What's New in 21.11
We are pleased to announce our latest 21.11 release of Journey Manager is ready for you to download! It includes new and enhanced features, security improvements and updated libraries, plus bug fixes. We've updated a few Fluent API classes as well. Read on to find out more!
|Features & Enhancements
|8 March 2023
|14 July 2022
|14 February 2022
|22 December 2021
|3 December 2021
Here is a list of the key features we've introduced and enhanced. To learn more about each feature, click a documentation link or read the Features and Enhancements section below.
New Statuses for Organisations, Form Spaces and Forms
As a frequently requested feature to enhance the Journey Manager capability, we've added new statuses, which you can use to take forms offline and thus support maintenance activities on forms and integration services. This feature adds capability to take a form, form version, organization or full portal offline or to just stop rendering forms but allow users of currently rendered transactions to complete their journey.
Permissions and REST Service
We have added permission checks to the Fluent API to enable better control of which function users can access through the Fluent Rest API. For more information, see the Fluent API documentation.
The new permission checks do not apply to standard Groovy scripts executed within the users form flow. However, the capability exists to enable these check if this becomes required for a customer.
Scheduled Groovy services now run using the ServiceUser role, which defaults to a admin level role. This role can be limited to enhance the security around these services, if required.
We've enhanced Fluent API:
- Add/Delete Groups
- User Query Enhancements
- Previous Submission
- MemCache Lifetime Controls and Clear functions
- Fluent oAuth2 Security Manager
Apache Click is an old non supported library used in the Journey Manager UI screens in the forms portals and the manager console. We are steadily phasing this library out and, in this release, we have re-written the authentication, password management and basic error pages in forms portals.
The HTML structures of the pages have been preserved as much as possible. However, these are significant changes so form space styling will need to be reviewed. A new border page has been introduced to support these new pages.
While working on the next Journey Manager 22.04 release, we will continue to deprecate the remaining workspace functionality, which will enable the majority of the remaining Click functionality to be removed from the user facing spaces.
- FOP - FOP receipt service has been removed
- TField - Support for the End-Of-Life T-Field product has been removed from Journey Manager
Upgrades & Security
We have performed the following libraries upgrades and security enhancements.
Apache Cayenne Upgrade
This is a major upgrade of Apache Cayenne, so Core Groovy scripts using Cayenne may need to be modified.
Velocity has been upgraded due to security issues. The upgrade of Velocity has breaking changes that may need to be addressed in customer's space styling and email templates:
- Checks for empty strings or null. Replace this code:
#if ($flash != ""))
#if (($flash) && ("$flash" != ""))
- Combined boolean checks on one line. Replace this code:
#if($startDate && $endDate)
Spring Security Upgrade
This is a major upgrade, which has included changes to the way Spring Security is configured. This should not affect customers as the original functionality has been maintained. However, if form spaces or security have been heavy customized, some changes may be required.
CSRF Protection on spaces
We have added the CSRF Protection option to the Workspaces, Workspace and Web-plug spaces. This option is selected by default in Workspaces, but it is not selected for other form spaces by default. In the form spaces, CSRF will only be supported with Full FTX Maestro forms and not with the old click based space pages, so the choice for the workspaces portal to default this On, and Off for the other spaces.
There is a bug with the Maestro Attachment Field widget, which has been fixed in Maestro 21.11. To be able to upload attachments with CSRF, you will need to upgrade and re-deploy the form with this fix, available with the Maestro maintenance releases 19.05+, including 21.11.
You need to login to access this content. If you still don't have access after logging in, you can request it by posting a new question using Website issue in the Category dropdown.