Release notes: WebSphere DataPower B2B Appliance XB60 release 3.8.1

Release notes


Abstract

WebSphere DataPower B2B Appliance XB60 firmware release 3.8.1 is available. Compatibility, installation, and other getting-started issues are addressed.

Content


Announcement


The WebSphere DataPower SOA Appliances firmware V3.8.1 announcement letter is announcement 210-108.

See the announcements for the following information:

  • Detailed product description
  • Product-positioning statement
  • Ordering details

New features and enhancements description


WebSphere DataPower B2B Appliance XB60 release 3.8.1 offers the following new features and enhancements and resolved APARs.

Enhanced B2B capabilities

  • ebXML Messaging Service support
With ebXML Messaging Service (ebMS2.0) support, you can exchange B2B messages in SOAP with attachment format and leverage the WS-Security standards for secure business transactions.
  • Integrate inbound and outbound processing policies with ebMS handler, and the processing result is reported by B2B Gateway through asynchronous or synchronous acknowledgment messages.
  • Use the Show ebMS only view in the B2B viewer to display and perform the following actions against ebMS messages: Manually resend inbound and outbound transactions, and send a status request message to the external partner to retrieve the transaction status.
  • External partners can send status query ebMS message to B2B Gateway and retrieve the transaction status based on the specified message identifier.
  • External partners can send ping messages to B2B Gateway to check for service availability.
  • Use the enhanced archive function to archive all ebMS transactions or only ebMS transactions that are expired.
  • Use the reliable message delivery support of an ebMS protocol to ensure duplicate-elimination and the successful delivery of ebMS messages.
  • Processing Policy support in B2B Gateway Services
In a B2B Gateway, you can associate a custom processing policy with a specific partner profile to customize the processing flow and use transport protocol headers based on your business requirements.
  • Associate a processing policy with a partner profile to customize the processing flow and the headers sent to the receiving partner.
  • Customize ebMS message headers by setting the supported ebMS service variables in the processing policy.
  • Use the response rule to customize the response processing flow. Use the error rule to customize the processing flow when error occurs.
  • Configure the processing policy to access each part of received messages.
  • Use B2B Gateway service variables to dynamically select a configured destination of a partner profile to perform dynamic message routing.
  • Use the multistep probe to debug processing policies.
  • Enhancement to the B2B Gateway Service
The B2B Gateway service remains up and continues to process data even when one or more of the front-side protocol handlers or of the partner profiles are down.
  • B2B High Availability support
B2B gateway supports high availability through the use of a standby control group operating in failover mode and the ability to define the synchronization policy for the B2B persistence store.
  • If the primary appliance fails, the high availability configuration ensures that the secondary appliance becomes the primary one and continues to process the transactions among trading partners.
  • If both appliances fail, restart them and both appliances become available in secondary mode by default. Use the B2B viewer to determine which appliance has the most recent data, and assign the appliance with the most recent data as primary and the other one as secondary.

Enhanced interoperability

  • Enhanced Open Database Connectivity (ODBC) data source support
  • Optimizes database connectivity and processing for common workloads.
  • WebSphere Transformation Extender enhancements
  • Supports WebSphere Transformation Extender version 8.3 features
  • Enhanced support for WebSphere Transformation Extender component rules extends beyond support for constant and ODO-style (OCCURS DEPENDING ON) component rules.
  • Enhanced support to handle data that is in error
  • Supports deployment of DPA map files directly to the appliance from WebSphere Transformation Extender Design Studio
  • Supports the use of XML schema, rather than type trees, within WebSphere Transformation Extender Design Studio
  • Two previously restricted functions are relaxed: FAIL and OFFSET
  • Two previously restricted adapters are unrestricted now: ECHO and SINK
  • WebSphere Service Registry and Repository (WSRR) enhancements
  • Supports WS-Policy Attachment files authored within WSRR Policy Editor
  • Supports configuring Web Service Proxy services using WSDL files returned from WSRR saved search queries
  • Supports serving of WSDL files from multiple Web Service Proxy services that use the same URI and the same port, but a different appliance interface.
  • Improves synchronization performance of WSRR Concept subscriptions


Enhanced security features

  • Enhanced SAML Assertion Generator for AAA Policy
  • Supports an LDAP authentication and LDAP authorization setting to fetch LDAP attributes for SAML assertions. Results are synchronized with the AAA authentication cache or the AAA authorization cache.
  • Supports Raw XML Document including SAML for Enveloped as a message type for signing. This message type supports an XPath expression that identifies the elements on which to sign.
  • Post processing activities support generating a SAML assertion or response that can contain one or all of the following assertion types: an authentication statement, an attribute statement, and an authorization decision statement. Skew time and proxy restriction settings are supported. Configuring SAML attributes definition objects for use in post processing is supported.
  • WebSphere Application Server 7 SAML Interoperability
  • Supports WebSphere Application Server version 7 to use the SAML bearer and sender vouches tokens for SSL or WS-Security. The DataPower appliance can generate or consume those tokens for authentication, signing including WS-Security STR-Transform and encryption, as expected by WebSphere Application Server 7.009.
  • WebSphere Application Server 7 Kerberos Interoperability
  • Supports WebSphere Application Server version 7 to use the Kerberos tokens for SSL or WS Security Policy. The DataPower appliance can generate or consume the Kerberos token for secure conversation or authentication, or both, or further use them to sign or encrypt the message as expected by WebSphere Application Server 7.009.
  • MTOM message validation
  • Supports specifying a set of schema or WSDL documents that accept messages in which base64-encoded binary content was optimized according to the MTOM/XOP specifications. XOP binary-optimization replaces base64-encoded binary data with an xop:Include reference element that references the unencoded binary data located in an attachment. When this option is enabled, an xop:Include element can optionally appear in place of content for any XML Schema simple type that validates base64-encoded binary data. When this option is disabled, such optimized messages are rejected by the validation of the unoptimized form.
  • Convert certificate objects and private key objects
  • Supports converting a certificate object or a private key object, or both, to a specific output format and write it to a file. The supported format is openssh-pubkey.
  • Enhanced Tivoli Access Manager (TAM) support
  • Supports Microsoft Active Directory as the user registry for Tivoli Access Manager client.
  • Enhanced error logging for AAA actions using Tivoli Access Manager.
  • Supports the use of local mode TAM objects in a AAA policy. This includes the ability to create local mode TAM configuration files.

Enhanced connectivity

  • Enhanced DNS resolution
  • Supports setting up a first-alive hierarchy of DNS servers, for example primary and secondary, such that a given server is queried only if the servers higher in the hierarchy fail to respond to a query.
  • WebSphere MQ enhancements
  • The MQCSP support enables the authorization service to authenticate a user ID and password for security exit in MQ Queue Manager object.
  • The MQ Queue Manager Group can work with the multi-instance feature in the WebSphere MQ server Version 7 or later for the fail over in the DataPower appliance.
  • With the shared conversation feature in WebSphere MQ server Version 7 or later, you can compress the number of connections between the DataPower appliance and the MQ Server by specifying the maximum number of conversations to share a single TCP/IP connection in DataPower Queue Manager object configuration.
  • Enhanced support handling for JavaScript Object Notation (JSON)
  • Provides JSON support as a native format for request and response types.
  • Enhanced communications control over the SSH File Transfer Protocol (SFTP) protocols
  • Supports a client feature to send files to and retrieve files from remote servers.
  • Supports strict host key and known host checking.
  • Supports a poller feature to poll and retrieve files.
  • Supports configuring the DataPower SFTP Server in Virtual File System mode.
  • Enhanced IMS support
  • Supports IMS Connect interactions that provide the completion status to enable the appliance to deliver IMS transactions with a high level of integrity.
  • Supports commit mode and sync level processing of Commit Mode = 1 and Sync Level = Confirm.

Enhanced administration

  • Quiesce
  • Supports a method to gracefully quiesce the appliance or certain configured portions of the appliance. Quiesce is applicable to the device as a whole as well as to domains, services, and front-side handlers.
  • Status providers
  • Enhanced important status providers to provide detailed information, expected values, and recommended actions.
  • Memory enhancements
  • Supports a backlog to which the appliance routes a configurable number of requests if the amount of free memory falls below the configured threshold. Processing of requests in the backlog is delayed until sufficient memory is available or until the configured backlog-timeout elapses. When sufficient memory is free, the appliance processes all requests in the backlog queue.
  • Enhanced logging information to solve connection issues
  • The system log has been improved to provide better information. Locating specific messages, sorting and filtering, and other log manipulation has been enhanced. Log messages have been rewritten for clarity.
  • Disaster Recovery: Secure Backup-Restore
  • Supports a secure backup-restore process for appliances that are initialized or are reinitialized in disaster recovery operational mode for use in recovering the configuration of a lost appliance. A secure backup contains private data from the appliance (cryptographic keys and user data), which the appliance encrypts with a DataPower key. You can also use the backup-restore process for migration of one appliance to another.
    Note: The backup-restore process must be used among appliances that are at the same firmware level and have the same compatible configuration (auxiliary storage, iSCSI, and so forth).
  • One touch must gather function
  • Enhanced error reports can include optional information.
  • Error reports can be automatically uploaded to local or remote file stores.
  • Error reports are compressed to minimize disk-space requirements.
  • Improved First-Failure Data Capture (FFDC) to capture better diagnostic information
  • Enhanced information in backtraces to aid diagnosis.
  • Support for log trigger points. A trigger can be created for any log message or group of messages. The trigger can be configured to launch a command when the specified message occurs.
  • Packet trace IP address filter option
  • Filtering of packet captures to monitor messages from a specific source or to a specific port.
  • Enhancement to the email alert setting
  • In addition to the "To" address in email alert setting, specify the "From" address in Troubleshooting and Failure Notification configuration to indicate the email address of the message sender.
  • Enhance usability to manage configuration objects during migration
    Provides system log messages that indicate the following warnings when the DataPower appliance migrates its data to a newly installed firmware version:
  • An object with an invalid required property is removed from the startup configuration script.
  • A complex property with an invalid required property is removed from the startup configuration script.
  • A referenced property is dropped from the startup configuration script if its referenced object cannot be found.
  • An invalid property is dropped from the startup configuration script with a value of empty if this firmware version does not support the value for this property and there is no default value for the property.
  • An invalid property is dropped from the startup configuration script with a default value if this firmware version does not support the value for this property and changes the value to its default value.
  • Unrecognizable reference or submode property causes the system to quit the object configuration mode and fail to load the remaining properties for the object.
  • Enhanced Web Service Proxy interface
  • Improved WebGUI performance in the Web Service Proxy configuration when populated with a large number of WSDL files.

Documentation


Resolved APARs

For a list of the APARs that WebSphere DataPower B2B Appliance XB60 release 3.8.1 has resolved, see resolved APARs.

Compatibility with earlier releases


Compatibility issues with earlier firmware releases are documented as individual technotes in the Support knowledge base. The following link launches a customized query of the live Support knowledge base. The compatibility issues that are known to exist in the current release of the WebSphere DataPower B2B Appliance XB60 are provided.

View known compatibility issues for WebSphere DataPower B2B Appliance XB60

For additional information about problems in current releases, refer to the DataPower support site.

System requirements


To determine whether your appliance (machine type) supports this firmware release, refer to technote 1430414.

For hardware specifications, refer to the IBM WebSphere DataPower SOA Appliances: Type 9235: Hardware Problem Determination and Service Guide available from the DataPower information center.

Product compatibility

Release 3.8.1 is compatible with the following products:

Application and Web servers
Any server that conforms to the standards that the DataPower appliance supports.
Database server
Support provided for the following database servers:

  • DB2: all supported versions up to 9.5
  • Microsoft SQL Server: all supported versions up to 2008
  • Oracle: all supported versions up to 11g R1 (11.1)
  • Sybase: all supported versions up to 15
Information Management System
IBM Information Management System (IMS) versions 9 and 10
LDAP servers
Any LDAP server that is compliant with LDAP version 2 or with LDAP version 3.
Microsoft .NET Windows Communication Foundation
Microsoft .NET Windows Communication Foundation (WCF) integration has the following requirements:
  • WCF 3.5 or newer
  • Windows 2003 Server or newer as the KDC if using the Kerberos token feature.
SFTP clients
The following SFTP clients are supported:
  • CuteFTP Professional 8.3
  • OpenSSH 3.1p1 (Red Hat Linux® 7.3)
  • OpenSSH 4.6p1 (Ubuntu Linux)
  • OpenSSH 5.1p1
  • PuTTY PSFTP, version 0.60
  • SmartFTP, version 3.0
  • Sun Microsystems, Sun_SSH_1.1
  • WinSCP, version 4.1.6
SSH File Transfer Protocol (SFTP) Support
The supported protocols are as follows:
  • SSH-2 protocol defined by IETF RFC 4251
  • SFTP version 3 defined by the draft-ietf-secsh-filexfer-02.txt Internet-Draft
TIBCO Enterprise Message Service
TIBCO Enterprise Message Service (EMS), versions 4.3, 4.4, and 5.0
Tivoli Access Manager
IBM Tivoli Access Manager, versions 6.0 and 6.1
Tivoli Federated Identity Manager
IBM Tivoli Federated Identity Manager, versions 6.0.1, 6.1 and 6.2
Tivoli Security Policy Manager
IBM Tivoli Security Policy Manager, version 7.0 Fixpack 2
Web browsers
Microsoft Internet Explorer, versions 6 and 7, and Firefox, version 3.5
WebSphere Java Message Service
IBM WebSphere Java Message Service (JMS), versions 6.0.2 and 6.1
WebSphere MQ
IBM WebSphere MQ, versions 6.0 and 7.0, as a remote server.
WebSphere Service Registry and Repository (WSRR)
Support is provided for the following IBM WebSphere Service Registry and Repository releases (minimum versions):
  • WSRR 7.0.0.2 (which include APAR IZ71003)
  • WSRR 6.3.0.2 plus APAR IZ71003
  • WSRR 6.2.0.3 plus APAR IZ71003
  • WSRR 6.1.0.5 (limited support for WSRR Subscriptions features)
  • WSRR 6.0.2.2 (limited support for WSRR Subscriptions features)
Contact IBM WSRR Support for access to APAR IZ71003 and the latest FixPacks ( http://www.ibm.com/support/docview.wss?rs=3163&uid=swg27010465)
  • Support is provided for WS-Policy Attachment files authored with WSRR Policy Editor 6.2.0.3 plus APAR IZ71003 or later.
  • Supports implementing Web Service Proxy configurations with WSDL files returned from a WSRR Saved Search when the WSRR server is WSRR 6.2.0.3 plus APAR IZ71003 or later.
WebSphere Transformation Extender
  • To create maps or recompile existing maps to run in the recommended DPA (DataPower Appliance) mode with extended support for component rules, use WebSphere Transformation Extender Design Studio version 8.3.0.2 or later. With version 8.3.0.2 and later, support for component rules is extended beyond support for constant and ODO-style (OCCURS DEPENDING ON) component rules. Support for component rules has the same restrictions as map rules.
  • To create maps or recompile existing maps to run in the recommended DPA mode with the more limited support for constant and ODO-style component rules, use one of the following versions of WebSphere Transformation Extender Design Studio:
    • Version 8.3.0.2
    • Version 8.2.0.4 with IF3
XML Tools
Any XML tool that generates XSLT 1.0 for XML-to-XML. For non-XML, supported versions of WebSphere Transformation Extender (WTX).

Installation


For installation instructions, refer to the IBM WebSphere DataPower SOA Appliances: Upgrade and Rollback Guide available from the DataPower information center.

Known problems and limitations


Known problems and limitations are documented as individual technotes in the Support knowledge base. As problems are discovered and resolved, the IBM Support team updates the knowledge base. By searching the knowledge base, you can quickly find workarounds or solutions to problems.
The following link launches a customized query of the live Support knowledge base. The limitations and problems that are known to exist in the current release of the WebSphere DataPower B2B Appliance XB60 are provided with a workaround, if available.

View known problems and limitations for WebSphere DataPower B2B Appliance XB60

For additional information about problems in current releases, refer to the DataPower support site.

Deprecated features


This section summarizes deprecated features in the product offerings comprising WebSphere DataPower SOA Appliances release 3.8.1. The following information summarizes what is deprecated. Where possible, a recommended migration action is provided.

View deprecated features for WebSphere DataPower SOA Appliances

Contacting IBM Support


To report a problem to IBM Support, refer to Contacting IBM WebSphere DataPower Appliances Support.

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

WebSphere DataPower B2B Appliance XB60

Software version:

3.8.1

Operating system(s):

Firmware

Reference #:

7018819

Modified date:

2010-06-15

Translate my page

Machine Translation

Content navigation