# Rhythmyx Patch for Version 7.3.2 build 201611R01 # Patch id: **732_20171007b** Patch Install Toolkit version: 1.0 ---------- Patch Installation: ------------------- Note: For installation of this patch you must have console access to the Rhythmyx server, and be logged-in to the console using a user account with appropriate privileges to modify files in the Rhythmyx directories. You must also know the directory in which Rhythmyx has been installed, which is designated below by the phrase {installation root}. 1. Shutdown or close all Rhythmyx applications (server, workbench, etc.). 2. Install the Rhythmyx Patch Install Toolkit by extracting RxPatchInstallToolkit.zip to {installation root}. If you do not have the toolkit, please contact Percussion Software Technical Support to obtain it. If the toolkit is already installed, go directly to step 2. The toolkit is installed if the following directory exists: {installation root}/Patch/InstallToolkit. 3. Extract 732_20171007b.zip into {installation root}/Patch. 4. Go to {installation root}/Patch/732_20171007b and run install.bat (Windows) or install.sh (Unix) in order to install the patch. Uninstall.bat/.sh can be used to uninstall the patch. On Unix systems, the user must have execute permissions in order to launch the shell script(s). During both install and uninstall, the following warning message will be seen in the console: "Unable to locate tools.jar. Expected to find it in {installation root}\lib\tools.jar." This message is expected and can be ignored. 5. Updated Developer tools should be downloaded from the server from http(s)://server:port/Rhythmyx/Administration/DeveloperTools/InstData/Windows/VM/devToolsSetup.exe or from the server after patch from {installation root}/Administration\DeveloperTools\InstData\Windows\VM\devToolsSetup.exe 6. See "Additional Steps" for manual steps which may be required after installing/uninstalling the patch. ### Changes In This Release ### This patch update fixes some issues in 732_20171007 1. Update to jetty to jetty-9.4.7.v20170914 2. Fix Jetty ActiveMQ memory configuration 3. Improve Linux Jetty installation and startup scripts 4. Updates to SFTP client for latest security 5. Error Handling and performance fixes 6. Fixup Assembly time Includes. Allow for publishing items with different filter in the content list than Assembly #### Changes Summary #### Please refer to the Patches section on http://help.percussion.com for latest information and any updates to these notes. ##### Update to jetty. ##### This brings jetty to the latest version at time of patch jetty-9.4.7.v20170914. As well as ensuring we have all the latest up to date security fixes, this release has improvments to the module system that provides more flexibility in providing future updates with separation of customer configurations from code delivered by percussion, and from core jetty implementation. The {installation root}/jetty/upstream and {installation root}/jetty/defaults folders will be backed up and replaced when installing the patch. These folders should not be updated by customers. Upstream contains an untouched Jetty distribution, defaults contains percussion configuration on top of the distribution, any customer specific configuration should always be in the base folder. As part of splitting out this configuration this patch will move database driver jar files from existing jetty/defaults/lib/perc folder into jetty/base/lib/jdbc folder. if the jetty/base/lib/jdbc folder exists the jars contained in it will be used instead of any within the jetty/defaults/lib/jdbc delivered with the patch. A backup of the original jetty/upstream and jetty/defaults folders can be found in Patch/732_20171007b/backup/jetty/defaults.zip and Patch/732_20171007b/backup/jetty/upstream.zip. If any changes had been made to these folders. Further documentation on the Jetty implementation and configuration will be made available on https://help.percussion.com/rhythmyx/patches ##### Jetty Sevice Scripts ##### The service installation script for Linux has been updated to allow it to work on more systems and also to allow for the creation of services for multiple instances on the same machine. The default service name is rxjetty. The Script can now be run from any folder. The install script requires root/sudo and the Start script will change to the correct user automatically if running as root. The user owner is based upon the owner of the top level Rhythmyx Installation root. The server installation script will change permissions on all sub items to match The service script will do the following on install 1. Check is made to see if Service already exists or a service with a different name is set up to start this instance based upon its configured folder path. 2. jetty/defaults/bin/rxjetty.sh is copied to /etc/init.d/rxjetty and it will change the token ${rxjetty_service} to the service name e.g. rxjetty by default. 3. It will create config file with paths to instance in /etc/default/rxjetty - Note if instance is moved the service will need to be reinstalled or the paths in this file in /etc/default be updated. 4. It will set up a folder to store pid files to indicate if process is running. 5. Owner of the Rhythmyx Root directory will be checked and chown will be run recursively on the folder to fix any issues caused by running as the wrong user. 6. It will run status on the service to check it is configured correctly and report configured info 7. The service will be installed to run at startup. It will attempt to use chkconfig or update-rc.d depending on the system to allow the service to restart automatically on reboot. Headers are included the script to allow both of these commands to work. ./install-jetty-service.sh uninstall ./install-jetty-service.sh install If a service needs to be created for a different instance then the command can be run with an alternate service name. e.g. ./install-jetty-service rxjetty2 install ./install-jetty-service rxjetty2 uninstall ##### ActiveMQ configuration ##### Previous ActiveMQ configuration file activemq.xml was not being picked up. This could cause memory issues if the Content List items were not able to be assembled quicker than they were added to the queue. A large backlog of queued items were being built up using memory. The new configuration uses a local data storage to keep a record of the items and should prevent the running out of memory. The default configuration containing the memory and disk limits is now stored in jetty/defaults/etc/activemq/activemq.xml This should have suitable limits to memory and disk storage for most customers. If these do need adjusting the file should be copied to jetty/base/etc/activemq/activemq.xml . If the folder jetty/base/etc/activemq exists then jetty/defaults/etc/activemq will be ignored, so to go back to using the defaults you should delete the whole jetty/base/etc/activemq folder and not just the file. We currently ship Active MQ 5.7.0 ##### Fixes to Desktop Content Explorer and TinyMCE within DCE ##### The default TinyMCE configuration had been updated to allow the browser right-click context menu to appear instead of the TinyMCE menu. This allows for the browser spell checker to work within TinyMCE. The DCE is not within a browser and it does not have its own spell check feature. Tiny MCE does provide a spell checker in its context menu but only as a premium plugin that is separately licensed. The DCE would ignore requests from TinyMCE to show its own context menu even when included in the plugins list and the code has been modified to allow TinyMCE context menu to show, this does not enable browser spellcheck for DCE. A previous patch removed the contextmenu plugin from the default TinyMCE configuration to allow the browser spellcheck to work. It is possible to have both the TinyMCE context menu and still be able to access the browser spellcheck feature in Firefox and IE. When the contextmenu is added in the plugins list and the "browser_spellcheck" : true option is added the following behavior occurs. In IE and firefox spelling errors are displayed with the red underline. In IE the TinyMCE context menu appears while in the TinyMCE area unless you right click on a misspelled word in which case the browser menu will be displayed. In Firefox the browser menu will not automatically be displayed when on the word but Shift-Right Click is an override for the contextmenu plugin and will bring up the browser menu. Note: the "gecko_spellcheck" option is no longer used in the version of TinyMCE we ship and "browser_spellcheck" is used instead. It has therefore been removed in the default config. config. config. If using the spellcheck plugin as part of a purchased a full TinyMCE license you will want to set "browser_spellcheck" : false Our current shipped default configuration is stored in the following location which will be ovewritten on patch and upgrade sys_resources\tinymce\js\tinymce_init.js TinyMCE will by default use the following version and you will have to modify this file to pick up the changes. rx_resources\tinymce\js\tinymce_init.js ##### DCE Logging ##### DCE was previously not automatically logging errors unless its log4j.properties file was modified. This has been resolved and the config and log locations have been modified to reduce clutter in the user's home folder. Previous location of config folder is shown below where {hostname} was the hostname in the url of the server with the '.' replaced with '-' being connected. On the first version there was only one folder .perc_config. Within the config directory a default log4j.properties file is created if it does not already exist. This provides how to split up log files and the amount of files to contain. This will by default log to logs/dce.log file within the config folder. The old config folders can be deleted. If the perc config folder is ever deleted or does not exist it will be automatically created with the current versions default settings. Windows %userprofile%\.perc_config_{hostname} Mac ~/.perc_config_{hostname}/ ###### New Location ###### Windows %userprofile%\.perc_config\{hostname}_{port} Mac ~/.perc_config_{hostname}\{hostname}_{port} ##### Updates to SFTP client for latest security ##### Current security best practices recommend preventing use of older HTTPS protocols and cipher suites. The SFTP client JSCH (http://www.jcraft.com/jsch/) needed to be updated to 1.0.54 to allow connection to servers that have been locked down to the current recommended TLSv1.2 protocol and ciphers. ##### Error Handling and performance fixes ##### Removing of Errors from logs that are not really errors and fill up logs Jericho Parsing errors that get thrown on assembly have been removed as they are not really issues in normal running. When a client, like a browser forcefully disconnects while the server is sending data, a ClientAbortException is thrown in the server.log file. There is nothing the server can do in this case and therefore these exceptions will not show unless debug logging is turned on. Many customers see an error message saying there is no landing page for a Navon item. These errors are sent to the log every time this item is Assembled within a page. In most cases these are not an error as long as the navigation template has been coded to expect this, e.g. not provide a link in this case or not display the navigation element. There is a setting to turn this off in by changing navon.landingpage.required=false in rxconfig/Server/Navigation.properties. Even when this message is required, it is reported too often and can expand the server logs during publishing. We will now report only 100 of these messages after startup and then will log a final message that no more logging will be done including a link to the configuration file to turn off these messages permanently. Some ongoing incremental fixes have been made to improve performance of certain areas of code. These may or may not be noticeable based upon the size and particular configuration of the implementation. ##### Assembly Time Navigation Includes ##### You can now publish the include files that are not in a public state but still filter the assembled contents with the public filter. Also You need to publish both navon and navtree includes to the root folder. To do this the navon template needs to also be added to rffNavTree and the location scheme changed so they are written as separate files. In the content list for the include templates Set the filter to "preview" to publish all Navons and NavTree items. This would normally cause the navigation templates to render with links to items in draft state that have not yet been published. To change this behavior so the templates are assembled using the public filter 1. Edit the include content list. 2. Click on the "show additional details" link at the bottom of the Page. 3. In the Extra Parameters box add the following assembly_filter=public 4. In workbench drag the Include template assigned to rffNavon from the assembly design view to rffNavTree content type Allowed Templates folder in Content Design. It may ask you if you want to change to a shared template which you do. 5. In the location scheme for navtree change the file name from 'include.inc' to include_tree.inc be different from the file name used in the navon include ### Known issues ### RHYT-1634 - fixes an issue where you could not save in the UI if setting up ssl. There is still an issue where the tool is only currently saving Jetty ssl configuration. JBoss will need to be manually configured. Also you should make sure you add the jetty server keystore in the base/etc folder and use just the filename in the UI. in the base/etc/installation.properties file this will be appended with 'etc/' to make it relative to the jetty\base folder. Currently a Full windows path e.g. starting with "c:\" will cause the service to fail to start. ### Fixes in 20171007b ### - **[RHYT-1584]** - DCE: Cannot Preview content of type "File" or "Image" - **[RHYT-1661]** - Cleanup system parameters from jvm.ini - **[RHYT-1662]** - DCE in editor preview dialog can add bad default extension to default filename to save if sys_title has no extension - **[RHYT-1639]** - contrast.mod serialization security in jetty fails to start due to incorrect path - **[RHYT-1640]** - Patch install failing at end on linux due to rhythmyx.home path - **[RHYT-1664]** - DCE new items do not save to folder - **[RHYT-1666]** - legacy sys_File control sets type in DCE for pdf extensions as application/octet-stream - **[RHYT-1697]** - Jetty Rhythmyx Service on windows doesn't stop - **[RHYT-1697]** - OSX - DCE File Saver dialog updating file name to wrong extension ### Change List 20171007### - **[RHYT-1612]** - Update jetty from jetty-9.3.7.v20160115 to jetty-9.4.7.v20170914 - **[RHYT-1613]** - A folder id of 0 for no folderid will prevent folder being located automatically on site path. - **[RHYT-1514]** - Inline image preview not working in DCE - **[RHYT-1519]** - Clicking on Rhythmyx inline links in tinyMCE loads the target content in DCE - **[RHYT-1521]** - DCE is overriding context menu actions of TinyMCE - **[RHYT-1527]** - DCE - Promoting revisions results in blank screen - **[RHYT-1532]** - Assembly time nav include - Breaks page navigation due to missing include file for navon in draft state - **[RHYT-1584]** - DCE: Cannot Preview content of type "File" or "Image" - **[RHYT-1601]** - DCE: Related Content Links Do Not Work **[RHYT-1601]** - DCE: Active Assembly Table Editor "Move to another slot and/or change variant" does not work - **[RHYT-1608]** - Fix Jetty ActiveMQ memory issues and allow customer configuration - **[RHYT-1611]** - NavonInvocationHandler throwing UndeclaredThrowableException and losing cause - **[RHYT-1617]** - JSCH SFTP client out of date - update to 1.0.54 to support modern ciphers - **[RHYT-1619]** - Do not get ObjectManager from spring every time it is requested store reference in static - **[RHYT-1620]** - Change missing landing page error to warning and set maximum times to log - **[RHYT-1621]** - Navigation slots being loaded from DB for every nav item - **[RHYT-1622]** - Remove parse error logging from Jericho unless specifically turned on for class - **[RHYT-1623]** - Suppress ClientAbortException Errors - **[RHYT-1624]** - Update Jetty Linux service scripts, allow install and uninstall - **[RHYT-1634] ** - RhythmyxServerPropertiesEditor does not save properties if ssl keystore is set - **[RHYT-1635] ** - DCE logging configuration not working without change to log4j.properties - **[RHYT-1636] ** - Force DCE Login window to top - **[RHYT-1629] ** - Compare tool select revision button in DCE doesn't respond - ### Additional Steps ### You need to reinstall the Jetty Service on Unix if you are using it. See the steps above. For windows in a cmd shell you can update the service cd {rhythmyx_install}\jetty\service install-jetty-service.bat update Update changes for context menu and spell checking if required in. rx_resources\tinymce\js\tinymce_init.js If you want to remove all errors when landing pages are not found for Navon Items you can update rxconfig\Server\Navigation.properties #### Jetty Behind an Apache Proxy #### You no longer have to copy and modify the jetty.xml file into jetty/base/etc in this version of jetty. To enable the proxy module and to create a configuration file run the following command and remove jetty/base/etc/jetty.xml RhythmyxStart.bat --add-to-start=http-forward or on Linux ./RhythmyxStart.sh --add-to-start=http-forward This will enable by adding a default configuration file to jetty/base/start.d/http-forwarded.ini. You can un-comment the lines and change the configuration if you need for your proxy. To disable you can just remove the jetty/base/start.d/http-forwarded.ini file. See the following patch for instructions on setting up jetty behind an apache reverse proxy. https://help.percussion.com/rhythmyx/implementation/jetty/using-jetty-with-an-apache-proxy.html -------------------------------------------------------------------- ## Previous Patches ## #### **732_20170815** #### Overhaul of ACL service Ability to set a Super User role to access and fix all design object permissions in workbench. Bug fixes, improved error handling and logging #### Changes Summary #### ACL persistence layer has been worked on to improve consistency and stability. Mechanism for updating and creating ACLs through Package installer and MSM have been updated to prevent issues installing are using elements deployed. 1. In MSM installing a package will add community permissions where they were defined when creating the package. Any object access permissions from the source will be ignored. If object access in Workbench needs to be restricted this will need to be applied on the destination server. Reinstalling or updating an object through MSM will not modify these permissions. If acl did not exist for the object in the destination it will be created with default permissions. 2. In Package Installer a new default acl will be created for any objects that does not exist. Community visibility of the installed objects are set by using the Package Manager tool. A SuperUser role can now be defined. This only affects design object (Workbench) visibility e.g. templates, slots content types etc. Not individual content item access. Users in this role, which can be an existing role will not be denied from accessing any objects in workbench. This can be used to be able to unlock objects that may have been only given a restrictive permission that even an Admin user cannot access to change the permissions. The default role name is set as SuperUser, this role can be created and assigned to users and existing role like Admin could be specified by modifying server.properties. The ability to turn on debug logging of WebServices SOAP requests and responses from the server is enabled. This is generally only need for debugging requests from Workbench and other client apps using SOAP. It may be requested by support to set the log level to diagnose an issue. The log config is in jetty/base/resources/log4j.xml when starting with Jetty or AppServer/server/rx/conf/log4j.xml if using JBoss ### Change List ### - **[RHYT-79]** - ACL exception when MSM fails to deploy elements in target server. - **[RHYT-1525]** - Rhythmyx - Update TinyMCE to 5.4.7 - **[RHYT-1546]** - NPE in workbench on access of any object when a single content type has an invalid field. - **[RHYT-1547]** - Quartz attempting to auto-update is a security risk - disable update check - **[RHYT-1548]** - In certain error states Rhythmyx shutsdown on startup with reporting an error - **[RHYT-1549]** - Unable to install Personalization Packages due to bad acl error - **[RHYT-1550]** - Jetty perc-ds.properties endlessly encrypts password if trailing space on property value - **[RHYT-1558]** - Allow log4j logging of Soap requests and responses - **[RHYT-1559]** - Filter ACL Permission on msm and package install - **[RHYT-1560]** - Add SuperUser role to allow ACL modification when locked out. - **[RHYT-1561]** - Improve error message when ACL blocks object access in Workbench - **[RHYT-1562]** - Fix error message when cannot save jetty datasource xml - **[RHYT-1563]** - rhythmyx.jar, percbeans.jar, htmlConverter.jar and rxinstall.jar not patched into jetty - **[RHYT-1564]** - Error parsing log4j.xml when saving in ServerAdministrator breaks log4j.properties datasource indexes setting to -1 - **[RHYT-1565]** - If no external internet access saving in server administrator fails due to not being able to access external dtd of perc-ds.xml - **[RHYT-1568]** - rxclient.jar should not be duplicated in jetty/defaults/lib/perc/ but PSSaxParserFactoryImpl is required which should be in rxutils.jar ### Additional Steps ### RHYT-1560 - If SuperUser functionality is required, either create a role calle SuperUser and assign users to this role. This could be temporary to fix a specific acl issue if required. Alternatively modify superUserRole property in rxconfig/Server/server.properties to an existing role. The patch will not longer automatically turn on object serialization whitelist, only blacklist of known insecure objects. Previous patch may have turned this on automtically. Instructions below for previous patch to update perc-serialize-list.txt are not required if whitelist is turned off. If whitelist is left on this file may need to be maintained by the customer when errors for third party classes are thrown in the log. If you do not want to deal with these errors make sure that the following property in RhythmyxServer.lax or RhythmyxServer.bin.lax is set to false. Only the lines started with a negative will be processed that define the specific unsecure classes. see https://github.com/Contrast-Security-OSS/contrast-rO0 for more details. -DrO0.whitelist=false #### **732_20170409** #### ### Changes In This Release ### Bugfixes and ldaps support. Update of Developer tools is required, old clients will show a version error message if connecting to a server patched with this version. #### Changes Summary #### - Improvements to Desktop Content Explorer UI, Stability and Accessibility/Screen Reader support. - More informative error messages with failed login. - Server locked DCE client and client upgrade/update from server - Users will no longer be provided with a choice of the server to log into. The DCE Client is tied to the server it was downloaded from. A separate jnlp file is required for each server to connect to. The client will automatically update when the server is upgraded or patched. - Installable DCE Desktop Icon - DCE Client log file and configuration folder now create for each server. - %USERPROFILE%\.perc_config\{servername} ### Change List ### - **RHYT-1516** - Fix ldaps protocol handling in Jetty and Jboss - **RHYT-1517** - Find Base DNs Button in Ldap Configuration does not work - **RHYT-1477** - New icon and banner missing for dce - **RHYT-1499** - Patch removing jnlp entry in web.xml if old version exists - **RHYT-1481** - web.xml is not updated from patch if last modified is more recent than xsl in patch. - **RHYT-1482** - DCE - Help About Copyright Year displays as @COPYRIGHTYEAR@ - **RHYT-1483** - DCE Login always using windows username, not persisting username from last login - **RHYT-1486** - Patch DCE - Help About dialog window Link to www.percussion.com does not work - **RHYT-1438** - Jetty was missing X-UA-Compatible header - **RHYT-1478** - Desktop content explorer link to download on other pages was pointing to wrong location ### Additional Steps ### NOTE - See revised info in following patch. - If the last patch 732_20170308 was not previously installed then check the additional instructions for that patch below. Previous workarounds for ldaps are no longer required but there is no harm in not removing. - contrast-RO0 - Replace the contents of {rhythmyx_install}\bin\perc-serialize-list.txt with the following segment: ############ # HELP # # First character Meaning # -------------- ------- # # comment # - blacklist # + whitelist # $ ignore during reporting if CLASS matches # @ ignore during reporting if on stack +[Ljava.lang.String; +org.quartz.JobDataMap +org.quartz.utils.StringKeyDirtyFlagMap +org.quartz.utils.DirtyFlagMap +java.lang.Enum +java.lang.Number +java.util.HashMap +oracle.sql.converter.CharacterConverter1Byte +com.percussion.services.assembly.data.PSAssemblyWorkItem +com.percussion.services.guidmgr.data.PSGuid +com.percussion.services.schedule.data.PSJob +com.percussion.services.schedule.data.PSNotifyWhen +com.percussion.services.schedule.data.PSScheduledTask -org.apache.commons.collections.functors.InvokerTransformer -org.apache.commons.collections.functors.InstantiateTransformer -org.apache.commons.collections4.functors.InvokerTransformer -org.apache.commons.collections4.functors.InstantiateTransformer -org.codehaus.groovy.runtime.ConvertedClosure -org.codehaus.groovy.runtime.MethodClosure -org.springframework.beans.factory.ObjectFactory #### **732_20170308** #### - **RHYT-128** - Security issue when changing servers in Package Installer - **RHYT-1146** - Search type in Desktop Explorer not matching configuration - **RHYT-1156** - Header toolbar in Desktop Content Explorer doesn't appear on Production server. - **RHYT-1162** - Item type in content explorer disappears on select of an item - **RHYT-1174** - Help Applet needs Removed from the Workflow Tab - **RHYT-1178** - In DCE change in community resets the result count to 1 - **RHYT-1270** - DCE Accessibility Header Configured Keyboard Shortcuts do not work - **RHYT-1271** - DCE Accessibility - Keyboard Access / Header Section keyboard does not tab to the User Roles Drop Down Menu - **RHYT-1273** - DCE Accessibility - Keyboard Access / Hard to see where keyboard focus is when tabbing through header section - **RHYT-1274** - DCE Accessibility - Keyboard Access / Header Section / Tabbing does not access the Refresh Button** - **RHYT-1275** - DCE Accessibility - Header Section / Jaws Screen Reader not reading any Labels - **RHYT-1276** - DCE Accessibility - Header Section / Jaws Screen Reader not reading any Buttons - **RHYT-1277** - DCE Accessibility - Header Section / Jaws Screen Reader not reading any Menus - **RHYT-1278** - DCE Accessibility - Header Section / Jaws Screen Reader not reading any Drop Down Menus - **RHYT-1279** - DCE Accessibility - Header Section / Jaws Screen Reader not reading Content Path - **RHYT-1289** - Rhythmyx time out session dialog box does not display time till session times out - **RHYT-1290** - DCE Accessibility - Desktop Content Explorer Login Screen No visual indicator when keyboard focus is on the "Use SSL" Checkbox - **RHYT-1291** - DCE Accessibility - When DCE launches Jaws should automatically start to read the header - **RHYT-1292** - DCE Accessibility - Keyboard access does not allow user to tab out of the "Enter Workflow Comments" Dialog box - **RHYT-1293** - DCE Accessibility - DCE Login Screen** - Login Status Message Not being Read by Jaws - **RHYT-1295** - DCE Accessibility - Creating New Content Type** - Auto Index page NOT being read by Jaws - **RHYT-1296** - DCE Accessibility - Creating new content Type Warning messages not being read by jaws - **RHYT-1298** - DCE Accessibility - Jaws Insert + F6 Feature to give list of Headings does not work in DCE and throws error in the console - **RHYT-1301** - DCE** - Accessibility - If a new window is opened, Jaws is not announcing that it is a new window - **RHYT-1303** - DCE -Accessibility - Contents of the View / Options / Display Options not being read by Jaws - **RHYT-1314** - DCE Accessibility - View / Properties Page NOT being read by Jaws - **RHYT-1315** - DCE Accessibility - View / Revisions Page NOT being read by Jaws - **RHYT-1316** - DCE Accessibility - View / Audit Trail Page NOT being read by Jaws - **RHYT-1318** - Connecting to a Server that is down hangs DCE on OSX - **RHYT-1319** - Tabs Cut Off by Content Explorer on OSX in Safari - **RHYT-1335** - DCE Accessibility - Jaws does not read any of the fields' labels in "Rhythmyx Content Explorer Login" window - **RHYT-1336** - 508 Compliance - Screen reader does not recognize Password fields. Reads letters typed in Password field - **RHYT-1337** - 508 Compliance -DCE - Unable to select/change values from Locale, Community and User Roles dropdowns - **RHYT-1365** - DCE- Accessibility Unable to select Sites / Folders from Left Navigation of DCE using keyboard shortcuts - **RHYT-1402** - Content Explorer top menu hidden with with white background on Mac - **RHYT-1403** - Make community and Locale changes visible that change has occurred. - **RHYT-1412** - Desktop Content Explorer Icon - Spelling Error - **RHYT-1414** - DCE Accessibility - DCE Login Screen only reads mouse over text on the SSL checkbox field - **RHYT-1416** - DCE - Accessibility - After changing Locale there is no keyboard focus, user is stuck - **RHYT-1417** - DCE - Accessibility - After changing Community there is no keyboard focus, user is stuck - **RHYT-1418** - DCE Accessibility - Jaws does not read the Refresh button and there is no way to activate the button - **RHYT-1419** - DCE - Accessibility - No visual indicator that keyboard focus is on Publish Only in Special Edition checkbox - **RHYT-1421** - DCE - java.lang.NullPointerException Creating New Content Auto Index - **RHYT-1444** - Content Explorer Context Menus and dialogs open in primary display only when using multiple monitors - **RHYT-1372** - DCE JNLP version specific - **RHYT-1200** - Spegno authentication fails to work after upgrade on jetty - **RHYT-1408** - Jetty can't handle the ldaps protocol ### Additional Steps ### - The old DCE client may need to be manually removed. Ongoing it will automatically update from the server after patch. If the jnlp file is downloaded with https then https will be used from the DCE client. To view the installed DCE the following can be typed from the command line - javaws -viewer - Any versions of the DCE client installed can be selected and removed with the X icon in the menu. - All existing jnlp applications can be removed with the following command (Note this may remove non rhythmyx jnlp applications) - javaws -uninstall - javaws -clearcache - The new version of the client will show with the hostname it relates to and a percussion icon. The DCE can also be started from this interface. Right clicking on the application and selecting "Install Shortcuts" will add a shortcut to the users desktop that can also be used to run the application. Deleting will just remove the cached files, the following mechanisms will always get the latest version. - Installing and running DCE - Logging into Rhythmyx through the browser provides a link in the banner to download a jnlp file. If this file is run the application will be installed and started. Running the jnlp file will always check to see if there are updates on the client. The jnlp file does not need to be downloaded every time to run the client. - A direct download link to the jnlp file can be provided to the clients for each server. This file can be distributed to the users machines and run directly. It will always request the latest information from the server when run and does not need updating unless the server url changes. - http(s)://server:port/Rhythmyx/dce/dce.jnlp - From the command line the following command can be run without requiring download of jnlp file. - javaws http(s)://server:port/Rhythmyx/dce/dce.jnlp - To install and create shortcut without running the following can be used - javaws -import -shortcut http(s)://server:port/Rhythmyx/dce/dce.jnlp #### **Patch 732_20161228** #### #### Changes In This Release #### - Added new plugin for TinyMCE for inserting html at cursor. - Added new post edition task for integrating with Siteimprove. - The Amazon S3 secret key is now hidden like a password. - Added a new server property and UI role for Content Explorer - The server property is called "enableContentExplorerRole", by default this is set to false. - Enable by setting it to true, for example: enableContentExplorerRole=true - The new UI role is ContentRole, when the property is true, users who don't have this role will not be able to see the content explorer tab. - Publishing hubs by default now hide the Workflow and Content Explorer tab. #### Change List #### - **RHYT-1019** - Missing feature 'InsertHTMLAtCursor' in TinyMCE - **RHYT-1320** - Add Site Improve Post Edition Task - **RHYT-1206** - Hide Amazon S3 Secret Key - **RHYT-1244** - Add a UI Role for Content Explorer so the tab can be removed #### Additional Steps #### - To enable the new TinyMCE plugin, add rxinserthtml to your config json file for TinyMCE. ------------------ #### **Patch 732_20161228** #### #### Changes In This Release ##### - TinyMCE Changes in this release: - We have upgraded TinyMCE to the latest available version of 4.3.10, as well as enabled many features missing that were present in EditLive: - Enabled the Autosave plugin to TinyMCE, your last available draft will be automatically saved - There is now a restore draft button on both the toolbar and menu - Disabled TinyMCE contextmenu in order to allow the browser's native contextmenu - This will allow usage of the browser's spellingcheck and auto correction - Added cut, copy, and Search & Replace to the toolbar - Added font style selection to toolbar - Added font Size selection to toolbar - Added "Address" format missing from TinyMCE from EditLive - Enabled access to custom colors for font-color and background-color - Added keyboard shortcuts for the Rhythmyx Inline controls - Added missing table operations to toolbar - Added missing link operations to toolbar - Added fullscreen view to the toolbar - Added insert code samples ability to toolbar, and the document in html format - Added anchoring (Bookmark) ability to toolbar - Added missing formatting options to toolbar (underline, strikethrough, superscript, and subscript) - Added toolbar options to give a visualization to document blocks and invisible characters - Added inserting special characters, horizontal line, and date time to the toolbar - Added ability to change typing direction - Fastforward loading package version numbers have been updated - Resolved the transfer of locales through the Multi-Server-Manager breaking the result count of Content Explorer, and the Rhythmyx logout page - Resolved failing to catalog database tables from DB2 - Resolved purging revisions scheduled task failing on Oracle databases - Resolved extend expiry dialogue on Jetty not responding - Resolved Safari throwing a webkit trigger error when using Content Explorer #### Change List ##### - **RHYT-4** - Multi-Server-Manager transfer of locales breaks the Result count display in Content Explorer** - **RHYT-1216** - User is seeing the purge revisions task throw an error - **RHYT-19** - Multi-Server-Manager transfer of locales breaks logout page - **RHYT-1092** - Couldn't catalog database tables from DB2 server - **RHYT-1122** - Spell Checker no Longer Working After Switch to TinyMCE - **RHYT-1173** - Fastforward loading Package data with 7.1.0 as Max and Min Version - **RHYT-1196** - Webkit Trigger Error Thrown in Safari on Mac when using Content Explorer Applet - **RHYT-1181** - Jetty - Extend Session expiry dialog doesn't respond - **RHYT-1218** - Upgrade TinyMCE Revision to Latest Version - **RHYT-489** - In TinyMCE no Shortcut keys are available for inline controls #### Additional Steps #### - Purge Revisions Scheduled task note for older versions of MSSQL: http://help.percussion.com/rhythmyx/technical-notes/purge-revisions-and-mssql.html - Changes to DB2 configurations note: http://help.percussion.com/rhythmyx/technical-notes/constructing-jdbc-urls-with-db2-databases.html - Changes to TinyMCE configuration files: - Browser cache may not show the updated TinyMCE settings, if this happens then the browser cache may need to be cleared. - We do not overwrite Custom configuration files present for TinyMCE, however in order to use the new TinyMCE features the configuration file being used must be changed. - This file is located in the {installation root}/rx_resources/Tinymce/js/config directory. For the best experience, add to the plugins JSON array the following: - autosave, codesample, colorpicker - Additionally remove the following plugins: - pagebreak, contextmenu, and template. - Lastly, add outside of the JSON array the following for spellchecking capability: - "gecko_spellcheck" : true, - "browser_spellcheck" : true - Review the default_config.json in the {installation root}/sys_resources/Tinymce/js/config directory for use as an example. - You may also transfer this default_config.json file to the equivalent rx_resources directory if there are no configurations you wish to keep or that are overwriting.