HANDLE.NET Software Version 6.2 Release Notes

Changes in Version 6.2.5_02 (18 Sep 07)

1. Added "shadow" password function to handle admin login window and the set/edit-password view.
2. Added support for shadow passwords to the API in the form of an additional constructor for the SecretKeyAuthenticationInfo object and the Encoder.encodeSecretKey(byte[] key, boolean shadow) static function.

Changes in Version 6.2.5_01 (29 Aug 07)

1. Fixed a bug that prevented administrative adapter objects from being properly instantiated by the adapter factory.

Changes in Version 6.2.5 (9 Aug 07)

1. Added new API package that provides a high level interface for creating, deleting and updating handles.
2. Handle software source code can be built using Java 1.5 or newer.
3. Set isAdminRequest to true for several types of messages so that they are not sent to query-only interfaces.
4. Changed the Admin Tool so that it will not allow creation of a handle without a slash, but it will allow deletion of a handle without a slash.
5. Updated Proxy servlet to not require SingleThreadModel.
6. Added CNRI.RSRC_LOC value handler to perform flexible selection of multiple possible locations (URLs) for a single handle.
7. Added ability to specify indexes when resolving using Resolver object.
8. Removed the dependency on the external utility class for authentication.
9. Added setUseUDP to the high level admin interface and implemented it. This allows the users to add and prioritize the use of UDP for communication with a handle server.
10. Fixed bug in simple setup. Prior to this fix, the simple setup would recreate replication keys even if the user specified not to do so.
11. Updated build.xml so that the user.properties file overrides the build.properties file.
12. Added target to compile the new API. Made changes to server and client distribution targets so that the new API is included in new distributions. Added a manifest file so that admintool.jar can be run with "java -jar admintool.jar".
13. Made change to handle server process secret key verify authentication messages. If the client specifies the index number as zero the server will attempt to verify the client signature based on any secret keys that are in the handle. This is so that other authentication services can use simple handle+password authentication without having to know a specific handle index.
14. If the handle server experiences an error sending a continuation response to the client during a list-handles operation, it will stop trying to send further responses because the client has likely disconnected.
15. Made DBList command-line list-handle program work with any handle storage module, not just JDB.
16. Added multi-threaded testing from command-line to BDB JE storage. Removed explicit transactions from most DB operations since it is done implicitly within the calls. Set default BDB JE lock timeout to 0 to prevent timeouts. There is no possibility of deadlock so these timeouts would only punish the server when it was under a heavy load. Removing the timeout limit doesn't appear to slow down the server at all. Possibly the BDB JE timeout mechanism is broken (over-sensitive).
17. Fixed BDB JE bug that prevented listing by prefix. Also added static main method to perform simple database operations via the command line.
18. Streamlined scanning of BDB JE handle database. Also added filtering by prefix so that listing handles by prefix will cause the database cursor to skip directly to the relevant handles and stop scanning once it has seen each relevant handle.
19. Added try/catch block to BDB JE module to prevent leaving a transaction lock after a failed operation.
20. Modified BDB JE database iterator to perform read-ahead in order to close the cursor immediately after the last record is read.
21. Added information to exceptions that are thrown from the BDB JE module.
22. Added optional logging for UDP messaging.
23. Use RSA/DSA*KeySpec classes to construct public and private keys from their raw components instead of using our own public and private key implementation classes, which the IBM version of Java (for AIX) doesn't handle properly.
24. Fixed bug in which the orderSitesByPreference method used a common static variable (ranges) to perform a temporary site reordering without synchronization. This could cause multi-threaded resolvers such as the http proxy not to always use the optimal site when resolving if there are many resolutions happening at once.
25. Added expiration date to AbstractMessage.toString().

Changes in Version 6.2.4 (21 Feb 07)

1. Changed HdlSecurityProvider to use the default Java security and crypto providers to perform a signing or encryption. We still allow the user to provide an alternate HdlSecurityProvider by class name using the handle.security.provider_class property, but we no longer default to using the SunJceHdlSecurityProvider which didn't work on versions of Java not made by Sun (such as IBM's Java for AIX).
2. Added Resolver object for higher level resolution functions and simpler API for resolving handles and extracting certain values from the resolution results. This resolver also enables configuration from an XML file in which you can override specific handles. Overriding a handle can be done every time the handle is resolved or only when resolution fails using the normal system. If the resolver detects that the configuration file has been updated, it will automatically reload it.

Changes in Version 6.2.3_01 (1 Feb 07)

1. Updated copyright headers in source code.
2. Updated server test applications in net.handle.apps.test package. Removed the handle create/delete test from this package.

Changes in Version 6.2.3 (26 Jan 07)

1. Allow JDB back-end storage systems to use simple "template" handles. If the "use_templates" flag in the server_config section of the config.dct file is "yes" then the server will return the values of <somehandl> for any request for handle <somehandle><delim><anythingelse> where <delim> is given by the first character in the template_delimiter setting from the config file and the handle that was queried for doesn't exist in the database. You can override the template values for any individual handle by simply creating that handle in the database, or just modifying the template values that were returned for it using the handle tool.
2. Made server interfaces be a bit more intelligent about how they determine which requests are admin requests, which are query requests, and which can come in over either interface.
3. Added ability to clear the caches for a HandleResolver using the clearCaches() method.
4. Fixed report of error message returned from a remote server.
5. Added server shutdown hook so that stopping a handle server will cleanly shut down the database and any logs.

Changes in Version 6.2.2 (13 Nov 06)

Updated Global Handle Registry site information (new root_info file).

Changes in Version 6.2.1 (3 Nov 06)

1. Added new tool to show any database transaction log entries with a given handle, or show every entry in the log.
2. Added new VData handler for proxy that allows different URLs to be returned based on a parameter passed to the proxy.
3. Updated proxy error response to include namespace contact information.
4. Redesign of session implementation to improve efficiency and modularity. This is backwards compatible, but increases the minor version of the handle protocol. The "old" protocol was 2.1 and the new one is 2.2. The only difference between the two is that session keys in 2.2 have the encryption algorithm that is used inserted at the beginning of the session key and in 2.1 there is no way to change the algorithm. One thing that might break backwards compatibility in rare cases is that previous clients and servers used to apply an md5 hash to all secret keys before using those keys to encrypt/decrypt a message. This is unnecessary when secure random keys are used and probably added a lot of overhead, and the code will be significantly complicated if this is made backwards compatible. Breaking previous clients/servers should not be a big deal since the encrypt bit is off by default, even when using sessions.
5. Added namespace support to handle proxy. This allows handle-not-found messages to display the contact information for the namespace (if present) instead of a static email like hdladmin@cnri.reston.va.us.
6. Changed config file interpretation very slightly to allow for multiple interfaces of the same type in one server.

For example, you can now have two HDL-TCP listeners by adding the following settings:

          interfaces = ( hdl_udp hdl_tcp hdl_tcp2 hdl_http)
          hdl_tcp_config = {
            bind_port = 2641
            ...
          }
          hdl_tcp2_config = {
            bind_port = 2642
            ...
          }
        ...

7. Admin Tool: Enabled sessions by default. A new session tracker is installed every time the user's authentication is changed.
8. Admin Tool: Cleaned up action handlers by making a common set of menu actions for all windows/menus.
9. Made the different handle protocol interfaces reject administration requests if they are coming through a query-only port, and query requests if they arrive through an admin-only port.
10. Added parallel write locks that depend on a case-insensitive version of the handle to allow parallel writes to different handles. This should speed up very high speed admin operations where many clients are updating different handles at the same time.
11. Added getNAHandle(String) method that returns a String to Util.

Bug Fixes:

1. Fixed bug in weekly rotation log function.
2. Fixed bug in network interfaces/listeners for the handle server when they are set to reject requests that are inappropriate for their given interface.

Changes in Version 6.2 (16 Jun 06)

Version 6 of the HANDLE.NET software includes major improvements in performance and reliability, two GUI tools for service and identifier administration, enhanced logging, and Berkeley DB JE Database support.

1. Improved client configuration for dealing with a given LHS.
2. Added second Handle Tool for service and identifier administration.
3. Moved the handle storage construction out of the HandleServer constructor so that other applications can use it.
4. Enhanced server logging/rotation.
5. Insured proper handling of session_timeout message in handle resolver.
6. Changed from handle server based proxy to web server servlet based proxy.
7. Numerous changes to proxy servlet such as adding referrer logging option and response time, hdl: and doi: prefixes now understood in the web form.
8. Changed garbage collection invocation for servers.
9. Enabled Berkeley DB JE Database support.
10. In SQLHandleStorage.java, fixed case sensitivity problem with SQl back-end.
11. Removed bottleneck in calculation of replication transaction IDs for multi-server primary sites.
12. Made maximum UDP packet size configurable on a per-HandleResolver basis.
13. Set timestamps in handle values when manually updating records using the DBTool.
14. Added auto-reset of cache when a database error is detected.
15. Added program to sort handles and their values into a set of servers based on the hash of each handle.
16. Added caching for certified resolutions to improve performance.
17. Added fix so that authentication would not abort if a server encounters a corrupted HS_ADMIN value.
18. Added fix for case sensitivity so that authentication for prefix handles works correctly.
19. Improved proxy behavior and handle-value plugin architecture. Querying for "http://host/<handle>?type=URL.xyz" will return a redirect if there is a "URL.xyz" value. When the "noredirect" option is used, URL types as well as subtypes will be shown as links.
20. Added verify-prefixes flag to handle admin servlets so that off-network administration doesn't immediately fail.
21. Added trace-messages flag to admin servlet config.
22. Changed JDBCache so that any cache file corruption will be repaired by throwing away the cache file and starting over with a new one. This eliminates printing lines of error messages that could eventually fill up the tomcat stderr log file(s).
23. Added ReadOnlineTransactionQueue which allows primary servers to disallow changes via the handle protocol and allow an external process (such as an SQL database system) to maintain the transaction logs for replication.
    
    

Bug Fixes:

1. Fixed bug in db which was not initialized using non-empty constructors.
2. Fixed bug that caused handle redump connections to break.
3. Fixed bug in MemCache class.
4. Fixed bug in GenericBatch where private keys were incorrectly read if there was no passphrase.
5. Prevented throwing of NullPointerException when resolving some non-existent handles.
6. Fixed session setup in GenericBatch.
7. Fixed Java 1.5/5.0 compatibility problem. Java 5 was not backwards compatible with respect to signature algorithm identifiers.
8. Fixed bug in monthly log rotation.
9. Minor fix to list-handles operation in SQL storage module.
10. Multiple bug fixes to Berkeley JE Handle storage class.