WSO2 API Manager 1.10.0 - Beta Released !

WSO2 API Manager 1.10.0 - Beta Released !

Date : 14st December 2015

The WSO2 API Manager team is pleased to announce the release of WSO2 API Manager 1.10.0 Beta. You can download the distribution from [1].

WSO2 API Manager is a complete solution for designing and publishing APIs, creating and managing a developer community, and for scalably routing API traffic.

It leverages proven, production-ready integration, security, and governance components from the WSO2 Enterprise Service Bus, WSO2 Identity Server, and WSO2 Governance Registry.
In addition, it leverages the WSO2 Business Activity Monitor for Big Data analytics, giving you instant insight into APIs behavior.

We have fixed following JIRA issues

    Release Notes - WSO2 API Manager - Version 1.10.0-beta

Bug

• [APIMANAGER-1767] - Rating value cannot be seen by an anonymous user when gone to the API itself; But can be seen in the More APIs from "user" list
• [APIMANAGER-1809] - MYSQL Setup : ?relaxAutoCommit=true parameter needed
• [APIMANAGER-2376] - Tenant loading fails in Gateway after restarting the server, due to 'Resource does not exist at path /_system/config/repository/transports/https/listener'
• [APIMANAGER-2429] - [MT Mode] Google Analytics Configurations are applied only after server retstart
• [APIMANAGER-2717] - API status changes for subscriptions from other tenants are not updated (UI Issue)
• [APIMANAGER-3002] - Issue in the Documentation Content search in the Publisher and Store
• [APIMANAGER-3248] - SSO log out issue (publisher/store)
• [APIMANAGER-3370] - APIM retrieval of BAM data does not support DB2
• [APIMANAGER-3581] - WARN "LandingPageWebappDeployer Product landing page not found" when starting Beta pack
• [APIMANAGER-3706] - When you update an application in store and regenerate keys, still the application changes will not be replicated in IS side
• [APIMANAGER-3707] - Multiple versions of org.wso2.carbon.webapp.mgt.stub in wso2am-1.9.0-SNAPSHOT
• [APIMANAGER-3728] - Swagger Import button in publisher should be validated
• [APIMANAGER-3786] - Fix for 'claim mapping attribute getting null' issue is not updated in api manager side
• [APIMANAGER-3789] - Cannot access url type of myapi/v1.0/param/ of the API created with URL template like {pparam}/*
• [APIMANAGER-3830] - When you configure IS as KM, during the start up few errors will be printed.
• [APIMANAGER-3902] - custom configured throttling tier doesn't apply for application level for tenants
• [APIMANAGER-3913] - when JWT caching is enabled prototype APIs cannot be invoked
• [APIMANAGER-3920] - [Intermittent] - "org.wso2.carbon.registry.core.exceptions.ResourceNotFoundException: Resource does not exist at path /_system/config" returned when loading tenant store with APIs
• [APIMANAGER-3925] - Error occurs when approving/rejecting subscriptions creation (workflow) using admin dash board
• [APIMANAGER-3962] - HEAD method returns 500
• [APIMANAGER-3968] - jdbc table not created when db2 is used for statistics tables
• [APIMANAGER-3992] - API Store top menu bar went missing when navigating through the pages of "Applications" page
• [APIMANAGER-3996] - Even when Production Key and Production gateway options are selected from API Console, the request always goes to Sandbox gateway
• [APIMANAGER-4008] - AppId is not available in ApplicationWorkflowDTO
• [APIMANAGER-4011] - TenantId defaults to 0 instead of -1 (MultitenantConstants.INVALID_TENANT_ID) in AbstractAPIManager
• [APIMANAGER-4020] - JWT should be encoded with base64url
• [APIMANAGER-4058] - Publisher implementation page, "Test" URL buttons give "invalid" for valid URLs
• [APIMANAGER-4061] - API Publisher context not validated properly
• [APIMANAGER-4071] - After removing subscription, a Production/Sandbox blocked API for the particular App cannot be unblocked again
• [APIMANAGER-4076] - UI Issues with Publisher API Docs page
• [APIMANAGER-4077] - If two docs were added to an API with the same file name, first file will be overwritten by the second.
• [APIMANAGER-4080] - Visibility parameter is ignored when adding api through the API(addAPI)
• [APIMANAGER-4086] - Destination Based Stat publishing cannot be disabled by admin-dashboard
• [APIMANAGER-4087] - Previously populated values disappear when re-enabling Stats
• [APIMANAGER-4089] - Error with subscription
• [APIMANAGER-4091] - Handling Location header is different in API Manager compared to ESB
• [APIMANAGER-4095] - The enduser claim sent it JWT for NTML grant type is wrong
• [APIMANAGER-4108] - Server startup exception - A queue manager instance has already been set
• [APIMANAGER-4116] - In registry wsdl enpoint url has api version appended twice
• [APIMANAGER-4121] - Prototyped APIs cannot be searched on API Store
• [APIMANAGER-4123] - Error when accessing Statistics when statistics DB is PostgreSQL
• [APIMANAGER-4127] - API Publisher Statistics "faulty invocations" and "API response times"
• [APIMANAGER-4134] - Need to check the gateway type before adding custom sequences into registry
• [APIMANAGER-4137] - If tenant name is too long then tenant API store will show tenant names in abnormal way
• [APIMANAGER-4139] - My Subscription page Fails to load when an API is Recreated After Deleting
• [APIMANAGER-4140] - API Manager migration client stops migration of artifacts if there are blocked state APIS
• [APIMANAGER-4141] - Gateway url of swagger console is not changing after entering custom url.
• [APIMANAGER-4145] - Queries in APIUsageStatisticsClient should be compatible with Oracle/H2/MSSQL/PostgreSQL databases, in addition to MySQL.
• [APIMANAGER-4148] - Errors when loading APIM statistic pages with oracle
• [APIMANAGER-4149] - API Forum appears only if there is at least one active tenant
• [APIMANAGER-4154] - URI template, query parameters are url-encoded by default
• [APIMANAGER-4155] - API Throttled out graphs shows invalid data when there are cross tenant invocations
• [APIMANAGER-4156] - When Stats DB type is Oracle few graphs are delayed about 10 seconds when loading
• [APIMANAGER-4163] - API Manager store creates sessions for non-existing resources
• [APIMANAGER-4165] - Remove the tenant domain information shown in the URL when custom URLs are being used
• [APIMANAGER-4167] - Error when store debug logs are enabled
• [APIMANAGER-4170] - Error in key generation when PostgreSQL used as the database
• [APIMANAGER-4172] - API Console breaks, if double quotes are used for names/labels in the swagger definition
• [APIMANAGER-4173] - Sample API no longer works
• [APIMANAGER-4176] - Sample Weather API no longer works
• [APIMANAGER-4178] - Error when try to enable 'code' grant type from Manage->Oauth menu in management console
• [APIMANAGER-4180] - Not able to use code and implicit grant types even after user modify the APIStore app with callback url added
• [APIMANAGER-4190] - bussiness owner information chinese incorrect code.
• [APIMANAGER-4191] - Cannot update Application name for applications with generated keys
• [APIMANAGER-4195] - Fake Success on create Api
• [APIMANAGER-4197] - JWT token invalid enduser value
• [APIMANAGER-4200] - For larger request payloads with invalid OAuth token doesn't give an UnAuthorized response back
• [APIMANAGER-4202] - [Tenant mode] Exception thrown when invoking API
• [APIMANAGER-4203] - Support Native DB2 for Stats in API Manager
• [APIMANAGER-4205] - Cannot create (publish) API
• [APIMANAGER-4208] - API Creation fail in tenant mode
• [APIMANAGER-4210] - [Distributed setup]Tier changes from admin-dashboard aren't get reflected in gateway immediately
• [APIMANAGER-4211] - Throttle stat graph show wrong API results
• [APIMANAGER-4212] - Stat REST client not show the versions and users graphs in API
• [APIMANAGER-4213] - Stat RDBMS client, sorting and date format issue in Stat graphs
• [APIMANAGER-4214] - Stat pages still says "configure BAM" instead DAS
• [APIMANAGER-4215] - Error accessing original API of an external API published by a tenant
• [APIMANAGER-4216] - PostgreSQL - Cannot delete application
• [APIMANAGER-4220] - Request time out when sending a PATCH request in tenant mode
• [APIMANAGER-4221] - [Distributed setup] Errors while accessing the first API of the tenant
• [APIMANAGER-4222] - Calling GET APIs with empty parameters causes internal server error
• [APIMANAGER-4223] - REST API [Publisher] Allows to Create API with insufficient rights
• [APIMANAGER-4224] - Get data of an Application with invalid UUID causes internal server error
• [APIMANAGER-4225] - When the tiers are fetched initially through the REST API, the tierPlan is NULL
• [APIMANAGER-4226] - Update API through REST API with valid UUID and invalid data has an issue
• [APIMANAGER-4231] - PostgreSQL - Cannot remove subscription
• [APIMANAGER-4232] - When APIM custom URL is configured it does not change the the curl commands gateway URL in subscription page
• [APIMANAGER-4234] - Cipher tool feature is not installed
• [APIMANAGER-4236] - No proper error response when a malformed request is being built
• [APIMANAGER-4238] - isPaid attribute is being shown on the UI of the Subscribe page
• [APIMANAGER-4239] - API Gateway Token and Revoke Endpoints Fail When KeyManager URL has an Extra Context
• [APIMANAGER-4246] - Redirection warning should not pop up if the redirection is happening to the same store
• [APIMANAGER-4256] - Tenant-mgt.xml is missing in the AM 1.10.0 alpha pack
• [APIMANAGER-4265] - java.lang.NullPointerException: Tenant domain has not been set in CarbonContext is throwing when open an API in API store for the first time
• [APIMANAGER-4266] - [Custom API subscription workflow] Constructed redirection url query paramters appended as "?params=". see the description
• [APIMANAGER-4270] - " java.lang.NullPointerException" in the start up for third party key manager (Surf Oath) configuration.
• [APIMANAGER-4273] - API creation > implementation stage > URL test functionality gives a "Invalid- 404 not found" for sample API
• [APIMANAGER-4277] - Newly added throttling tiers are not showing in the drop down list when creating a new application
• [APIMANAGER-4278] - Can not update the API after assigning scopes
• [APIMANAGER-4279] - apim publisher jaggery debug level
• [APIMANAGER-4281] - Incorrect application logged when subscribing to a blocked application.
• [APIMANAGER-4285] - Update /statistics/README.txt for AM 1.10.0
• [APIMANAGER-4292] - Issues occur when resources have & or &
• [APIMANAGER-4296] - OAuth authenticator does not allow accessing Default Scope resources for super tenant users
• [APIMANAGER-4298] - Invocation of Prototype API fails when JWT is enabled
• [APIMANAGER-4300] - Already existing API throttling tiers (read from the tiers.xml) doesn't have the "tierPlan" attribute
• [APIMANAGER-4301] - Incorrect content in top_users_per_application graph
• [APIMANAGER-4304] - Error when changing the Data Analyzer
• [APIMANAGER-4307] - Log indicating re-sending of failed published data
• [APIMANAGER-4308] - Invocation fails with "Unclassified Authentication Failure" warning message.
• [APIMANAGER-4309] - Statistic publishing fails when email username is enabled
• [APIMANAGER-4312] - Intermittent exceptions while invoking an API with a small load while publishing data in tenant mode
• [APIMANAGER-4315] - SSO for publisher fails with ScriptException for IS 5.1
• [APIMANAGER-4319] - Cannot publish statistics via RDBMS [Oracle Specific]
• [APIMANAGER-4320] - Need to remove unused files related to Tier Management UI
• [APIMANAGER-4322] - Server is not starting up when point to Oracle 11g
• [APIMANAGER-4324] - [Doc] Error thrown on API Subscription workflow
• [APIMANAGER-4325] - Carbon console shows inconsistent error log for subsequent invocations when access token is expired.
• [APIMANAGER-4326] - DB2 script execution fails when statement terminator is '/'
• [APIMANAGER-4327] - Invocation of publisher REST API to get details of a specific API fails for sample API
• [APIMANAGER-4328] - Error when generating access tokens based on Authorization code and Implicit grant types
• [APIMANAGER-4329] - Saas does not get enabled for app made through OAuth app registration API
• [APIMANAGER-4331] - Last Access times graph doesn't show the Time ( Statistics)
• [APIMANAGER-4332] - User profile link is missing in carbon console > main > list users page
• [APIMANAGER-4334] - Unable to Register an OAuth client using configured third party key manager (surf)
• [APIMANAGER-4335] - Need to prevent tier name edit via UI and tier cache should be invalidated after tier deletion
• [APIMANAGER-4337] - admin-dashbaord does not display workflows
• [APIMANAGER-4343] - [secondary JDBC user store] When user subscribe to an api which has role based visibility and generate keys, particular user's permission gets dropped.
• [APIMANAGER-4346] - API Gateway fails when both path and query parameters are used
• [APIMANAGER-4348] - [Metrics DB Script] DB scripts are missing
• [APIMANAGER-4349] - [UI] Fault in message mediation policy clear function breaks api creation flow
• [APIMANAGER-4350] - DB2 SQL Error : SQLCODE=-204, SQLSTATE=42704 when start up the server with -Dsetup
• [APIMANAGER-4355] - Changing LC of version upgraded API with Default Endpoint fails
• [APIMANAGER-4356] - [Intermittant] "org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized" error observed when navigates to admin-dashboard for approving subscriptions
• [APIMANAGER-4364] - "Error while adding the icon image to the registry" observed when adding large file
• [APIMANAGER-4365] - Even though "GatewayResourceCache" is set to true change done for API resources (auth type, tier etc) reflects before cache expiration time.
• [APIMANAGER-4367] - Entitled scopes are not returned for users from Secondary User Stores
• [APIMANAGER-4368] - Cannot copy APIs with Scopes
• [APIMANAGER-4369] - When API is give a new tier added from the admin dashboard auth type none selected resources giving "Message throttled out" error.
• [APIMANAGER-4370] - [Secondary User Stores] Can not delete apps with tokens
• [APIMANAGER-4371] - Documentation download not working for super tenant
• [APIMANAGER-4374] - [DAS/Stats] When enabling stats for API-M, a db level exception is triggered in DAS end
• [APIMANAGER-4376] - Unable to invoke rest API with API_SUBSCRIBER_SCOPE scope
• [APIMANAGER-4377] - tokenScope returned as java object reference in App registration response
• [APIMANAGER-4379] - If we un-publish and publish the API again, synapse configuration doesn't have resource methods
• [APIMANAGER-4382] - [Cluster]Hard throttling limit for API fails for concurrent requests.
• [APIMANAGER-4386] - WARN message gets printed for each REST API invocation
• [APIMANAGER-4390] - X-WSO2-Tenant does not retrieve tenant space data for /apis
• [APIMANAGER-4394] - Issue in mediation policy upload validation

Improvement

• [APIMANAGER-2166] - DB2 Support
• [APIMANAGER-2553] - Review the REST API
• [APIMANAGER-2687] - Forum content and reply editting
• [APIMANAGER-3591] - Throttle Policy management Enhacements
• [APIMANAGER-3638] - Make order of execution of APIManagerExtensionHandler and APIAuthenticationHandler configurable at each tenant
• [APIMANAGER-3958] - OAuth2 SCOPE value is not available in message path. It is better to set it as property?
• [APIMANAGER-3978] - /userinfo end point can be deployed as default API in the Gateway.
• [APIMANAGER-4112] - [Store REST API] New API to return APIs by tag
• [APIMANAGER-4114] - Renaming locations to which the store/publisher apps are being copied at build time
• [APIMANAGER-4124] - High number of DB calls going from Gateway to the database if default api is selected.
• [APIMANAGER-4146] - Integrate registry lifecycle with APIM 1.10.0
• [APIMANAGER-4189] - Introduce IDs for fields to enable EnjoyHint capabilities for the cloud tutorial
• [APIMANAGER-4217] - Sufficient Audit logs should be included for main activities in publisher, store
• [APIMANAGER-4392] - Its better to make the wildcard charater mandatory for the publisher REST API query

New Feature

• [APIMANAGER-509] - Provide means to search tags
• [APIMANAGER-647] - Provide a better UI than selecting from a drop down list to deal with lifecycle states of an API with publisher UI
• [APIMANAGER-3705] - Add HTTP method "PATCH" support to API-M
• [APIMANAGER-3979] - Support Digest auth protected enpoint as a back end URL.
• [APIMANAGER-4027] - Enabling users to invoke APIs when the throttle limit has exceeded
• [APIMANAGER-4034] - Making the backend endpoint/url optional
• [APIMANAGER-4179] - Support reverse proxy for API manager admin-dashboard application
• [APIMANAGER-4192] - Set a throttling hard limit per API
• [APIMANAGER-4262] - REST API for publisher and there we are exposing a resource "/tiers"

Task

• [APIMANAGER-4243] - Remove obsolte configurations from carbon.xml
• [APIMANAGER-4264] - Move the user/role management to the "Configure" tab

Sub-task

• [APIMANAGER-4244] - Set default values for API registry resources to be compatible with new api.rxt
• [APIMANAGER-4247] - Workflow deletion extension feature changes in workflow-extensions.xml
• [APIMANAGER-4248] - Changes to tiers.xml
• [APIMANAGER-4250] - Association of Registry lifecycle for APIs
• [APIMANAGER-4251] - Remove Tenant domain from the user name in AUTHZ_USER column in IDN_OAUTH2_ACCESS_TOKEN table

How To Contribute

You can find more instructions on how to contribute on our documentation site.
If you have any suggestions or are interested in discussions, you can join the [email protected] or [email protected] mailing lists.

If you wish to contribute to our product development you can find the github repos from [2] and [3].

Reporting Problems

We encourage you to report issues, improvements and feature requests regarding WSO2 API Manager through the public JIRA https://wso2.org/jira/browse/APIMANAGER

Contact us

WSO2 developers can be contacted via the mailing list: Carbon developer mailing list
For details on subscriptions see http://wso2.org/mail