/
MDLP-connector Java part Changelog

MDLP-connector Java part Changelog

Owned by Pavel Kanskov
Last updated: Feb 12, 2025
5 min read

2.5.8 (23-January-2025)

  • Improved MDLP server certificate validation check

  • Fixed issues with MDLP method execution delays, introduced new parameters

"delays": { ... "lockTimeInMilliseconds": 10000, // default delay between simultaneous MDLP calls, in ms "pollCryptoContainerLimit": 15000, // maximum wait time between concurrent MDLP calls, in ms "pollCryptoContainerAttemptDelay": 20 // delay before attempting to check for timeout values, in ms }

  • Refactoring and code optimization to support Java 17+

  • Vulnerability issues fixes (CVE-2024-47554, CVE-2023-42809, CVE-2023-34462, CVE-2024-47535, CVE-2024-8184, CVE-2023-26048, CVE-2024-6763, CVE-2023-26049)

2.5.2 (08-November-2024)

  • Java 17 compatible

  • small refactoring

2.4.18 (08-August-2024)

  • whitelist disabled by default

"server": { "inboundConfiguration": { "whitelisting": ["IP1", "FQDN1", "IP2"] }, "outboundConfiguration": { "headers": [ { "name": "XXX", "value": "ZZZZ" }, { "name": "YYY", "value": "AAAA" } ] } }

2.4.13 (22-March-2024)

  • CryptoPro CRL validation settings from .userPrefs

  • Analytic Data methods MDLP API 11.x implemented

  • minor fixed

2.2.14 (01-December-2023) (service 2.2.13)

  • Minor fix for processing responses with unknown Content-Type header, for ex. MDLP API 11.5

"mdlp": { "api_requests_with_binary_response": [".*/data/export/results/[a-zA-Z0-9-]+/file.*"],

2.2.7 (9-July-2023) (service 2.2.10)

  • Ticket request method set to MDLP API 5.19

2.2.4 (31-May-2023) (service 2.2.7)

  • Communication with MDLP regulator system for manual signature support implemented, useManualSign parameter to use in configuration for enabling the manual sign logic

  • On-premises scripts refactored and optimized for Linux/Windows platforms

  • Minor refactoring and logging optimization done

2.2.3 (17-Apr-2023)

  • Prometheus metrics port bug fixed

2.2.1 (23-Mar-2023)

  • Parameters where added to fix undocumented behavior of the MDLP API when 5.18 responds with {total:0}: the maximum number of repeated requests and the time in seconds before sending NO_DOCUMENT_IN_MDLP status to ATTP

2.0.0 (20-Feb-2023)

  • Windows on-premisses run scripts modified, YAJSW dependencies removed

  • Unix on-premisses run scripts modified

  • GostTLS context initialization bug fixed

  • SAP ATTP HTTP client extended with custom headers (provided via configuration):

  • SAP ATTP calls with errors handling improved

  • log4j2 version updated to the latest stable one

1.6.1670855481 (12-Dec-2022)

  • Applied dynamic Crypto Provider so no need to edit java.security

  • Application compatibility from Java 8 to Java 17

  • Windows version: YAJSW changed to schtasks

  • Scripts refactoring

  • Multiple 3Keys Connector instances installation on the same server supported

  • GOST TLS function minor change

Connector service update requires fresh installation

1.6.1668767675 (18-Nov-2022)

  • Added global parameters to the "mdlp" section::

    • mdlpAcceptLanguage for supporting MDLP "error_description" (Accept-Language header with values ru|en)

    • mdlpTokenLifeTime allowed range from 120000ms to 36000000ms, default 1740000ms (=29 minutes of inactivity)

  • Added support for the participant certificate stored on Rutoken Lite

  • Utility API endpoints introduced (available from SAP ATTP via /k3t/ru_mdlp_api report call):

    • 3k/utils/version - actual CRPT Connector (Java part) version,

    • 3k/utils/testMdlp - actual MDLP token for the given participant,

    • 3k/utils/testCrypto - participant certificate info for the given participant

  • MDLP 1.38 documents responses changes introduced (e.g., D335_FTS_DATA with extensions)

  • Response from MDLP about non-resident password failure returns to SAP ATTP intact

  • Unique e2e execution identification (executionId) for logging added

  • log4j version updated to 2.19 (no known vulnerabilities)

  • yajsw updated to 13.05

  • SAP JCo updated to 3.1

1.6.1659959296 (08-Aug-2022)

  • MDLP 1.37 & 1.38 schemes added with new documents 62x\63x

  • log4j version updated to 2.17.2 (no known vulnerabilities)

  • Messages sending to MDLP retry logic bug with 429 HTTP status fixed, mdlpRetryDelaySendMsg config parameter added (1sec default)

  • utility endpoints added (SaaS v.2)

1.6.1644253888 (07-Feb-2022)

  • no code changes. Build for Java 11 (SaaS v.2)

1.6.1640126325 (21-Dec-2021)

1.6.1635250199 (26-Oct-2021)

  • Enhancements for MDLP analytics API added

  • Changes in config files:
    Edit system java.security: comment 4 lines with "GostX509" and "ru.CryptoPro.ssl.SSLSocketFactoryImpl"
    or copy and edit local java.security: comment all "GostX509" and "ru.CryptoPro.ssl.SSLSocketFactoryImpl"
    edit conf/wrapper.conf: add wrapper.java.additional.1=-Djava.security.properties=="C:\3keys\mdlp-connector\java.security" edit testMDLP.bat: add -Djava.security.properties=="C:\3keys\mdlp-connector\java.security"

  • for non-residents nrz.api.sb.mdlp.crpt.ru \ nrz.api.mdlp.crpt.ru add:
    "nrz.api.sb.mdlp.crpt.ru" OR "nrz.api.mdlp.crpt.ru", "useRsaTls": true, "webdav": { "protocol": "https" }

1.6.1626159071 (13-Jul-2021)

  • CryptoProCli for installed certificates testing added

  • Minor fix for updating MDLP message processing status

  • Due to an issue in API 5.17 for the old (> 30 days) doctype 200 (ticket), API 5.19 additionally applies.

1.6.1622484348 (31-May-2021)

  • fix for MDLP issue: webdav link is ready, webdav document is empty, HTTP response 200. In the case of an empty document on webdav, the behavior of the connector is the same as for 1.6.1620820199.

1.6.1620820199 (12-May-2021)

  • fix for MDLP issue: webdav link is ready, webdav document not found, HTTP response 404.
    The connector will retry loading from webdav until "dead_lock_delay" before reporting "NO_DOCUMENT_IN_MDLP" to ATTP.
    New logic applied: document_create_date + dead_lock_delay < now () && "404 from WebDAV" then return "NO_DOCUMENT_IN_MDLP"
    New parameter: dead_lock_delay in mdlp-connector.json // in seconds, default 10800 = 3h

1.6.1619108848 (22-April-2021)

  • Eager TTL valid MDLP token update after 401 (Unauthorized) response strategy added

  • MDLP API 5.19 (/documents/ticket) method implemented as an alternative way for getting missed tickets (document type 200) when MDLP API 5.18 (/documents/request) method called

1.6.1616695010 (25-March-2021)

  • OMS dynamic token request support added (without TTL based storing on Java side)

  • /showcase/* document logic support added

  • RSA TLS support for non-resident users.

  • Minor updates for MDLP delays logic (incl. expirable storage usage)

1.6.1610631426 (14-January-2021)

  • MDLP connection timeouts added

1.6.1607542833 (9-December-2020)

  • Changes for MDLP release 1.36

1.6.1605705012 (18-November-2020)

  • SAP ICH support addded

1.6.1605600668 (17-November-2020)

  • configuration for metrics updated

1.6.1605525714 (16-November-2020)

  • configuration for HTTP implementation updated

1.6.1603216902 (20-October-2020)

  • Changes to message handling to ignore corrupted messages in MDLP and continue processing subsequent messages.
    When MDLP service returns an unexpected format (e.g., a message without a ticket), the message status in ATTP is marked as 40 with MDLP status "NO_DOCUMENT_IN_MDLP"

  • additional logging added

1.6.1596452487 (03-August-2020)

  • DocFilters and lastRunDate fixed: the cause was with the connector sending lastRunDate to ABAP regardless there is no document exchange with MDLP.

1.6.1593689600 (02-July-2020)

  • Waiting for getting authorization token from MDLP system time increased.

  • The logic for updating message processing status changed to be able to ignore corrupt messages in MDLP and continue with processed further messages.

  • Crypto sign verification fixed (eliminated redundant warning message in log).

1.6.1591122358 (02-June-2020)

  • JAR file name fixed as mdlp-connector.json
    Now you don't need to uninstall the old one and install the new service to update the connector service.
    To update connector stop service, replace JAR file and start service.

  • New version script to display connector's release version

  • New testMDLP script to test connection with MDLP for each of the ConfigIDs.
    To check single ConfigID use config_id=ConfigID parameter

  • New testAttp script to test connection with ATTP server

1.6.1588792025 (06-May-2020)

  • mdlpServiceTimezone added to adjust local time with MDLP documents time

  • tool for unattended changing non-resident's passwords

1.6.1586251236 (07-April-2020)

  • small bugfixes and enchansements

  • batch mode added to send documents to MDLP at once

Changes in mdlp-connector.json

PLEASE BE AWARE "batch_mode": true incompatible with MDLP Connector ABAP versions before 2020_04.

1.6.1582462630 (23-February-2020)

  • fully refactored version with code optimizations and speed improvements

1.5.6 (28 January 2020)

  • last version with old architecture

 

Related content

Configuration Guide Uzbekistan OMS Connector
Configuration Guide Uzbekistan OMS Connector
Uzbekistan Connector
Read with this
MDLP Note 2024_04_2
MDLP Note 2024_04_2
CRPT Connector
More like this
Configuration Guide MDLP
Configuration Guide MDLP
CRPT Connector
Read with this
MDLP Release 2021_03
MDLP Release 2021_03
CRPT Connector
More like this
User Guide MDLP
User Guide MDLP
CRPT Connector
Read with this
MDLP Note 2021_03_3
MDLP Note 2021_03_3
CRPT Connector
More like this