/ Release  

The (new year!) update on AppWorks 22.1

Hi there AppWorks fans,

Welcome to a new installment of AppWorks tips.

A new GA AppWorks platform version 22.1 is available since Q1 2022. In this post we’ll have an update on the new features released for this version!


Let get right into it…

The main installation menu gets an update to 22.1 this time!. Why? Well, it’s a new year, and the last update was from last year 21.1. Not much is changed for the installation part (only some small upgrades of versions in TomEE, Java and PostgreSQL JDBC jar). The 10 steps procedure to install an AppWorks environment from scratch is therefore still a great post to follow for this new release. In this post will do a review on the (AppWorks Platform CE 22.1 Release Notes) delivered with the installation package. We will do a deeper dive on the newest functionalities delivered in this GA release. More information is also available in the release notes PDF.


🆕 Update on the available changes in 22.1 🆕

With a new version of the platform we also get a lot of new functionality. This will give you a proper overview of the ‘new stuff’. Let’s just jump through the list of new features in the release notes and see what’s up in this release.

Action bar enhancements

We haven’t seen any changes in this specific building block for a long time! Let’s create a simple ‘todo’ entity with just a ‘todo_name’ property and generate all the rest.

Now, add an ‘Action bar’ BB to the entity, and add the 2 default actions to it (‘Open’ and ‘Delete’)…Just like this:

update_001

For the first feature…Select both actions, and group them:

Group selected into button bar

update_002

Group selected into drop list with label

update_003

Group selected into drop list with ellipses

update_004

This last one is new…Smells like a hamburger menu in ellipses-form!?
Ellipses? Is the omission of one or more words (or the punctuation mark “…”)…You get the point…I just didn’t know the word “ellipses” from my Dutch-English vocabulary? 😁

Back to the new_action_bar BB itself, where we find our second new ‘Action bar’ feature:

update_005

Let’s find out about this one after publication into runtime…Make sure to apply the ‘Action bar’ BB to the ‘default_layout’, and do the publication to runtime:

update_006

In runtime? Yes…In runtime!…Well, I just added some extra action rules to the entity, which give you a better “smell” of the feature. We can clearly see the ‘primary’ button feature as well as the “ellipses” menu:

update_007

Nice…next feature… WAIT!…there is more to be seen on the ‘Actions’ panel in the layout:

update_008

I guess you can image what will happen in runtime…right?…Next one!


Configure layout personalization with panel tabs

When we create tabs in a layout for an entity (happens when you drag & drop panels on top of each other), we now see a save in runtime on the last selected tab (by default). Even when you refresh the page…It’s magic, user-friendly, but resource intensive! This feature can be disabled on layout level:

update_009

This raises off-course a very interesting question! Where is it saved? 🤠 So, unmark the option again and let’s monitor the database logging!

Adding a config file: sudo vi /var/lib/pgsql/11/data/postgresql.conf
Update this setting: log_statement = 'all'
Restart the service: systemctl restart postgresql-11
Check the logging with: sudo tail -999f /var/lib/pgsql/11/data/log/postgresql-{day}.log | grep insert

Whatever I do…I don’t see anything inserted into the database!? My next guess would be a cookie, but after removing all the cookies, it still remembers!?

update_010

Interesting…How do they do it!? What else do we have?

  • Entry in CARS / OpenLDAP via the ‘Content Management’ node in the CMC-tool? I don’t think so!
  • XML storage via the XMLStore Explorer artifact? Could be!
  • The larger XML Data Store (XDS platform content Repository) via the CMC-tool?

After searching for an hour…I give up!
Let’s sit and wait…here

So, it should be the database! Hmmm…Let’s have a look again on the mentioned table O2OpenTextEntityIdentityComponentsPersonalization (in my case!)

#&^%&*^%#…Stupid me/myself/I!

When we monitor, we need to monitor correctly!? It’s not an ‘insert’, but an ‘update’:

sudo tail -999f /var/lib/pgsql/11/data/log/postgresql-{day}.log | grep update -A 1 -B 1

Now we see indeed some interesting stuff passing by:

1
2
3
4
5
6
UPDATE o2opentextentityidentitycomponentspersonalization
SET personalizationdata =
'{"selectedTabModelId":"0800270ee5c1a1ec9fb7e7c63a62859f"}'
WHERE id = '3'
AND contextid = '0800270ee5c1a1ec9facf55136e780d5'
AND panelid = '1d6c0613b719a646736f3259743a028f'

Have a look with HeidiSQL for more insight on a simple query like this: SELECT personalizationdata FROM o2opentextentityidentitycomponentspersonalization

Let’s go to the next one…


What are we talking about in this feature? Well, let’s create a homepage layout and have a view on the link (available for ‘Regular’, ‘Reusable’ and ‘Tabbed’ homepage layouts):

update_011

The URL in runtime will be: http://192.168.56.107:8080/home/appworks_tips/app/start/web/pages/0800270ee5c1a1ec9fb7e7c64398059f

How easy can life be? Next…


Catalan language support

Hmmm, my first Google request would be: In which country is the Catalan language spoken?

  • Dialect of Spanish
  • It is spoken by 9 million people
  • They live in Catalonia, Valencia, the Balearic Isles, Andorra, and the town of Alghero in Sardinia

From the shared / system have a look in the ‘Application Deployer’ artifact:

update_012

Have a look here for the installation of a language pack.


Error indication on layout form panel tabs

This feature is an enhancement on a previous (21.3) feature called ‘Layout form panels loading behavior (in a tabbed panel)’ which makes the tab ‘lazy-loaded’ on opening it…have a look here.

Now when the form behind the tab contains an error, the error pops-up on opening the tab. When you click another tab (without solving the error on the form), you will see an error-indicator-icon-thingy:

update_013

Next feature…


Typed Rest APIs for building blocks

We already did a dive on this API where we exposed the future in this post. Search for the section ‘Enhancements for Entity REST APIs’.

Well, my friends…The future is here. Add a ‘Lifecycle’ BB to the entity and open the ReST layer from the /app/admin layer of the platform to expose the task related operations…Hooray!! 🤓

update_014

Note: Have a look at the cache when the feature is not exposing itself. For the good understanding; I did not use the feature toggle feature.toggle.entity.rest.api.show.building.block=true in the wcp.properties. I only restarted my VM after a good night sleep.

This is also an interesting thread. 🙄

Next one…


Upgraded Log4j to address security vulnerabilities

If you didn’t live under a stone, you probably heard about the the critical vulnerability on Log4j. Log4j is also available on our platform to support the logging framework of AppWorks. This release contains the latest version 2.17.1 (So, we’re save!).

This is OT communication sheet: “OpenText’s response to CVE-2021-44228 Apache Log4j 2”

Where can we find back Log4j on the platform? Well, have a search: sudo find /opt -type f -name *log4j*.jar

With a very, very! interesting result:

1
2
3
4
5
6
7
8
9
/opt/opentext/AppWorksPlatform/defaultInst/ext/log4j-1.2-api.jar
/opt/opentext/AppWorksPlatform/defaultInst/ext/log4j-api.jar
/opt/opentext/AppWorksPlatform/defaultInst/ext/log4j-core.jar
/opt/opentext/AppWorksPlatform/defaultInst/ext/log4jna-api-2.0.jar
/opt/opentext/AppWorksPlatform/defaultInst/ext/slf4j-log4j12.jar
/opt/opentext/otds/install/log4j-core-2.14.1.jar
/opt/opentext/otds/install/log4j-api-2.14.1.jar
/opt/opentext/otds/otdsws/WEB-INF/lib/log4j-api-2.14.1.jar
/opt/opentext/otds/otdsws/WEB-INF/lib/log4j-core-2.14.1.jar

NOTE: You see I have installed OTDS 21.3 (as delivered with the ‘Suite’ package). This one still contains Log4j 2.14.1! but have a look here to have it solved for your image too. In short steps:

  1. Stop Tomcat (I run OTDS on a separate Tomcat instance on port 8181 version ‘8.5.75’): systemctl stop tomcat
  2. Remove the existing / older log4j files:
1
2
3
4
5
# The "install" directory isn't needed anymore after installation is done. So, I don't place them back.
sudo rm /opt/opentext/otds/install/log4j-core-2.14.1.jar
sudo rm /opt/opentext/otds/install/log4j-api-2.14.1.jar
sudo rm /opt/opentext/otds/otdsws/WEB-INF/lib/log4j-api-2.14.1.jar
sudo rm /opt/opentext/otds/otdsws/WEB-INF/lib/log4j-core-2.14.1.jar
  1. Update the log4j jar files with the fixed and updated 2.17.1 version or later from https://logging.apache.org/log4j/2.x/download.html in the same path as the ones that were removed. (You can also copy them from AppWorks itself!):
1
2
sudo cp /opt/opentext/AppWorksPlatform/defaultInst/ext/log4j-api.jar /opt/opentext/otds/otdsws/WEB-INF/lib/log4j-api-2.17.1.jar
sudo cp /opt/opentext/AppWorksPlatform/defaultInst/ext/log4j-core.jar /opt/opentext/otds/otdsws/WEB-INF/lib/log4j-core-2.17.1.jar
  1. Start Tomcat: systemctl start tomcat

A quick look with JD-Gui in the log4j-core.jar file (the one from the AppWorks platform) gives me a satisfied answer on version 2.17.1 (which is currently the latest one):

update_015

As curious as I am, I did a compare on the mentioned class communicated on the interwebs: org.apache.logging.log4j.core.lookup.JndiLookup. This is the difference between 2.14.1 and 2.17.1:

1
2
3
4
5
6
7
8
/**
* Constructs a new instance or throw IllegalStateException if this feature is disabled.
*/
public JndiLookup() {
if (!JndiManager.isJndiLookupEnabled()) {
throw new IllegalStateException("JNDI must be enabled by setting log4j2.enableJndiLookup=true");
}
}

I don’t know if this public constructor is the only thing which solves all the problems, but it definitely exposes the setting we read about on the interwebs!

FYI: JNDI is an abbreviation for Java Naming Directory Interface which makes it possible to (I guess) lookup entries from an available LDAP interface like the CARS / OpenLDAP. I don’t know if OT uses it like this!?…I don’t think so but comment me on that question!

This code piece also brings me to another interesting issue-thread

Next!


Brava! enhancement

Hmmm…This is a very specific enhancement where the HTML client of Brava! keeps focus on the same page where redaction occurs!? Sure, but my VM doesn’t have Brava! installed, and I’m also not intended to do so because of the new ‘Intelligent Viewer’ which is in the pipeline (…It’s on my backlog). I trust OpenText on their blue eyes on this enhanced feature.


That’s it…Playground 22.1 is open and ready to be used. I give it a ‘DONE’ on this update post with a nice overview of the new features for this GA 2022 Q1 release. Happy low code with this brand-new release, and I see you in the next post!

Don’t forget to subscribe to get updates on the activities happening on this site. Have you noticed the quiz where you find out if you are also “The AppWorks guy”?