On February 27, 2016, the CA API Gateway team released the first service pack for the 9.1 release, 9.1.01. This service pack addresses the following outstanding issues:
Enhancements for the Enterprise Service Manager (ESM)
The following enhancements, delivered in the 9.2 release, have also been added to the 9.1.01 service pack
- support for migration of encapsulated assertions
- support for migration of Siteminder (CA Single Sign-on) properties
- address ESM vulnerabilities
- hide disclosure of Jetty version
- addition of HttpOly attribute in session cookie
- session inactivity timeout now configurable
Enhancements for the Gateway patching utility
The following enhancements, delivered in the 9.2 release, have also been added to the 9.1.01 service pack
- added ability to delete existing patch files from the Gateway, and control how patch files are treated and deleted in the future. Includes "auto deletion" capability for patches
- better patch management, including better organization and patch status information
Other resolved issues
- users are now able to apply a Gateway license from the web-based Policy Manager
- increase performance of JDBC Query assertion, by caching JDBC connection information locally
- address a Low Bandwith denial-of-service vector against the Gateway service resolver.
- improve overall Gateway performance through elimination of some transactional logging and auditing
- removed duplicate headers when establishing a websockets connection
- changed default value of io.httpConnectionIdleTimeout to address issue with build up of CLOSE_WAITS on Gateway
- addressed inability of GMU to successfully test the migration of bundle that contains a Websockets assertion
Please see the full release notes at Release Notes 9.1.01 - CA API Gateway - 9.1 - CA Technologies Documentation for additional details.
- Aaron