# DMZ Adapter Release 3.0
We upgraded! What's new? Learn more about new features, technical changes and solved bugs in 4App DMZ Adapter.
Note on upgrading: If you skip a version when upgrading, check all release and patch notes in between for important information. They apply cumulative.
Breaking Changes
Major version 3.0 contains breaking changes and important upgrade instructions that should be read carefully.
# Breaking Changes
# Discontinue Support for Windows Server and Linux
Starting with DMZ adapter release 3 we only support installations with Docker. Windows Server and Linux installations are not supported anymore. The app in the 4Allportal for downloading the DMZ adapter is therefore no longer available.
What to do: Upgrading to 3.0 is only possible
- after upgrade 4ALLPORTAL to 4.3 or higher
- after moving DMZ Adapter from Windows Server/Linux to Docker. For production use, Docker should run on a Linux Server.
- remove the DMZ adapter app if it is installed
# Parameter dam_url removed because is obsolet
The dam_url/DAM_URL parameter is no longer required and should be deleted from the configuration (docker-compose or dmz-adapter.xml config file)
# Move parameters from config to environment variables
The configuration file should have to be adapted as rarely as possible so that the Docker image can be updated easily.
Everything expect caches and endpoints is removed from dmz-adapter.xml.
Therefor the following parameters removed from xml configuration and only available as environment variables now.
If existing configuration contain values in xml they have to be converted to environment variables and set in container configuration.
| Old Parameter | Environment variable | Default value |
|---|---|---|
| log_level | LOG_LEVEL | INFO |
| http_port | HTTP_PORT | - |
| https_port | HTTPS_PORT | - |
| listen_http_port | LISTEN_HTTP_PORT | - |
| listen_https_port | LISTEN_HTTPS_PORT | - |
| redirect_http | REDIRECT_HTTP | false |
| server_name | SERVER_NAME | - |
| server_alias | SERVER_ALIAS | - |
| source | SOURCE | / |
| target | TARGET | - |
| check_4apsession | CHECK_SESSION | true |
| remove_session_after_minutes | REMOVE_SESSION_AFTER_MINUTES | 60 |
| max_connections | MAX_CONNECTIONS | 32768 |
| idle_timeout | IDLE_TIMEOUT | 90000 |
| timeout | TIMEOUT | 1200000 |
| request_buffer_size | REQUEST_BUFFER_SIZE | 4096 |
| response_buffer_size | RESPONSE_BUFFER_SIZE | 1200000 |
| remove_request_header | REMOVE_REQUEST_HEADER | - |
| remove_response_header | REMOVE_RESPONSE_HEADER | - |
| restrict_login | RESTRICT_LOGIN_ENABLED | true |
| after_logins | RESTRICT_LOGIN_AFTER_LOGINS | 10 |
| tries | RESTRICT_LOGIN_TRIES | 3 |
| remove_older | RESTRICT_LOGIN_REMOVE_OLDER | 10 |
| ssl enable | SSL_ENABLED | false |
| key_store_password | SSL_KEYSTORE_PASSWORD | 123456 |
| key_manager_password | SSL_KEY_MANAGER_PASSWORD | 123456 |
| exclude_protocols | SSL_EXCLUDE_PROTOCOLS | - |
| exclude_cipher_suites | SSL_EXCLUDE_CIPHER_SUITES | "^.(CBC).$" "TLS_DHE.", "TLS_EDH."" |
# Endpoints which not supported from 4ALLPORTAL are removed from DMZ Adapter
- /service/usermanagement/authentication_provider/list
- /service/usermanagement/login
- /service/usermanagement/logout
- /service/amf
- the AdministrationRemoteService is removed
# New Features and Improvements
# New environment variables
There are some new environment variables which not exist before.
| Environment variable | Default | Description |
|---|---|---|
| BEARER_TOKEN | Bearer token is necessary to access the 4ALLPORTAL | |
| SSL_CONTEXT_FACTORY | false | When true output ssl infos in system log |
# How to Get These Improvements
- Upgrade 4App Core Engine to version 4.3
- Replace Windows or Linux installations with docker installations