- Security improvements
- Upgrade to new version of jetty
- "mail." properties specified on the service.properties file are now used by Java mail.
- New login screen.
- New standalone apps and apps download page.
- Java Web Start not supported anymore.
- Fix a bug that prevented editing users when using the built-in H2 database (used to fail with: "
General error: java.lang.ClassCastException: java.io.BufferedReader cannot be cast to java.lang.String" on saving).
- Improve command-line client to allow uploading and downloading multiple files in one one go.
- In the emails sent on file upload, use the full name of the recipient if available.
- Upgrade Jetty to version 7.5.4.
- When a file is shared with a temporary user and the user expires before the file, extend the user's expiration date to match the expiration date of the file, if that is permitted.
- Support PostgreSQL 9.1
Remove length restriction from user and file information in database; this fixes e.g. the issue that a user with an email longer than 50 characters could not be created in CIFEX
This version upgrades the CIFEX database to a new database schema. After running 10.06.5 on an existing CIFEX database, earlier versions of the 10.06 release series will no longer work on this database.
- Support referring to users by email alias if the underlying authentication service supports it (currently LDAP only)
- Reject user creation if a regular user tries to create a new temporary user with a user name that exists in the external authentication service
- Support PostgreSQL 9.0
- Change Jetty stop port to 8078 to allow running CIFEX and openBIS on the same machine without configuration change
- Add an LDAP external authentication repository
- Resolve emails to users for externally authenticated LDAP users
- Fix NPE in CIFEX WebStart downloader when rendering the table of files available for download
- Make autofill of the login form work with Google Chrome (tested with 5.0.375.86); now MS Internet Explorer, Mozilla Firefox, Google Chrome and Opera all work, the only browser tested that is not supporting autofill on user & password with CIFEX is Apple Safari
- Make login form horizontally centered with the info text optionally provided in
- Upgrade to GWT 2.0.4 for better support of Safari 5
- Minor improvements for logging
- Add support for OpenPGP based encryption to Java Web Start and command line clients and for generating secure passphrases
- Add keep alive ping for web sessions
- Make program messages of the web GUI changeable without re-compilation or even server restart by introducing
message-dictionary.js(note that this does not apply to the Java Web Start and command line clients, but only to the web GUI)
- Make emails sent out by CIFEX use configurable templates instead of hard-coded text
- Support banners on the login page (by introducing
- Improved mechanism of resolving email addresses to CIFEX user accounts on file upload; the new mechanism avoids leakage of information in the case where two permanent users exchange files with the same person who is not a permanent user of this CIFEX instance
- Introduced mechanism to avoid clash of user ids for temporary user accounts with the same email address; the old behavior was to use the email address as the user id of the new user and fail if the user id is not unique, the new behavior is to create a unique user id by suffixing the email address with a number
- Use a more efficient database query on the users table when sharing a file (will only matter for a big user database)
- Show the full width of a column by
Shift+Clicking the column header
- Make switching on and off columns more obvious to the user by adding a
Columnsdrop box to the tables
- Improve filtering in web GUI by adding alternative filter expressions (separated by space), anchoring ("
^" for "begin of field" and "
$" for "end of field"), and quoting (both single and double quotes are supported)
- Add tooltip to the
Recipientsfield to indicate what format is expected for the input
- Java WebStart and command line clients do not overwrite local files anymore without asking the user for permission
- Make the Java Web Start and command line tools obey the system's default HTTP proxy
- Use the system's native look and feel for the Java WebStart clients instead of the old Java "Metal" look and feel
- In the Java WebStart clients use the best file chooser for each operating system
- Add support for sorting in Java WebStart Downloader client's table
- Make working directory of Java WebStart clients persistent on user's client
- Fix resizing of GUI components when resizing the Browser window and some awkward GUI layouts
- Fix user action logging (avoid duplicate log entries and clearly separate
- Fix an issue on sending out emails with some mail servers that insist on the Date header field being set explicitly
- Avoid closing the "Edit User" form (and thus loosing the changed data) when it is submitted with invalid content
- In the GUI table that allows checking and changing the file sharing, show new created users correctly as temporary users (they used to be shown as "Regular Users"
- Trim email addresses coming from the external authentication service to avoid that leading / trailing spaces make identical email addresses look different for CIFEX
- When a user was specified twice in the list of recipients for file sharing, the operation used to fail but the user received an email stating that the file was available for download to him. Now a user listed multiple times as a recipient is gracefully ignored and the operation succeeds
- An exception was thrown when trying to upgrade a temporary user to permanent status if the database engine was PostgreSQL before 8.4 - fixed
- Upgrade web server to Jetty 7.1.4
- Upgrade javamail to 4.1.3
- Make some links on the web page customizable
- Provide symlinks to additional configuration files in
- Fix retries in RPC (WebStart and command line) client
- Fix logging of
cifex.bat(command line client)
cifex.sh(command line client) follow symlinks when detecting its home
- Allow to set "max upload size" and "retention time" per user to override server defaults
- Allow to deactivate users without deleting them (admins only)
- Allow to write "Triggers" which are little plugins that can run on the server side when a file is sent to the user associated with the "Trigger"
- Allow to pre-set the recipient and/or the comment in the URL to CIFEX
- Add a Web Start GUI for file download that supports resume and checksumming (note that older Microsoft Internet Explorer versions do not allow download of files larger than 2GB)
- Add resume functionality for upload and download via command line and Web Start GUI
- Add a real quota system that puts a user and all users she created into one "quota group" and that enforces the maximum number of files and a total file size per "quota group"
- Add freely editing the retention time of temporary users and files up to a upper limit for non-admin users or without limit for admins. This replaces the old
- Introduce concept of a user "owning" files; a user owns all files she uploaded herself and files that users uploaded that she created
- Add function for editing the name and comment of owned files for non-admin users / all files for admin users
- Add these commands to the command line client:
listowned– list the files owned by the logged-in user, providing the file ids to allow download
delete– deletes the given file from the CIFEX server
crc32– compute the CRC32 checksum of the given local files (as not all computers have the
- API: add call
setSessionUser()which allows an admin user to convert a session to another user
- Support PostgreSQL 8.4
- Better support for new browser versions
- New network protocol for Java based file upload and download (used by command line and WebStart clients) based on the
chunkedtransfer coding of HTTP/1.1. The new protocol allows considerably faster uploads and downloads than the old protocol
- New, clearer web interface based on tabs
- Fill recipient field of a temporary user with the user id of its creator as it is the typical use case to have a temporary user upload a file for the regular user that created him
- When a new user that is to be created is known by the external authentication service, the operation will no longer fail but the user data from the external authentication service will be used and the user will be correctly created
- Protect file integrity with a CRC32 checksum
- Add paging and filtering for tables
- Add a delay of 0.5s after a failed login attempt to make brute-force attacks more difficult
- Add the command line option
downloadcommand of the command line client for silencing the progress reporting output
- Don't force the admin to enter an email address when creating a user that is authenticated by the external authentication service
- Allow the admin to edit the file sharing of any file on the CIFEX server
- Support auto-fill of user and password on the CIFEX login page with Firefox and Internet Explorer (unfortunately Safari and Chrome don't work yet)
- When a temporary user expires, the files she uploaded disappeared
- When a new user was added to the file sharing dialog, the check status of all other users were reset to checked
- A variety of small bug fixes over 9.03
- Command Line Client: Allow uploading of multiple files from command line client within one session
- Command Line Client: Auto-detect port for http and https when not given
- Server: Avoid ConcurrentModificationException in clean up timer
- Java WebStart GUI for uploading files larger than 2GB
- Command Line Client for file upload / download
Reply-Tofield in emails sent by CIFEX to the originator of the message
- Allow specification of user id (using the
id:prefix) when editing the sharing
- Show recipients of files in management GUI
- Better error message on session time out
- Fix for 30 second timeouts when connecting with Firefox 3 to a CIFEX server via HTTPS for the first time after browser startup
- Easier access to configuration files by adding softlinks to
- Ensure the CIFEX server comes up even when the Crowd authentication service is not available at that time (prevents denial-of-service when service machines are rebooted in wrong order)
- Enable configuration of crowd host and port in
- Increase the size of the content type (or mime type) field from 50 to 120 characters, as mime types of documents in Microsoft Office 2007/2008 can be as long as 74 characters, see http://blogs.msdn.com/dmahugh/archive/2006/08/08/692600.aspx.
Read the FAQ entry "I want to share confidential files, what do I need to consider?"
- Show the information with whom a file was shared
- Store the comment that was given when uploading a file and show it along with the other information of the file
- Provide a way to check and change the list of people that a file is shared with
- Allow to specify users you want to share a file with by user id rather than email
- Allow to resent emails of user details when they are changed
log.xmlsuch that AUTH, TRACKING, and ACCESS logs are written to a separate file
- Let administrator change user id of user (only internal authentication repository)
- Give users in the internal authentication repository a possibility to switch to the external authentication repository
- Allow to override the base URL used in the emails sent automatically by CIFEX
- Add an FAQ to CIFEX that answers common questions
- The user's full name is no longer mandatory
- Add Cancel Button for the "edit user" dialog
- UI tweaks and fixes for Firefox 3
- Improve logging of user actions and authentication
- Switch password hashes from MD5 hashes to salted SHA1 hashes
- Before creating new internal user, check if such a name already exists in external authentication service
- Allow uploading of files with names longer than 250 characters
- Full name was wrong when user is externally authenticated via Crowd
- Name and email address of users that are externally authenticated were not updated when changed in the external authentication service
- Cleanup daemon thread died on exceptions in deletion of expired files or users
- String values in the
service.propertiesare now trimmed
- It was not possible to delete a file from the database that didn't exist anymore the data-store
- Email in 'upload file' form was case sensitive, leading to the creation of new temporary user accounts
- Do not use the data type
longto communicate ids between server and client as GWT translates
floaton the client which is prone to rounding errors
- Deleting expired user in some instances threw a
- File URLs in the emails sent by CIFEX sometimes contained the wrong path
- Ensure the expiration of sessions is logged
- Use user code instead of email address for sub-directories in the
- Move Upload button to the left side of the form so that it is visible even in small browser windows.
Initial public release.