Inventu Viewer+ Software Updates

Support for OAuth2 OpenID Connect, Improved Support for Clustered Servers and Additional Fixes and Enhancements

Inventu Viewer+ Base Product and Components

(Version: 6.0.81 September 20, 2022)

FVTerm Web Terminal Emulation

• Oauth2 OpenID Connect has been added as an identity management option. Tested with Auth0, Okta, Salesforce and Microsoft Azure AD.
• The FVHealth.aspx module, used by load balancers to check on the health of a server has been updated to incorporate the new “Server Report Over Percentage” Advanced setting in the Profiles Configuration page. When the Server Report Over Percentage is set to a different value than 0, there will be a calculation based on other server availability—if the server reporting has fewer available sessions by the percentage set, it will report “OVER” instead of “ACTIVE” as part of the status message.  An example message returned is “OVER – 123 Sessions Available; Other Server(s)=137, Over=11%”.   This will also return the Server Unavailable Response Code if it is something other than 200.
• Some 3270 screens that extensively used extended attributes broke the password recognition javascript so that a password field would not be masked with asterisks. Was happening if a password entry field was defined and then had the color changed in the first character.
• SAML 2.0 active user information data is now saved to disk and restored if the FVTerm v4.0 Application Pool is recycled (also with OpenID Connect).
• The Web Socket Handler was improved so that the task monitoring terminal session changes is persistent and in a tight loop, communicating events to the websocket task via a queue–this was previously returning an event and then re-started following each host event or timeout.
• Web Socket handler cleanup following a websocket error or session closing is faster and more efficient in resource utilization.
• When a DBCS field contains a single blank, the ViewerLib API fix is interpreted in the Javascript using a new protocol command
• Function key recognition improved
• For 5250 and 3270 field formatted screens, clipboard paste of multi-row column data from a spreadsheet was not aligning with fields arranged as columns on a target screen. Rather than starting on the next row when the last field on a spreadsheet row was pasted, the paste would just continue on the next field, same row instead of starting on the next row.
• Some 5250 screens with certain attributes were rendered incorrectly due to a change intended to reduce data transmission sizes.
• Some host screen updates were locking the keyboard with a large buffer update followed by a small buffer with the keyboard unlock. Sync with the client was improved so that if an update is received and the keyboard is still locked, ½ second wait for next update to reduce buffers sent to the client.  Generally the wait is for a millisecond as the next buffer is right there.
• Default IO threads increased over prior default to improve performance with large number of active sessions
• The web API call that can be used for distributed load balancing (no load balancer needed), fvterm/Cluster/balanceinfo.aspx improved to better handle error conditions and service-down issues.

FlyServer Emulation Service

• Clustered server status tickets were upgraded to include complete status of the server sending the ticket.
• Clustered servers will now accept a new user or session start even when at full allocation for the concurrent user or session license. This will occur as long as other servers in the cluster have available sessions.  In prior versions, this would only occur if one or more of the other server(s) in the cluster were on hold or offline.  From this version on, a server will not reject a new connect unless all servers in a cluster are at full capacity.
• Clustered servers will now keep track of session availability to support the ability for a server in the cluster to report the new “OVER” status for a load balancer. This is further explained in the Profiles Mode Configuration and FVTerm Web Terminal Emulator sections.
• A character used for Telnet escape sequences was appearing in random SSH ASCII protocol buffers. This was being interpreted as a Telnet escape sequence (character is 0xFF) but then would not have a valid “next” character in the supposed sequence.  Between 2022F2 and 2022G1 this was logged and the active buffer abandoned.  In this release the 0xFF is converted to a blank and ignored (buffer is completed).
• TN3270 Internal buffer sizes could have 0xFF characters causing problems in rare circumstances. Fixed in this build.
• Unknown TN3270 WSF commands were being logged, but not including a comprehensive full buffer log (in the recordings folder as an “Event*.log” file). As part of a concerted effort to identify all unsupported protocol issues unknown WSF commands will now be fully logged.
• TN3270 IND$File binary downloads were hanging when a 0xFF character appeared as the last character in a buffer.
• TN3270 Modify Field commands with invalid offsets were being logged to the event log but without needed information to understand the possible issue—added comprehensive full buffer log.
• Added a new registry setting – “SessionTracking” which defaults to “no” –Session tracking creates a log in the data folder for each ID, like “Session_1.log” and so on.
• The text string “*TIMEOUT*” was causing logging in the data folder each time a session timed out. This was unintentional and causes the presence of trace files with nothing but timeout entries.  This has been changed to –TIMEOUT– to avoid this unnecessary tracing.
• TN5250 DBCS (Double Byte Character Set) had some combinations of field types that were not being properly translated at the server
• Tweaks for TN3270 IND$File file transfers to improve reliability on very large transfers and data escapes.
• SSH ASCII terminal types can include the 0xFF character in datastreams that was causing problems since this is a Telnet command escape character. If SSH, the 0xFF character will not cause an error if not part of a Telnet escape and will be replaced with a blank (0x20).
• Fixed trace issue that would create an event log entry for sharing problem with flyserv_n.log file
• Internal synchronization tweaked to avoid rare locking issues.

Profiles Mode Configuration

• Added new Security Option- Oauth2 OpenID Connect as well as the necessary configuration settings.
• Added a new entry on the Web Server tab in the Advanced section for clustered servers: Server Report Over Percentage.  This setting can produce better allocation of sessions between servers when it is found that a load balancer is allocating too many sessions or users to a particular server.  Due to round-robin being simplistic, this can happen most often when the active license is user-based.
• Online Help for Security was organized so that each Identity option has its own section now in the Table of Contents (OpenID Connect also added)

Diagnostics Dashboard

• First introduced in June, continuous improvements have been made to the Diagnostics Dashboard
  This provides extensive analysis of the Event Log to identify issues and corrective actions. It includes:
  • Parsing and analysis of active Event Log entries along with a consolidated viewer of Informational, warning and error events.
  • Suggested Actions along with linked help for identified issues
  • Tests of the active Emulation Service and the IIS FVTerm Application
  • Easy export of all diagnostic logs and events to a zip file for appending to an Inventu Support Ticket
  • Easy Export of configuration elements for replication on another server or to provide to Inventu appended to a support ticket

Assorted Fixes and Enhancements

Inventu Viewer+ Base Product and Components

(Version: 6.0.60 March 29, 2022)

FlyServer Emulation Service

• Session management improved to avoid issues with high-volume, rapid connections and disconnections– particularly improving clustered servers with SSH.
• The TN5250 IBMi MNUBAR field type and drop-down is now supported, with proper highlighting, cursor styling and click support. This now makes this simulated drop-down menu option for the IBMi / AS400 platform more useable with mouse-only operation.
• ASCII protocols like VT220 had columns for “normal” and “wide” hard-coded to 80 and 132. These settings will now utilize the Normal and Alternate columns and rows as defined in the configuration.  This allows applications that work best at “always” 132 columns to be setup that way—note 2022C3 had a regression for certain VT buffers resulting in the cursor positioning at row 1, column 1.
• Custom ASCII keys processing that reads the c:\program files\inventu\viewer\definitions\terminfo.txt file had a bug in regards to the DELETE (“dch1”)  The dch1 was not processed, thus only the internal DELETE (0x7f) would ever be used regardless of the Terminfo definition.
• TN5250 Device Printing would break if more than one print job is sent together. A header value differentiating a short header as a separator instead of the end of the full job was not being utilized.  Fixed in this build.
• TN5250 Device printing had a 2 byte gap in the response buffer that could cause the IBMi Print Writer to stall if a telnet escape (0xFF) was randomly sent. Fixed in this build.
• For the ASCII fpcwin terminal type, added support for delete and insert line protocol orders.
• Admin Console passwords can now include special characters which in prior versions could break the sign-in process.

FVTerm Web Terminal Emulation

• For localhost (on the server) FVTerm sessions, there is now a magnifying glass shown in the icon action bar to the far right. When this is clicked, the cursor on the emulation screen area is changed to a magnifying glass and can be positioned over any element on the screen.  When positioned, a status area will display the active terminal emulation class (like ST0) which then can be used in a CSS file to know which colors to change when wanting to customize a new or existing CSS file.
• The AttrStyles.html page was tweaked to better support refreshing a both standard and non-standard CSS files as the CSS is changed while customizing colors.
• Added ability to Clipboard-Paste multiple rows in an ASCII environment so that each row sends a Carriage Return…was sending a TAB.
• The fvterm/cluster/BalanceInfo.aspx request was improved so that if a solitary server is involved the same information will be returned for available sessions.
• The Delete key was hardcoded for VT/ASCII terminal types to ESC[3~ which works for some VT protocols but then cannot be changed at the server using TermInfo.txt for other protocols. Fixed to send a “delete” key, which is then translatable.
• AzureAD internal code was not setting the correct value to work with multiple redirect URI values in the AzureAD Application definition. As a result, if more than one redirect URI was defined, Azure AD would always redirect to the last URI defined instead of the referrer of the signon request.
• AzureAD timeouts on a user sign-in would cause the wrong message “No Sessions Available” when it was due to a missing userID when the license if for concurrent users. This message is fixed for other environments where user identity isn’t setup correctly and concurrent user license is in effect.  For AzureAD, it will now detect a blank userID and force another login so that users will see “Your AzureAD Signon or other Connection Status has Expired–Please Click Here to Re-Logon to AzureAD” (translated to user’s active language if not English).
• For non-AzureAD servers that have a concurrent user license but a connection has not been identified (check the web server settings for identification)—the “No Sessions Available” will now instead display “’Connecting Requires User Identification and User Identification is missing…Please Close Browser and Try Logging In Again…” (translated to user’s active language).
• File Transfer Icon was displaying for environments and protocols where it shouldn’t have. Workaround was to add the xferIcon to the hidden icon list in the View configuration but this version now will prevent the File transfer icon from displaying.
• For users with TN3270 connections and a license including the IND$File transfer, the first click of the xferIcon would not work due to a timing issue loading backing javascript files. Now fixed.
• Websocket handler in heavy ASCII loads and network packet drops could cause session switches between users. This was very rare and dependent on network and user actions.  User identification is now used to prevent the “switch”.  Other measures were also taken to avoid the switch occurring (two preventive measures implemented).
• Additional logging for WebSockets implemented as additional diagnostics on how the session switches could occur.
• File Transfer Icon was displaying when it shouldn’t (work-around was to Hide it using View settings).
• Added optional logging of user session cookies when options are set to enable users to reconnect to an active/abandoned session.
• Sometimes a user would get a timestamp attached during connection to a new session as displayed in the console for a session. This has been corrected.