4.15.04.00 - Apigee Edge for Private Cloud release notes

On Tuesday, May 19, 2015, we released a quarterly version of Apigee Edge for Private Cloud.

The former product name "Apigee Edge On-premises" or "OPDK" is now "Apigee Edge for Private Cloud".

If you have questions, go to Apigee Customer Support.

For a list of all Apigee Edge release notes, see Apigee Release Notes.

New features and enhancements

Following are the new features and enhancements in this release.

OpenLDAP - installation and upgrade

OpenLDAP is now the only LDAP server supported by Edge for new and upgrade installations.

API Services

Following are new features and enhancements in Edge API Services.

WebSockets

To enable real-time web communications between a web client and server, Edge supports the WebSocket protocol. Edge can play the role of either client or server in WebSocket communications. For information on setting up and using WebSockets in Edge, see the Apigee Edge for Private Cloud Using WebSockets guide.

External auth provider support for API management

Edge integrates with Active Directory and other external auth providers/LDAP systems that contain your API administrative users. For more information, see the Edge for Private Cloud External Authentication Configuration guide.

Co-branding in the management UI

You can co-brand the Edge management UI with your own custom logo, which appears next to the Apigee logo. For more information, see "Adding a custom logo to the Apigee UI menu" in the Apigee Edge for Private Cloud Operations Guide.

Node.js Logs in Trace

When debugging Node.js API proxies, you can enable the Node.js Log feature in the API proxy editor's Trace view. To enable the feature, set apigee.feature.disableNodeJSLogs="false" in either the apigee-base.conf or apigee-onpremise.conf file in your installation. For more information about Node.js Log, see Debugging and troubleshooting Node.js proxies.

Password expiration

In Edge 4.15.01.x, Edge passwords automatically expired after 30 days. That meant a user became locked out unless they changed their password before it expired. However, it also caused the system administrator's password to expire so that the sys admin was locked out of Edge.

When you upgrade to 4.15.04.00, the default changes so that passwords do not expire. If necessary, you can configure Edge passwords to expire by using the /opt/apigee4/bin/apigee-enable-pwlockout.sh script. For more information, see the Apigee Edge for Private Cloud Operations Guide.

Limiting sysadmin access to specific email domains

You can restrict membership in the sysadmin or sysadmin read-only roles to users in specific email domains. To enable this feature, add the allowed domains to the apigee4/conf/apigee/management-server/security.properties file, as described in the Apigee Edge for Private Cloud Operations Guide.

Management UI error messages

Error message display in the management UI has been redesigned to use screen real estate more efficiently.

New OAuthV2 fault variables

These new fault-related variables are set by the OAuthV2 policy:

  • oauthV2.<policy-name>.failed - Set to true if the policy failed.
  • oauthv2.<policy_name>.<fault_name> - The name of the fault. For example, invalid_request
  • oauthv2.<policy_name>.<fault_cause> - The fault reason. For example: Token Expired

See http://apigee.com/docs/api-services/content/oauthv2-policy.

Product creation

When creating a new product, you can now specify the product name in addition to the display name.

See http://apigee.com/docs/developer-services/content/creating-api-products.

UI for removing users from an organization

On the Organization Users page in the UI, the Delete button was replaced with a Remove button. This is to help make it clear that when you remove a user from an organization, that user's Apigee account remains active.

See http://apigee.com/docs/api-services/content/managing-organization-users.

Filtering options in management UI

On the API Proxies, Products, Developers, and Apps pages in the management UI, new filtering options are available for search.

Offline Trace tool

The Offline Trace tool lets you view and analyze trace sessions that were previously saved. A saved trace session is essentially a "recording" of a trace session, and can be useful for cases where troubleshooting and further analysis is required. The UI for the Offline Trace tool is similar to the "live" Trace tool.

For more information, see Using the Offline Trace tool.

User roles displayed in User Settings

On the User Settings page of the management UI (username > User Settings), the user's roles are now displayed.

Edge management UI enhancements

This release includes a number of small usability and consistency improvements in the Edge management UI.

Analytics Services

Following are new features and enhancements in Edge Analytics Services.

Six months of data available

When generating analytics reports with the management UI or API, data older than six months from the current date is not accessible by default. If you want to access data older than six months, contact Apigee Support.

Variables added to analytics

The following new variables are passed to Edge analytics, visible in the AX stage of the API proxy trace window.

  • apigee.edge.execution.is_target_error - Lets you identify whether API errors are target-side errors (value "1") or non-target errors for unsuccessful HTTP responses (value "0"). The value is null for a successful HTTP response.
  • apigee.edge.execution.is_policy_error - Lets you identify if a policy failed (value "1") or no policy failed in an unsuccessful HTTP response (value "0"). The value is null for a successful HTTP response.
    The following related variables provide details of the policy that failed first. The values are null if no policy failed.
    • apigee.edge.execution.fault_policy_name - The name of the policy that failed.
    • apigee.edge.execution.fault_flow_name - The name of the flow in the policy that failed (such as PreFlow, PostFlow, or a user-defined flow).
    • apigee.edge.execution.fault_flow_state - The location where the policy was attached in the flow. Possible values: PROXY_REQ_FLOW, TARGET_REQ_FLOW, TARGET_RESP_FLOW, PROXY_RESP_FLOW.

Dashboards

  • Performance charts for APIs, Developers, Products, and Developer apps have moved. They used to be shown at the bottom of the main pages for these entities. Now, you access the charts by selecting the Analytics tab at the top of each page.
  • This release includes major work on these existing or new dashboards:
    • Apigee Dashboard (Revised): Includes three metric charts: Proxy Traffic, Developer Engagement, and Developer Apps. Each chart provides a "more details" view that lets you drill into each metric. See Apigee dashboard.
    • Proxy Performance (New): Shows API proxy traffic patterns and processing times. Replaces the API Proxy Performance dashboard. See API Proxy Performance.
    • Traffic Composition (Revised): Completely revised dashboard look and feel and contents. Measures the relative contribution of your top APIs, apps, developers, and products to your overall API program. See Traffic composition.
    • Error Analysis (Revised): Completely revised look and feel and contents. Shows error rates for API proxies and targets. See Error Code Analysis Dashboard.
  • These existing dashboards have been renamed:
    • Endpoint Performance was renamed to Target Performance: Shows traffic patterns and performance metrics for API proxy backend targets. See Target performance.
    • Partner Engagement was renamed to Developer Engagement: Shows you which of your registered app developers are generating the most API traffic. For each of your developers, you can find out who is generating the most API traffic and the most errors. See Developer engagement.

Developer Services

Following are new features and enhancements in Edge Developer Services.

Swagger 2.0 support for SmartDocs

SmartDocs supports importing Swagger 2.0 specification documents and maintains backward compatibility with Swagger 1.2. Support for security scheme objects and centralized schemas will be available in a later release.

Monetization

Following are new features and enhancements in Edge monetization. See also the "Known issues" section for more information about monetization.

Separate handling of Companies and Developers

Companies and developers are now handled separately, allowing for more flexibility in adding multiple companies to developers and multiple developers to companies. The management UI now provides separate windows for "Companies" and "Developers" (accessible from the "Publish" menu).

See Manage companies and developers.

In monetization reports, companies remain a primary filter, though the filter label has changed from "Developers" to "Companies".

Bugs fixed

The following bugs are fixed in this release.

Issue ID Description
OPDK-954 4.15.01 Cassandra schema is not upgraded
MGMT-1986 UI error while adding developer
MGMT-1983 Get an OAuth 2.0 authorization code API returns wrong status
MGMT-1962 Error logging into management UI with strong password
Logging into the UI with certain special characters, such as the percent sign, no longer fails.
MGMT-1894 Developer Apps page never finishes loading for the developer column
MGMT-1872 Not able to download custom reports
MGMT-1777 Cannot add user with email address which has a TLD of .acn
MGMT-1362 Forgot Password email does not work if the Email address contains '_'
Fixes password reset issue in Private Cloud with email addresses that contain an underscore.
CORERT-613 SSL handshake failures due to "unrecognized_name"
APIRT-1346 OAuth2.0 - Hashed value is returned in access token response when hash.oauth.tokens.enabled is true

This release also contains bug fixes from the following releases:

Edge Cloud Edge for Private Cloud

Known issues

This release has the following known issues.

Issue ID Description
N/A

Two Cassandra scripts, which the installer uses in the monetization install or upgrade, were not included in the release.

To work around this, run the following commands after the Cassandra installation or upgrade to complete the monetization installation/upgrade:

  • apigee4/share/apache-cassandra/bin/cassandra-cli -h {host} -f apigee4/share/monetization/schema/migration/MOPDK4.15.04.00/360-company-developers.txt
  • apigee4/share/apache-cassandra/bin/cassandra-cli -h {host} -f apigee4/share/monetization/schema/migration/MOPDK4.15.04.00/320-update-notification-service_item.txt
CORERT-318 API calls with large payloads (100s of KB) can sometimes hang. To work around this issue, set the following property value in your router.properties file:
HTTPServer.streaming.buffer.limit=0 (the default setting is 10)