What's new in 2018.4

IBM® DataPower® Gateway 2018.4 offers the following new features and enhancements.

For more information, see the linked information.

Added password alias to secure gateway peering data stores (2018.4.1.16)

When you configure a gateway peering instance, you can assign a password to secure the data store. If not specified, the system default is used. [Learn new information]Learn more...

Added password alias to secure the quota enforcement data stores (2018.4.1.16)

When you configure the quota enforcement server, you can assign a password to secure the data store. If not specified, the system default is used. [Learn new information]Learn more...

Added the ability to clear the cache for a specified rate limit (2018.4.1.15)

Added the clear ratelimit cache command to clear the cache for a rate limit on the API collection level or the API Gateway level. [Learn new information]Learn more...

Enhanced IMS Callout handler (2018.4.1.14)

Added the ability to configure the IRM_TIMER for an IMS Callout handler. The IRM_TIMER defines the duration to wait for the input message from the client. [Learn new information]Learn more...

Enhanced rate limiting for the API Gateway (2018.4.1.9, 2018.4.1.12)

  • In 2018.4.1.12, added the ability to define assembly rate limits, assembly burst limits, and assembly count limits in the API Gateway. [Learn new information]Learn more...
  • In 2018.4.1.9, added the ability to specify count limit schemes defined in the API collection to restrict the number of requests in progress for subsequent assembly actions. [Learn new information]Learn more...

Enhanced gateway peering for the API Gateway (2018.4.1.1, 2018.4.1.5, 2018.4.1.6, 2018.4.1.8, 2018.4.1.10, 2018.4.1.12)

  • In 2018.4.1.12, added the GatewayScript rate limiting gateway peering instance. This instance allows you to enforce rate limiting through gateway peering enforcement instead of through the quota enforcement server. This instance is specific to GatewayScript files that are processed by assembly actions and the action uses APIs in the GatewayScript ratelimit module. [Learn new information]Learn more...
  • In 2018.4.1.12, when you configure the default gateway peering manager, you can create and reference the GatewayScript rate limiting gateway peering instance that synchronizes the keys for rate thresholds, counters, and concurrent transactions across peer group members. These rate limits are defined by APIs in the GatewayScript ratelimit module that an assembly action calls. [Learn new information]Learn more...
  • In 2018.4.1.10, added the ability to list information about the gateway peering instances on the server. [Learn new information]Learn more...
  • In 2018.4.1.8, added the ability to list information about the cache for gateway peering instances. [Learn new information]Learn more...
  • In 2018.4.1.6, added the ability to configure the gateway peering manager when the API Connect Gateway Service uses the API Gateway. [Learn new information]Learn more...
  • In 2018.4.1.5, added validation credentials support when you configure a gateway peering instance. You can assign validation credentials to validate the client certificate during the handshake. The assignment of validation credentials mandates that the certificate from the remote peer is validated. If the peer fails to present a certificate on request or presents a certificate that cannot be validated, the connection is terminated. [Learn new information]Learn more...
  • In 2018.4.1.1, added identification credentials support when you configure a gateway peering instance. You can use identification credentials instead of a private-public key pair to secure connections among members.
    • Specify the identification credentials that the current member uses to identify itself to other peers.
    • Specify the private-public key pair, which is deprecated.
      1. Specify the alias of the private key that the current member uses to secure connections with its peers.
      2. Specify the alias of the public key that the peers use to negotiate secure connections to the current member.

      [Learn new information]Learn more...

Enhanced API subscriber management (2018.4.1.10)

Added the ability to specify metadata in API applications. [Learn new information]Learn more...

Added ability to control the batch size for the deletion of enforcement records (2018.4.1.10)

You can specify batch sizes for deletion of the following enforcement records.

Control the duration to wait for a response from an NTP server (2018.4.1.9)

When you configure the NTP service, you can set the duration to wait for a response from an NTP server before trying the next server in the list. [Learn new information]Learn more...

Control the API Gateway document cache (2018.4.1.8)

When you configure the API Gateway, you can enable the caching of documents that the API Gateway obtains. The API Gateway obtains documents over HTTP. The number of documents in the cache depends on the availability of allocated memory. During configuration you can define the following behavior.
  • Specify the maximum number of documents that is allowed in the cache. By default the value is 0, which disables caching.
  • Specify the maximum size for document cache in bytes. Regardless of size, no document that is greater than 1073741824 bytes is cached. This restriction applies even when the cache has available space.

[Learn new information]Learn more...

Delete and re-create SSH host keys (2018.4.1.8)

The reset-ssh-keys command deletes and re-creates new SSH host keys on the DataPower Gateway. All previously created SSH host keys are removed and replaced with new keys. This operation deletes all existing SSH host keys and might drop active SSH connection. Remote SSH clients must accept new host keys to establish a connection. [Learn new information]Learn more...

Enable WebSphere JMS Strict Message Ordering mode in the WebSphere JMS handler (2018.4.1.8)

When asynchronous message processing is enabled, set WebSphere JMS Strict Message Order to indicate whether to enable WebSphere® JMS Strict Message Ordering mode on the WebSphere JMS handler. Enable Strict Message Ordering mode to work smoothly with the WebSphere server when the Strict Message Ordering option in the corresponding WebSphere destination is enabled. [Learn new information]Learn more...

Enhanced JSONata support in assembly actions (2018.4.1.2, 2018.4.1.6, 2018.4.1.7, 2018.4.1.8 )

  • In 2018.4.1.8, added support for the following JSONata functionality to the assembly redact and switch actions.
    • Support for the JSONata / and % numeric operators.
    • Support for JSONata aggregation functions.
    • Support for the $append(), $count(), $reverse(), $sort(), and $zip() JSONata array functions.
    • Support for the $abs(), $ceil(), $floor(), $formatBase(), $power(), $round(), and $sqrt() JSONata numeric functions.
    • Support for the $keys(), $lookup(), $merge(), and $spread() JSONata object functions.
    • The $queryParameter() functional extension to JSONata to retrieve the value of a specified parameter.
    • The $urlParameter() functional extension to JSONata to retrieve the value of path parameters, query parameters, or both from a URL.
  • In 2018.4.1.7, added support for JSONata array ranges and predicate expressions to the assembly switch action.
  • In 2018.4.1.6, added support for the JSONata * numeric operator to the assembly switch action.
  • In 2018.4.1.2, added the following JSONata functionality to the assembly switch action.
    • Support for the $match() JSONata string function.
    • Support for regular expressions in JSONata string functions.
    • The $storageType() functional extension to JSONata to retrieve the storage type of a message.

[Learn new information]Learn more...

Capture and manage data with the API probe (2018.4.1.2, 2018.4.1.6, 2018.4.1.7, 2018.4.1.8)

  • In 2018.4.1.8, new commands in API Probe mode to create and manage API probe data. [Learn new information]Learn more...
  • In 2018.4.1.7, new REST actions provide the following features.
    • Create a capture setting to specify how to capture probe data for specific transactions. [Learn new information]Learn more...
    • Delete the API probe capture setting. [Learn new information]Learn more...
    • Access the API probe capture setting and a list of IDs of the captured transactions. [Learn new information]Learn more...
    • Access all of the probe data that is returned for an API probe capture setting. [Learn new information]Learn more...
    • Access all of the API probe capture settings on the API Gateway. [Learn new information]Learn more...
  • In 2018.4.1.6, you can define an API probe filter to and assign it to an API definition. An API probe filter defines criteria to capture data for specific transactions. [Learn new information]Learn more...
  • In 2018.4.1.2: you can configure the API probe to capture transaction data. This captured data can help you troubleshoot the processing of assembly actions by the API Gateway. [Learn new information]Learn more...
  • In 2018.4.1.2, you can specify a secret in an API collection to provide additional security when retrieving probe data for a transaction when using the REST GetDebugProbeData call. [Learn new information]Learn more...

Support Luna HSM high availability (2018.4.1.7)

The DataPower Gateway can use multiple HSM partitions for high availability and load balancing. You can define multiple HSM partitions into a Luna HSM partition group. Cryptographic services remain available to the DataPower Gateway when at least one member in the group is functional and connected to the DataPower Gateway. [Learn new information]Learn more...

During cryptographic encrypt and decrypt, use AES-GCM ciphers (2018.4.1.7)

When defining encryption and decryption, you can set the algorithm to AES-128-GCM, AES-192-GCM, or AES-256-GCM.
  • For a cryptographic encrypt or decrypt action, configure the action to use the algorithm. The following properties might be on the Advanced tab.
    • For the encrypt action, these values are for the Symmetric Encryption Algorithm property.
    • For the decrypt action, these values are for the Permitted Bulk Encryption Algorithm property.
  • When configuring B2B, set the encryption algorithm that encrypts outbound ebMS messages.
    • In a destination for a B2B partner profile, these values are for the Encryption algorithm property or the destination command. [Learn new information]Learn more...
    • In a B2B CPA sender setting, these values are for the Encryption Algorithm property or the encrypt-algorithm command. [Learn new information]Learn more...
  • When creating an XSLT, set the algorithm.
    • In a dp:decrypt-data() extension, set for the algorithm parameter. [Learn new information]Learn more...
    • In a dp:encrypt-data() extension, set for the algorithm parameter. [Learn new information]Learn more...

New and enhanced assembly actions for the API Gateway (2018.4.1.0, 2018.4.1.1, 2018.4.1.2, 2018.4.1.4, 2018.4.1.5, 2018.4.1.7, 2018.4.1.14)

  • In 2018.4.1.14, added the following HTTP controls to the assembly invoke action. [Learn new information]Learn more...
    • Specify whether to restrict to HTTP/1.0.
    • Specify whether to use Transfer-Encoding: chunked to delimit the body of a document. With HTTP/1.1, the body of the document can be delimited by either Content-Length or Transfer-Encoding: chunked.
  • In 2018.4.1.7, added the assembly log action that writes transaction data to the API context to send to the analytics server. [Learn new information]Learn more...
  • In 2018.4.1.7, added the assembly rate limit action to enforce rate limiting on assembly actions. [Learn new information]Learn more...
  • In 2018.4.1.7, added the assembly redact action to redact or remove content from specified fields in the API context. [Learn new information]Learn more...
  • In 2018.4.1.5, added the assembly client security action that extracts and authenticates client credentials. [Learn new information]Learn more...
  • In 2018.4.1.5, enhanced the assembly invoke action by adding the following new functionality. [Learn new information]Learn more...
    • Specify whether to decode request parameters that are referenced in the target URL.
    • Specify whether to encode + characters in query strings.
    • Specify whether to include the payload for DELETE requests.
  • In 2018.4.1.5, enhanced the assembly user security action by adding the following new functionality.
    • When the processing uses any of the following methods, specify hostname to set instead of the original hostname.
      • Use a redirect for identity extraction.
      • Use an HTML login form for identity extraction.
      • Use an HTML authorization form for authorization.
    • When you use a redirect for identity extraction, specify query parameters to append to the redirect.
    • When you use a form for authorization, define the following characteristics.
      • Whether to display check boxes for entries. When displayed, entries can be selected.
      • Specify the context variable that adds dynamic entries. This context variable supports space delimited names, a JSON array of names, or a JSON array of objects with name and description. The default value is user.default.az.dynamic_entries.
      • Add default entries to the table. An entry contains a name and description. When added, the table displays entries that are being authorized.

    [Learn new information]Learn more...

  • In 2018.4.1.4, added the assembly function call action that call an assembly function. [Learn new information]Learn more...
  • In 2018.4.1.2, enhanced the assembly parse action to use the Content-Type header. You can use the value in the Content-Type header to attempt an assembly parse action. [Learn new information]Learn more...
  • In 2018.4.1.1, enhanced the assembly XSLT action to output as binary. When you configure an assembly XSLT action, you can control whether to serialize the XSLT output tree into binary data after the transformation. The serialized output is not accessible as XML unless it is re-parsed. To access the output as XML after serialization, the API rule must contain an assembly parse action after the XSLT action. [Learn new information]Learn more...
  • In 2018.4.1.0, added the assembly GatewayScript action that runs a GatewayScript file in a DataPower directory. [Learn new information]Learn more...
  • In 2018.4.1.0, added the assembly switch action that evaluates the input context against a list of conditions and runs the corresponding API rule. [Learn new information]Learn more...
  • In 2018.4.1.0, added the assembly validate action that validates JSON and XML payloads against a schema. [Learn new information]Learn more...
  • In 2018.4.1.0, added the assembly XSLT action that runs a stylesheet for the payload and headers of messages from the API context. [Learn new information]Learn more...

Control whether the output from the convert action retains the input encoding or uses ISO 8859-1 (2018.4.1.6)

For a convert query parameters to XML action, control whether the output from the convert action retains the input encoding or is converted to ISO 8859-1. An encoding is also known as a character set. For illustrative purposes, assume UTF-8 is the input encoding.
  • When enabled and the input encoding is UTF-8, the output is UTF-8.
  • When disabled and the input encoding is UTF-8, the output is ISO 8859-1.
[Learn new information]Learn more...

Added support for the HTTP PATCH method (2018.4.1.5, 2018.4.1.6)

You can specify support for the HTTP PATCH method in the following situations.
  • In 2018.4.1.6, added support to define a method match for a matching rule in a processing policy.
  • In 2018.4.1.5, added the following support.
    • Define the allowed features for an HTTP or HTTPS handler.
    • Define the method to include in the traffic-flow definition.
    • Use the http-method attribute with the XSLT dp:url-open extension element.
    • Use the method: options with the GatewayScript urlopen.open() API.

Implement custom assembly logic (2018.4.1.5)

  • When you configure the API Connect Gateway Service as not V5 compatible, you can define the user defined policies that API Connect advertises and makes available in the API Connect assembly editor. These user-defined policies are assembly functions that define the custom assembly logic. [Learn new information]Learn more...
  • Use the GatewayScript apigw module to retrieve the contents of the descriptor field in the assembly function. [Learn new information]Learn more...

Enhanced TLS protection for APIs (2018.4.1.5)

  • Optionally make TLS protection available for APIs in an API collection.

    For an API collection, specify whether to make mutual TLS protection available for APIs. [Learn new information]Learn more...

  • Optionally require mutual TLS protection in an API definition.

    For an API definition, specify whether to require mutual TLS protection. When enabled, specify how to obtain the client certificate. When from an HTTP header, which HTTP header. [Learn new information]Learn more...

Export and import the API Gateway configuration (2018.4.1.2, 2018.4.1.5)

  • In 2018.4.1.5, import the API Gateway configuration. You can use the REST ImportAPIGWConfig request to import the objects and files that are included in the response to the REST ExportAPIGWConfig request. You can also specify to import subscription data. [Learn new information]Learn more...
  • In 2018.4.1.2, export the API Gateway configuration. You can use the REST ExportAPIGWConfig request to export the API Gateway configuration for an API collection. [Learn new information]Learn more...

Control whether SLM data exchanges use multicast or unicast (2018.4.1.4)

When you configure the API Connect Gateway Service as V5 compatible, you can define whether the data exchange uses multicast or unicast. When peering with multicast, you must configure an IP multicast object that handles the underlying transmission of packets used for data exchanges among the peers. When the platform is docker, peering must use unicast. [Learn new information]Learn more...

Validate the host name in the certificate when the DataPower Gateway acts as the client (2018.4.1.4)

In an SSL client profile, you can define server certificate validation and its processing.
  1. The server sends its certificate.
  2. Define whether the client validates the host name in the certificate. For host name validation you can fine tunes the validation methods and settings.
  3. Define how to handle validation failure.
    • When failure terminates the handshake, no additional configure required.
    • When failure only logs an event, processing continues. Define whether to validate the server certificate against the validations credentials.

[Learn new information]Learn more...

During cryptographic binary sign, include CMS Algorithm Protection Attribute (2018.4.1.4)

For a cryptographic binary sign action, you can configure this action to include the CMS Algorithm Protection attribute as defined in RFC 6211. [Learn new information]Learn more...

View memory usage of the landlord and its tenants (2018.4.1.4)

On a DataPower Gateway with the Tenant feature, you can view memory usage details of the landlord and its tenants. [Learn new information]Learn more...

Enhanced document cache management (2018.4.1.2, 2018.4.1.4)

  • In 2018.4.1.4, when you specify the shell-style regular expression that identifies documents in the document cache, you can specify the cache key to identify a single document to manage. The management operations are as follows.
  • In 2018.4.1.2, when you view the status information about the document cache, the data now includes the number of expired documents in the cache. [Learn new information]Learn more...

Enhanced API schema for message validation (2018.4.1.1, 2018.4.1.2, 2018.4.1.4)

  • In 2018.4.1.4, you can specify which part of the WSDL file to validate the XML message against.
    • The QName of the WSDL port
    • The name of the WSDL operation
    • The name or direction of the WSDL input, output, or fault
    • The name of the WSDL message part that defines the content of a MIME attachment
  • In 2018.4.1.2, you can choose to accept or reject all JSON, XML, or WSDL messages without specifying a schema.
  • In 2018.4.1.1, the following changes support different schemas for message validation.
    • When you configure an API definition, you can assign an API schema that defines the location of a WSDL file for SOAP message validation. [Learn new information]Learn more...
    • When you configure an assembly validate action, you define the type of schema to validate against. [Learn new information]Learn more...
  • In 2018.4.1.1, various choices exist based on the message type is JSON or XML.
    • For JSON, you specify the location of a JSON schema.
    • For XML, you specify the type of XML schema that is either XML or WSDL.
      • When XML, specify the validation mode that is either the entire input message or only the body element of a SOAP message and the location of the XML schema.
      • When WSDL, specify the location of the WSDL schema

Enhanced OAuth support (2018.4.1.0, 2018.4.1.1, 2018.4.1.3, 2018.4.1.4)

  • In 2018.4.1.4, configure JSON Web Token (JWT) as a grant type in OAuth provider setting. When you set the supported grant types in OAuth provider settings, you can select JWT as a grant type. [Learn new information]Learn more...
  • In 2018.4.1.3, control the lifetime for an OAuth authorization code. When you define API Connect as the OAuth provider and the grant type is an authorization code, you can define the lifetime for authorization codes. [Learn new information]Learn more...
  • In 2018.4.1.1, enable security on the advanced scope endpoint in OAuth provider settings. When you define the OAuth provider for API processing, you can enable security on the advanced scope endpoint. When enabled, define the following settings as appropriate.
    1. Specify how to secure connections. The only supported method is to use the basic authentication header.
    2. Specify the user name for authentication.
    3. Specify the password alias for authentication.
    4. Specify the request header that contains the authentication string to send.

    [Learn new information]Learn more...

  • In 2018.4.1.1, control whether OAuth refresh tokens are one-time use. You can control whether the refresh token is one-time use or can be reused until it expires or is revoked. This control is available for API processing and traditional DataPower processing.
    • For API processing, use the One-time use refresh token property in the OAuth provider setting configuration. [Learn new information]Learn more...
    • For traditional DataPower processing, use the Features property in the OAuth client profile configuration. [Learn new information]Learn more...
  • In 2018.4.1.0, configure OIDC and PKCE in OAuth provider settings. When you define the OAuth provider for API processing, you can define OpenID Connect (OIDC) and Proof Key for Code Exchange (PKCE) support.
    • OIDC support applies to a grant type of authorization code or implicit grant. By default, OIDC support is enabled and requests an ID token and an authorization code from the authorization endpoint.
    • PKCE support applies to only the authorization code grant type. By default, the following PKCE support is disabled.
      • Whether the application must use PKCE.
      • Whether to support the PKCE plain code challenge transform method.
      For information about PKCE, see RFC 7636: Proof Key for Code Exchange by OAuth Public Clients.

      [Learn new information]Learn more...

  • In 2018.4.1.0, set the SSL profile to secure the override to the OAuth scope-validation endpoint. When you define the API OAuth security definition, you can specify the following connection details for the override to the advanced scope endpoint in the referenced OAuth provider settings. In previous releases, you could specify only the URL. In this release, you can specify which SSL client profile to secure the HTTPS connection. [Learn new information]Learn more...

Control whether to inject HSTS headers in GUI responses (2018.4.1.1)

By default, the DataPower Gateway uses a self-signed certificate during the handshake. For security, you should create a custom profile that uses different keys and certificates. After you create and assign the custom profile, ensure that responses from the DataPower GUI inject HTTP Strict Transport Security (HSTS) headers. [Learn new information]Learn more...

Additional algorithms for signing JSON (2018.4.1.0)

You can use the following algorithms for signing JSON.
  • RSASSA-PSS using SHA-256 and MGF1 with SHA-256 (PS256)
  • RSASSA-PSS using SHA-384 and MGF1 with SHA-384 (PS384)
  • RSASSA-PSS using SHA-512 and MGF1 with SHA-512 (PS512)
You can use these algorithms when you configure the following objects.

You can use these algorithms with the jose.createJWSHeader() GatewayScript API. [Learn new information]Learn more...

Manage DataPower Gateway for Docker images (2018.4.1.0)

You can obtain edition-based DataPower Gateway for Docker images from IBM Passport Advantage®.
  • The images from Docker Hub and IBM Fix Central are for DataPower Gateway for Developers, which does not include IBM Software Subscription and Support.
  • The images from IBM Passport Advantage are for the production, nonproduction, and developers edition of DataPower Gateway for Docker

[Learn new information]Learn more...

Increased operational resiliency when providing gateway service for API Connect (2018.4.1.0)

Added the API Connect Gateway Service that enables you to prepare the DataPower Gateway to provide gateway service for IBM API Connect Version 2018.

When you configure and enable an API Connect Gateway Service, DataPower loads a gateway framework that is ready to be connected and receive API configuration data from API Connect. The gateway framework is compatible with API Connect Version 5.

When you connect a DataPower Gateway to IBM API Connect through the API Connect Gateway Service, you can set compatibility mode.
  • When set to V5 compatibility, DataPower loads a gateway framework that is compatible API Connect V5.
  • When not set to V5 compatibility. DataPower creates an API Gateway in the domain after the gateway service receives settings from API Connect.

You can create, run, and secure your APIs with the DataPower API Gateway service. The API Gateway exposes APIs to the calling applications, and provide processing actions that enable the APIs to integrate with various endpoints. When a request arrives at the API Gateway, the gateway routes the request to the target API and runs the API to access the backend resources that are made available through the API.

The DataPower Gateway stores the gateway configuration as native DataPower configurations. [Learn new information]Learn more...

Comply with the Open Banking Security Profile standard (2018.4.1.0)

To be compliant with the Open Banking Security Profile Draft v1.1.2 standard, the at_hash, c_hash, and s_hash claims are mandatory. [Learn new information]Learn more...

Control KEX and MAC algorithms for SSH profiles (2018.4.1.0)

When you configure an SSH client, SSH domain client, or SSH server profile, you can control which key exchange (KEX) and message authentication code (MAC) algorithms to support. Previously, you could control only the cipher suites. [Learn new information]Learn more...

Require applications to use PKCE for authorization codes in an AAA policy (2018.4.1.0)

When you define the OAuth client for an AAA policy, you can configure an OAuth feature to indicate that applications must use Proof Key for Code Exchange (PKCE) for the authorization code grant type. [Learn new information]Learn more...

Remotely debug a GatewayScript file (2018.4.1.0)

You might want to debug a GatewayScript remotely during development. To enable remote debugging, you must enable the local debug endpoint and potentially modify the connections details. [Learn new information]Learn more...

Automatically accept the terms of license agreement for DataPower Gateway for Linux (2018.4.1.0)

You can use the DataPowerAcceptLicense directive in the datapower.conf file to automatically accept the terms of the license agreement for DataPower Gateway for Linux. When this directive is not exposed and set to true, you must access the DataPower GUI to accept the terms of the license agreements. [Learn new information]Learn more...

Create ILMT packages for DataPower Gateway for VMware (2018.4.1.0)

For DataPower Gateway for VMware, you can create IBM License Metric Tool packages on a schedule or on demand. [Learn new information]Learn more...

Support W3C Canonical XML 1.1 (2018.4.1.0)

Added Canonical XML 1.1 support.

  • Added support as additional algorithm choices to the dp:canonicalize extension element and the dp:canonicalize(), dp:sign-hmac(), and dp:sign-hmac-set() extension functions.
  • Added support as addition algorithm choices to a sign action for all envelope methods except the WSSec method.
  • Added support as an optional canonical version parameter to the c14n-hash() and c14n-hash-set() extension functions.

XML canonicalization version 1.1 is based on Canonical XML Version 1.1 dated 2 May 2008. [Learn new information]Learn more...

New XSLT extensions to handle binary and string conversions to JSONx (2018.4.1.0)

You can use the following XSLT extension functions to manage binary and string conversion to JSONx. In some cases, you could use the dp:binary-encode() and dp:binary-decode() functions with additional stylesheet customization.
  • The dp:binaryNodeToJSONx function that converts a binary nodeset to a string. [Learn new information]Learn more...
  • The dp:binaryNodeToString function that converts a binary nodeset to a JSONx nodeset. [Learn new information]Learn more...
  • The dp:isBinaryNode function that checks whether the data is a binary nodeset. [Learn new information]Learn more...
  • The dp:StringToJSONx function that converts a string to a JSONx nodeset. [Learn new information]Learn more...

New XSLT extension to delete stylesheets from the stylesheet cache (2018.4.1.0)

You can use the dp:clear-ss-cache() function to delete stylesheets that match a pattern from the XML manager stylesheet cache. [Learn new information]Learn more...

Validation of local time changes in the GUI (2018.4.1.0)

  • When you manage NTP servers or when you set the time zone for the DataPower Gateway in the GUI, the Local Time field contains the local time after the screen refreshes.
  • After you log in to the GUI, the banner includes the local time for the DataPower Gateway.