Holodeck B2B Versions Save

This update includes fixes for several issues to improve the reliability of the message exchanges. It also introduces a new submission log that contains the meta-data of each successfully submitted message to the Holodeck B2B Core in a structured format.

See the CHANGELOG for more details.

This major update introduces a lot of internal changes mainly focusing on stability and resource management. The changes most interesting to users are:

• Possibility to only define the Service type to be used in the P-Mode and provide the name during submission of a message.
• Fixes in the Reception Awareness Feature to improve handling of retries and Receipts.
• Interfaces for the Persistency Provider, Event Processor, P-Mode storage and Certificate Manager now include a shutdown() method to allow for resource clean-up.
• Support for a-synchronous delivery of messages and for redelivery (to be implemented by the delivery method).

See the CHANGELOG for more details.

This update includes changes and fixes to the Reception Awareness Feature to improve the handling of retries and Receipts.

This updates update the log4j version to 2.17.0 to mitigate security issues found in the log4j 2.15.0 and 2.16.0

This release contains several fixes including an update of Log4j to mitigate CVE-2021-44228, see also issue #123.

Some other new features:

• Message properties are now used in P-Mode matching.
• Worker pool management by the core, including 'on the fly' reconfiguration.
• Receiving of messages with over 30 signed attachments is now possible.
• A new SUSPENDED processing state was added for outgoing messages that encounter an internal error.
• Support for Apache Commons Deamon in jvm mode

See the CHANGELOG for more details.

This patch release fixes a major bug [#112] which caused the routing information to be missing in asynchronously sent multi-hop Signal Messages. Therefore updating to this release is only necessary when you are running in a multi-hop network.

This patch release includes a newer version (1.0.1) of the file back-end which fixes issues in the single_xml delivery format and uses a temporary extension when writing the meta-data file to disk to prevent premature reading by the back-end application. See also the issues on the file back-end project.

Holodeck B2B 5.0 has new and changed functionality to allow easier creation of domain and deployment based enhancements. This includes:

• A default user interface that supports basic monitoring of a running Holodeck B2B instance. The UI is available both using a command line and GUI application.
• Support for asynchronous Two-Way AS4 P-Modes.
• Support for additional P-Mode validators for the same type of P-Mode. P-Mode validators are now loaded using the Java SPI mechanism and all applicable validators are used to check a P-Mode before loading it. Two new methods were added in org.holodeckb2b.interfaces.pmode.validation.IPModeValidator to support the new mechanism.
• Configuration parameter to indicate whether the Holodeck B2B Core should fall back to default Event Processor implementation in case the custom implementation cannot be loaded/initialised.
• New interfaces related to trust validation of certificates in org.holodeckb2b.interfaces.security.trust. Notably the new specification of the Holodeck B2B Certificate Manager which is now a separate component independent of the Security Provider. Also new interfaces and methods are defined to communicate the results of trust validation checks between components including the new ISignatureVerifiedWithWarning event to signal trust issues on signature verification.
• Signature policy check in Core Processing that received User Messages are signed when indicated in P-Mode that they should be. Violation of this rule will generate an PolicyNonCompliance error.

Besides new functionality this release also includes fixes for issues found in earlier releases. See the change log for a complete overview.

This release fixes a major issue in the creation of the WS-Security header that causes interoperability issues when sending message containing multiple payloads or multiple binary security tokens.

This patch release includes fixes for issues related to pulling and the processing of certificates that include name constraints or policy constraint extensions. See the CHANGELOG file included in the release for more details.