GAS 3.20 new features
A summary of new features and changes in functionality introduced with Genero Application Server (GAS) 3.20.
This version of GAS is desupported, use a more recent version of the product.
This page covers only those new features introduced with the Genero Application Server (GAS) version specified in the page title. Check prior new features pages if you migrate from an earlier version. Make sure to also read the upgrade guide corresponding to this version.
Corresponding upgrade guide: GAS 3.20 upgrade guide.
Previous new features guide: GAS 3.10 new features.
Overview | Reference |
---|---|
The dispatcher configuration is enhanced to listen for incoming requests on a
dedicated IP address. The address is specified by the LISTEN element. |
See LISTEN |
With TCP_ADMIN_PORT you can specify a port for GAS
administration tasks. |
See TCP_ADMIN_PORT |
With END_URL you can specify a URL that the user agent
redirects to when your web application ends. |
See END_URL |
The CACHE_CONTROL_MAX_AGE element allows you to specify the
duration files sent by the GAS are held in front-end cache. |
See CACHE_CONTROL_MAX_AGE |
The ENVIRONMENT_VARIABLE element has a
Concat attribute, which allows you to manage how inherited parent configuration
settings are handled; appended, prepended, or discarded. |
See ENVIRONMENT_VARIABLE |
The gasadmin session command is enhanced with the
--close-session and --close-all-sessions options. This provides
for closing sessions gracefully, without displaying messages to the user agent. |
See gasadmin tool. |
The following gasadmin commands are enhanced with list
options:
|
See gasadmin tool. |
Starting at 3.20.07 | |
httpdispatch and fastcgidispatch dispatchers now support
the @argfile syntax. You can start the httpdispatch and
fastcgidispatch dispatchers with an option to read override (-E )
commands from a file. The option --dump-command can be used to output the commands
in the file. |
See |
Starting at 3.20.14 | |
You can set the httpdispatch and fastcgidispatch
dispatchers to write their process-ids to a file on disk with the --pid-file option
of the command. |
See |
The $(res.dir.separator) resource allows you to specify
directory paths for all platforms in the same configuration. It resolves to either a forward slash
"/ " on a UNIX™-like system including macOS™ or
a backward slash "\ " on a Windows® system. |
No additional reference. |
Starting at 3.20.19 | |
The following gasadmin commands are enhanced:
|
See gasadmin tool. |
Starting at 3.20.20 | |
One license consumed per browser: All applications started from the same browser count as one for licensing purposes, and therefore only one license is used. |
See Genero front-ends and license counting |
Starting at 3.20.21 | |
On Unix-like platforms you can use systemd to manage the GAS dispatchers. You
can perform various management tasks, such as starting and stopping the dispatcher, using
systemctl commands. Templates for configuring GAS systemd are provided in
FGLASDIR/systemd/Warning:
The systemd feature is available on Linux® only. |
See Systemd service template |
Overview | Reference |
---|---|
With DELEGATE_OPTIONS you can specify whether to send the
body or just HTTP headers for a service using delegation. |
See DELEGATE_OPTIONS (for a service) |
Starting at 3.20.13 | |
GIP authentication and access service security cookie updated with SameSite="Strict". | See SameSite attribute is now recommended when setting HTTP cookies |
Starting at 3.20.18 | |
The GAS supports HTTP/2 requests when configured in the web server. HTTP/2 is the default protocol when installing a web server configured for HTTPS. | See: |
Overview | Reference |
---|---|
Genero Identity Provider (GIP) integration to the GAS, ready to use with minimal settings. This will bring authentication and authorization mechanism to your apps. | See Identity Provider (IdP) page in the Single Sign-On User Guide. |
The DELEGATE element provides a feature that allows a user to
be logged out of the authentication server when a web application is closed.
|
See:
|
The DELEGATE element provides support for OAuth2 SSO authentication as used
by identity providers (IdP) such as Facebook and Instagram.
|
See OpenID Connect support for OAuth2 and The ImportOAuth program pages in Single Sign-On User Guide |
The OpenID Connect service has three possible ways of authentication redirect: via an HTML submit form using GET or Post, or using the default HTTP 302. | See Configure OAuth redirect with automatic form submit page in Single Sign-On User Guide |
The GetToken, DeployGar, and DeployGbc are command line tools for working with the GIP. They follow the FGL default for command options using getopt. | See
|
The ImportIdP tool for managing SAML identity providers supports parsing of
its command-line arguments with getopt. |
See The ImportIdP program page in Single Sign-On User Guide |
Starting at 3.20.14 | |
The command tools GetToken, DeployGar, and DeployGbc can be run from a script set in the PATH environment. | See
|
Use the oidc.oauth.request.format configuration entry to define the protocol
format to use during OAuth code to ID token exchange. |
See Set exchange format for OAuth ID token page in Single Sign-On User Guide |
The --keys option of ImportOAuth tells the
OpenIDConnectService provider where to fetch the OAuth public keys, to validate the ID tokens before
granting access to a Genero Application. |
See The ImportOAuth program page in Single Sign-On User Guide. |
By default, the OpenID Connect service performs the exchange of tokens for OAuth authentication in url-encoded format but you can configure this for JSON. | See Set exchange format for OAuth ID token page in Single Sign-On User Guide |
The oidc.app.start.mode configuration entry of the
OpenidConnectServiceProvider service defines how the identity of the client is verified before
starting the application. You can configure "gnonce" (genero number once) or a cookie. |
See Configure application starting mode page in Single Sign-On User Guide |
Starting at 3.20.20 | |
The OpenID Connect service of FGLGWS has enhancements to how scopes are exchanged. The Genero Identity Provider (GIP) follows the standard RFC 8693 as the default method when creating OAuth ID and access tokens with the scope parameter. | See Support for RFC 8693 in the Genero Identity Provider (GIP) creation of OAuth ID and access tokens with scopes |
Overview | Reference |
---|---|
The GAS allows you to provide your GBC client in the application path's gbc directory. | See Provide the GBC in the application path. |
The GIP Deployment App provides you with an interface to manage Genero
Archives, and Genero Browser Clients deployed on the Genero Application Server (GAS). It
replaces the legacy deployment portal web service.
|
See Deploying and securing applications and Web services and Set default GBC client with the Deployment App page in Single Sign-On User Guide |
The new features listed in this topic are available in the latest version of the GAS. Contact your support channel for more details.