What's New in 21.0.4
This section provides information about the new features and enhancements that have been implemented in Automic Automation 21.0.4.
This page includes the following:
As of this version, we support running agents as containers running on Kubernetes. This applies to UNIX, Java-based (including Rapid Automation) and Windows agents. Containerized agents can be used either with a standard Automic Automation deployment or with Automic Automation Kubernetes Edition. For more information, see Installing Containerized Agents.
This release of Automic Automation introduces the features and functions listed below.
JCP Certificate Renewal
The system checks the expiration date of JCP certificates every 24 hours (at midnight UTC) instead of every 30 days. The Automic Web Interface still displays a notification when one or more certificates is about to expire; however, the notification now displays the JCP name and the expiration date. This information is also written into the JCP log file every 24 hours (at midnight UTC).
AWI displays only one notification even if there is more than one certificate about to expire. All relevant certificates are listed one after the other separated by a comma sorted by expiration date; the certificate closest to the expiration date is listed first. The notification is displayed in all Clients but only to users with the privilege Access to Administration. The notification remains visible until the certificate is renewed.
Note: Objects that are executed on expiration check might be triggered more often since the system checks the expiration date every 24 hours.
For more information, see Securing Connections to the AE (TLS/SSL).
Automatic JCP Restart after Renewing Certificate
It is not necessary to restart the JCP manually after renewing the certificate. However, make sure that the new certificate is set correctly and uses the same definition as the TLS section of the INI file of the Automation Engine. Otherwise, the old KeyStore definition is used and the JCP will not start. For more information, see Adding the Certificates.
TLS/SSL - Reject Client Initiated Renegotiation
The jcp.ws and jcp.rest no longer allow TLS/SSL clients to initiate a renegotiation.
Non-TLS Java-APIs Connect to AE v21+
It is possible to connect older JavaAPIs to an Automation Engine v21 and higher. That also applies to non-TLS JavaAPIs. This is only supported for stand-alone Java applications.
Replacing the uc4.jar file in Automic components such as AWI, EMI, and such is not allowed.
Telemetry - Product Usage Collector
As of this version, you can also use the Product Usage Collector (PUC) to report your usage data.
The Product Usage Collector is an application for Windows or MacOS that you can install on a system that can access the product. It alleviates the need for special firewall rules to access product licensed metrics, and does not require a dedicated system in your data center.
The telemetry metric and reporting has been enhanced by onboarding the following agents:
RA Oracle ERP Cloud Agent
Azure AD - SAML Provider and New *CONFIG Parameter
As of this version, Microsoft Azure Active Directory is supported as a SAML provider.
Enabling the SAML parameter in the UC_SYSTEM_SETTINGS variable also generates and populates the *CONFIG key which contains an xml file with predefined elements that allow you to define different settings.
Note: This parameter is particularly relevant if you use SAML through Microsoft Azure as it requires you not to send RequestedAuthnContext of the SAML AuthnRequest to your identity provider. Otherwise, you cannot sign in and the error message "AADSTS900235: SAML authentication request's RequestedAuthnContext Comparison value must be 'exact'. Received value: 'Minimum'." is displayed.
Additional Privilege required for Oracle Databases
The CREATE TRIGGER privilege is now required when you install or upgrade an Oracle database. For more information, see ORACLE.
EXECUTION_TRIGGER - New UC_SYSTEM_SETTING
There is a new EXECUTION_TRIGGER setting in the UC_SYSTEM_SETTINGS variable which is required for the integration of Automic Automation Intelligence with Automic Automation. For more information, see EXECUTION_TRIGGER.
Automic Automation Kubernetes Edition
This release of Automic Automation Kubernetes Edition introduces the features and functions listed below.
AWI Improvements for AAKE
The following AWI changes have been made:
New configuration options to improve connection problems to AWI
Cleaned log file content
Company logo can be set for AAKE using environment variables
Automatic Pod Restart after Configuration Changes
If you change environment variables values.yaml file and then run a helm upgrade to apply those changes, the AE and AWI pods are restarted automatically using the new configuration. For more information, see Configuring Container-Based Systems.
Automic Web Interface
Secure Login Data Storage
So far, the user's login information (Connection, Client, Name, Department and Connection Color, NOT the password) was stored in the login cookie, no matter whether AWI was running on HTTP or HTTPS. To avoid potential security risks, as of this version the login information is stored in the browser localStorage.
HTML and YouTube Widgets in Dashboards
Automic Automation Dashboards let you work with various types of widgets. The HTML and YouTube widgets redirect the user to pages that could pose an additional security risk that you may want to avoid. To help you with your security concerns, you can now decide whether to install and use these widgets or not.
With version 21.0.4 the HTML and YouTube widgets have been moved to a separate plugin respectively. They are available under the /plugins/autoinstall folder in the Automic Automation delivery ZIP file that you download from https://downloads.automic.com/. If you decide so, you can easily uninstall these plugins so that the HTML and YouTube widgets are not available in your system.
For more information, see Installing the Automic Web Interface.
Two new parameters in the configuration.properties file let you control the Content Security Policy (CSP) related to AWI:
csp.enabled enables/disables CSP
csp.whitelist adds AWI pages to the whitelist
For more information, see configuration.properties - Configuring Your Local Setup.