Skip to main content
Skip table of contents

X4 Server 7.3.1

Improved UX of X4 ReST API in the Swagger Editor

Categories and methods are now sorted alphabetically for an improved user experience. In addition, categories are folded by default to have a smaller list.

BasicAuth replaced by Bearer-Token

BasicAuth login is no longer supported for X4 API. A bearer token is now required to call the X4 API. This can be retrieved via http://localhost:8080/X4/X4Api/ or with the Keycloak Token adapter. This note only applies to X4 API, BasicAuth is still available for the other services (ReST Starter).

Native Adapters

Input Parameter Values Shown in Quick Watch

When you debug a process that contains a native adapter, the Quick Watch view now also displays the input parameters of the native adapter. You can recognize the input parameters by the PARAM_INPUT prefix before the parameter name.

Keycloak

New Default Role "X4 Control Center" in X4Realm

The X4Realm now has an additional default role name “X4 Control Center”.

image-20240424-080429.png

Improved Security

Removal of Commandline Servlets

To minimize risks that could occur on registered commandline servlets, these have been removed
from the product.

Vulnerability Scan for Third-Party Dependencies

To be informed about critical security vulnerabilities at an early stage, all third-party dependencies are automatically scanned on a daily basis.

Prevent Random Initialization of Java-SPI

Due to past problems that a random implementation was chosen by Java (e.g., Aalto-XML instead of preferred woodstox), it was necessary to define that the wanted implementations are directly instantiated in a single place. All occurrences of the default SPI-Factory calls have been replaced.

The solution is that the service provider implementations of Stax/Sax/Dom are pinned to prevent
random initialization of Java-SPI.

Git Commit ID Shown in Server Log

Previously, the git commit ID was only printed in the success message. Now the Git-Commit-ID is noted in the start.bat/.sh of the server as parameter "-Dx4.version" and is thus directly visible in the log entry of the set start parameters when starting the server. This is especially helpful for SNAPSHOT versions and helps analyzing errors in the log.

Updated to New Version

WildFly

For improved security, WildFly has been updated to version v27.0.1.


Java

For improved security, Java has been updated to use the patch of Java 11 LTS (Version 11.0.17+8
Azul Zulu: 11.60.19).


.project file exists no longer

The .project file in projects is no longer needed, instead a pom.xml file is created, which
however no longer contains references to individual files. This significantly simplifies the versioning
and merging of projects.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close