Release notes for RunMyJobs releases 9.2.11.0 through to 9.2.11.2

Before: When a socket is closed without informing the job was put to Error.

After: When we get a SocketException we will put the job in the monitor tree again so we can finish the job.

Before: It could be that the connection ended because the socket was closed to early.

After: The connection is now retried a MaxNumberOfConnectionRetries (That can be set by a ProcessServer parameter).

Before: It could be that the job runs into error while retrieving files from AS400.

After: Before using the connection to retrieve files we will check if we have a valid connection. If we don’t have a valid connection we retry to create a valid connection. This only works for AS400 V7R1 and up.

Before: It could be that the event monitor thread is shutdown without notifying the process server when an unexpected exception is thrown.

After: An unexpected runtime exception is catched and the monitor thread will continue.

It is now possible to create multiple JobDefinitions at once when importing process or report definitions out of the PeopleSoft system.

For every found process or report a single import job will be started as child job.

Before: When you are using an EBS job in a jobchain it is not possible to use restart status handlers because a mandatory userName field is not set.

After: The mandatory username check is removed as this field is set when the status handlers are used.

Before: Adding child jobs of a monitored job is slow.

After: Adding monitored jobs will be done in separated thread so the adding of child jobs is much faster.

Before: If an AS400 job is started the connection can still be invalid and a SocketException is thrown. The job will end up into error.

After: If a SocketException is thrown when starting a job we will catch this exception and retry the start by creating a new connection. This is done AS400ConnectionRetry (default 5) times.

Before: For Concurrent programs that are normally initiated through a Java/JSP form an incorrect LoV for the possible Responsibilities was generated.
After: the correct list of Responsibilities is now returned.

Before: When starting a job the connection can still fails to the AS400. The job will end up in error with a connection failure.
After: We now retry the connection when a job is started.

Before: JDBC jobs always apply a ‘commit’ after the job is run. JDBC connections could not be influenced to to set the ‘auto commit’ function disabled.

After: On a Database connection it is now possible to specify the Auto Commit option. The options are:
Transaction Based (Default): A commit is applied at the end of a job.
AutoCommit On: Each SQL statement will be executed in its own transaction and is implicitly committed.
AutoCommit Off: No commit is done. If you want to commit your SQL commands, you must commit the transaction explicitly.

Before: FileSearch only looked for a file with the exact name from the filename parameter. So test*.bin would only match a file with the exact name test*.bin and not, for example, test1.bin.

After: FileSearch supports “glob” wildcards in the filename parameter. That means that the pattern test*.bin will match files with the names test*.bin, test1.bin, and test_anything.bin.

Before: Testing the JDBC Database connection to a JDBC driver could fail, due to errors initialising the class, preventing the creation of the Database object. This is most often seen with MySQL and Snowflake drivers. 

After: The validation uses less resources, and works in more cases. Specifically for MySQL, this allows the generation of JDBC connection to the database.

Before: When many jobs are deleted, which did run on a process server which is currently not running, then the background job System_DeleteJobFiles could cause an OutOfMemory exception.

After: the background job System_DeleteJobFiles should not cause an OutOfMemory exception anymore.

Before: internal references to database tables were potentially set incorrectly (a duplicate prefix in the CustomTableName column of the ObjectDefinition table ).

After: existing references will be repaired and new references will be set correctly from the start.

Before: Calls to UserMessage.renderHistoryAsHTML caused a formatting-related exception.

After: Formatting has been fixed and UserMessage.renderHistoryAsHTML can be used again.

Before: Clearing raised events inside loop immediately. No possibility to start process when one of few events raised.

After: Raised events are clearing after all job preconditions loop finished. User is able to start a process when one of many events have been raised. Events ware cleared after all preconditions were run.

Before: For Trigger imported/duplicated LogLevel value looked properly but for Extension Point was set to default Trace value.

After: Import and duplication of Trigger and Extension Point setting LogLevel field to value from file or duplicated object.
For Triggers and Extension points exported before 9.0.14 and have the Log enabled will default back to have them not enabled.

Before: RunMyJobs was using Tomcat 9.0.70, in which a security issue has been found (CVE-2023-28708).

After: Tomcat has been upgraded to 9.0.73, where the security issue is resolved.

NOTE: The vulnerable classes from the CVE are not used, however the version is being upgraded out of precaution.

Before: When you create a SOAP request you could only get the XML response back.

After: It is now also possible to retrieve the inputStream. To get the inputStream you need to change your redwood script call for sending the request. Instead of using request.send(), you need to call request.sendRequest(true). e.g.

SOAPRequest req = SOAP.createSOAPRequestFromJob();
... Set everything correctly on the req.
req.sendRequest(true);
InputStream s = req.getResponseInputStream();
... Handle the inputStream

Before: Occasional "DispatcherAgent.onMessage caught exception java.util.ConcurrentModificationException: null" errors and "Found InUse locks without jobs" warnings
could be reported in the scheduler log under heavy load of running jobs that made extensive use of job locks.

After: No occasional lock warning or errors reported in the scheduler log under heavy load of running jobs that made extensive use of job locks

Before: In certain cases, some modules were using a deprecated API, this API was removed in 9.2.10.0, thus causing some modules to break.

After: This API has been added back in for binary compatibility. It has been marked as DEPRECRATED, and will be removed again in a future release.

Note: The modules shipped with the product had all been updated to no longer use this API, however modules from previous upgrades still had references to this incorrect API.

Before: SOAP related jobs could run into problems as of version 9.2.11.0
After: SOAP related jobs will behave as correctly as before again.

BEFORE: In some circumstances, an error was shown when interrupting a thread from the support page

AFTER: No error is shown when interrupting a thread from the support page

Before: For process definitions System_ArchiveAuditObjects and System_ExportAuditObjects, the Partition field was a string, and the Business Key Contains field was a Partition dropdown.

After: For process definitions System_ArchiveAuditObjects and System_ExportAuditObjects, the Partition and Business Key Contains fields have been corrected.

Before: Job will get Exception: 104: "BAPI_XBP_GET_BDCQID" after the job gets completed if it is impossible to set the "BAPI_XBP_GET_BDCQID" to "Remote-Enabled"

After: Job will not get Exception: 104: "BAPI_XBP_GET_BDCQID" after the job gets completed if the "BAPI_XBP_GET_BDCQID" is "Remote-Enabled"

Before: Since 9.2.9 XBP transport is not required to be installed, ISU transport cannot be installed properly without XBP transport

After: ISU transport is now independent of XBP transport.

Before: RunMyJobs was using Tomcat 9.0.73, in which a security issue has been found (CVE-2023-28709)

After: Tomcat has been upgraded to 9.0.75, where the security issue is resolved.

NOTE: The configuration of RunMyJobs precludes the vulnerability, however the version is being upgraded out of precaution.

Before:
Agent definition types of Perl, Python, Groovy, R and Java could not handle a white-space in the Windows %PATH% setting for the programs,
e.g. C:\Program Files\Python.
After:
All Agent definition types can now handle white-space in the path names, if the vendor of the product allows that as well.

Before: Platform agent executable files on Windows were signed by “Redwood Software Nederland B.V.” issued by certificate authority ‘Go Daddy’
After: Platform agent executable files on Windows are now signed by “Redwood Software, Inc.”, issued by certificate authority 'DigiCert'

Before

Platform Agent uses OpenSSL 1.1.1q

After

Platform Agent uses OpenSSL 1.1.1t which includes the following CVE fixes:

• Fixed X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) High severity
• Fixed Use-after-free following BIO_new_NDEF (CVE-2023-0215) Moderate severity
• Fixed Double free after calling PEM_read_bio_ex (CVE-2022-4450) Moderate severity
• Fixed Timing Oracle in RSA Decryption (CVE-2022-4304) {Moderate severity]

Before:
A job that runs 'jtool scp', using password authentication, would fail when running against an SSH server that has 'keyboard-interactive authentication' enabled.
The stderr.log file would show debug messages like:
DEBUG … 12345-jscp secure.plib - Attempting keyboard-interactive authentication
DEBUG … 12345-jscp secure.plib - Keyboard-interactive authentication prompts from server:
DEBUG … 12345-jscp secure.plib - get_userpass: name=SSH server authentication instruction=<null> prompt=| Password:
ERROR … 12345-jscp secure.plib - Credential system does not yet handle prompt of type SSH server authentication

After:
Jtool SCP will now successfully find the user and lookup credentials in the 'jtool scp <user>@<remote SSH host>' command, as before.

Before:
Submitting a ‘jmail’ job without specifying the ‘-port’ parameter and without explicitly specifying a port entry in the scheduler’s registry, would result in an error like:
jmail] opsys.socket - Cannot find IP address of ‘mail-relay.example.org:-1' service 25: Name or service not known

After:
Submitting a 'jmail’ job without explicitly providing a port number, will use port 25 as default.

Before: SAP jobs running in parallel may fail if they are converting spool to XLSX

After: SAP jobs running in parallel don’t fail when converting spool to XLSX

Before: REST based BOBJ connector can only submit report with report id

After: REST based BOBJ connector can also submit report with Cuid

Before: Skipped process chains cannot be monitored properly

After: Skipped process chains can be monitored properly

Before: Start up of the SAP process server could fail due to invalid registry values

After: Start up of the SAP process server will be succeed with invalid registry values

If configured, send Application-Interface-Key header on all requests to SAP BOBJ when using BOBJ car file.

Before: Cannot monitor skipped processes in process chains.

After: Process chains with skipped processes are properly monitored

Before: Running SAP_Info against some SAP systems would cause it to error out with a NullPointerException.

After: Running SAP_Info against these systems works correctly.

Before: Potential NPE by create/remove BW Chain operator messages

After: Fixed NPE

Before: The product shipped with guava 30.1.1, which was vulnerable to CVE-2020-8908 and CVE-2023-2976.

After: The guava library is updated to 32.0.0, which resolves these vulnerabilities.

NOTE: The product does not use the affected classes, and so is not vulnerable to either CVE, however we have decided to update the library out of an abundance of care.

Before: When using the product over https, the CSRFTOKEN cookie was not set with the secure flag.

After: When using the product over https, the CSRFTOKEN cookie now has the secure flag set, thus making it harder for the cookie to be intercepted.

Before: In the user settings, “Use basic HTML Chain Editor” option is not deprecated.
After: the setting “Use basic HTML Chain Editor” is now marked as deprecated.

Before: When a library that is used by a process definition is updated, an audit record is created for the change, however the audit for the process definition currently does not show the library change:

M JobDefinition:FCA.CUS_FCA_TRN_Read_Journal_RTX
      M Script:FCA.CUS_FCA_TRN_Read_Journal_RTX

After: When a library is changed, objects that are modified because of it will show that in their audit trail:

M JobDefinition:FCA.CUS_FCA_TRN_Read_Journal_RTX
    M Library: GLOBAL.Custom_FCA has been updated directly or indirectly

Before: Not all registry entry from /configuration/jcs has related configurationoptions

After: Created lacking configurationoptions for registry entry with /configuration/jcs path

Before: Registry entries lastTimestamp and queries were in /configuration/jcs/billing (/configuration/jcs/billing/lastTimestamp and /configuration/jcs/billing/queries)

After: Registry entries lastTimestamp and queries are moved to /system/UsageDataCollection (/system/UsageDataCollection/lastTimestamp and /system/UsageDataCollection/queries)

Before: Import SubjectObjectPrivilegesGrants override existing grants but doesn’t change flag 'exportable'. If grant doesn’t exist in file then is removed depenently on config.

After: Import SubjectObjectPrivilegesGrants override existing grants included change flag 'exportable'. If grant doesn’t exist in file then it is removed when 'exportable' in existing grant.

Before: Import SubjectObjectTypePrivilegeGrants and GlobalPrivilegeGrants override existing grants but doesn’t change flag 'exportable'. If grant doesn’t exist in file then is removed depenently on config.

After: Import SubjectObjectTypePrivilegeGrants and GlobalPrivilegeGrants override existing grants included change flag 'exportable'. If grant doesn’t exist in file then it is removed when 'exportable' in existing grant.

Before: The first time the System_AggregateHistory job run after the upgrade, it may collect usage data for a long period. Therefore the job may run a long time. It is not possible to see the job is actually progressing.

After: The job log now shows some progress, making it possible to check if the job indeed progressing and guessing how long it still will take to finish.

SAP JCo has been updated to the latest 3.1.7 release.

Before:
SQLPLUS runner did not consider $ORACLE_SID nor the existence of ‘oraenv’.
After:
SQLPLUS runner does now check for the existence of the and ‘oraenv’ script. The location of the script must be part of the $PATH setting and $ORACLE_SID must be provided as environment variable.
When these prerequisites are fulfilled, the SQLPLUS runner will use ‘oraenv’ to determine $ORACLE_HOME and the location of the ‘sqlplus’ executable.
When ‘oraenv’ cannot be located or $ORACLE_SID is not provided as envrionment variable, the SQLPLUS runner will use the previous behavior to try an find a suitable ‘sqlplus’ executable and determine $ORACLE_HOME for it.

Before:
jtool scp, using credential lookup, could fail when receiving unknown SSH server prompt, raising error: 'Credential system does not yet handle prompt of type SSH server: Password authentication'

After:
jtool scp will now recognize the prompt and continue looking for available credentials to establish a connection

Before: Under rare conditions of intermittent connection problems with the SAP system, SAP_RunTemplateJob could have submitted multiple jobs in SAP.

After: SAP_RunTemplateJob will not submit multiple jobs in SAP.

SAP_Info definition has been extended to indicated if the SAP system is S/4 HANA

Before: The error message returned for a missing view privilege on Format.CAR in the CTS+ integration is not clear.

After: The error message indicates that a view privilege on Format.CAR is missing

Before: RFC scripting can not retrieve SAP table larger than 512 characters

After: RFC scripting can retrieve SAP table larger than 512 characters if the SAP system supports it (SAP note 2246160)

Before: Dataservice job cannot get final status when the session id becomes invalid or the batch job is not started
After: Handle invalid session id and batch job not starting exception properly, set data service job to final status.

Before: The RTX Viewer only displayed the total row count in the summary panel like: Rows <total>

After: The RTX Viewer now also displays the filtered row count in the summary panel like: Rows <filtered>/<total>

Before: Always use of default mailto email and subject to redirect when Help me Automate button is selected
After: Registry key /configuration/ui/HelpMeAutomate to change the default transition value, this can be either an email or a url (for instance to link to your ITSM solution)

Before: Product Information dropdown has an option to navigate new user interface.

After: Additionally a button added upfront to title bar with the same behavior to navigate a new user interface

Before: Trying to load a chain in the editor that had more than 100 distinct process definitions in it would fail.

After: These chains can now be edited.

Before: Opening the ‘more’ dialog from an autosuggest dropdown sometimes resulted in a blank page

After: The ‘more’ dialog from an autosuggest dropdown works again

Before: The click button action does not work correctly
After: Able to open an internal mail client with predefined TO and SUBJECT fields

Before: There was a case present where a class loader which loaded a SQL driver from a library which was used in a JDBC service and a job could be closed and a NoClassDefFoundError error was thrown from the connection pool of the JDBC service. This could also affect extension points through a slightly different mechanism, but with the same net effect.

After: The implementation now is not throwing away a class loader when its classes are still in use.