Release 4.5.8

Progress® Rollbase® Version 4.5.8 Release Notes

The following section describes issues fixed and enhancements done with this release.

  • For information on new features and changes in behavior, see here.
  • For information on supported platforms, see here.
  • For Third party acknowledgments see here.

Enhancements

Set parser preferences


Rollbase now has an improved built-in DOCX and PDF parser. You can set parser preferences at global level and choose between built-in and Aspose (if installed). By default, the built-in parser is used. You can make Aspose parser as the default option for DOC, PDF, and DOCX by modifying IsAsposeDocParserEnabled, IsAsposePDFParserEnabled, and IsAsposeDocxParserEnabled shared properties respectively. At tenant level, the master administrator can now set parser preferences by overriding the default global preference. See Working with customer records for more information.

Rollbase also supports a metered plan, provided you have valid Aspose license keys. Rollbase will no longer support .doc and .rtf templates. However, the support for existing templates will continue. 

SAML/ADFS - Support for SHA-256 as a request signature method Algorithm


Rollbase now lets you select a signature method algorithm (global and per tenant level) to be used to sign the request being sent to the IDP. You can select RSA-SHA1 or RSA-SHA256. The default value is RSA-SHA1. See Configuring SAML/ADFS authentication for all tenants, Configuring SAML/ADFS authentication for a tenant, and setAuthentication for more information.

Locking enhancements for OpenEdge and SQL Server


With the enhanced OpenEdge and SQL Server databases locking mechanism, background select count queries no longer require locks at database/table levels to fetch results.

Fixed Issues

 

Case ID Defect ID Description
00423485 86337 Document template does not display the Windows default font Vivaldi Italic when it is rendered in PDF.
00431444 86084 Encountering error "Attribute name contains more than one AttributeValue" when using SSO with Azure AD.
00430177 85780 Backup to S3 server is incomplete and contains only tables directory instead of all file folders for a tenant with Cloud storage.
00416429 85547 SAML/ADFS - There is no support for SHA-256 - Request Signature Method Algorithm.
00367587 85168 Loop through related items in Microsoft Word documents does not work when using built-in parser with Rollbase Private Cloud.
00402994 85167 Text is found missing in the generated document templates in a Private Cloud installation.

 

Known Issue


In case of a built-in Parser for Word documents with .docx extension, tokens present within shapes/picture text will not be replaced.







Rollbase 4.4.4

Enhanced Hashing and Encryption Algorithms for Rollbase Private Cloud

SHA‐512 as Hashing Algorithm

Rollbase has upgraded its password hashing mechanism to SHA‐512. Each hashing process combines plain‐text password with random salt generated using cryptographically secure pseudo‐random number generator (CSPRNG). Existing passwords will be re‐hashed using SHA‐512 after user login.

Encryption Algorithm Private Key

Rollbase supports encryption for text, phone, and email fields, and contents of file upload fields. All these data are by default encrypted using AES (Advanced Encryption Standard) with 128‐bit key size.

When the system restarts after upgrading to 4.4.4, a private.key file that contains the secret key unique to your Rollbase instance is generated and saved in your Rollbase config folder on your master machine at <ROLLBASE_HOME>/config/security.

NOTE: Store a copy of the generated key in a secure place so that it is available for situations such as disaster recovery, or machine changes. This file is created and managed by Rollbase and should not be edited locally.

All fields currently encrypted using default encryption algorithm (AES‐128) will continue to function correctly. They will be decrypted and then re‐encrypted using your preferred algorithm and generated secret key the next time they are edited and saved.

AES‐256 Encryption Algorithm Support

Rollbase now also supports encrypting data using AES with 256‐bit key size. This is a system wide choice and managed through the shared property ‐ ‘EncryptionType’.

To make use of AES‐256 on a Rollbase Private Cloud:
  1. Set value of shared property ‘EncryptionType’ from 0 to 1. This is a one‐time setting. Once set to 1, reverting to 0 is not recommended. If no value is specified, ‘EncryptionType’ uses its default value, 0. No additional changes are required if you want to continue using AES‐128.
  2. Install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 to enable the 256‐bit Key Size used by AES‐256. For download and usage instructions, see here.

Note: If these JCE files are not installed and the property ‘EncryptionType’ is set to 1, encryption attempts will fail with the exception: Illegal Key Size.

Important: Support for unique constraint validation on encrypted fields has been deprecated. Thus, unique checks on encrypted fields will not work. Encrypted fields cannot be audited, marked unique or indexed as part of the search engine. Once set, this option cannot be removed.