- Enhanced Agents to support the new master keys defined in GoAnywhere MFT.
- Enhanced the Delete Project REST command to return a more descriptive error message if the target Project does not exist.
- Enhanced the Recent File Activity Gadget to include file audit events from Project Workflows.
- Enhanced the Monitor list page to search by the Project or Admin User defined on the Monitor.
- Enhanced the Cloud Connector designer to properly handle attempts to drag and drop components where they are not supported.
- Enhanced the Cloud Connector Marketplace to only show Cloud Connectors that are compatible with the version of GoAnywhere the user has installed.
- Enhanced the Cloud Connector Management screen to refresh the Marketplace when the add button or the refresh button is clicked.
- Modified the Add Web User command of the GoAnywhere Command Cloud Connector to properly escape slashes in the JSON payload for the Web User’s home directory.
- Updated the Marketplace client to handle HTTP redirects in the event the location is changed in the future.
- Improved the performance of sequence ID generation for audit events and Job execution.
- Improved the error message for the REST interface of the Import Monitor command when importing a Monitor that already exists. This message now includes the name and location of the existing Monitor.
- Improved the GoDrive database transaction events to better prevent database locks when files are uploaded to GoDrive.
- Improved inline FTP file operations by removing GoAnywhere’s dependency on the STAT command when submitting commands to a server.
- Updated the SFTP and FTPS file choosers to display the appropriate protocol versus displaying FTP.
- Consolidated Basic and Standard Agent licenses into Standard on Agents.
- Enhanced the GoDrive Media Viewer Comment panel to provide paragraph formatting options such as font family, size, colors, and more.
- Fixed an issue where using the Move task in an Amazon S3 bucket may not overwrite an existing file in the destination directory.
- Fixed an issue where submitting a Secure Forms with an editable drop down component would cause 500 an internal server error. This issue was introduced in 5.7.0.
- Fixed an issue where the Switch Database progress bar was not rendering correctly. This was introduced in 5.7.0.
- Fixed an issue where Secure Mail could send a duplicate email from the Web Client if there was a failed message in Draft status.
- Fixed an issue in the HTML file uploader when navigating away from a page while an upload is occurring that would produce a JavaScript error. This issue was introduced in 5.7.0.
- Fixed an issue where Cloud Connector Addon Workspaces were not being cleaned up at the end of a project. This was introduced in 5.7.0.
- Added quotes to the filename parameter of the content-disposition on the REST Multipart Post task.
- Fixed an issue where downloading files as ZIP from Amazon S3 would sometimes create an empty file.
- Fixed an issue where deleting files from a root folder of an SMB(v1) share would fail when accessing it as a Web User virtual folder on the FTP/S server.
- Fixed an issue where the Send Email task would fail if the CC (carbon copy) field was used. This issue was introduced in 5.7.0.
- Fixed an issue where some file transfer operations could fail on an Amazon S3 Resource immediately after creating a new directory in an S3 bucket.
- Enhanced the File Transfer Activity Report to include file audit events from Project Workflows.
- Fixed an issue where the SCP Move task would report the wrong file size in the job log when a file was moved to another resource.
- Updated the SSL Certificate Change History page to prevent line wrapping when the certificate names are long.
- Fixed an issue where Network Shares resource for SMB (all versions) was not properly handling share names that started with a leading slash.
- Fixed an issue where certain database systems where not properly handling case sensitivity for the Master Key Alias.
- Fixed an issue where a REST, SOAP or GACMD request to remove an SSH Key association did not work when the Web User only had one SSH key and that key was not in the default key vault.
- Fixed an issue where searching the Automatic IP Blacklist resulted in an Unknown Error. This was introduced in 5.7.0.
- Fixed an issue where the Read JSON Task did not use a comma ‘,’ as a default separator in some cases.
- Fixed an issue where an updated Cloud Connector did not display the correct version.
- Fixed an issue where links added to the GoDrive comment editor and the Media Viewer comment editor can sometimes display incorrectly.
- Fixed an issue where an unlicensed version of GoAnywhere that uses the internal Derby Database sometimes displays unnecessary error messages to the startup log. This issue was introduced in 5.7.0.
- Fixed an issue where IE11 was not rendering all Resource icons correctly.
- Fixed an issue where the cookie enabled check was causing vulnerability scans to flag the test cookie as insecure.
- Updated the View Schedule page to properly display the month at the top of the calendar while navigating.
- Fixed an issue where importing a Scheduled Job referencing a non-existent Master Encryption Key would throw a NullPointerException.
Version 5.7.0
May 14, 2018
Cloud Connectors
Cloud Connectors allow GoAnywhere to easily integrate with popular SOAP and RESTful web service applications including Salesforce, Box, Dropbox, Microsoft Dynamics CRM, and more. The Cloud Connection definition contains all the actions and parameters required to communicate with the API. When a Cloud Connector is installed, their Actions appear as Tasks under the Cloud Connector category in the Component Library section of the Project Designer. GoAnywhere supports any number of Cloud Connectors at a time, allowing for automated processes between multiple APIs. Cloud Connectors can be downloaded from the GoAnywhere Cloud Connector Marketplace where new service definitions are added frequently.
The following Cloud Connectors are available from the Marketplace:
- Box.com - Transfer and manage files between GoAnywhere and Box with this file system connector.
- Dropbox - Transfer and manage files between GoAnywhere and Dropbox with this file system connector.
- GoAnywhere Command - Allows you to submit all GoAnywhere Command actions such as adding web users, submitting projects, etc using this connector.
- Microsoft Dynamics CRM - Connect to your online Dynamics 365 instance to work with Accounts, Contacts, Cases, and more with this connector.
- Microsoft SharePoint Online - Upload, download, and work with your documents on SharePoint Online (cloud edition).
- Salesforce - Automate account creation, manage contacts, and perform other CRM functions with this Salesforce Cloud Connector.
Other Cloud Connector Enhancements
- Added a new For-Each File Part Loop that can be used in Cloud Connectors to process a file in chunks. For example, uploading files greater than 150 MB to Dropbox requires the file to be split into chunks and uploaded in smaller pieces using multiple REST Post requests.
- Added a new Cloud Connector task that allows users to configure input and output dynamically based on the actions defined in the Cloud Connector definition.
- Added a new Cloud Connector Designer which allows users with the Product Administrator role to create service definitions. The configuration is similar to the Project Designer where you can add REST/SOAP web service tasks, parse JSON/XML responses, validate information, and more.
- Added admin logging and revision history to Cloud Connector definitions along with the ability to restore previous versions.
- Added a Cloud Connectors marketplace to make it easy to download and install Cloud Connectors in your GoAnywhere MFT instance.
- Added a new Resource for Cloud Connectors to define connection information to cloud services like the user and password.
- Added six new Input Variables (Text Field, Text Area, Password, Boolean, List, and File) that can be used in the Cloud Connector Designer. The Cloud Connector Resource and Task prompt the user for information based on these input variables.
- Added an Output Variable in the Cloud Connector Designer that can be included in Actions. The new Cloud Connector Task can set variables using data that was generated or retrieved when the Cloud Connector executes. For example, a call to a Salesforce Cloud Connector to create a new account could return the Account ID that could be used in subsequent tasks.
- Added a new Cloud Connector management section under the System menu. Cloud Connectors can be created from scratch, imported, or easily installed from an online marketplace. The marketplace contains preconfigured connectors with the most popular cloud services you may need like Salesforce, Dropbox, Google Drive, and more.
Administration
- Added the ability to create custom Master Encryption Keys used by GoAnywhere to encrypt passwords, keys, and other sensitive data.
- Added support for storing GoAnywhere MFT backend tables on the MariaDB database system. The Switch Database wizard was enhanced to simplify database migration, which will automatically create the tables and migrate existing data to the MariaDB database.
- Added a new Run Schedule command that can be used from GAcmd command line, REST, and SOAP interfaces.
- Added settings to configure the Strict-Transport-Security HTTP response header. This header will instruct supported browsers to prevent all HTTP communication by enforcing HTTPS and blocking users from overriding invalid certificate warnings. These settings can be configured on the Admin Security Settings page and on the Web Client section in the HTTPS/AS2 Service.
- Added an HTTP response header X-Content-Type-Options to the Admin and Web Client interfaces with a value of ‘nosniff’ to prevent browsers from trying to inspect the content to determine the type.
- Added an HTTP response header X-XSS-Protection to the Admin and Web Client interfaces that prevent users from turning off the browser’s built-in XSS protection.
- Added settings to configure the Content-Security-Policy HTTP response header. This header mitigates potential threats by restricting which domain’s content can be loaded from in the browser. These settings can be configured on the Admin Security Settings page and on the Web Client section in the HTTPS/AS2 Service.
- Added admin logging and revision tracking to the Log Exemptions page.
- Added admin logging and revision tracking to the global IP Filter, Automatic IP Blacklisting, and IP Blacklisting Exemption pages.
- Added admin logging and revision tracking to Holiday Calendars.
- Added admin logging and revision tracking to Job Queues.
- Added admin logging and revision tracking to GoDrive Devices.
- Added admin logging to record when a Service (e.g. HTTPS/AS2) is started or stopped.
- Added admin logging and revision tracking to Resource Permissions.
- Added the ability to copy Domains.
- Added the ability to generate Insert, Update and Delete statements from the SQL Wizard.
- Added a refresh icon to the Agent Manager and KMS page filters.
- Enhanced the Job File Audit Log to include events on remote file systems, such as renaming a file on an SFTP or FTPS server.
- Significantly enhanced the performance on the audit log pages by using database specific pagination SQL to handle large tables. This enhancement was applied to the Trigger Logs, Completed Jobs, Job File Audit, AS2, FTP, FTPS, GoFast, HTTPS, and SFTP audit log pages.
- Enhanced the look and feel of the page filtering options on the Trigger Logs, Completed Jobs, Job File Audit, AS2, FTP, FTPS, GoFast, HTTPS, and SFTP audit log pages.
- Enhanced the length of Admin User names from 20 to 64 characters.
- Added validation on the creation of virtual folders on Web Users to prevent a forward slash to be used in the alias.
- Enhanced the two-factor RADIUS implementation to support NAS-IP, NAS-Port, and NAS-Identifier attributes.
- Upgraded the embedded Apache Derby database from version 10.9.1.0 to 10.12.1.1.
- Updated the default maximum file upload size for the Admin and Web Client interfaces from 1 GB to 4 GB on new installations.
- Modified pages viewed on a mobile device to use the normal HTML password field rather than the GoAnywhere custom one. This allows for better interaction on mobile devices.
- Updated a startup message to clearly indicate what steps need to be taken if the unlimited strength policy files cannot be found.
- Improved the JVM Memory system alert email to include instructions on how to increase the JVM Memory.
- Updated the format of the administration log message when Gateway is started or stopped.
- Updated the pop-up options on a checkbox page filter to have the available options sorted alphabetically.
- Updated the drop-down option list on page filters to be sorted alphabetically.
- Updated the Derby label in the Switch Database wizard to correctly identify the database type.
- Updated the Active Sessions page to list the protocols in alphabetical order.
- Fixed an issue where the Event ID would not display on Trigger logs when using PostgreSQL as a backend database.
- Updated the File Audit Log to truncate server host URLs that are longer than 128 characters.
- Fixed an issue where duplicate event IDs could be generated for the Administration Logs in some cases.
- Fixed an issue on four Promote pages and on the Edit Trigger page where the Admin User password was being limited to 20 characters instead of 40. The password length was recently expanded in version 5.6.0.
- Updated the validation check on the Services menu to allow Admin Users with only a Security Officer role to get to the Agents page.
- Removed an unnecessary scroll bar on the GoAnywhere HTTPS and GoFast file choosers.
Agents
- Added a new link in the Quick Links dashboard gadget to quickly access the Agent Manager page.
- Updated the Agents list page by removing a redundant refresh button in the toolbar and adding the ability to filter which Agents are displayed in Map View.
- Updated the default Agent Map zoom level when only one Agent is displayed.
- Fixed an issue where the documentation indicated that the Email tasks on Agents are only available in the Advanced Agent license. The Email tasks are also available in Standard Agent licenses.
Note: The following Agent enhancements were made to GoAnywhere MFT 5.7.0, but will not be made available until Agents 1.2.0 are released at a later date.
- Added the ability to auto-resume file transfers. The retry attempts and interval settings can be configured on the Agent service or on individual Agents.
- Added the ability for Agents to use FTP and FTPS resources and tasks in Project Workflows that run on the Agent.
- Added the ability to use GoFast Resources and Tasks on Agents.
- Added the Close Session task to Agents.
- Enhanced the Agent installer and configuration to allow restriction of access to remote file transfer (SFTP, SCP, FTP/S, and AS2), GoFast, and Email tasks.
- Replaced the MySQL JDBC driver with the MariaDB version for new installations.
- Fixed an issue that occurred when running in FIPS 140-2 mode and using Agents that would cause SSL exceptions in some cases.
- Fixed an issue where the SSL Context Protocol defined on the Agent service was not being validated during startup.
- Fixed an issue where an Agent Project using the Email task could sometimes experience a concurrent modification exception in the shutdown logger.
GACMD
- Added GoAnywhere Command actions for importing and exporting keys and certificates in the Key Management System.
- Added the ability to activate and deactivate Encrypted Folders from the GoAnywhere Command API interface.
- Removed an unnecessary GoAnywhereCommandService.wsdl file from GoAnywhere MFT as the WSDL is generated automatically as needed.
Gateway
- Updated GoAnywhere MFT to use the Key Management System for Gateway connections rather than default trusted certificates file.
GoDrive
- Restricted GoDrive folder names to a maximum length of 128 characters.
Key Management System
- Added the ability to create version 3 SSL certificates which allows for extended attributes. The Subject Alternative Name attribute can now be added to new certificates to identify additional host names to be protected by the certificate.
- Added admin logging and revision tracking to PGP keys.
- Added admin logging and revision tracking to Certificates.
- Added admin logging and revision tracking to SSH keys.
- Added admin logging and revision tracking to Key Vaults.
- Added a new field on the Create SSH Key Pair pages to specify the Encryption Algorithm (Triple-DES, AES-128, AES-192, and AES-256).
Monitors
- Added the ability to use Amazon S3 as a File Monitor location to execute Projects when new, modified, or deleted files are detected.
- Added the ability to use Microsoft Azure Blob Storage as a File Monitor location to execute Projects when new, modified, or deleted files are detected.
- Enhanced the look and feel of the page filtering options.
- Fixed an issue on Monitors by removing the configuration of the seconds on the Start At time since the execution doesn’t start on the exact second.
Project Designer
- Added a new Amazon S3 task with actions to upload, download, set metadata, and get metadata.
- Added FileExists and DirectoryExists functions to Projects and Email Templates.
- Added a new REST Options web service task.
- Added the ability to base64 encode and decode text using two new functions in expressions.
- Added two new functions to encode and decode a URL.
- Added a new Create JWT task for creating JSON Web Tokens to authenticate to RESTful Web Services.
- Added the ability to set an email priority on the Send Email Task.
- Added a new Format JSON function that takes JSON text and formats it for friendly output or minified format.
- Added a new JSON and XML value parser to the Set Variable task making it easy to extract simple values when working with web services.
- Added the ability to easily parse a SOAP or RESTful web service response to extract cookie values. The cookie can then be passed to subsequent web service tasks to persist authenticated sessions and other information.
- Added a new task to send REST Patch commands to web services.
- Added a new REST Multipart Post Task that makes it easy to submit web service requests that require multiple parts.
- Added the system.domain variable to Projects.
- Added the ability to override the Content Transfer Encoding of an email attachment.
- Improved the Checksum task to support calculating the hash of in-memory content as well as an option to specify the encoding of the resulting checksum.
- Added a new Use Chunked Encoding setting to the REST tasks and resource. This setting determines if the Transfer-Encoding header is set to chunked or if the Content-Length header is set instead. This feature is available on the Put, Post, Patch, and Options tasks.
- Updated the REST and POST Web Service tasks to support relative redirect locations.
- Enhanced the REST Put and Post web service tasks to provide the content type header even when the request body is empty.
- Enhanced Web Service tasks so redirect logic will log a warning instead of throwing an error when not following the redirect. Redirect codes are now handled as successful by default.
- Enhanced the REST Put task to no longer remove any trailing slashes.
- Updated Project Templates to use the Key Management System if the project template contained a task that used keys.
- Updated the Project Explorer search functionality to always search project subfolders by default.
- Removed unnecessary validation on the Move Task that prevented execution when the source and destination files are on different systems (e.g. local files vs SMB network shares).
- Updated the REST and SOAP tasks to log the endpoint URL prior to making the request.
- Modified the subelements listed in the Component Library to start with a hyphen and with more indentation to visually separate them more from parent level tasks.
- Modified the Copy task to check if the directory already exists, and if so, write a message to the log that the directory exists rather than fail the project.
- Fixed an issue where some file implementations using the resource path, such as Amazon S3, Azure, WebDAV, and FTP would delete the parent directory when the file was moved using the Move Task in a Project.
- Fixed an issue where the ICAP task response would be incomplete because terminator characters were found before the entire response was consumed.
- Fixed an issue where the Make Directory task was not creating all the directories in the file path when the SMB (all versions) resource was used.
- Fixed an issue where shared Amazon S3 buckets could not be accessed in some cases.
- Fixed an issue in the REST Post Task where it logs a successful upload of a file before it’s sent.
- Fixed an issue in the Send Email task where a variable in the From field that contained a partial portion of the email address could cause the Project to fail.
- Fixed an issue with the GoAnywhere HTTPS file chooser where it would not use the KMS trust store even when the key location was Key Vault.
Resources
- Added an option on the Certificates tab of the FTPS Resource to indicate whether the server’s certificate should be validated for trust using certificates in KMS Key Vaults.
- Fixed an issue where Resource names were allowed to have leading spaces. Leading spaces will now be trimmed automatically.
- Removed the Sybase database driver as an option for database connections on new installations.
- Fixed an issue on the Where Used page for WebDAV, Azure Blob, S3, and other Resources where it was not including references to resource file paths (for example, resource:azureblob://[resourceName]).
Scheduler
- Enhanced the look and feel of the page filtering options.
- Fixed an issue where changing a Schedule’s Domain displayed an unhelpful error message when the Project did not exist on the new Domain. This issue was introduced in 5.6.0.
- Fixed an issue where Schedules set to fire on the last day of the month would not fire in the month of February.
Secure Forms
- Enhanced the Web Client Secure Forms page to alphabetically sort the list of Secure Forms.
- Updated Secure Forms to set the focus on the first form field when viewed.
- Fixed an issue where the Secure Form WSDL generator was not showing the correct file upload maxOccurs value.
Services (FTP, FTPS, SFTP, AS2, GoFast)
- Added the ability to specify the allowed authentication types on the SFTP service listener (Password, Public Key, or Either).
- Fixed an issue that prevented users from downloading multiple files as a Zip file in the Web Client when the size exceeded 4 GB or the number of entries exceeded 65535 files.
User Management
- Added a new setting on the Web User Self-Registration Settings page to force Web Users to use their email address as their user name when they self-register.
- Updated the Web User and Web User Template pages to place the Authentication Types attributes in an expandable section.
- Updated the Administration Logs to ensure Admin Users with the Auditor role had access to all component types being logged.
- Updated the Web User and Web User Template configuration screens to list the protocols alphabetically.
- Fixed an issue where Web User selection on the Web User Management page would sometimes display the wrong number of selected Web Users.
Web Client
- Added a transfer completion percentage on top of the progress bar for the HTML file uploader.
- Added brute-force attack monitoring to the Web Client’s Reset Password page.
- Updated the Web Client’s Reset Password page to disable accounts after X invalid attempts and made error messages more generalized.
- Fixed an issue on the Web User virtual file system that prevented users from renaming files based on an unnecessary validation check on the upload permission.
- Fixed an issue where a password reset warning message was not translated to the correct language.
Other Changes
- Added additional validation checks to the file uploader component in the Web Client.
- Added pagination to Secure Folders, GoDrive, and the File Manager pages to limit the maximum number of files that can be displayed per page.
- Added the ability to configure the Signature Digest Algorithm on the create PGP key pages.
- Enhanced the Admin and Web Client interfaces to keep the user’s session alive during long running file transfers.
- Enhanced the validation of Domain names to prevent special characters that cause problems when used as a folder name on disk.
- Updated the Project and Folder search criteria on the Completed Jobs page to use the ‘Contains’ search by default.
- Upgraded Primefaces from version 6.0.20 to 6.2.1 to address a jQuery vulnerability among other fixes.
- Upgraded the FIPS 140-2 certified cryptographic RSA libraries from 6.1 to 6.2. The upgraded libraries are certified under the NIST FIPS 140-2 certification numbers 2468 and 2469.
- Upgraded the log4j libraries from version 2.5 to 2.10.
- Upgraded the UnboundID LDAP SDK from version 2.3.9 to 4.0.5.
- Updated the JNQ API used by SMB Network Shares to version 1.0.1 S7 R2750.7.
- Upgraded the embedded Apache Tomcat web server from 7.0.76 to 7.0.85.
- Updated the ViewState encryption used in JSF to use AES instead of DES.
- Upgraded the jackson databind, core, and annotations libraries from version 2.9.1 to 2.9.4.
- Upgraded the commons-collections library from version 3.2 to 3.2.2.
- Upgraded the bsh library from version 2.0b4 to 2.0b6.
- Upgraded the xercesimpl library from version 2.8.0 to 2.11.0.
- Upgraded the commons-logging library from version 1.1.1 to 1.2. Upgraded the commons-beanutils library from version 1.8.3 to 1.9.3.
- Upgraded the not-yet-commons-ssl library from version 0.3.9 to 0.3.17.
- Upgraded the spring libraries from version 4.1.4 to 4.3.14.
- Upgraded the Excel poi libraries from version 3.10 to 3.17.
- Upgraded the commons-fileupload library from version 1.3.1 to 1.3.3.
- Upgraded the opensaml library from version 2.6.1 to 2.6.6. Upgraded the xmltooling library from version 1.4.1 to 1.4.4. Upgraded the openws library from version 1.5.1 to 1.5.4. Upgraded the xmlsec library from version 1.5.6 to 1.5.7.
- Upgraded the commons-configuration library from version 1.6 to 1.7. Upgraded the commons-digester library from version 1.8 to 1.8.1.
- Upgraded the commons-io library from version 2.1 to 2.6.
- Replaced the MySQL JDBC driver used in new installations with the compatible MariaDB driver.
- Fixed an issue where certificate trust may not be established when manually sending AS2 MDN receipts when running in FIPS mode.
- Fixed an issue in the Chrome browser that would sometimes cause the form to be submitted accidentally when the user selected a suggested value from previous autofill data.
- Fixed an issue on password fields by removing any new line characters when the password is pasted into the field.
- Fixed an issue where email attachment names were not UTF-8 encoded when emails were sent. Japanese characters will now appear correctly in email attachment names.
- Fixed a NullPointerException on the SCP MGet task when it recursively creates subfolders due to missing transfer information not being set properly.
- Fixed an issue where switching databases would error when writing to the administrator log if the component name was over 64 characters. The component name was increased to 128 characters to handle longer names and length limiting logic was added.
Version 5.6.5
March 12, 2018
- Updated the SFTP client to properly handle signature verification failures that occasionally occur against some servers.
- Added additional validation checks to the file uploader component in the Web Client.
- Fixed an issue where file transfers from an agent would be marked as a success when the transfer was interrupted by restarting the agent.
- Fixed an issue where uploading multiple files with the same name through the Web Client to a GoDrive folder was not properly handling file revisioning. This issue was introduced in 5.6.4.
- Fixed an issue where importing an SSH Key from a file on the server resulted in a 500 Internal Server Error.
- Fixed a potential issue in the Copy Task where failing to close the source file could cause the destination file from being properly closed.
- Fixed an issue where the File Info function was not properly resolving files accessed using the ‘agent://agent_name/file’ syntax.
Version 5.6.4
February 19, 2018
- Added a new option to configure the encoding used by the Zip and Unzip tasks for passwords and file names.
- Updated the error handling process for Agent transfers to properly cleanup connections when network failures occur.
- Fixed an issue where the Web Client file upload manager would display the incorrect progress status when a network disruption caused the transfer to fail.
- Fixed an issue where GoFast data ports were not properly released back to the pool of available ports when a transfer completes.
- Fixed an issue with the SAML configuration where the Service Provider Entity ID was incorrectly requiring alpha characters.
- Fixed an issue where sending a Secure Mail message from the Compose page was not properly indicating that the message was sent.
- Fixed an issue with the GoDrive synchronization process where interrupted transfers were not properly being resolved as conflicts in some scenarios.
- Fixed an issue where the PGP task would no longer accept a blank password for PGP keys. This was introduced in 5.6.0.
- Fixed an issue with the Network Shares Resource where SMB network connections could cause large amounts of CPU consumption when a target SMB server is removed from the network.
Version 5.6.3
January 29, 2018
- Fixed an issue with the Web User expiration date calculation where leap years were not properly handled when adding/importing new Web Users.
- Fixed an issue with the Custom Task framework where exception handling wasn’t properly implemented for the custom WebDAV Task.
- Fixed an issue where the SOAP and REST tasks were not properly following redirects using the same request method used by the original request.
- Fixed an issue where the Admin Log category filter was showing Web User Self Registration Setting changes when the Secure Forms Settings category was selected.
- Added support for HTTP and GoAnywhere Gateway proxy types when using TLS Resumption in the FTPS Tasks and Resources.
- Fixed a potential concurrency issue with the Web Client file uploader that could cause the file upload status to become out of sync when uploading many small files.
- Fixed an issue where resuming an FTP GET operation was not working properly. This issue was introduced in 5.4.3.
- Fixed an issue where the SFTP file listing was very slow when using the SFTP Resource as a Web User file system folder.
Version 5.6.2
January 9, 2018
- Added the ability to support SMB version 2, 3, and 3.1.1 which adds additional security to SMB Network Shares.
- Enhanced the GACMD action to Add SSH Keys to no longer require a password for SSH private keys.
- Updated the ICAP connection to send case-sensitive HTTP headers which allows GoAnywhere MFT to properly communicate with Sophos SAVDI ICAP interface.
- Updated the validation for SSH Tasks to provide a proper message when validating keys while using KMS and file based keys.
- Updated the Web User’s When File Exists preference to render correctly when an Admin User made changes to the Web User Configuration.
- Updated the Web Client Applet to be signed with the new HelpSystems code signing certificate. The applet signature is now valid until 2020.
- Upgraded the JSch library from 0.1.53 to 0.1.54. This version fixes an issue where file data could become corrupt during an SFTP Put action to certain servers when using stronger HMAC algorithms.
- Removed an unnecessary scroll bar on the project designer file choosers for various protocols.
- Fixed an issue where Resources connecting to Azure do not work properly when GoAnywhere MFT is running on Linux, Unix, and IBM i systems.
- Fixed an issue where creating a directory on an Azure file system would fail with a timeout error.
- Fixed an issue where FTPS Tasks and Resources would fail to trust the target server when using client certificate authentication and the server certificate fields are left blank. This issue was introduced in 5.6.0.
- Fixed an issue where importing a PGP key into a key vault would fail if the key does not contain preferences for encryption and signature algorithms.
- Fixed the ICAP task to properly read source files from an encrypted folder.
- Fixed an issue where switching databases could reset certain configuration for two-factor authentication to the default values.
- Fixed an incorrect validation message when using GACMD to remove and SSH private key that does not exist.
- Fixed an issue where the SFTP server would not close sessions promptly when a client disconnects, which, depending on the number of active sessions allowed, resulted in a rejecting subsequent connections. This issue was introduced in 5.6.0
Version 5.6.1
December 11, 2017
- Added the SFTP File Chooser dialog to the SFTP tasks on Agent Projects.
- Enhanced the Project Designer to ensure old passwords for keys are not stored in the XML when switching between File Based keys and keys in KMS.
- Enhanced the Agents offline and reconnected email alerts to indicate the hours and days offline rather than just minutes and seconds.
- Enhanced the View Details pages for Projects and Resources to only show the appropriate key fields depending on the Key Location.
- Enhanced the key lookup process on the removeSSHKey GACMD action to better handle keys in non-default Key Vaults, or when the same name exists in multiple Key Vaults.
- Updated the Admin User password length from 20 to 40 characters. This affects all features that require Admin User passwords, such as Schedules, Triggers, Monitors, Secure Forms and Admin User Administration.
- Fixed an issue where the Untar task, when compression is enabled, would fail to clean up temp files after the Project had executed.
- Removed the Log icon next to Agent sessions on the Active Sessions page since all available information is already displayed on the list page.
- Updated the successful message on the Add/Edit Domain page when disabling File Based Keys to indicate that no items refer to files and that the domain has been updated to KMS keys only.
- Updated the import JKS process to truncate and automatically rename keys with aliases longer than 128 characters.
- Updated the WebDAV resource Server Certificate section with a message indicating which key store is used when the file based Key Store File field is left blank.
- Updated Job processing to verify Job names are less than 50 characters when submitted from command line or batch processes.
- Removed an unnecessary commons-beanutils-core-1.8.0.jar library.
- Enhanced the Dropdown component on Secure Forms to hide the Label column when it is in Editable mode to make it clear that only the Value is used on Editable Dropdowns.
- Enhanced the upgrader for the DB2 database when checking for insufficient authority to use the *all authority vs *change.
- Enhanced the Add Web User command for the GoAnywhere Command REST web service to support the userPassword parameter.
- Added a system property to new installs, so that by default, the GoAnywhere SSH client uses the BouncyCastle security provider for key exchange processes. This allows the GoAnywhere SSH Tasks and Resources to negotiate up to a 8192 bit key, regardless of the JVM version.
- Fixed an issue where repeating scheduled jobs were not incrementing the job number correctly.
- Fixed an issue in Chrome where the Export button on the Domain’s File Based Keys Validation dialog would incorrectly wrap when there are multiple pages in the table.
- Fixed the Completed Jobs page when viewing Agent jobs that failed with missing Agent linking information.
- Fixed a NullPointerException on the SCP MGet Files task by properly defaulting to the current working directory when the Source Directory attribute is empty.
- Fixed an issue where a few database connections were not always being closed.
- Fixed an issue on the GoAnywhere HTTPS task where the Key Password field was missing when using Key Vaults for client authentication.
- Fixed an issue where a Secure Form saved as a draft would sometimes not display the values entered by users.
- Fixed an issue when testing Agent Resources where the connection would hang when the Agent software is outdated and does not recognize the newer Resource type.
- Fixed an issue with Dropdown components being prepopulated in Secure Forms using jQuery when the variable name was mixed case.
- Fixed an issue on the Number component in Secure Forms that was throwing invalid validation errors when a min and max is specified. This issue was introduced in 5.6.0.
- Fixed an issue that was preventing Password fields in the Project Designer from showing the ${var} button next to the fields. This issue was introduced in version 5.5.1.
- Fixed an issue that prevented users from viewing some Project task details. This issue was introduced in version 5.6.0.
- Fixed an issue where an Agent Monitor would fail to run in rare situations when a connection between GoAnywhere and the Agent was closed at a specific point during communication.
- Fixed an issue where thumbnails in GoDrive would sometimes not appear.
- Fixed an issue where Secure Mail package could sometimes display a duplicate package if Attach from Secure Folders, or Attach from GoDrive was clicked while an upload from the client PC was in progress.
- Fixed an issue where Project tasks that use SMB shares would log the remote server IP addresses and share names in certain cases, rather than the standard resource:share://resource_name/file.txt syntax.
- Fixed an issue where some table rows with selectable fields did not get refreshed when the user navigated away from the page.
Version 5.6.0
November 16, 2017
Agents
- Added a new “Map View” in the Agent Manager mode to show Agent locations on an interactive geographic map.
- Added PGP Encrypt, Decrypt, Sign, and Verify tasks to Agent Projects.
- Added a SSH Resource to Agents to predefine SSH connection properties.
- Added SSH related tasks (SFTP, SCP, and Execute SSH Command) on Agents.
- Added Read and Write Excel tasks to Agent Projects.
- Added SMTP and Mail Box resources along with Send and Retrieve Email tasks to Agents.
- Added a warning to notify Agent Project Designers when they add a task to an Agent that is not supported by that Agent’s version.
- Enhanced the performance in how job log messages are returned from Agents to MFT by batching them.
- Added Bouncy Castle as a security provider on Agents.
- Updated Jobs submitted via Agent Schedules to reflect ‘Agent Scheduler’ as the Submitted From value.
- Updated the Agent disconnect process that occurs on timeout to log the connection closing event.
- Updated the Agent Permissions page to move the messages section below the toolbar for UI consistency with other pages.
- Removed the Show Stacktrace button for active Agent jobs.
- Fixed an issue where the province of Alberta was not displaying when Canada was selected in the location.
- Fixed an issue where an unnecessary database connection was being created when unregistering an agent. This resulted in a memory leak.
- Fixed an issue where Monitors defined on Agent Groups would not propagate to newly registered Agents.
- Fixed an issue where emails sent from Agent Schedules contained invalid start and end times.
- Fixed an issue where the Copy task will report 0 bytes transferred when copying between Agents due to a race condition.
Key Management System
- Added a new database driven Key Management System to manage X.509 certificates, PGP keys, and SSH keys. Keys can be stored and organized into Key Vaults. Each Domain can have one or more Key Vaults assigned to it.
- Previous SSH, PGP, and SSL key management tools were moved to a File Based Keys menu location.
- Added a new setting to Domains to indicate if file based keys are allowed on the Domain. By turning off file based keys, the Resource, Project, and Web User screens will only prompt for keys in KMS.
- PGP tasks were enhanced to support keys in Key Vaults in addition to file based keys. When file based keys are disabled on a Domain, the PGP Key Ring resource is not shown as the PGP tasks will access keys directly from the vaults.
- The SSH resource and tasks (SFTP, SCP, and Execute SSH Command) were updated to support keys located in KMS Key Vaults in addition to their support of file based key locations.
- The AS2 resource and task were updated to support keys located in KMS Key Vaults in addition to file based certificate key stores.
- The FTPS, HTTPS, GoFast, WebDAV, GoAnywhere MFT, and GoAnywhere HTTPS resources were modified to support KMS Key Vaults in addition to file based certificate key stores.
- Send Email and Retrieve Email tasks were modified to support certificates in KMS Key Vaults in order to encrypt, sign, verify, and decrypt S/MIME messages.
- Enhanced the Send and Retrieve Email Tasks to use a specific trust manager when connecting to an email server using SSL. Previously, these tasks used the default JVM trust store.
- Enhanced all SSL related protocols in Resources to use certificates in the System Key Vault and vaults assigned to the Domain for trust when using KMS.
- SOAP and RESTful Web Service resources were updated to support keys located in KMS Key Vaults.
- Updated all Services (HTTPS/AS2, FTP, FTPS, SFTP, GoFast, and Agents) to work with keys and certificates located in KMS Key Vaults in addition to file based locations.
- System Alerts, Reports, and Dashboard gadgets reporting keys and certificates about to expire were modified to include keys in KMS Key Vaults.
- Added a Key Vault setting to the add and remove SSH key GACMD commands.
- Added the ability to import Java KeyStore (JKS) files into certificate Key Vaults.
- Added validation to prevent the user from disabling file based keys on a Domain if they are still in use on Resources, Projects, and Web Users.
- Added support to import public SSH keys with ECDSA algorithms for use by Web Users with key authentication.
- Updated the default CA certificates shipped in new installations to the latest available in Java 9.
- Updated the Passhprase field to be Password in SSH and PGP pages in order to be consistent across all key types.
- Updated Web User and Web User Templates with additional settings to work with certificates located in KMS Key Vaults in addition to file based key stores.
Project Designer
- Added Task actions including FTP Get and SFTP Put as selectable items in the Component Library to quickly add new actions to Projects.
- Added a new Comment attribute to every Project element including tasks, sub-elements, loops, modules, and more. The comment can provide additional information about the setup or usage. To see the comments, either select the component in the Project Outline or hover to show it in the tooltip. The Comment attribute from previous versions is now purely for commenting out XML in the Project.
- Added a search filter at the top of the Component Library to quickly find tasks.
- Added the ability to search for a Project Template by typing in part of the template name or description on the Create Project page.
- Added a new option on the SOAP Web Service task to Gzip compress the requested payload.
- Enhanced the responsiveness of the Project Designer page by only processing and updating applicable sections of the page using Ajax.
- Enhanced how Variables are added to fields by detecting whether they are being added inside of another ${ } variable. If not, they will automatically add ${ } sytnax around the variable.
- Enhanced the Project Outline by remembering which elements are expanded or collapsed during an editing session.
- Enhanced the Project list page to show the processing dialog when the Project execute button is used to indicate that the Project is running.
- Enhanced the Variables panel by sorting the variable list in alphabetical order.
- Updated the quick help tooltip on labels to have a space between the Default label and the value.
- Updated the RESTful Web Services tasks to log the full URL in the job log.
- Updated the Label attribute on Project components to allow for longer values.
- Updated the Value field on the Set Variable task to be a text area allowing for longer values to be visible.
- Updated the alignment of fields in a File Set to be stacked vertically.
- Removed icons next to tasks and elements in the Component Library.
- Fixed the HTTP content type header created on the SOAP task when using MTOM to specify the xop+xml.
- Fixed an issue on the Retrieve Email task where the sent date only printed the time rather than the full timestamp. This issue was introduced in version 5.5.0.
- Fixed an issue with the FileInfo function in expressions to properly check the Use permission for the Admin User against the Resource.
- Fixed an issue when using the Microsoft Edge browser where the bottom border around the Variables panel was missing.
- Fixed an issue with the drag-n-drop reordering process in a Project Outline where the overlay would not hide in some cases due to a small overlap in drop zones.
- Fixed a NullPointerException on the Upload action of the GoAnywhere HTTPS task when the target destination file points to a folder location.
- Fixed a minor UI issue on the Variables panel where the heading would change background colors after drag-n-drop actions in Chrome.
- Fixed a minor UI issue where disabled components didn’t show up as disabled after being copied and pasted.
- Fixed a minor issue with drag-n-drop that would occur when certain subelements of a task would be dropped into similar tasks.
- Fixed the File Checksum Task to record a Job File Audit log for the read event.
Resources
- Added Azure Blob Storage integration via a new Resource to use in Projects and Web User virtual folders.
- Added the ability to specify NFS/UNC and other native file paths on a Network Shares resource. This allows users to easily switch between shared locations by changing the Resource paths rather than modifying each Project reference.
- Added a Certificate Alias setting to the REST and SOAP Web Service resources to perform SSL client authentication.
- Enhanced the error message to provide more useful information when failing to use a private key on SSH Resources and Tasks for authentication.
Secure Forms
- Added a new Date input component that allows users to select a formatted date from a calendar on the Secure Form.
- Added a new input component to Secure Forms to add hidden fields to a form. These hidden fields can contain default values and can also be set via Javascript or URL query parameters. These fields are hidden from the user interface but are located in the HTML source of the form.
- Added the ability to prepopulate Secure Form fields when the form is loaded. The values can be passed in as URL parameters or using Javascript to set initial field values for the user.
- Added the ability to define and pass Variables to Projects on Secure Forms. This is in addition to the values passed in from the components during submission.
- Added the ability to export, import, and promote Secure Forms. These actions can also be performed via the command line interface (GACMD) and via REST and SOAP Web Services.
- Added the ability to add multiple File Upload components to a single Secure Form. This allows users to define groups of files and adds additional options. For example, a form could require 1 PDF file on one File Upload component and optional image files in another component.
- Updated the list of the available components to be in alphabetical order.
- Removed the requirement to authenticate as a Web User when retrieving a WSDL for SOAP access.
- Fixed a case sensitivity issue on Secure Forms when submitted via REST where the Web User name was improperly being validated in a case sensitive manner.
SQL Wizard
- Added the ability to filter the list of Schemas, Tables, and Columns.
- Added the ability to sort the list of Columns by database order or alphabetically.
- Added double click support to add or remove items in pick lists.
- Updated the messages and scroll size to accommodate errors and other dynamic components better.
- Updated the Schemas, Tables, and Columns picklist by putting the checkbox to select all rows and the column heading on the same line.
- Fixed a minor UI issue where Chrome was adding an extra border around pick list elements.
- Fixed an issue where some columns were not added or removed properly if there was another column with the same name from a different schema also in the pick list.
- Fixed an issue that prevented the preview value from being updated in some cases on the Where and Order By tabs.
Administration
- Added a new command to GACMD to import Projects from a Zip file.
- Added sorting to the list Admin Users and Admin User Groups pages.
- Added admin logging and revision tracking to Active Sessions.
- Added admin logging and revision tracking to Database Configuration pages.
- Added admin logging and revision tracking to System Alerts settings.
- Added admin logging and revision tracking to Encrypted Folders.
- Added admin logging and revision tracking to Domains.
- Added admin logging and revision tracking to GoAnywhere Gateway connection settings.
- Added admin logging and revision tracking to all Login Method settings.
- Added admin logging and revision tracking to Login Settings.
- Enhanced all pages that display tables to remember the currently viewed page (for example, on page 5 of 10) when returning to the list page from an interior page.
- Enhanced the Permission pages for Projects and Resources to sort the Admin Users and Admin User Groups alphabetically in the pick list components.
- Sorted the Resource and Favorite links in the File Chooser dialog to be in alphabetical order.
- Removed the ‘Settings’ label from the SMTP, SMS, and GoFast tab names in Global Settings.
- Removed an extra system log message which indicated when database transactions were rolled back to prevent potential confusion on internal processing.
- Updated the JDBC URL Wizard on the Database Configuration and Switch Database pages to show the PostgreSQL database as an option.
- Updated the Oracle default database schema to use varchar instead of nvarchar on the job file audit log table.
- Updated the Encrypted Folder backup option to remove Network Shares in the file chooser as it is not a supported location.
- Fixed an issue with the Quick Links gadget where multiple links with the same type could be added.
- Fixed an issue in the File Chooser dialog window where extra scroll bars would appear.
- Fixed an issue where slash, backslash, and some other special characters in passwords were being improperly escaped. This issue was introduced in version 5.5.3.
- Fixed an issue when using IE11 in how dropdown fields in the UI did not have any padding.
- Fixed an issue with the Admin Server Configuration page where it was improperly showing the option to select a Web Client Brand.
- Fixed an issue that was preventing tooltips from appearing for complex fields on several pages.
Services (HTTPS, FTP, FTPS, SFTP, AS2, GoFast)
- Added the ability to define ‘Recipients’ on the AS2 server configuration. On upgrade, the applicable AS2 settings are migrated to a new Recipient. Additional recipients can be defined, each with their own AS2 ID, certificates, and other settings.
- Added two settings to the HTTPS service configuration allowing administrators to control the default and the configurability of the When File Exists action in the Web Client during file uploads.
- Added two settings on the SFTP service configuration to control the minimum and maximum DH group exchange key sizes.
- Upgraded the Maverick SFTP server API from 1.6.3 to 1.6.40.
- Updated the Web Client File Uploader CSS and Javascript to have a unique code in the path to prevent browser caching.
- Fixed an issue on the AS2 service where message signatures were not always required.
- Fixed an issue with the SFTP service where the re-exchange of keys would intermittently fail causing the client to disconnect.
- Fixed an issue in the SCP server that prevented "-s" from being used inside of file and folder paths.
- Fixed an issue with GoFast sessions on the Active Sessions page when viewing the session log.
Other Items
- Added TLS Session Resumption support on FTPS resource and tasks.
- Added event.startTime and event.endTime as variables available in Trigger actions. The start and end time are ISO formatted timestamps.
- Added the ability to configure read and connection timeouts for GoAnywhere Gateway connections.
- Enhanced the RunProject command line action to validate that the Project exists in batch mode before returning a successful status indicating that the project was submitted. If the Project does not exist, an error will be returned instead.
- Enhanced the File Uploader on Secure Mail pages to display progress bars and transfer information on the Compose page rather than in the popup dialog.
- Upgraded the embedded Apache Tomcat web server from 7.0.73 to 7.0.76.
- Updated the Admin Client CSS and Javascript to have an arbitrary value in the path to obfuscate the version number.
- Updated the WebDocs file expiration monitor to run on a fixed 24 hour cycle after initial execution. This will prevent a minor issue where the monitor could run multiple times if the server time is slightly off.
- To support multiple AS2 Recipients, the Security Settings Audit Report was updated to indicate the appropriate AS2 Recipient if certain checks fail.
- Fixed the REST GACMD action for Import Project from XML to support the createTargetFolder parameter.
- Fixed a minor issue with the Security Settings Audit Report where errors that occurred while reading the service configuration would not be reported correctly.
- Fixed a potential NullPointerException on the Secure Mail Package Download process if there isn’t a valid session.
- Fixed an issue when SAML is setup to use encrypted assertions and GoAnywhere would fail to decrypt the assertion in certain scenarios.
- Fixed an issue with the Quick Download feature in the Web Client by validating that the Web User has Secure Folders permission in order to log in.
- Fixed an issue where disk quotas were not handled properly for WebDAV, S3, FTP/S, SFTP, and Agent file systems when configured for Web User virtual folders.
- Fixed an issue that occurs when a Trigger executes a Project in batch mode and passes along variables that contain special XML escape characters that were included in the file name of the event. In this case, the job queue will stop processing additional jobs.
- Fixed a small typo in the GoAnywhere Shutdown System Alert email.
- Fixed an issue where the log4j2.xml file location was not being set correctly.
Version 5.5.9
September 21, 2017
- Enhanced the Secure Folders data table to prevent a recent Chrome browser update from causing an unnecessary scrollbar from appearing in certain situations.
- Fixed an issue where it was possible to bypass authorization checks to certain pages when using Firefox and encoded URLs.
- Fixed an array index issue that would occur when using the Write Fixed Width task with the Data Options configured to pad on bytes, and no column sub-elements are configured.
- Fixed an issue with Secure Folders uploads where the upload progress monitor in the Web Client could become out of sync when uploading a large number of files. This issue was introduced as part of the session timeout fix in 5.5.8.
Version 5.5.8
September 11, 2017
- Enhanced the ICAP Task to allow customization of the Content-Type header.
- Enhanced the FTP and FTPS Resource and Tasks to allow sending an Account value if required by the server.
- Enhanced the Write Fixed Width task to allow configuring whether padding is calculated on the number of characters written to a column, or the number of bytes written to a column.
- Updated the MVS list parser for FTP and FTPS resources to properly handle large files where the Used value of the raw listing would overflow into the space separating the Ext and Used fields.
- Updated the auto-rename process when handling incoming AS2 messages to safely handle concurrent uploads of the same file name.
- Fixed an issue that was introduced in 5.5.0 where the Tomcat Web Server was scrubbing ‘weaker’ ciphers by default. This fix forces use of the JVM enabled ciphers, unless explicitly overridden by an administrator in the configuration.
- Fixed an issue where viewing the Project Change History could fail if proper file system access is not available.
- Fixed the Twilio SMS implementation to use UTF-8 encoding for sending messages.
Version 5.5.7
July 28, 2017
- Fixed an issue with the Custom Report Task that was preventing it from running. This issue was introduced in 5.5.6.
Version 5.5.6
July 24, 2017
- Updated the GoAnywhere database upgrade process to share a single database connection for all changes across all upgrade versions.
- Updated the Admin Revision History Report Task to properly validate when no components are selected.
- Fixed a database transaction lock issue that was encountered when updating an Agent.
- Fixed a NullPointerException that could occur when running a project with the Admin User Activity Details report from the Scheduler or GoAnywhere Command.
- Fixed an error when loading the Project History page that would occur when the project no longer exists.
Version 5.5.5
June 30, 2017
- Fixed an issue with the HTTPS Session ID that was causing the Web Client Applet to fail.
- Fixed an issue where the Working Directory and Executable Directory of the Execute Native Command task where failing to validate Domain access.
Version 5.5.4
June 23, 2017
- Fixed an issue where Projects were failing to load Open PGP Keyring Resources. This issue was introduced in 5.5.3.
- Added the ability granularly configure the way the Lucene indexing engine works with the Index Directory. This was added to work around an issue where the Memory Mapped file access used by default on 64 bit Windows systems could cause the JVM to crash in certain environments.
Version 5.5.3
June 21, 2017
- Updated the Agent implementation to better manage the memory usage across multiple soft restarts.
- Upgraded Primefaces from version 6.0.10 to 6.0.20 to address a jquery vulnerability among other fixes.
- Added extra validation to the Project field when defining a Schedule to ensure the Project Location starts with a required forward slash.
- Updated the SAML configuration for the Admin and Web Client interface to allow configuring the NameID Format regardless of the Username Location setting.
- Updated the export of Projects, Monitors, Resources, Schedules, Triggers, Web Users and Web User Groups to be formatted with tidy output.
- Updated the addWebUser REST action to accept the JSON field of ‘userName’ instead of ‘username’ to maintain consistency across all other fields.
- Updated the add, update and delete operations for web user templates to properly commit DB transactions to helps avoid collisions with external replication processes.
- Fixed an issue where switching an Agent to a different Domain would remove permissions defined for other Agents within that Domain.
- Fixed an issue where exporting a Project would return a corrupt file if the Project contained double or triple-byte characters.
- Fixed an issue where the styling options of Bold, Underline and Italics were not properly applied to the Output Text component in Secure Forms.
- Fixed an issue where the SSH Key Chooser dialog was no longer large enough to select anything but the first 5 keys listed. This issue was introduced in 5.5.0.
- Fixed an issue where the passive workaround for connecting to an FTPS server behind a NAT firewall was not using the correct workaround address when using a forward proxy.
- Fixed an issue where Agent control connections could time out when running a large number of small file transfers continuously for longer than 60 seconds.
- Fixed the Quick Help to accurately describe the Job Group Execution Number Variable field on the Call Agent Group Project task.
- Fixed an issue where specifying a label on an Import element within a Project would fail.
- Fixed an issue where the SFTP auto-reconnect capabilities in a Project could get stuck in recursive loop resulting in a StackOverflowException.
- Fixed an issue where the Import Project element was no longer allowing relative paths for Projects. This was introduced in 5.5.0.
- Fixed an issue where promoting a Trigger using the REST interface was not properly preparing the Trigger which resulted in a failure.
- Fixed an issue where the file path was not properly resolving when using an SFTP resource file in the Move and Copy actions of Triggers.
- Fixed an issue where closing the FTP File Chooser dialog would generate an Ajax JS error when using IE 11.
- Fixed an issue where Admin Users could gain access to files and folders above the defined root directory of a Network Share Resource by using the …/ path syntax in Projects and File Choosers.
- Fixed an issue that prevented the Web Group Change History page from loading on Linux/Unix and IBM i systems.
- Fixed an issue where the DSPPRDINF command for GoAnywhere wasn’t working properly after the 5.5.0 upgrade.
- Fixed an issue where creating a Secure Mail message from a template was failing when using SQL Server as the backend database.
Version 5.5.2
May 16, 2017
- Enhanced the Audit Log event ID generation to only allocate an event ID when needed. This removes the overhead of ID allocation for events that are skipped by using the Log Exemptions.
- Enhanced the Execute Native Command task to allow specifying the Executable Directory.
- Added validation to the Agent Names to ensure only characters supported by most operating systems are allowed.
- Added Agent support to conditions and actions for Triggers.
- Added the Agent Service to the Service Status, Active Session - Details, and Active Sessions - Summary Dashboard gadgets.
- Added compression and message batching to various Agent notifications to help prevent rejections that could occur when messages are too large.
- Updated the reply for Keep Alive requests from Agents to be logged in Debug log level instead of Info.
- Updated the Agent Files to ensure the properties of the file are updated when the file is changed.
- Updated the Switch Domain process to properly clear Agent permissions.
- Updated the View Job Log link to not be rendered if a Job Log does not exist for a Project execution. This could occur when running a Project on an Agent that is not connected.
- Added a confirmation step when deleting Agent and Agent group permissions.
- Fixed the Agent message notification queue where an unnecessary limit was placed on the queue which could cause rejected notifications in environments with slow processing speed.
- Fixed an issue where Modify, Count, and Validate RowSet tasks were not properly included in the Standard Agent feature set.
- Fixed a potential NullPointerException that could occur when submitting a project to an Agent that is not connected.
- Fixed an issue with the Switch Domain operation for an Agent where Agent Projects and Resources could become inaccessible after the Domain switch.
- Fixed an issue where executing a Project could fail if an IF component was the first component in a Project. This was introduced in 5.5.0.
- Fixed the Secure Form REST dynamic help text to describe the proper HTTP method to use for each supported operation.
- Fixed an issue when adding a Web User virtual folder to an Agent where the Domain access was not properly being validated.
- Fixed an issue when listing an Agent directory with a large number of files, where the message separation was not properly separating the list into multiple messages.
- Fixed an issue where the Upgrade Agents button wasn’t properly refreshed in all cases after Agents were upgraded.
- Fixed an issue where an Agent could still run a Monitor action even after it had been disabled.
- Fixed an issue where Agent and Agent Group permissions could be granted to an Admin User that do not belong to the same Domain.
- Fixed an issue where the Save button was not being enabled while performing a Switch Domain for an Agent Group.
- Fixed an issue where changing the original owner of a GoDrive file would fail when using PostgreSQL.
- Fixed a formatting issue on the Secure Forms Access tab that could cause the SOAP and REST URL links to wrap to the next line.
- Fixed an improper validation that occurred when REST and Web Client are enabled on the Secure Form Configuration page, but not SOAP.
- Fixed an issue where the Agent registration process was not properly monitoring for read timeouts.
- Fixed an issue where the View Project Folder was not properly working for Agent Schedules.
- Fixed a validation issue on the Secure Form configuration page where the Secure Form could be saved when REST Enabled was selected but the Form URI was not specified.
Version 5.5.10
October 13, 2017
- Rebranded GoAnywhere MFT as a HelpSystems product.
- Added new options to the Send Email task to allow configuration of the encryption and signature algorithms when sending secure emails.
- Upgraded the FasterXML/Jackson API which contained a deserializer vulnerability. The FasterXML/Jackson library is only used by the trusted AWS API for client side S3 connections, however, it was upgraded to version 2.9.1 to help prevent a false positive from triggering during security scans.
Version 5.5.1
May 8, 2017
New Features
- Added the ability to safely embed Secure Forms in external sites without exposing the Web Client to clickjacking attacks. New global and individual form settings were added to control which forms can be embedded and from which websites if so.
- Added the ability to use a remote GoAnywhere Agent as a Virtual Folder or Home Directory location on a Web User account.
- Added the ability to configure a Custom URL for Amazon S3 resources to connect to non-standard service endpoints.
- Integrated transfers to and from Agents into the Active Transfers page.
- Updated transfers to and from Agents to properly adhere to bandwidth throttling restrictions.
- Added a Refresh button to the Agent Manager page.
Product Enhancements
- Enhanced the Agents Service configuration page to ensure the SSL Protocol and Enabled SSL Protocols are configured with valid values.
- Enhanced the automatic redistribution of Agent connections to be less disruptive when a new GoAnywhere MFT system joins the cluster by ensuring no work is being performed before an Agent reconnects.
- Improved the upload and download transfer speed when transferring files to and from an Agent.
- Enhanced the styling to properly wrap long values on the Project Variables tab of the Add/Edit Schedule pages.
- Enhanced the validation when accessing Agents and Agent Groups to test Resources or browse files by ensuring Agents are connected and enabled.
Other Issues
- Updated validation to properly check for unique Agent Group names when adding or editing an Agent Group.
- Updated the Agent to save a Monitor definition even if the snapshot fails, allowing the monitor to keep running and notifying the admin user on failure.
- Updated the error message when loading the Project browser for an Agent or Agent Group that is not connected.
- Updated the Edit Agent page to properly audit changes made to the Contact, Location, or Feature Set fields on an Agent.
- Updated the restart process for an Agent by ensuring the job queue runtime is properly shut down.
- Updated the JSESSION_ID cookie name to be unique between the Administration and Web Client interfaces.
- Updated the Agent and Agent Group permissions pages to have a notification that is more clear to users when permissions are modified.
- Enhanced the Secure Form validation when submitted via a RESTful web service request.
- Updated the Agent Installer to require an alias for folder permission, which is required for an Agent to startup.
- Updated encrypted UI fields by removing the variable dialog button when variables are not applicable to the field.
- Updated the help text link in the Agents service configuration page to link to the proper Agents Configuration help page.
- Updated the ID of an Agent notification record to be a Long data type to avoid hitting an avoidable limit of notification messages.
- Updated the Job Log purge process to include cleaning up Agent Group execution log entries.
- Updated the permission scheme for Agents to ensure Admin Users with the Agent Manager role can access the proper functionality on Agents and Agent Groups.
- Removed the default constraint on the Created On field in the Agent notification table to allow support for older versions of MySQL that did not allow defaults on datetime field types.
- Updated the Agent Manager list page to show Domain as the second column and Yes/No for the Connected value instead of a green/red icon.
- Fixed an issue where purging job logs could fail in certain cases when job log files do not exist on the file system.
- Fixed an issue where the Last Modified date of an Agent was not being updated when an Agent was modified.
- Fixed an issue where the Expire Request setting on a Secure Mail File Request was using settings defined for sending a Secure Mail package.
- Fixed the startup process for Agents where an Agent could shutdown instead of retrying the connection when certain failures occur.
- Fixed an issue where the Submitted By column on the Completed Jobs page was a link for Agent jobs when it should have been basic output text.
- Fixed an issue where Active Jobs ran by a user would not show when that user logs in with a different user name case than what is defined for their user account.
- Fixed an issue where restarting an Agent could generate unnecessary error logs in the Agent log file.
- Fixed an issue where the Write CSV task was not failing the Project when file system failures occurred. This issue was introduced in 5.0.0.
- Fixed an issue where GoAnywhere MFT was not properly detecting a disrupted connection between the Agent and GoAnywhere MFT.
- Fixed an issue in the Agent deletion process to properly unregister the agent before removing it from GoAnywhere MFT. This allows the agent to be reused if necessary.
- Fixed an issue where the JSON Read task was failing to log the name of the RowSet variable created during execution.
- Fixed an issue where renaming an Agent while an Agent Monitor is active could result in a Project failure when GoAnywhere MFT tries to access the files on the Agent.
- Fixed an issue where Agent transfers could time out when the transfer takes over 60 seconds.
- Fixed an issue where very large file paths for Job File auditing can cause the database transaction to fail.
- Fixed an issue where Projects could not be deleted if the Project XML file was missing. This issue was introduced in 5.5.0.
- Fixed a minor style issue on the Edit Agent page where word count assistance on text area fields were improperly bold.
- Fixed a syntax issue in the GoDrive Search page that was causing searching to fail. This issue was introduced in 5.5.0.
- Fixed an issue where importing a Trigger could fail in certain cases when comparing Conditions for Admin audit logging.
- Fixed an issue where scheduling a Project with compile errors on an Agent fails to update the Schedule resulting in the job running every minute instead of adhering to the defined schedule.
- Fixed an issue where Monitors were failing to run when more than one Monitor was defined for an Agent or Agent Group.
- Fixed an issue where sending a Secure Mail message from the GoAnywhere HTTPS task required the Web User account to have Secure Folders access.
- Fixed an issue with the File Chooser when working on an Agent Project where an invalid file path could be generated.
- Fixed an issue on the Cluster Manager page where the ‘Systems in Cluster’ count does not properly update when a new system joins the cluster.
- Fixed an issue where the FileInfo function available in Projects was accidentally removed in version 5.5.0.
- Fixed an issue on the Add/Edit Secure Forms page where the REST help link incorrectly loads the SOAP WSDL URL.
- Fixed an issue where the working directory on the Execute Native Command task was not resolving properly when running on an Agent.
Version 5.5.0
April 13, 2017
Agents
GoAnywhere Agents provide real-time remote workflow and file transfer capabilities that are controlled from a central GoAnywhere MFT server. Agents can be deployed to virtually any operating system including Windows, Linux, IBM i and other platforms. Agents can run on systems inside an organization’s network to move files throughout the data center. Additionally, you can deploy Agents to remote sites like branch offices, cloud environments like Amazon AWS, Azure, and other remote locations. When an Agent starts up, it will connect to GoAnywhere MFT which will then take over management of that Agent.
Agents can run multi-step workflows on the systems where they are installed. These workflows can copy files, archive files, translate data, add data to a database, execute native commands, or other file system tasks. Workflows on Agents can be scheduled to run on a recurring basis.
Agents can also monitor for new, modified, and deleted files on its file system. When a file is found, Agents can process the file locally or call a Project workflow on GoAnywhere MFT.
GoAnywhere MFT acts as the central point of control to manage all Agents which are connected to it. Admin users in GoAnywhere MFT will configure the work that should be performed on its Agents. Administrators can also view events that occurred, such as file transfers or completed jobs on those Agents.
Agents can be grouped together to simplify setup and configuration. This allows administrators to define tasks that should run on all Agents in a group. For example, an organization that has hundreds of retail stores can easily send out new files to each store in the group. Or, a group of Linux servers can be defined to execute the same SSH commands on all Agent systems at once.
Agent Features
Listed below is a summary of features in GoAnywhere Agents:
- Secures file transfers between Agents and the central GoAnywhere MFT environment.
- Authenticates Agents connections using X.509 certificates.
- Monitors for new, modified, and deleted files on Agent systems.
- Compresses and decompresses files on the Agent systems using Zip, Tar, and Gzip standards.
- Translates data to/from databases, CSV, Fixed Width, XML, and JSON.
- Executes native commands on Agents.
- Controls which folders are accessible on Agents.
Administrator users in GoAnywhere MFT can work with Agents using the following features:
- Create Agent Templates with registration rules to easily deploy Agents on a large scale.
- Configure Agents or Agent Groups from the Agent Console on GoAnywhere MFT.
- Design Project Workflows to be executed on Agents.
- View completed Jobs, active Jobs, or Queued Jobs on for Agents.
- Create custom Agent installers from the Software Library.
- Automatically deploy Agent upgrades directly from GoAnywhere MFT.
Secure Mail
- Added the ability to Request Files from recipients using Secure Mail. This new option will send a unique link to recipients requiring files to be uploaded and returned to the requester.
Secure Forms
- Added the ability to submit Secure Forms using RESTful web services.
- Added the ability to search for submitted Secure Forms by Job Number.
Administration
- Added support for storing GoAnywhere MFT backend tables on the PostgreSQL database system. The “Switch Database” wizard was enhanced to simplify database migration, which will automatically create the tables and migrate existing data to the PostgreSQL database.
- Added 26 RESTful web service endpoints to retrieve useful information from GoAnywhere. This information is what is generally shown via Dashboard gadgets.
- Enhanced the basic search on the Job File Audit Log page when using the file name field to be case insensitive and inclusive rather than exact match.
- Enhanced several auxiliary pages for Monitors and Schedules to save the state of the List pages. When returning from those pages to the list page, all search parameters are remembered and the list is filtered as it was before.
- Enhanced the basic and advanced search tabs on Monitors and Schedules to have a consistent search operator ‘contains’ in both cases.
- Enhanced the File Transfer Summary dashboard gadget to include the Secure Forms module type.
- Updated FTP upload tasks by adding a success message to the job log per file after it is uploaded.
- Updated the Help Documentation pages to have a language code to assist with 508 compliance.
- Updated the Help Documentation for 508 compliance by adding visual indication to all links when focused as well as adding a title to the Search input field.
- Updated the Admin Log messages to have the same format for changes made to the Admin User and Web User Password Policies.
- Updated many pages by dropping the word ‘Last’ for labels that were Last Modified By and Last Modified On.
- Updated the Modified Date and Size columns in the File Chooser dialog to not wrap values keeping them on a single row.
- Updated several Audit Log retention periods from a maximum of 999 days to be 9999.
- Updated the SOAP message generator based on the WSDL definition to render better in Firefox.
- Removed the admin logging for changes made to the isEncrypted password flag on Resources as that setting is hidden since version 5.4.
- Upgraded Primefaces from version 5.2.21 to 6.0.10.
- Upgraded the embedded Apache Tomcat web server from 7.0.56 to 7.0.73.
- Updated the sales and support email addresses on the Help About page to refer to the new HelpSystems ones.
- Updated the “Remove All Permissions” button on the Project Permissions page to have a confirmation dialog window to confirm the action.
- Updated the SAML process to handle failures better and provide a more useful error message.
- Organized the Services main menu section by creating submenus for GoDrive, Secure Mail, Secure Forms, and Agents.
Other Issues
- Fixed the quick help documentation for the Response Body field on the REST Get task to indicate the correct default setting which is the job log.
- Fixed an issue where downloading as Zip in the Web Client would report a successful status for audit log events when users cancel the download. It now will report a failure status.
- Fixed an issue with the Number of Files Copied output variable of the Copy Task could report an inaccurate number in certain cases if files are skipped during processing.
- Fixed a minor issue with the Project designer where unnecessary XML tags were added to the Project definition for File Set filters.
- Fixed an issue with the Rename action on the FTP, GoFast, and GoAnywhere HTTPS tasks where the File Chooser for the From location was not set to the correct location type.
- Fixed an issue with the File Transfer Summary gadget and report could misrepresent statistics when using multiple Domains.
- Updated the MySQL database driver from version 5.1.17 to 5.1.40. This fixed an issue with the Limit clause in the SQL Wizard.
- Fixed an issue where AS2 messages sent with content type ‘application/XML’ were not handling case sensitivity correctly. This issue was introduced in 5.4.0.
- Fixed a typo on the Security Settings Audit report for the item regarding how FTP should not be allowed for inbound connections unless it is encrypted.
- Fixed an issue where the Compose page in the Web Client was not showing the valid locale based on the browser settings. This issue was introduced in 5.4.0.
- Fixed an issue with dropdown components on Secure Forms to properly validate valid options when submitted via SOAP web services.
Version 5.4.4
April 7, 2017
- Enhanced the performance of the initial remote snapshot process for GoDrive device synchronization.
- Enhanced the performance of the SSH key exchange by only validating algorithms that are enabled on the Task and Resource.
- Updated the MQ Send Task to no longer include the JMSXAppID message property by default. A system property ‘com.linoma.mq.useLegacyJMSXAppID=true’ is added on upgrade to persist behavior of existing installs, however new installs will not include this system property.
Version 5.4.3
February 24, 2017
- Enhanced the Amazon S3 Resources to support server-side KMS encryption of files.
- Fixed an issue where downloads of a non-existent file from an FTP/S or SFTP server would create the file as a 0 byte file. This issue was introduced in 5.4.0.
- Added logging to the job file audit log process to provide details when a record fails to be logged.
Version 5.4.2
February 7, 2017
- Updated the SSL cipher configuration picklist to properly indicate which cipher suites are used when no ciphers are selected. This includes the Admin server, HTTPS/AS2 server, FTP server and FTPS server.
- Updated the footer copyright to include 2017.
- Fixed an issue where using an FTP server resource as a Web User file system would fail when running GoAnywhere on a Linux/Unix based server.
- Fixed an issue where IP blacklist update notifications were being sent to older versions of GoAnywhere Gateway.
- Fixed an issue where the Completed Job Statistics report task had the wrong dropdown option for the Chart Data field.
- Fixed an issue with the LDAP update logic for Web User settings to use case insensitive comparisons.
- Fixed an issue with the LDAP synchronizing for Admin Users where the email field wasn’t properly cleared when the email address in the LDAP entry was empty.
- Fixed an issue where the GoAnywhere HTTPS task would log HTTP trace information when GoAnywhere MFT was configured for debug logging.
- Fixed an issue with LDAP synching where unmapped attributes were being overwritten on Web Users in certain cases.
- Fixed an issue where the Import Custom Task process could produce a 500 Internal Server Error.
- Fixed an issue where the Bulk Password Update button was missing on the Where Used page for Admin Users.
- Fixed a memory leak with the GoFast file transfer acceleration communication framework.
- Fixed a memory leak with the GoAnywhere Gateway client communication framework.
Version 5.4.1
December 9, 2016
- Added a new setting in Secure Forms to control the session timeout for public forms.
- Enhanced the logging of the REST tasks to properly indicate the operation being performed when a response body and response header file already exist.
- Added support for a more complex version numbering scheme.
- Enhanced the new FileSet filter label to be bold.
- Enhanced the SOAP Task to support loading a WSDL from a local file.
- Enhanced the Set Variable task to register a file READ event in the Job File audit log when the value of a variable is read from a file.
- Updated the namespace prefix for SOAP responses to be consistent between successful operations and faults.
- Updated the styling of the Completed Jobs by Project report to prevent headings and labels from being truncated.
- Updated the multi-checkbox component of Secure Forms to pass a list of selected values to a Project.
- Updated the debug logging for IP filtering to no longer log a message when a connection is accepted.
- Enhanced the validation of the Admin SAML SSO settings to provide a warning when the Admin Site URL is not properly defined.
- Removed the unused Enable Cookies setting from the REST and SOAP tasks.
- Updated the REST tasks to log request headers to the job log when running in debug log level.
- Cleaned up the validation messages returned when running a Secure Form using SOAP web services.
- Updated the View Gateway page to include the SSL Context configuration setting.
- Updated the default search operator for the User Name to be ‘contains’ on the Advanced tab of all Audit Log search pages.
- Updated the validation message on the SOAP and REST tasks to clearly indicate that a User Name is required if an authentication type is selected.
- Fixed an issue where file upload statuses are not always refreshed properly on the upload dialog when uploading files through the Web Client interface.
- Fixed an issue with the WSDL generator to properly load internally linked XSDs within the WSDL.
- Fixed an issue where the Submitted From value was empty for Jobs submitted from a Secure Form.
- Updated various file/folder path locations to properly validate the type of file input allowed for those fields.
- Fixed an ajax refreshing error on the Log Settings page that could clear uncommitted settings in certain cases.
- Fixed an issue where copying a Web User Template did not prompt for a Domain when running in a multi-domain environment.
- Removed an invalid warning that was logged from the SOAP and REST tasks when parsing the response XML into a variable.
- Fixed an issue with the Expression Wizard where text selected to wrap in ${} was not properly wrapped in all cases.
- Fixed an issue where change history for Monitors included fields that weren’t modified.
- Fixed an issue with the SOAP GACMD virtual file and virtual folder operations to properly set permissions based on the SOAP request.
- Fixed an issue where GoDrive audit logs search results did not contain events not belonging to a specific domain.
- Fixed an issue where global search results were showing ‘null’ file names for certain transfer operations.
- Updated the data type defined in the Oracle DDL from VARCHAR to VARCHAR2.
- Fixed an issue with reading the license file that was introduced in 5.4.0.
- Fixed an issue where HTTP headers set during Resource testing were different than those set during Project execution causing a difference in behavior.
- Fixed an issue where output variables were not properly being removed from the Variables panel when the Task that creates the variable is deleted.
- Fixed an issue where the Put and Post REST Tasks were inaccurately requiring a request body.
- Fixed an issue where Web Users were not properly removed from an LDAP group when the Login Method was changed.
- Fixed an issue where Project Designer panels were not properly expanded to display configured fields when the field was a pick list component.
- Fixed an issue where unexpected failures during a multi-file download as zip operation could leave streams open resulting in locked files.
- Fixed an issue where the Dropdown component on a Secure Form could automatically change defaults or allow multiple defaults during configuration.
- Corrected a spelling error in a validation message that would display when promoting a Monitor from one system to another.
- Fixed an issue where a blank message on an anonymous Secure Mail reply could show up as 'null’. This issue only existed when running on an Oracle database.
- Fixed an issue with attaching files from a Secure Folder to a Secure Mail package where files with the same name were not properly renamed.
- Fixed an issue with the default application data that was causing the switch to an Oracle database to fail.
- Fixed an issue where the View Web User page wasn’t showing deactivated Secure Forms that the Web User had access to.
- Fixed an issue where switching the Domain on a Web User Template doesn’t trigger the Save button to become enabled.
- Fixed an issue where the Password Expiration email notification was attempting to send notification emails to admin users with no email address defined.
- Fixed an issue with the Validate RowSet task where exceptions were not properly being handled.
- Fixed an issue where the SAML Single Sign-On redirect process could get stuck in an infinite loop when a user has no valid permissions.
- Fixed an issue where adding an Admin User could fail if the User is not configured to use the Internal Login Method.
- Fixed an issue where dropping a new task onto a Project that does not contain a Module could cause the Project Designer to lock up.
- Fixed an issue where the SOAP Task would log ‘null’ for the request by if the soap message was being loaded from a file.
- Fixed an issue where Web Users were not able to log in if Two-Factor authentication was configured. This issue was introduced in 5.4.0.
- Fixed an issue where the option to resolve host names at the proxy server for the HTTP/S, REST, and SOAP tasks was not working in all cases.
- Fixed an issue where the Web User password history was improperly validated in the Security Audit Report.
- Fixed an issue with the FTP Base File implementation where folders on an FTP server that does not support the STAT command for directories would appear as if they do not exist.
- Fixed an issue where the mouse cursor would not show up as a pointer to indicate a clickable link in the Component Library of the Project Designer when using Firefox.
- Fixed an issue where invalid authentication to a SOAP service would return the html error page as the response body.
- Fixed an issue where database statements were not properly closed after each execution. This issue existed when running operations that execute a large number of statements within a single connection.
- Fixed an issue where the selected Resource and the Web Service URL were not properly validated.
- Fixed an issue where the Derby database backup was not running every hour when configured to do so.
- Fixed an issue where a Secure Form would pass an empty string to a Project when no files are attached to a form that accepts file uploads. Updated the empty string to an empty list, which allows the Project to work with the variable regardless of whether or not files were uploaded.
- Fixed an issue where the Accept Type setting wasn’t properly applied on the SOAP Task from the Resource.
- Fixed an issue with the SOAP interface for GACMD to properly handle the validation of optional numeric and boolean values.
Version 5.4.0
November 15, 2016
Web Services
- Added a new REST resource and four new tasks to Put, Delete, Get, and Post RESTful web services. The new task supports XML and JSON based services and simplifies integration with applications.
- Added a new SOAP resource and task to provide streamlined integration with SOAP web services. A wizard is provided that simplifies the creation of actions by building them based on the WSDL definition. Files can be sent inline or using MTOM. The files and XML payload returned from the web service can be stored or processed.
- Added two new tasks to read and write JSON data.
- Added a new RESTful web service interface to execute commands in GoAnywhere. These are the same actions that are available via GoAnywhere Command (GAcmd) from Windows and Linux command line.
- Added a new SOAP web service interface to execute commands in GoAnywhere. These are the same actions that are available via GoAnywhere Command (GAcmd) from Windows and Linux command line.
- Added the ability to submit Secure Forms using SOAP web services.
Secure Forms
- Added the following input and output components to Secure Forms:
- Number
- Radio Buttons
- Checkbox
- Multi-Checkbox
- Bulleted List
- Text Area
- Added the ability to specify HTML syntax in Secure Form components like Output Text. This allows administrators to add advanced options in a form including links, videos, and formatting.
- Added additional properties to existing Secure Form components. Output text has options to control the font size and formatting, drop downs can be editable versus selecting predefined values only, and autocomplete can be controlled on input text fields.
- Enhanced Secure Form processing to delete the temporary files that may have been attached if the user cancels out of the form. Previously these temporary files were only deleted when the user’s session is ended.
- Enhanced the configuration of the Output Text component in Secure Forms to have a bigger text area to input data.
- Updated system startup processing that checked for Secure Form payloads that were incomplete to cleanup any abandoned forms. This could occur if there was a hard system failure while users were configuring forms with file attachments.
- Updated Secure Forms components that support multiple options to prevent duplicate values.
- Removed an unnecessary empty output panel where a blue line was displayed after a public Secure Form was submitted and no output files were returned.
- Updated the Secure Form rendering in the Web Client to position the labels towards the top of their respected fields rather than the middle.
Administration
- Added the ability to synchronize Admin Users with Active Directory and LDAP servers.
- Added Admin User Templates to simplify user creation.
- Added SAML single sign-on support to the Administration client.
- Added new Admin Security Settings for Password Age and History to control Admin User’s passwords.
- Added the ability to automatically blacklist IP addresses based on user names during login. For example, if a Web User attempts to login as ‘root’ or ‘support’ it can blacklist their IP temporarily or permanently.
- Added the ability to resolve host names at the proxy server rather than locally on the GoAnywhere MFT server.
- Added additional security by hiding password fields on configuration pages (e.g. Global Settings and Login Methods). Users can opt to change a password which will then display a field to input the new password.
- Added admin logging and revision tracking to Log Settings.
- Added admin logging and revision tracking to Web User Self-Registration settings.
- Added admin logging and revision tracking to Web User Templates.
- Added the ability to copy Web User Templates.
- Enhanced the Admin User’s References page by having links to Monitors, Schedules, Triggers, and Secure Forms if they have the appropriate role.
- Updated Admin Roles and Admin Groups to be labeled as Admin User Roles and Admin User Groups.
- Added a new field to the Import Web User Groups from XML action to Ignore Secure Form Membership. This allows groups to be imported that have Secure Form references in the XML and they do not exist in the target system.
- Enhanced the File Chooser dialog to start in the location that was typed in prior to the … button being clicked.
- Enhanced how the User name field is searched in the Audit Log pages so that it is case insensitive and inclusive.
- Enhanced validation of several GAcmd actions to ensure certain attributes are supplied.
- Updated the error message during FTPS service startup process to indicate if the error was caused by an invalid password on the SSL keystore.
- Updated the audit log purging process to handle exceptions gracefully when connection timeouts occur due to short database timeout settings.
- Updated the saving of Domains to show a standardized success message to the user.
- Updated the Service Manager page by putting the Edit, Start, Stop, and other actions into a More Actions drop-down menu next to the service.
- Enhanced the trust of the product installation files by adding a digital signature to them.
- Updated GoAnywhere product logos to reflect the new registered trademark.
- Updated the Check for Updates logic to pull the information from www.goanywhere.com instead of www.linomasoftware.com.
Web Users & Web Client Enhancements
- Added the ability to define multiple Web Client brands each with their own logo, page title, and language settings.
- Added new Login Settings for Kerberos that allows GoAnywhere Desktop Client and the Outlook plugin to use Windows based authentication for single sign-on.
- Added the ability to use FTP, FTPS, and SFTP resources in paths. For example, a Web User can be given access to a resource:sftp://[resourceName]/path as a virtual folder. If the user uploads a file via HTTPS in the Web Client, it will actually upload the file to the remote server behind the scenes.
- Added the ability to create Secure Mail Templates in the Web Client. Users can create a template with a default subject, message, options, and file attachments and then that template when composing new messages.
- Added a new page in the Web Client for users to configure their Preferences, like the Default Landing Page to navigate to after login. In addition to the user configured preferences, other options are automatically remembered like the sorting options on pages.
- Added the ability to select the action in Secure Folders to take when the file already exists prior to uploading a file.
- Added a new setting in the HTTPS configuration that to enable or disable the Download as Zip feature in the Web Client.
- Added a new Download as Zip File Limit setting in the HTTPS configuration to control the maximum number of files that can be included in a Zip file when downloading multiple files in the Web Client.
- Added a new setting in the HTTPS configuration to set the file name to use when multiple files are downloaded as a Zip file through the Web Client.
- Added a new Secure Mail Setting to set the maximum number of files that can be attached to a Package.
- Enhanced the Trash Bin in GoDrive to only show items that the user can restore or remove. Items in which the user only had view access granted to them from other users will no longer appear in their Trash Bin.
- Updated the GoDrive Upload Task to log the appropriate messages when the target file already exists.
- Updated the Sent Items page in Secure Mail to have the Subject field as a link which takes the user to the View Details page.
- Updated the settings applied to new installs so that the Web Client Applet is disabled by default.
- Updated the signature on the Web Client Applet Jar files using a new certificate that won’t expire for three years.
Reports
- Added a new Custom Report task that creates a PDF file using data from an SQL query or from a file (CSV, XML, Excel, JSON, or Fixed-Width). Text fields can be added to the top of the report to describe the report criteria and summary fields can be used to calculate the min, max, average, or summary values of the data. Charts can also be added to visualize the information in the report.
- Added a new Completed Jobs by Project report that lists the number of Jobs executed, the number of files transferred in those Jobs, and the bytes transferred for each Project.
- Added a new File Transfer Summary report that displays the total number of files transferred during the specified date range.
- Added a new Unresolved Jobs report that lists the total number of jobs that failed during the specified date range that have not yet been resolved.
- Added a new Admin User Activity Details report that shows what actions were performed by Admin Users.
- Enhanced the Completed Jobs Statistics report to also include the total bytes and file counts that were transferred in the jobs.
- Enhanced the Security Settings Audit report with additional checks to ensure Gateway is being used for inbound connections, that Gateway’s control channel is protected with SSL/TLS and a Shared Secret, that Admin Users are not allowed to view Resource passwords, and that Admin Users follow Password Age and History restrictions.
Workflow & Project Designer Enhancements
- Added many features to the Project Designer to make it more intuitive and powerful:
- Moved the Component Library to the left side of the Project Outline. This gives more vertical spacing for the outline and simplifies drag-n-drop between the library and outline.
- The Component Library can be expanded or collapsed. When collapsed, simply hover over the tab which will expand the library. When you drag-n-drop a component the library will automatically collapse again freeing up real estate.
- A new Variables panel was added to the right side of the page. It is broken into four sections to list out Project, Folder, Output, and System variables. These variables can be drag-n-dropped into task fields and the ${} syntax is automatically added to the variable.
- The working panel where attributes are configured is now displayed in a vertical accordion panel instead of tabs. If a panel has values specified, the accordion panel is automatically expanded to quickly view all values.
- FileSets no longer appear as a subelement of a task. They are embedded in the main task level and appear right next to the other Input File fields.
- Redesigned the View Project page to list all attributes in a vertical accordion view. Each accordion panel that contains values for attributes is automatically expanded quickly showing configured items.
- Added a new Full Screen mode to expand the Project Designer to fill the entire screen.
- Added 10 additional functions that can be used in expressions:
- isAlpha
- isAlphaNumeric
- isNumber
- isWholeNumber
- isValidText
- randomUUID
- truncate
- reformatDateTime
- extractDateTime
- adjustDateTime
- Added a new Count RowSet task that will process an Input RowSet and provide a count of the number of rows and columns.
- Added a new Validate RowSet task that is useful to verify data, row counts, column counts, and other validations before it is used.
- Added the ability to pass in a String variable to the Input Files Variable fields in tasks. The string file path will be resolved to a file object at execution time.
- Added a new Where Used page that shows all Schedule, Monitor, Trigger, and Secure Form references to a Project.
- Added enhanced security around Resource passwords. When a password was previously set on a Resource, a new Change Password link is provided to set a new value. In addition, passwords can be recoverable or non-recoverable.
- Added a new Monitor event type for File Exists. This is useful to execute a Project when any file is found in the monitored folder.
- Added a new option on Amazon S3 Bucket resources to enable server side encryption.
- Added the ability to filter the list of Triggers by Trigger Name.
- Enhanced the validation of Resources that are imported to ensure all required fields are supplied.
- Enhanced the basic search on Schedules, Monitors, and Secure Forms when using the Name field to be case insensitive and inclusive rather than exact match.
- Enhanced the exporting of Schedules to keep the password in an encrypted format.
- Enhanced Zip functions to use UTF-8 encoding for file names inside the Zip file to handle certain international characters better.
- Enhanced the Project deletion action to check for references from Monitors, Triggers, and Secure Forms before proceeding.
- Enhanced the configuration of Monitors and Schedules to save the state of the List pages. When returning from the add/edit pages to the list page, all search parameters are remembered and the list is filtered as it was before configuration.
- Updated the File Chooser dialog by splitting the Resource links into a separate section under Favorites.
- Updated the multi-delete option on the Monitors list page to only delete monitors that pass validation. This ensures that the Monitor is not active when being deleted.
- Updated the max file size limit to 10 MB for basic upload features. This applies to places like Import Projects, Import Web Users, Import Certificates, etc.
- Updated several drop-down fields in tasks to have better widths to allow for variables and to accommodate for the options in the drop-down.
- Updated the Monitor, Schedule, and Trigger importers to validate additional fields that must be supplied in the XML.
Gateway Enhancements
- Added the ability to specify a Shared Secret value on Gateway configurations. This shared secret may be required by the Gateway server to authentication the MFT system.
- Added the ability for IP whitelisting and blacklisting to occur at the Gateway level in the DMZ rather than on MFT only.
- Added the ability to turn on SSL encryption on the Gateway configuration to protect the control channel’s communication.
Other Issues
- Fixed a rare threading issue that could cause multiple packages to be created on the Secure Mail Compose page if multiple files were drag-n-drop uploaded before a draft package was created.
- Fixed an issue where users with GoDrive Manager, Secure Forms Manager, and Secure Mail Manager roles were not able to access the Administration log of the Audit Log page.
- Fixed an issue where the MQ Resource name was not being logged in the Job File Audit Log when the session was being used in certain situations.
- Fixed an issue where the submitted payload record on Secure Forms may not contain the Job ID in the event the system was shut down while the Project was processing.
- Fixed an issue where the Last Modified Date of files included in the Download as Zip feature was not being persisted.
- Fixed an issue with the FileInfo function to respect permissions on the Resource when the path is for SMB network shares, Amazon S3 buckets, or WebDAV systems.
- Fixed an issue on the Private Key Alias field of SSH tasks to support variables as input.
- Fixed the quick help in the FileSet element in Projects to correctly link to the help documentation for the Regular Expression Pattern.
- Fixed an issue where the ctrl-left and ctrl-right keyboard actions on the Components tab of Secure Forms configuration could lose changes made to the components. These actions were disabled and were used to minimize and expand the side panels.
- Fixed an issue on the PGP Key Manager page when the user double clicks on the confirmation button by adding the standard please wait status notification.
- Fixed an issue with the Checksum task where it was not using the Execute Only If and Disabled attributes.
- Fixed an issue where a Project cannot be deleted if it contains compile errors. This was introduced in version 5.2.0.
- Fixed an issue where the Default Subject setting for Secure Mail that wasn’t compared correctly in one scenario that would have prevented it from being logged in the Administration log.
- Fixed an issue where the Project XML file was not being deleted when the DeleteProject action was called from GAcmd.
- Fixed an issue on the Add/Edit Admin User pages where the password field would reset when certain validation rules failed.
- Fixed the Send Email task to properly validate that the Sent Attachments Variable is a proper identifier.
- Fixed an issue where the wrong Project name is being logged in the administration log when a Project is deleted. This only occurred when overwriting the Project during a copy operation.
- Fixed an issue on the Project Search page where sorting on the Project column would break pagination so only the first page results could be viewed.
- Fixed a small typo in the email that is sent for new Web User accounts.
- Fixed a minor issue in the Move task where the summary message was being logged twice in job logs.
- Fixed an issue when adding Monitors that occurred when a variable was added to the Project tab by selecting the variable description in the popup selector rather than using the add or replace buttons.
- Fixed the refresh logic on the Gateway configuration page where additional threads could be created if connecting and disconnecting many times.
- Fixed an issue that occurs when the user tries to stop the Gateway connection while it is currently retrying to shutdown properly without additional error messages.
- Fixed an issue in the Admin Client and Web Client where some restricted pages could be viewed by manipulating the URL.
- Fixed an issue on the Web User Settings page where the Password Notification options caused columns to be misaligned in some situations. This issue was introduced in version 5.2.0.
- Fixed an issue where downloading a file as Zip would fire trigger events before releasing the locks on the files being zipped.
- Fixed the Folder field on the search section of the Completed Jobs page to have a limit of 256 characters instead of 50. This limit only applies if users manually type in paths rather than using the Folder Chooser dialog.
- Fixed a timing issue that could prevent multiple files from being uploaded to a Secure Form at the exact same time.
- Fixed a rare timing issue in the Project Designer where attributes from one element could be applied to another element if the user clicks fast enough between elements.
- Fixed an issue where emails were not being sent after a GoDrive share request was approved or denied by the recipient.
- Fixed an issue on the Audit Log pages where exporting the results to a CSV file used an incorrect column heading for the Domain.
Version 5.3.8
October 20, 2016
- Increased the allowable length of the File Name search field on the Job File Audit log page from 64 characters to 128 characters.
- Fixed an issue where AS2 and Secure Email projects could fail in rare scenarios when executed from a Monitor or Schedule in a clustered environment.
- Fixed an issue where restarting the HTTPS service could prevent GoDrive email notification from being sent.
Version 5.3.7
October 12, 2016
- Fixed a UI issue in Secure Folders where users were prevented from uploading files in certain scenarios and the upload status messages were not updated properly in others.
Version 5.3.6
September 6, 2016
- Enhanced the Read Excel task to support reading password protected OOXML formatted Excel documents.
- Updated the audit log remarks for the SFTP Login Successful event to include the SSH fingerprint used to authenticate when a Public Key was provided during authentication.
- Updated the landing page for SAML authenticated logins to be based upon the features a Web User has access to.
- Fixed an issue where Amazon S3 connections were not properly using the proxy configuration on the Resource.
- Fixed a password validation issue when adding a Web User that is not configured to use the Internal Login Method.
Version 5.3.5
August 26, 2016
- Added a configurable option in the Two-Factor RADIUS (RSA SecurID) settings that allows GoAnywhere to submit an initial ‘dummy’ request to the RADIUS server to retrieve the challenge response prior to prompting the user.
- Clarified the error message displayed to Web Users when a file upload has exceeded the disk quota limit for a folder.
- Updated the Global Log search results to have proper log messages for Secure Form events.
- Fixed an issue with WebDAV directory listing when the server provides the file and folder names in the URL instead of the Content Disposition header.
- Fixed an issue where file resolution wasn’t working properly within a called sub-project when the parent project was executed from a Secure Form.
- Fixed an issue with deleting a Web User account when the user is configured with a disk quota limit on their home directory.
- Fixed an issue with pagination on the GoDrive search page.
- Fixed an issue with Web Client uploads where upload progress could hang in the event that the disk quota limit was exceeded.
Version 5.3.4
August 8, 2016
- Enhanced the edit pages for Schedules, Monitors, Triggers, and Secure Forms to no longer redisplay user defined passwords.
- Enhanced the Secure Form file uploads to allow multiple files at once.
- Enhanced the registration email validation to allow newer email address standards.
- Increased the number of background threads allocated to background jobs such as the Scheduler runtime and Audit Log purge processes.
- Added the ability to configure various SAML service provider options, including the Requested Authentication Context, the Requested Authentication Context Comparison, and whether or not to Force Authentication.
- Fixed an issue where the passwords were missing from Monitors when promoted from one system to another.
- Fixed an issue where the Update Shapshot prompt could not be closed after updating a Monitor.
- Fixed an issue with the Job File Audit log where the Resource Name was not properly logged in situations where the Resource connection was shared between multiple tasks.
- Fixed an issue with Web User Templates where the AS2 Upload Directory setting was not properly saved when running on an Oracle database.
- Fixed an issue with the LDAP sync process that could occur when Enforce Group Membership is not set and a Web User becomes disabled.
- Fixed an issue where the Job Name specified could become lost if the Job is in a repeating state and GoAnywhere is restarted.
Version 5.3.3
July 11, 2016
- Added line wrapping for the output text component on Secure Forms.
- Upgraded the Amazon S3 API from version 1.10.20 to 1.11.14.
- Updated the retrieve email task to properly set the read timeout on the connection when downloading messages.
- Fixed an issue where exporting Open PGP Key Ring Resources from GACMD fails when using certain backend databases.
- Fixed an issue where Syslog structured data messages did not contain the correct virtual path value for file transfers.
- Fixed an issue with file name scrubbing that was causing email retrieval to fail when the server is operating in read only mode.
- Fixed an issue where the Completed Jobs search page only allowed 30 characters for job names which prevented searching for jobs with names larger than 30 characters.
Version 5.3.2
June 16, 2016
- Added support for UNIX style hashed passwords when importing Web Users from CSV or using the GoAnywhere Command Client (GACMD).
Version 5.3.1
June 8, 2016
- Enhanced the navigation on the Admin User, Admin Group and Role list pages to clear the select list when leaving the page.
- Enhanced the GoDrive Upload Task to include options to control behavior when the target GoDrive file already exists.
- Added the missing Recipient Email field to the HTTPS Audit Log view page.
- Added field length validation to the Password field on Triggers, Monitors, Scheduled and Secure Forms.
- Added Secure Form Payload ID column to the HTTPS Audit Log search page.
- Removed the ‘Powered by GoAnywhere’ from Secure Forms that are configured without branding.
- Updated the width of the My Account menu dropdown on Web Client main menu bar.
- Updated the Secure Form Details dialog to contain the correct information when launched from the Completed Jobs page.
- Updated the Change History log for Secure Forms to be more consistent with other areas.
- Fixed an issue with the Secure Form configuration page where component options were not persisted when additional components were added.
- Fixed a sorting issue with the submitted Secure Forms page.
- Updated Secure Forms to show a processing wheel when submitting a Secure Form.
- Update the Secure Forms configuration page to properly set focus when a new options row is added.
- Fixed an issue where redirection to a Secure Form was not working when the user was already logged in or was using Two-Factor authentication.
- Fixed an issue that was introduced in 5.1.0 where password containing slashes or quotes cause authentication issues.
- Fixed an issue with mass update passwords where the change history was using the incorrect domain.
- Fixed a potential database deadlock issue with the mass update passwords feature.
- Fixed an issue where the confirmation for footer actions were not working properly in Safari.
- Fixed the styling on the GoDrive file and folder properties dialog.
- Removed the unnecessary help link on the Web Client Secure Forms page.
- Fixed an issue where project variables were not available in the expressions dialog in all cases.
- Fixed a layout issue on the view page for the Internal Login Method.
- Fixed an issue with the debug logging of the GoDrive Upload Task where the correct file name was not used in all cases.
- Fixed the placeholder text used on the Secure Forms configuration page that was causing rendering and saving issues in IE9 and IE11.
- Fixed an issue with Global Index processor where certain failures were not being recovered properly.
- Fixed an issue with the System Log Viewer that could occur when changing the Log File Extension for the Global Log.
- Fixed an issue with the Admin Session Timeout where the value of 0 was not being treated as infinite.
- Fixed an issue where ‘textarea’ fields were no longer wrapping in IE11.
- Fixed an issue where Syslog Preferences weren’t properly refreshed when running in a clustered environment.
- Fixed the Syslog logging for GoFast event where certain fields were logging as blank instead of being omitted.
Version 5.3.0
May 31, 2016
Starting with version 5.3.0, GoAnywhere MFT requires a minimum JRE (Java Runtime Environment) version of 1.7. If you are running on a Java version prior to 1.7, you must upgrade your JRE before upgrading GoAnywhere MFT to version 5.3.0.
Secure Forms
The new Secure Forms module allows end-users to fill out custom forms and optionally upload files through a secure HTTPS web portal in GoAnywhere MFT. The Secure Forms can then call Project workflows in GoAnywhere MFT to automatically process the submitted data and files.
GoAnywhere MFT administrators can define one or more Secure Forms with configurable input and output fields, custom labels, and file components to control the data which end-users provide when submitting a form.
For instance, a Secure Form could be used to collect electronic voting ballots, in which the user would be prompted for input parameters such as the county in which they live. The user could then upload their electronic ballot and submit the Secure Form. A Project workflow could automatically be executed to distribute this electronic ballot to the appropriate county election official (based on the county selected by the end-user on the Secure Form).
The Secure Form module includes:
- Granular access controls with support for authenticated and public sessions.
- Ability to embed forms into existing external web applications.
- Friendly URL access to forms.
- URL redirection on submit.
- Fully customizable input components and layout.
- Support for file uploads.
- Ability to dynamically generate and provide output files for download.
Please note that Secure Forms is an optional licensed module. Contact your account manager for pricing and additional details.
New Tasks and Workflow Features
- Added a GoDrive Upload Task which allows a Project workflow to push files out to Web Users’ GoDrive folders. This includes the ability to set an expiration date on distributed GoDrive files.
- Added a new Checksum Task which allows calculating MD5, SHA1 and SHA2 checksums on files.
- Added a ‘Where Used’ feature to Admin Users which provides the ability to find all Schedules, Monitors and Triggers that are configured with a specific Admin User’s account.
- Added the ability to mass update passwords for Schedules, Triggers, Monitors and Secure Forms.
- Added the ability to import a single Resource from XML or multiple Resources from a ZIP file.
- Added the ability to export multiple Resources into a ZIP file.
- Added the ability to sort FileSets by name, last modified date, or size, in ascending or descending order.
- Added the ability to create a new Project when restoring from a previous revision.
Other Changes:
- Enhanced the multi-file download capabilities in GoDrive and Secure Folders to retain the folder structure for empty directories.
- Added the ability to support an unlimited number of GoDrive file revisions.
- Added the ability to granularly control the log level of GoDrive device synchronization.
- Added the ability for GoDrive users to remove their own access of files and folders that have been shared with other GoDrive users.
- Updated the GoFast server configuration to support multiple GoFast Listeners.
- Enhanced the Syslog capabilities to support Structured Data, including the ability to specify what audit information gets sent to the Syslog server.
- Added password policy settings for Admin Users and checks to the Security Audit report to ensure the policy is enforced for PCI DSS requirements.
- Enhanced the RADIUS (RSA SecurID) login method to support failover host configuration.
- Enhanced documentation to use the latest HTML 5 standard and updated the Web Client help to be 508 compliant.
- Enhanced the Functions documentation to include advanced examples and decision making.
- Upgraded Log4j to version 2.5 which allows changes to the Log Directory and Global Log Level to take effect without requiring a restart.
- Added a process to clean up the Tomcat temp directory on startup and shutdown of GoAnywhere.
- Added a scroll bar to the context menu on the Project Designer to support cases where the menu stretches off the screen while using lower resolutions.
- Upgraded MyFaces from 2.2.2 to 2.2.9. This upgrade protects the oam.Flash.RENDERMAP.TOKEN cookie with the HTTPOnly flag.
- Updated the Move Task to log a warning message to the Job Log when the target file cannot be deleted during a file overwrite.
- Added the ability to configure the Users and Groups that belong to a Domain from the Domain configuration page.
- Added text to the Project Designer to show the domain that the Project belongs to when working in a multi-domain environment.
- Updated the size of the Destination Folder field on the Copy Project page.
- Updated the SQL Server driver label to indicate its compatibility with all later SQL Server versions.
- Updated Monitors and Triggers to store the Project location and credentials on the database record rather than in the XML action definition.
- Updated the list of Service logs on the Audit Log page to be sorted alphabetically.
- Updated links for the News Feed gadget and the footer to target www.goanywhere.com instead of www.goanywheremft.com.
- Updated the Copy Task to persist the original cause exception when a failure occurs while copying the data for a file.
- Updated the GoFast upload and download job logs to include the encryption and compression algorithms used when the Log Level is set to verbose or debug.
- Added sorting to the GACMD command list.
- Added the ability to specify the client certificate key alias when using certificate authentication from the GoFast Task and Resource.
- Removed unnecessary project components from the context menu while working in the Project Designer.
- Added a Label field to the Import Project source component in the Project Designer.
- Removed the max length validation on the Destination Folder field of the Copy and Move project screens.
- Reorganized the Project Component library.
- Added change detection and change history to the Admin Users, Groups, and Roles pages.
- Added the ability to enable and disable access to the Execute Native Command task and trigger action per domain.
- Added the Secure Mail package ID to the HTTPS Audit Log view page.
- Updated the PGP key generator to allow creating DH/DSS keys larger than 1024 bits.
- Fixed an issue where the GoDrive audit log index processor was running more frequently than necessary.
- Fixed a navigation issue with Secure Folders when loading a directory with a large number of files.
- Fixed an issue in the AS2 task where the Receipt-Delivery-Option header was still being sent when the Request Receipt option was set to 'none’.
- Fixed an issue with bandwidth throttling for GoFast where the receiver was not able to control the rate it was receiving data.
- Fixed an issue with the MySQL DDL where created on and last modified on fields of some tables were defined as ‘timestamp’ data types instead of a ‘datetime’ data types.
- Fixed an issue with the query used to disable users during the LDAP Managed login method synchronization.
- Fixed a potential scheduling conflict with the expired WebDocs monitor where the monitor could run twice a day in rare situations.
- Fixed a permission issue where Web Users were able to copy and send files from a Secure Folders directory without having download (read) permission on that directory.
- Fixed the alignment of the File/Folder label on the Share Item page in GoDrive.
- Fixed an issue where Project level variables were no longer showing in the Expression Wizard dialog in all cases.
- Fixed a navigation issue with Projects from the Scheduled Job History page.
- Fixed an issue where the Domain selection popup could render when only one active Domain is configured.
- Fixed an issue with the GoDrive folder tree where more than one node could appear select in certain situations.
- Fixed an issue where the Workflows menu item was available when no domains were configured on a user with Security Officer role.
- Fixed a leak with the GoFast memory manager that was incorrectly counting memory allocations in rare situations.
- Fixed an issue where GoFast checksum calculations were registering on the Active Transfers page.
- Fixed an issue with the Notification Time settings for GoDrive email notifications where the first notification time could not be later than the second notification time.
- Fixed an invalid message in the Copy task that referred to ‘moving’ a file.
- Fixed an issue with the Job File audit logs where queries could start failing when the sequence ID is greater than the maximum integer size.
- Fixed an issue where start times for Job File audit logs where not being set properly.
- Fixed a miscalculation with packet loss when downloading small files using GoFast.
Version 5.2.5
May 12, 2016
- Added the ability to configure the maximum file upload size allowed for the File Manager.
- Updated the Retrieve Email task to remove unsupported forward slash characters from file attachment names when saving attachments to the file system.
- Updated the purge process for Completed Jobs and GoDrive Audit Logs to auto-commit, which prevents overflow issues that could occur on certain database servers when purging a large number of records.
- Fixed an issue that could cause FTP passive data connections to fail in certain scenarios when using GoAnywhere Gateway as a forward proxy.
- Fixed an issue with the 5.2.0 upgrade that could cause project folder permissions to be lost if a group other than the All Admin Users group is used to grant access to the project folder.
Version 5.2.4
April 29, 2016
- Enhanced the SFTP Server and SSH Tasks and Resources to allow specifying the key exchange algorithms that are enabled and disabled.
- Fixed an issue where Web Users could not be deleted in certain cases when incomplete GoDrive file uploads exist for that user.
- Fixed an issue on the Web User Group page that could cause the page to hang when adding folders to a group.
- Fixed an issue with the SFTP server that was forcing Diffie-Hellman Group Exchange algorithms to only use 1024 bit key sizes. This fix allows the server to support up to 8192 bit key sizes.
- Fixed an issue with importing Web Users from a CSV file that occurred when overriding the Web User home directory.
Version 5.2.3
March 25, 2016
- Fixed an issue with Trigger conditions where the ‘Member Of’ and ‘Not Member Of’ expressions could prevent the Trigger from executing. This was introduced in 5.2.0.
Version 5.2.2
March 21, 2016
- Enhanced the FTP server to support localized character encoding.
- Added support for diffie-hellman-group-exchange-sha256 key exchange algorithm.
- Added the ability to add file activity to the File Audit Log from Custom Tasks.
- Updated the login validation to allow admin users with Security Officer or Project Administrator roles to log in even when configured to have no domain access.
- Added missing Web Help links to the WebDAV Resource pages.
- Fixed an issue where copying a Project across domains would delete the source Project instead of the target Project when overwriting an existing Project in the target Domain.
- Fixed the auditing of GoFast transfers to log a failure in the event that a data connection could not be established.
- Fixed the interrupting of the GoFast file read worker to no longer report a failure when the worker is shut down.
- Fixed an issue with the validation of WebDocs and Workspace directories that could cause a clustered environment to fail on startup if more than one domain shares either of these directories.
- Fixed the UI styling of the Secure Folder, Secure Mail, and GoDrive upload dialog that was negatively affected by the Primefaces upgrade in 5.2.
- Fixed an issue that could cause the selected page size for audit log tables to be ignored, resulting in the page loading all audit results matching the filter criteria.
- Fixed a permission check with viewing and managing queued and active jobs from the UI and GACMD with a user that is a Project Executor and not a Job Manager.
- Fixed the audit log for GoFast uploads and downloads to show the correct time taken for transfers.
- Fixed a resource leak with Basic LDAP/Active Directory login methods that weren’t properly closing resources when connectivity was lost.
Version 5.2.1
March 14, 2016
Domains
- Added the ability to delete a Domain that is no longer in use.
- Added validation to prevent switching Resources that are in use by a Domain.
- Updated the Add/Edit Domain pages to return to the list page after saving the Domain.
- Enhanced the Import Project pages to no longer allow selecting a target Domain. The Domain is determined based on target folder of the import.
- Updated the file manager to properly show Domain file access restriction errors.
- Updated the validation/error messages caused by Domain access restrictions when running commands from GACMD.
- Updated the Web User Template selection dropdown when creating a new Web User to also show the Domain that the Web User Template belongs to.
- Updated GACMD Job commands to adhere to Domain restrictions.
- Fixed an issue where changes to Domains were not immediately reflected to users that are already logged in.
GoFast
- Added the ability to configure the Transfer Part Size for GoFast uploads and downloads.
- Added the ability for a GoFast client to determine that a data connection isn’t working and properly fail the task.
- Optimized the number of threads used by the GoFast client when connected to the server.
- Tuned the packet loss detection in GoFast to improve performance and minimize network congestion.
- Updated the GoFast memory management to better cleanup completed file parts and optimized file sending process to use only a necessary amount of memory from the pool.
- Fixed various GoFast thread leaks with uploads, server restarts, and failed client connections.
- Fixed an issue with GoFast where the server could use a private key other than the one selected in the Private Key Alias field.
- Fixed an issue with the GoFast File Browser when no Resource was selected on the Project.
- Fixed the auto-reconnect and resume capability of the GoFast task.
- Fixed an issue with the initialization of the GoFast Memory Pool while running in a cluster.
- Fixed the permission check when renaming a file using GoFast.
- Fixed the validation for the GoFast Memory allocation setting.
Issues Introduced in 5.2.0
- Fixed an issue when a Web User updates their profile through the web client.
- Fixed an issue where the default ‘root’ and ‘administrator’ users were allowed to use an external login method.
- Fixed an issue with the importing and promoting scheduled jobs from GACMD.
- Fixed an issue with disabling an inactive Web User.
Other Fixes
- Added the ability to delete multiple files with the multi-select footer action from the File Manager and Secure Folders.
- Added the ability to configure SFTP service MAC algorithm while running in FIPS 140-2 mode.
- Added support for using a proxy from the Web Client Applet.
- Upgraded Primefaces from version 5.2 to 5.2.21.
- Enhanced the global index rebuild to be more efficient when resetting the indexed flag.
- Updated when to prompt for a new password while editing an Admin User after adjusting the default login method for Admin Users.
- Added validation to the WebDocs directory to prevent selection of a Network Shares Resource that is misconfigured.
- Updated the FTP Monitors to properly clean up old snapshots when the Monitor is deleted.
- Updated the change history for fields with comma separated lists to include spacing for improved legibility.
- Updated admin logging to store the component definition on deletes so that certain information is available when building change comparisons.
- Enhanced the styling of the Administration Logs page to provide component sorting and line wrapping.
- Enhanced the report task to support writing to an encrypted folder.
- Added the Title tooltip to the Project Browser.
- Updated the performance of the Web User Key generation to properly close the ResultSet when it is no longer needed.
- Updated the error message for validating the GoDrive Directory to be more consistent with other folders when running in a cluster.
- Fixed an issue with querying license information in certain cases on Solaris operating systems.
- Fixed an issue where wildcard FileSet filter elements do not render properly in certain cases.
- Fixed a grammatical issues on a message when testing an FTP/S resource.
- Fixed an issue with the Java applet causes by a timing issue in the way that IE11 loads applets included in an iFrame. Added an applet loading delay of 10 milliseconds to work around this issue.
- Fixed an issue with the validation on renaming SSH keys.
- Fixed an issue with the Project Outline scrollbar to properly persist the scroll location. This was an issue on the Edit and View Project pages.
- Fixed an issue with importing Projects with characters not supported by the default system character set. Updated the Project Import to use UTF-8 encoding.
- Fixed an issue with the Trigger Conditions that was causing the saving of a Trigger to fail when using the ‘Is Not Empty’ comparator.
- Fixed an issue with the Project Import from ZIP that would fail if the Projects were stored on a different physical drive.
- Fixed an issue with the Active Transfers page where Workflow transfers weren’t properly displayed when running in a cluster.
- Fixed an issue where the horizontal scroll bar on the Project Browser wouldn’t show in all cases.
- Fixed a Secure Mail validation issue that was preventing files from being sent when no download limit was specified but the settings didn’t require a download limit.
- Fixed styling on the Add Admin User and Edit Admin User pages to be more consistent.
- Fixed a NullPointerException when importing a monitor using GACMD.
- Fixed a validation error message in the Open PGP Key Ring Resource to be more legible.
- Fixed in issue with the UI change detection where cancelling a dialog popup was causing the save button to become enabled, even though no changes were actually made.
- Fixed an issue with SCP GET of a large file that could cause the JVM to run out of memory.
- Fixed a NullPointerException that could occur if the Gateway Controller address could not be resolved.
- Fixed in issue with the Service startup where the Service could show started when it failed to start.
- Fixed an issue with the MAC algorithm selection in the SFTP service that could result in an ArrayIndexOutOfBounds exception.
- Fixed an issue where the GHTTPS task would log all transfers in Trace mode when GoAnywhere is configured to only log in Debug mode.
- Fixed the HTTPS audit log start time for Web Client uploads using Secure Folders and GoDrive.
- Fixed an issue where the IF function could prevent a project from being edited.
- Fixed Drag and Drop upload issues with Safari and IE9.
Version 5.2.0
February 15, 2016
Domains
Domains can be used to segment a GoAnywhere installation into multiple security zones where authorized users can only work with the items and files belonging to their assigned Domains. This allows an organization to share a single installation of GoAnywhere MFT with multiple divisions or departments while maintaining separation of administrative access. Domains features include:
- Specific admin users and groups can be authorized to one or more Domains.
- Domains can be locked into specific folders on the file system. This prevents admin users from accessing files/folders outside of their assigned Domains.
- Admin users can quickly switch between their assigned Domains.
- Items can be moved between assigned Domains, such as Users, Groups, Project and Resources.
By default, each GoAnywhere installation will be provided with two Domains at no charge. Additional Domains can be purchased as needed. Contact your account manager for pricing and additional details.
GoFast File Transfer Acceleration Protocol
The GoFast file transfer acceleration protocol was added, which uses multiple UDP channels to accelerate the movement of files between servers. This feature includes a new GoFast Server module for receiving accelerated file transfers and a new GoFast Task and Resource for initiating the transfers from within your Projects. GoFast features include:
- Uses standard SSL/TLS encryption to protect the control channel between the client and server.
- Optional Zlib compression is available for file compression.
- Strong AES encryption with up to 256 bit keys is available to protect data in transit.
- File checksums support for integrity verification.
- Generates full audit trails of all files transferred
Please note that GoFast is an optional licensed module. Contact your account manager for pricing and additional details.
Two-Factor (RADIUS) authentication
Added the RADIUS protocol to provide Two-Factor Authentication using popular token based services such as RSA SecurID, key fobs, or desktop and mobile apps.
- Uses the standard RADIUS protocol which provides integration into RSA SecurID as well as other token based authentication services.
- Can implement as a primary Login Method or as a secondary authentication type for a user.
SMS Text Messaging
- The SMS service providers of Clickatell, Twilio and Plivo are supported, which can be configured at the global level.
- A Project can send a SMS Text message to a phone number through one of those service providers using the new SMS Task.
SNMP (Simple Network Management Protocol)
- A new Resource and Project Task was added for sending traps to an SNMP server.
- Provided support for SNMP versions 1 and 2.
Amazon S3 Buckets and WebDAV Servers
- Amazon S3 Buckets and WebDAV servers can be predefined as reusable Resources.
- Web Users can be configured with virtual folders that point to Amazon S3 Buckets and WebDAV resources.
- Amazon S3 Buckets and WebDAV resources can be accessed from Projects for uploading and downloading files as part of an automated process.
Global Administration Log and Change History
New auditing and change control is now available for all major features in GoAnywhere MFT. This provides administrators and auditors a view of admin user activity within the product as well as the ability to restore Projects to a previous revision.
- Change History is provided for product changes including Global Settings, GoDrive Settings, Secure Mail, etc…
- Admin activity is also audited for changes to Web Users and Web User Groups, Resource, Triggers and Monitors.
- Removed log entries to global log for add/edit/delete: Resources, Scheduled, Monitors, Web Users, Web Groups, Triggers, Global Settings, Security Settings, Web User Settings, GoDrive Settings and Secure Mail settings.
- Project revisions are now saved when changes are made, and any project can be restored to a previous version.
UI Change Detection
All configuration pages for major components have been updated to include a change detection feature which will prompt users to save any new changes before leaving the configuration page. This change detection feature was added to the following pages:
- Secure Mail and GoDrive Settings
- Web User and Admin Security Settings
- Global Settings
- Triggers, Monitors, Schedules and Resources
- Web User and Web User Groups
Enhanced Job Log Viewer
Job logs are now updated to isolate exceptions from the normal logging.
- Job logs are cleaner and easier to read by writing stack traces to separate files.
- Exceptions can easily be viewed from the new log selector.
- Exporting the Job Logs will now download a ZIP file containing all related Job Log files.
- All exceptions are now logged, even when the exception is handled using an Error Module.
Other Changes:
- Added the ability to configure an auto-delete policy for Web User files older than a specified number of days.
- Added the ability to search files and folders by name in Secure Folders.
- Added new commands to the GACMD API to support deleting Triggers, Monitors, Web User Groups, Resources and Schedules.
- Added a popup dialog to select an SSL fingerprint from the keystore when adding and editing a Web User account.
- Added the ability to configure specific column headings for the Write CSV task.
- Added the ability to format individual column headings in the Write Excel Task.
- Added support for using Binary Transfer Encoding when sending messages using the AS2 task.
- Enhanced the performance of file access from Secure Folders by optimizing the way files are resolved.
- Added the Download as ZIP feature in the File Manager to allow downloading multiple files and folders.
- Added a new Delete Web User Wizard to remove or reassign files owned by the Web User.
- Added a Monitor type to be able to scan for files that are created or modified.
- Added the ability for authorized Admin Users to view a Web User’s GoDrive file system.
- Added icons for popular file types in Secure Folders.
- Added a connection and read timeout to the global SMTP configuration and the SMTP Resource and Tasks. The default timeout was updated from infinite to 5 minutes.
- Added a new Copy File action to Triggers.
- Enhanced the styling of certain Dashboard Gadgets that were excessively large when no data was available to display.
- Enhanced the Active Transfers page to display active transfers on all nodes in the cluster.
- Enhanced the process of attaching files to a Secure Mail message to display the progress footer by default, instead of the progress dialog.
- Added better validation for actions performed from the progress footer.
- Added validation to prevent users from accessing GoAnywhere without browser cookies enabled. These users will not be redirected to an error page that informs them that cookies are required.
- Enhanced the error message displayed when the target folder does not exist when creating a Monitor.
- Enhanced the 404 log message to show the proper client IP address when the client is connected through GoAnywhere Gateway.
- Added validation when scheduling a project to ensure that the project exists before saving the Schedule.
- Added a checkbox to the GoDrive Settings Device Policy to enable/disable the Notify Additional Email Addresses.
- Added default focus to the first editable field when adding or editing a Monitor.
- Updated resource types to be sorted alphabetically in the tree.
- Removed the default Web User template from LDAP managed login methods. A specific Web User template must now be selected for new LDAP managed login methods.
- Updated the default cluster heartbeat to 5 minutes. This helps address cluster issues caused by one of the nodes ‘freezing’ for a period of time.
- Upgraded the Netty API from 3.2.4 to 3.10.4. Netty is used for GoAnywhere Gateway communication and the new GoFast file transfer acceleration module.
- Updated styling of the File Chooser dialogs to better handle directory listings that require scrollbars, such as long file names.
- Enhanced Admin Users to allow the selection of unique Login Methods per individual Admin User.
- Updated the project folder tree to show the appropriate opened folder icon when the folder is expanded.
- Updated the Activity Report to automatically refresh the search when a different protocol is selected.
- Updated the new Web User account email templates to include the URL to the Web Client.
- Updated the logging for GoDrive devices logins to properly log an Account Just Disabled event when an account is disabled due to failed device logins.
- Removed the explicit override of the socket buffer size set by the FTP/S Tasks for new installs. This delegates to the operating system to determine the best socket buffer size.
- Removed the explicit override of the socket buffer size set by the SFTP Server for new installs. This delegates to the operating system to determine the best socket buffer size.
- Removed the SAML configuration validation for Name ID format and Attribute Name format.
- Updated the Secure Mail Compose page to no longer show the download limit configuration when no files are attached to the package.
- Update the Close RowSet Task to mark the RowSet variable field as required.
- Upgraded the ZIP capabilities of GoAnywhere to fix an issue with extracting some password protected ZIP files.
- Updated the Secure Mail purge process to only log whether or not messages are being purged when there are messages to be purged.
- Upgraded the deployJava.js program, used to launch the Web Client Applet, to the latest version.
- Relocated the buttons to enable/disable Monitors, Triggers and Schedules. These operations, formerly permitted to Job Manager and Trigger Manager roles, now require a Product Administrator to configure.
- Updated the ‘Cancel’ button to ‘Done’ on the Web User SSH Keys screen
- Updated the validation on AS2 tasks and resources to allow configuration of the signature algorithm regardless of whether or not the message is signed.
- Updated the alert email for GoAnywhere Gateway changes to no longer prepend a slash (/) on the controller address and port.
- Replaced the J2SSH library that was used for SSH key creation and management.
- Upgraded Apache MINA from 2.0.7 to 2.0.9. This library is used by the FTP and FTPS servers.
- Upgraded the Jcifs library from 1.3.17 to 1.3.18. This library is used for SMB Network share access to external file systems.
- Upgraded the Commons Pool library from 1.5.4 to 1.6.0. This library is used for backend database connection pooling.
- Upgraded the JSch library from 0.1.51 to 0.1.53. This library is used by the SSH, SCP, and SFTP tasks and resources.
- Updated the Security Audit Report to no longer consider it an error when Web Users that are not configured to disable within 90 days of activity if the web user is authenticating against an external login method. Since that external user management system may be disabling users with its own policies, this scenario will now be considered a warning.
- Updated the Security Audit Report to limit the number of web users to a maximum of 5 when multiple Web User’s configurations do not meet specific requirements.
- Updated the Secure Mail notification emails to allow the message expiration date to be used in the email template.
- Fixed a memory leak caused by interrupting a ZIP operation. For example, if downloading multiple files from Secure Folders as a ZIP file, and the download was cancelled, the ZIP stream would remain active. This could cause the Active Transfers to remain indefinitely, which would prevent the JVM from terminating properly.
- Fixed an issue with Secure Mail replies that were showing html encoded text for certain characters such as ", ', <, > etc…
- Fixed an XSS issue where javascript operations, such as Drag and Drop, performed on files and folders with malicious file names in Secure Folders could cause the javascript to execute.
- Fixed an issue where the Resource description was missing from the file chooser.
- Fixed an issue with LDAP syncing where Web Users would be disabled if their home directory could not be created during the sync process.
- Fixed an issue where duplicate user preferences were stored for the Job File audit log search page.
- Fixed an issue with the Secure Mail download servlet which was redirecting to an invalid page when secure mail is disabled.
- Fixed an issue with the GoDrive device notification where ‘registered’ notifications were being sent to users when PIN validation fails.
- Fixed input field styling in the Languages section of the HTTPS Server Configuration page.
- Fixed an inaccurate label on the DB2/400 database table dpa_global_log.
- Fixed an issue where a non-recursive local/network share Monitor could incorrectly trigger a Project for a modified folder when configured to use a secondary snapshot. This Monitor will now only monitor files.
- Fixed a UI issue that was causing a warning to be written to the log file when adding or editing a Web User, and switching from a non-internal login method to the internal login method.
- Fixed an issue in GoDrive where the sticky header could get lost when performing actions with files and folders.
- Fixed an issue where the Global Index rebuild process could fail to re-initialized the index writer in certain cases.
- Fixed a rendering issue with the sticky header and menu in Secure Mail when viewing a large message that requires scrolling.
- Fixed a potential ‘Unexpected error’ that could occur when a Web User configured for a non-internal login method is switched to the internal login method and a password is not set for that Web User. Moving forward, if the Web User attempts to log in while in this state, the Web User will see 'Invalid username and/or password’.
- Fixed a potential NullPointerException when editing a Project from the Where Used search feature of Resources.
- Fixed an issue with the page footer that was not properly handling expiration dates in certain cases.
- Fixed an issue with the password fields in IE9 where using CTRL + Z wasn’t working properly.
- Fixed an issue where the Web Client settings weren’t properly refreshed when running in a clustered environment.
- Fixed an issue with the upload progress monitoring for Secure Folder and GoDrive where the footer could show 0 files are uploading in certain scenarios.
- Fixed the FTP File Chooser to accurately submit the dialog when hitting the Enter key when focus is on the File Name field.
- Fixed the Delete Project component confirmation dialog to properly submit the confirmation when pressing the Enter key.
- Fixed a potential NullPointerException that could occur when testing Secure Mail immediately after installing a license, but before restarting GoAnywhere.
- Fixed an issue where the selected sort order and number of rows per page isn’t properly persisted on list pages after viewing details of a specific item.
- Fixed an issue with GoDrive files where a user’s lock on a file is remained after the user’s access to that file is revoked.
- Fixed the Active Sessions page to properly show the remote client IP information when the client connects. Prior to this release, the IP information was only rendered once the user logs in.
- Fixed an issue where a cluster shutdown notification could prevent the application from shutting down if problems occur when attempting to send the notification email.
- Fixed an issue with the Send Email task where error messages were not showing the resolved values for variables used in certain fields.
- Fixed an issue where failed GACMD commands would return INFO level messages instead of ERROR level messages.
Version 5.1.5
December 8, 2015
- Enhanced the AS2 server to persist the MIC algorithm format provided by the client when returning the Calculated MIC header in the MDN.
- Added the ability to exclude specific folders and files from being written to the Job File Audit log.
- Updated the sanitizing of Secure Mail messages to allow the following HTML tags: <table />, <tr />, <td />, and <em />
- Updated the severity of the ERROR message logged when a Job Log is too large to index. This message is now logged as a WARNING.
Version 5.1.4
November 20, 2015
- Added an option to configure the Cluster heartbeat timeout which helps prevent clustering issues in environments where one of the servers ‘freezes’ for a period of time.
- Added a new System Alert notification that monitors for an invalid coordinator state that can be caused by one of the servers ‘freezing’ for a period of time.
- Added an option to persist backwards compatibility for the signature algorithm format used in AS2. The default was changed in 5.1.0 to meet Drummond certification requirements.
- Fixed an issue where Web User Group permissions were not properly applying to Web Users for AS2. This issue was introduced in 5.1.0.
- Fixed an issue with the configuration page for the FTP and FTPS servers where the input field for Local Port on the Active data connection configuration was defaulting to the wrong value. This issue was introduced in GoAnywhere Services 4.0.0.
- Fixed an issue where Monitors were not properly taking new directory snapshots in some cases when the Monitor was updated.
Version 5.1.3
October 15, 2015
- Fixed a session management issue that was causing anonymous Secure Mail replies to fail when attaching a file.
- Fixed an issue where edit locks on Projects were not being released in all cases when navigating out of the Project Designer.
- Fixed an issue where proxy configuration settings were being ignored on the AS2 task. This issue was introduced in version 5.1.0.
Version 5.1.2
October 8, 2015
- Added support for Limited Disaster Recovery mode with the GoAnywhere MFT license.
- Fixed a validation issue with the Start Date of a One Time Schedule. This issue was introduced in version 5.0.0.
- Fixed a memory leak when building the Global Log index that could occur when the indexing process for audit logs encountered a failure.
Version 5.1.1
September 25, 2015
- Fixed an issue where paging on dashboard gadgets could negatively affect other gadgets in certain scenarios.
- Fixed an issue with viewing Secure Mail package details from the Outbox and Sent Items pages.
Version 5.1.0
September 14, 2015
AS2 updates and fixes for Drummond Certification:
- Enhanced the AS2 server to support compressed signatures.
- Added the ability to receive asynchronous MDNs.
- Added the ability to accept messages from unauthenticated AS2 connections. These transfers can be set up to require signatures on the message.
- Added support for qualifying the AS2 TO and FROM IDs in single quotes.
- Updated the error returned for invalid signatures from ‘unexpected-processing-error’ to 'integrity-check-failed’.
- Updated the mic algorithm returned with MDNs to indicate ‘sha1’ as the algorithm instead of 'sha-1’.
- Updated the AS2 MDN Date header to be displayed in GMT format.
- Removed the ‘@’ symbol requirement of the AS2 ‘message-id’ header.
- Fixed an issue where receiving a very large AS2 file could fail when running a Trigger after receiving the file.
- Fixed an issue where the AS2 Task was removing the query string of the URL defined in the AS2 Resource for both the server URL and the asynchronous MDN URL.
Other AS2 updates and fixes:
- Enhanced the authentication process of AS2 to allow multiple web users with the same Certificate SHA1 fingerprint.
- Added the ability to allow Certificate and Password (dual) authentication for AS2 users.
- Added the Signature Algorithm column to the AS2 Log page.
- Fixed an issue where sending multiple files in a single message was not properly releasing locks on all files.
- Fixed an AS2 Signature alias verification issue that could occur when duplicate certificates are loaded into the key store.
- Fixed an issue where a failure to send an asynchronous MDN to an HTTP/S URL was being treated as a success.
Advanced Reporting updates:
- Added new Top Secure Mail Users by Disk Usage report.
- Added new Service Activity by Module report.
- Added new Service Errors report.
- Added new Global Activity Details report.
- Updated access to the Web User Login Report to require Auditor role.
- Updated access to the Trigger Activity Report to allow Auditor role or Trigger Manager.
System Alerts updates:
- Added monitoring and alerting on GoAnywhere Gateway connection status changes.
- Added monitoring and alerting on cluster membership changes.
- Added monitoring and alerting when web users become disabled.
- Updated the layout/organization of the tabs on the System Alerts page.
GACMD updates:
- Added new Export Project command.
- Added new Delete Project command.
- Added new Export Resource command.
- Added new Export Schedule command.
- Added new Export Monitor command.
- Added new Export Trigger command.
- Added new Export Web User command.
- Added new Export Web User Group command.
Project Designer updates:
- Enhanced the project Designer to have shortcut keys - CTRL+S, CTRL+C, CTRL+X, CTRL+V.
- Enhanced the drag and drop support for the Else element to allow dropping on the corresponding If element within the Project Designer.
- Updated the Project Designer to detect changes made to a Project and prompt the user to save before exiting a currently open Project.
- Enhanced Projects to support specifying the ${} syntax when assigning an output variable.
- Enhanced the auto-complete capability on configurable project component dropdown fields.
- Changed the layout of the toolbar buttons on the project designer to be Save, Exit, Validate, Execute, Debug and Show XML.
- Updated the styling of some project component dropdown lists that do not have value descriptions.
- Updated the labels of various Tasks and Project Components to have consistent names between the element names and page header within the Project Designer.
- Remove label naming restrictions for various Project Components such as Tasks, Loops, and If elements.
- Fixed an issue with drag and drop of the Data sub-element of the Translation tasks.
- Fixed an issue that could cause the Project Debugger to lock up if a variable is in plain text, but marked as encrypted.
- Fixed a resizing issue with the left panel of the project designer.
- Fixed an issue with drag and drop in the Project Designer that could cause a NullPointerException when performed while a context menu is visible.
- Fixed an issue with the Project Designer that was caused by navigating to various pages resulting in the state of the project being executed to get lost.
Other changes include:
- Added new Getting Started and Unresolved Jobs dashboard gadgets.
- Added Bandwidth Monitoring for all Web User transfers as well as workflow transfers to and from select FTP, FTPS, and SFTP Resources.
- Added auto retry capability to Network Share Resources.
- Updated the exporting of Resources to no longer mask the Resource connection passwords. This change is required to support importing Resources and the rationale for the change is that resource passwords can also be accessed by viewing the resource database table or the page source. These passwords should be encrypted to maintain security.
- Enhanced the UI of the Reports page.
- Enhanced the UI layout of the license page to offer better description and highlight recommended procedures for applying a license.
- Updated the Switch Database wizard to only show options that are applicable for the selected target database.
- Enhanced the Open PGP decrypt task to allow forcing a signature on the file.
- Enhanced the UI of the Import Web User from CSV page.
- Enhanced a validation message of the HTTPS server config when using an invalid key file.
- Enhanced the Web User and Resource list filters to return results that ‘contain’ the search term instead of 'starts with’.
- Enhanced Secure Folders to proactively hide the Upload button when the Web User does not have permission to upload to that directory, or overwrite any specific files in that directory.
- Added the ability for the Call Remote Project task to fall back to an alternate systems defined on the resource.
- Added the option to filter the Completed Jobs Summary by Status.
- Added the ability to search File Audit Logs by ID.
- Added the ability to filter projects by name on the Project List page.
- Changed to custom password fields to prevent browsers from managing passwords.
- Added the ability to search blacklisted IP addresses.
- Added the ability to adjust the width of the folder tree on the Project Browser dialog.
- Added footer row actions to the web client address book.
- Added missing Job Log link when a project is executed interactively from the context menu of the Project List page.
- Updated the JCE policy files for Java 7 and Java 8.
- Updated the styling of the Secure Mail left menu.
- Updated all ‘Severity’ columns to be labeled as 'Status’.
- Updated all search pages to default the date range to one week.
- Updated the promote pages to remember the target server even if the promote fails.
- Fixed an issue with the Active Sessions page where the auto-refresh was not properly refreshing the total active sessions count.
- Fixed an issue with the View Web User and View Web User Template pages were not showing proper global (default) values for AS2 settings when not overridden on the Web User.
- Fixed redirect loop issue that could occur when clicking the logo after restarting the application.
- Fixed an issue where the GoAnywhere Gateway proxy config was not defaulting to the correct port.
- Fixed the user preference of the Audit Log page to properly maintain the last visited log.
- Fixed an issue where entering a license key manually saves an invalid license key.
- Fixed an issue where throttling was applied to the GoDrive media viewer, copy to and from secure folders, and attaching files from GoDrive to a Secure Mail package.
- Fixed an issue in the Project debugger that was caused by modifying the value of an encrypted variable.
- Fixed Upload issues with IE9.
- Fixed an issue where importing a blank Open PGP Key file does not generate an error.
- Fixed an issue with the Switch Database Wizard caused by a foreign key on a self-parenting table.
- Fixed an issue where job logs were not attaching to Schedule notification when configured to do so. This issue was introduced in GoAnywhere MFT 5.0.0.
- Fixed an issue on the Queued Jobs page where the multi-row selection footer could show the incorrect number of selected rows in certain cases.
- Fixed an issue with local file Monitors accessing symbolic links. In this scenario, the File List passed to a Project had issues resolving the actual file location and resulted in a failure to process the files.
- Fixed an issue where accessing an encrypted folder could fail to encrypt/decrypt transferred data if the encrypted folder path contains invalid slashes, such as resource:smb://Resource/path ofile.txt.
- Fixed a validation issue with the Service Provider Alias option of the SAML Single Sign-On configuration options.
- Fixed the misspelled word Kernel on the Syslog configuration tab of the Global Settings.
Version 5.0.4
August 12, 2015
- Fixed an issue where the HTML 5 uploader for GoDrive, Secure Folders and File Manager wasn’t working properly in IE 9.
- Fixed an issue where Job Logs were not being attached to email notifications from the Project Scheduler and File Monitors when jobs were successful or failed. This was introduced in GoAnywhere MFT 5.0.0.
Version 5.0.3
August 3, 2015
- Fixed an issue with the ability to select the end time of the End Date field on a Schedule. This issue was introduced in GoAnywhere MFT 5.0.
- Fixed an issue on the Project Debug page where the Job Log link wasn’t working properly.
- Fixed an issue on the AS2 configuration page where cancelling out of the SSL Certificate alias would remove a previously specified the AS2 signature alias.
- Fixed the license validation check when starting up a connection to the Gateway server.
- Removed redundant license validation checks that were called each time project was executed.
Version 5.0.2
July 27, 2015
- Fixed an issue where running multiple Read XML tasks at the same time could cause one or both Jobs to fail.
- Fixed an issue where a Web User could not log in if the user name contained non-ascii characters.
- Fixed an issue with the Web Client Applet deploy validation wasn’t properly detecting an installed JRE on Mac OS X.
Version 5.0.1
July 9, 2015
- Enhanced the SSH Resource and SFTP, SCP, and ExecSSH Tasks to support using SSH Keys stored in the SSH Key Manager.
- Fixed a security issue with the File Manager where a user could get around the home directory restriction.
- Enhanced the Before Secure Mail Send trigger event to allow access to the Package ID. This can then be passed to the called project.
- Enhanced the performance of the switch database process by using batch transactions.
- Updated the switch database process to adhere to a defined order of columns which addresses an issue that could occur when table columns are defined out of an expected order.
- Adjusted the column widths on the Secure Mail Package Size report.
- Added additional validation for comment length on the GoDrive Media Viewer page and the Comments dialog.
- Improved the handling and validation of notes on Completed Jobs.
- Updated the Project folder tree to show a folder as selected when a user right clicks on the folder.
- Updated the FTP and HTTPS file chooser dialogs to use radio button selection instead of a magnifying glass button.
- Added sorting to the Locale list in the Global Settings.
- Standardized the Monitor pages to be consistent within the new user interface.
- Condensed the toolbar and remove unnecessary buttons on the Project Folder permission page.
- Updated the Write Excel task description to properly indicate support for 2010 and 2013 formats.
- Updated the component library in the Project Designer to support expanding folders by clicking on the folder name.
- Updated the project outline to show ‘friendly’ task names by default rather than the xml attribute names.
- Added a count summary to all applicable detail reports.
- Updated the Global Search indexing engine to properly recover in the event of a disruption in network connectivity to the index directory.
- Updated the Global Search indexing engine to properly handle a failover in a clustered environment.
- Adjusted the ‘More Details’ link on the Recent Triggers dashboard gadget to adhere to the configured Date Range.
- Updated gadgets and reports that return the top X results to filter out zero byte records.
- Updated the product update check in the Security Audit report show “Failed” if the product has not been updated in the last 12 months, and show “Warning” if it has not been updated in the last 6 months.
- Updated log messages for GoDrive device activity to include the Web User name, not the Web User ID.
- Updated the Audit Logs page to show the left Audit Logs menu panel when viewing a job log.
- Updated labels and help text on the License page.
- Fixed inaccurate messages and styling on the Show XML page within the Project Designer.
- Fixed an issue with the Open PGP Preferences that would allow saving an invalid Open PGP key ring file.
- Fixed an issue where duplicate HTTPS audit logs could be produced when a user authenticates with a digital certificate.
- Fixed a row selection behavior on the List Resources page.
- Fixed the styling on the Configure Server page to remove extra borders.
- Fixed an issue on the View Web User File System page where the ‘Specified on Web User Groups’ list was not wrapping properly.
- Fixed an issue with the audit log export process that would return an inaccurate range of data in certain scenarios.
- Fixed an issue with Dashboard Gadgets where they were not able to be removed while being configured.
- Fixed an issue where the HTTPS Service could show as started even though the startup failed.
- Fixed an issue with the ICAP task where specifying a port in the URL would cause the task to fail.
- Fixed a NullPointerException that would occur when sending an Asynchronous AS2 MDN to an HTTPS address.
- Fixed an issue with the reordering of Dashboard Gadgets.
- Fixed an issue with the logging of overridden variables supplied to a Project by the Before Secure Mail Send and Before GoDrive Upload triggers.
- Fixed various issues that occurred while using the SAML Single Sign-On configuration page.
- Fixed an issue with the handling of HTTP-Post SSOAuth requests when initiated by the service provider (GoAnywhere).
- Fixed an issue with the SAML logout process when the Logout URL is specified.
- Fixed an issue where some translated messages and labels were missing for certain UI components in the Web Client.
- Fixed an issue where report generation failures would write out a blank report, but appear to have completed successfully.
- Fixed the alignment of the size column on the Secure Mail Sent Items page.
Version 5.0.0
June 22, 2015
Important notes:
- Customers will need to register in the GoAnywhere portal at my.goanywhere.com and request a new license before upgrading to GoAnywhere MFT 5.0.
- If you developed Custom Tasks in GoAnywhere Director, those tasks must be updated to extend the new com.linoma.ga.projects.CustomTask class. The tasks must then be reinstalled into GoAnywhere MFT.
General enhancements:
- Added a new navigation structure to the Main Menu to better organize the product features.
- Added customizable Dashboards with the following features:
- Over 20 dashboard gadgets are provided to show statistics, graphs and details for critical system information and file transfer activity.
- Each gadget can have its own custom title and options to allow the data to be filtered by user-defined criteria such as date ranges.
- Admin users can create their own custom dashboards with just the gadgets that are important to them.
- Admin users which have the new “Dashboard Manager” role can share custom dashboards with other admin users.
- Custom layouts allow gadgets to be organized into one, two or three columns on the dashboard.
- Gadgets can be rearranged on the dashboard using drag-n-drop.
- Added an Advanced Reporting module that includes:
- 16 unique reports to display critical system information and file transfer activity with details and graphs in PDF format.
- A new “Security Settings Audit Report” determines compliance with PCI DSS security requirements. For each security setting, the status will show Passed, Warning or Failed. If the security setting does not pass the requirement, the report will indicate how to correct the setting.
- Reports can be executed on-demand with custom criteria to filter the results.
- Report tasks can be placed in project workflows and scheduled to run at future dates and times. These reports can be distributed by email, placed on the network or sent through FTP and other protocols.
- Multiple reports can be combined into a single executive summary report.
- Please note that Advanced Reporting is an optional module that requires an additional license.
- Enhanced the licensing capabilities with the following features:
- Self-service access to product licenses through the GoAnywhere Customer Portal at my.goanywhere.com.
- Ability to refresh/update a license with a single click.
- Allow the customer to evaluate optional features for an existing paid license.
- More accurate server identification. This fixes an issue where Serial numbers could change if the JRE used by GoAnywhere was updated.
- Support for Free licenses which include the FTP Task and FTP Server, as well as GoDrive and Secure Mail for 5 users each.
- Added a new global index for all audit logs including Project Job logs, Trigger logs, SFTP and FTP/s logs, HTTPS logs, AS2 logs and GoDrive logs. This new global index allows all audit trails to be searched through a single screen using “google-like” search criteria. For instance, you can search for a specific file name or user, in which all audit information for that file or user will be displayed in a single set of results.
- Added an ICAP Resource and Task to provide standardized integration with antivirus and DLP (data loss prevention) solutions.
- Renamed Users, Groups, and Roles to Admin Users, Admin Groups, and Admin Roles respectively. This allows these users to be better distinguished from Web Users.
- Added additional commands to GACMD (GoAnywhere Command API) to allow promoting and importing Triggers, Monitors, Projects, Schedules, Resources, Web Users and Web User Groups.
- Renamed the Log Manager to Log Settings.
- Updated the system property for IECompatibility mode to be ‘edge’.
- Upgraded the embedded Apache Tomcat web server from 6.0.39 to 7.0.56.
Enhancements/fixes to components that were formally in GoAnywhere Director:
- The interface for all screen components were updated to HTML 5 with improved UI standards and support for the latest browser versions. The new HTML 5 interface includes:
- A contemporary flat interface with better spacing, softer colors and larger fonts.
- Updated table styles to make it easier to view and work with lists of items.
- Essential page buttons to move quickly through large numbers of rows in a table.
- Footer popups to allow taking actions on multiple rows in a table (e.g. mass delete).
- Sticky headers and footers with consistent styling across screens.
- Quick links in tables to allow accessing edit screens.
- Better highlighting of fields that have encountered errors.
- Helpful tooltips for advanced input options.
- The Project Designer was enhanced to provide a better user experience when defining workflows. These enhancements include:
- Reorganized tool bar buttons to be more standardized and intuitive.
- Tooltips on labels to have better effects and interaction, encouraging users to access the built-in documentation.
- Replaced the “Add Task” screen with an all-encompassing Component Library. Items can be dragged from the Component Library to the Project Outline with the mouse.
- Components in the Project Outline can be moved to other parts of the Project using drag-n-drop.
- Renamed the “Import an XML File” option in to “Import Project Source”.
- Resource enhancements:
- Added support for an alternative proxy address to be defined on Resources that support proxies. These Resources will failover to the alternate proxy host when the primary proxy server is unavailable.
- Added the ability to define primary and secondary contacts on a Resource, including the contact name, phone number and email address.
- Added the ability to search Resources by name.
- Updated the Resources list page to show only resources that a Resource Manager has access to.
- Added pagination to the List Resources page, which is useful when working with a significant number of Resources.
- Renamed the “GoAnywhere Director” Resource type to “GoAnywhere MFT”.
- Renamed the “GHTTPS” resource type to “GoAnywhere HTTPS”.
- Job enhancements:
- Added the ability to specify a custom Job Name when Projects are executed. The Job Name can be defined on the Project, and can additionally be passed in from Monitors, Triggers, Schedule entries or from the command-line and APIs.
- Added the ability to search for completed jobs using the new Job Name.
- Added the ability to track if a Job was submitted from the Scheduler, a file Monitor, a Trigger, the command line, interactively, etc. When applicable, a link is provided to view more information about the process that submitted the Job.
- Enhanced the linking on the Completed Jobs page to edit a project or navigate into the folder where the project exists.
- Added the ability to add/view user-defined Notes on Completed Jobs.
- Added the ability to resolve a Completed Job that was cancelled or failed. The user name that resolved the Job, along with a timestamp, will be recorded on the Job.
- File-level logging for Jobs:
- Added database-driven file audit logging for every Project task that reads, writes and transfers files.
- All file activity can be searched in the File Audit section of the Audit Logs page. Summary and detailed information can also be seen in Dashboard Gadgets and in Reports.
- Added a new screen to view detailed file activity for each Completed Job. This allows users to quickly see what files were read, written, or transferred during the execution of a Project.
- Added a new option to View File Activity for each Resource. For example, a user could view all file transfers that occurred for a specific SFTP resource.
- Provided context menu access to the folder action menu on the Project Explorer. Users can right-click on a folder to add a new folder, delete or change the permissions on it.
- Added HTTPOnly flag to protect GoAnywhere browser cookies from JavaScript access.
- Added the ability to promote Scheduled entries from one system to another.
- Added the ability to promote file Monitors from one system to another.
- Added the ability to globally customize the file auto-rename separator.
- Added support for Admin Users to authenticate against LDAP Managed Login Methods which supports a failover LDAP server configuration.
- Added a calendar format to view upcoming executions for a Scheduler entry.
- Added the ability to specify custom email templates for file Monitor and Schedule notifications.
- Added a System Alert to notify administrators when Open PGP keys are about to expire.
- Added a security setting to control whether the admin interface can be embedded in an Iframe.
- Renamed Scheduled Jobs to Schedules.
- Renamed the User role to Project Executor.
- Fixed an issue with the Copy and Paste of a project component that could cause the JVM to run out of memory.
- Fixed an issue with the Excel Write task where appending to an existing Excel file with one record overwrites that record instead of appending to the file.
Enhancements/fixes to components that were formally in GoAnywhere Services:
- GoDrive Enhancements/Fixes:
- Created a GoAnywhere Desktop Client for the Mac OS X platform.
- Enhanced the GoDrive list page to visually indicate if a file is locked, shared or has comments.
- Added menu items to GoDrive files to allow the user to Manage Access, Remove My Access and configure Email Notifications.
- Added the ability to export GoDrive audit logs.
- Fixed an issue that prevented GoDrive items from being shared if the recipient had a previous invitation that is pending.
- Fixed an authority issue where Limited View-Only GoDrive user accounts were able to restore a shared file to a previous revision.
- Removed the Empty Trash Bin button from users that have only Limited View-Only GoDrive access.
- Fixed an issue where Limited View-Only GoDrive user accounts were able to download/access locked files.
- Fixed an issue where GoDrive users without Write permission could delete and restore trash bin items.
- Fixed a GoDrive Sync issue caused by moving files with certain permissions in a shared folder.
- Added three new Trigger event types:
- Before AS2 MDN Send - this trigger can call a Project to validate the files that were received in an AS2 message. The Project can return a status to the Trigger to indicate if the MDN should be sent back to the trading partner.
- Before GoDrive Upload - this trigger can call a Project when GoDrive receives a file. The Project can scan the GoDrive file using ICAP (for antivirus or DLP) or use other tasks to determine whether the file should be allowed or rejected.
- Before Secure Mail Send - this trigger can call a Project before the Secure Mail notifications are sent to the recipients. The Project could scan the Secure Mail files using ICAP (for antivirus or DLP) or other tasks to determine whether or not to the Secure Mail should be allowed to be sent.
- Added a new Deny Trigger Event task to Projects to conditionally determine whether the new Before Trigger events should proceed.
- Added a new Call Project action to Triggers. This action will call a local Project on GoAnywhere MFT.
- Added permission security to Resources that were defined in GoAnywhere Services. On upgrade, the All Admin Users group will be granted read, write, and use permission to all existing Resources.
- Added the Chinese language in the Web Client. This is in addition to the currently supported English, Spanish, German, French, Japanese, Indonesian and Portuguese languages.
- Added the ability to specify IP addresses on an exemption list. These addresses will not get blocked by the DoS or Brute-Force automatic blacklisting.
- Added the ability for users to download multiple folders/files as a single ZIP file from Secure Mail, Secure Folders and GoDrive.
- Updated the Outlook Plugin Secure Mail receipt template to support the original secure mail message.
- Added support for multi-byte character sets when Oracle is the backend database.
- Fixed an issue with the management of connections from GoAnywhere Gateway that could cause a NullPointerException in the logs.
- Added a Status column to the Secure Folders activity report in the Web Client.
- Added an option to reset the Show/Hide columns dialog back to the default for each supporting page.
- Fixed an issue where the Tomcat Window Service configuration executable was not properly named. This issue was introduced in new installs of GoAnywhere Services 4.0.0.
- Updated the HTTPS/AS2 active sessions count on the Service Manager page to include AS2 active sessions.
Supersedes These Products
GoAnywhere MFT replaced the former products of GoAnywhere Director and GoAnywhere Services.
GoAnywhere Director****Final Version – Feb 11, 2015 Version 4.7.0
Release Notes
GoAnywhere Services****Final Version – May 15, 2015 Version 4.0.2
Release Notes
GoAnywhere End of Life (EOL) and Support Life Policy
For information on End of Life (EOL) and Support Life for GoAnywhere, please review the policy. Technical support is provided in accordance with the policy.