GAS 3.20 upgrade guide

These topics describe product changes you must be aware of when upgrading to version 3.20.

Important: This is an incremental upgrade guide that covers only topics related to the Genero Application Server version specified in the page title. Check prior upgrade guides if you migrate from an earlier version, and complete the migration tasks for all versions between your existing version and the target version in order. Make sure to also read about the new features for this version.

Corresponding new features page: GAS 3.20 new features.

TCP_ADMIN_PORT

TCP_ADMIN_PORT is a new element in the GAS configuration file. If your GAS version is 3.20.07 or later, you need to be aware of this new element. It provides a port for GAS administration tasks. If you are using an as.xcf without this element, there is no need to add it. The default TCP admin port is set internally to 6999. If you need to set the port, you may need to add the element to the as.xcf.

It is necessary to set this port, for example, if you have several GAS running on the same machine. Then you need to ensure that you set a unique port for each GAS. Also ensure you select a different port to that used for application access. For more information on configuring multiple dispatchers for TCP admin port, see Configure multiple dispatchers.

GBC in application path

The means to provide a Genero Browser Client (GBC) in the application path is introduced. See Provide GBC in application path.

With 3.20, you can package a GBC in the gbc directory of the application path. This is the path specified by the PATH element in the application xcf file. The GAS first looks for the GBC in APPDIR/gbc. If this directory exists and it contains a GBC installation, this GBC is used. If the gbc directory is not set, the GAS then uses the standard GBC_LOOKUP_PATH lookup mechanism.

What does this mean for your upgrade to 3.20? It allows you to provide a GBC to use in the application path's gbc directory independent of the GAS configuration.

Deployment portal has been replaced with DeploymentApp

The legacy deployment portal service has been replaced with the Genero Deployment App (DeploymentApp). If you used the deployment portal to deploy and manage your applications and GBC clients, you will need to move to using this application. For information on how to access and use it, see Deploying and securing applications and Web services.

Changes to the deployment service under GIP

The deployment service is now protected by Genero Identity Provider (GIP). To access it requires a valid access token with the scope "deployment". The service URL has changed too. If you previously used the deployment service on the GAS at base URL /ws/r/services/DeploymentService to manage your Genero applications, you will need to use this new URL, /ws/r/admin/GeneroDeploymentService instead. For more information on how to access and use it, see Deploying and securing applications and Web services.

Changes to ImportOAuth tool for managing OpenID Connect identity providers (IdP)

The ImportOAuth tool command supports getopt parsing of its command-line arguments. The use of the tool to manage IdP for your Genero applications has therefore changed. For examples of changes you need to make, see Table 1. For help using the tool, run the command:
fglrun ImportOAuth -h
For further details about the ImportOAuth command, see The ImportOAuth program.
Table 1. Example change to ImportOAuth import command
New command Previous command
fglrun ImportOAuth --import 
        --authz https://api.instagram.com/oauth/authorize 
        --token https://api.instagram.com/oauth/access_token 
        --logout https://instagram.com/accounts/logout 
        --profile https://api.instagram.com/v1/users/self?
        https://www.instagram.com
fglrun ImportOAuth -import https://www.instagram.com 
         -authz https://api.instagram.com/oauth/authorize 
         -token https://api.instagram.com/oauth/access_token 
         -logout https://instagram.com/accounts/logout 
         -profile https://api.instagram.com/v1/users/self?

Changes to ImportIdP tool for managing SAML identity providers

The ImportIdP tool command supports getopt parsing of its command-line arguments. The use of the tool to manage IdP for your Genero applications has therefore changed. For examples of changes you need to make, see Table 2. For help using the tool, run the command:
fglrun ImportIdP -h
For further details about the ImportIdP command, see The ImportIdP program.
Table 2. Example change to ImportIdP import command
New command Previous command
fglrun ImportIdP --import 
  http[s]://host:port/openam_954/saml2/jsp/exportmetadata.jsp 
fglrun ImportIdP -import 
 http[s]://host:port/openam_954/saml2/jsp/exportmetadata.jsp

Changes to support for file transfer

Starting with FGLGWS 3.20.11 and GAS 3.20.13 there is full support for file transfer with filenames set on any locale. This update allows you to specify filenames with locale-specific characters in your application file transfers.
Important: Apache

If you have configured mod_proxy_fcgi in your Apache server, ensure application URLs are not escaped by setting proxy-fcgi-pathinfo=unescape. For more details, see Apache 2.4: mod_proxy_fcgi.

If you are using any older combinations of FGLGWS and GAS, file transfer only works for filenames with ASCII characters.

Enhancement for GIP command line tools

Starting with FGLGWS version 3.20.11, GAS version 3.20.14, and GIP version 1.00.11 there are changes to how you use GetToken, DeployGar, and DeployGbc. These commands are now run from a script. For example, if previously you ran the "GetToken" command as:
fglrun $FGLDIR/web_utilities/services/gip/bin/gettoken/GetToken.42r client_credentials --help 
You can now run it directly as:
GetToken client_credentials --help
GetToken is located in $FGLDIR/web_utilities/services/gip/bin/gettoken. DeployGar and DeployGbc are located in the $FGLDIR/web_utilities/services/gip/bin/deploy directory. You need to include these paths in your PATH environment variable to run the commands from any directory.
Tip: Run the script file $FGLDIR/web_utilities/services/gip/envidp.sh to ensure the PATH is set correctly to run the commands.