Reflection for the Web has adopted a new architecture that simplifies deployment, tightens security, improves scaling and high availability, and eases ongoing maintenance. There are two new deployment options: a virtual software appliance and Linux installers.
See the Reflection for the Web Deployment Guide for information about how to choose the deployment option that best fits your needs.
A single certificate is used for the entire cluster. TLS is used to secure end-to-end communication.
Services are self-healing and automatically distributed across cluster nodes, providing built in HA and fault tolerance.
Scaling to handle changes in capacity has been greatly simplified.
Clustering workflows have been improved and no longer require complicated certificate management.
Load balancers are now optional and no longer require complicated configurations.
Management workflows and basic monitoring of the cluster have been both simplified and expanded.
The new architecture is built on standards so that common tools can be used when working with the cluster.
The virtual software appliance provides a convenient update channel for applying product and operating system updates.
The configuration process has been simplified for Metering, Terminal ID Manager, Kerberos authentication, and X.509 authentication.
Updated Management and Security Server (MSS) to version 14.0.0.2. (13.3.0.2)
Updated Java and applied security updates to address CVEs and additional bug fixes. (13.3.0.2)
Applied security updates to address multiple CVEs. (13.3.0.1)
Addressed an issue that prevented the administrative advanced Kubernetes dashboard from loading in a deployment that was not connected to the internet. (13.3.0.1)
Added strict Transport Security Headers (HSTS) to enhance security. (13.3.0.1)
SiteMinder Agent name is now automatically replicated between nodes. (13.3.0.1)
Ability to generate MFJNLP content in the MSS Admin Console for an RWeb session. (13.3)
The MSS Admin Console, Metering Reports Console, and Terminal ID Manager Consoles all share the same password for easier management. (13.3)
Improvements made in support for IPv6. (13.3)
The process for configuring X.509 authentication has changed. Please see the X.509 authentication documentation for the updated steps. (13.3.0.1)
The minimum disk space requirement for the Appliance and Linux based installers has been increased from 60GB to 100GB. (13.3.0.1)
Reflection for the Web is installed via a virtual appliance or a Linux installer. (See What’s New.)
The Reflection for the Web Installation Guide has been renamed to the Deployment Guide and has been updated to document the new deployment process.
A collection of features that were believed to be unused have been deprecated and removed. Please contact Support if a feature that you depend on has been removed. (13.3)
The configuration process for the Security Proxy, Terminal ID Manager, and Metering have changed. See the MSS documentation for more information. (13.3)
The configuration process for various authentication types has been changed and simplified. See the MSS documentation for more information. (13.3)
The clustering process has changed and the clustering view has been removed in favor of the new Cluster Management Console.
Log in to the MSS Admin Console then choose Cluster Management from the drop-down menu. See the RWeb Deployment Guide for more information. (13.3)
Support for NTLM-based authentication has been removed and replaced with support for Kerberos. (13.3)
Microsoft has retired Internet Explorer 11, and as such, our ability to resolve IE 11 browser-specific issues in older versions of MSS is limited. Support for IE 11 has been removed from MSS 14.0 and greater. However, we will continue to support IE 11 for older versions of MSS that currently support it, as per the Product Support Lifecycle. (13.3)
Certain X.509 capabilities related to OCSP, CRL, and multi-LDAP support are not fully supported in this release. Please contact Customer Support if these capabilities are critical to your deployment. (13.3.0.1)
Following initial installation, server node restarts, or adding new nodes to the cluster, it may take approximately 15 minutes for the cluster to stabilize and report itself as “Healthy.” Numerous warning events may appear in the Cluster Management - Events view during startup. These events are part of the normal operation and will be cleared after approximately 15 minutes. Always wait for the cluster to be reported as healthy before proceeding with cluster operations. (13.3)
Upon initial installation of the product, a session server will occasionally fail to start due to a problem with the underlying storage engine. This can be recognized in the Cluster Management console > Cluster Health, where the session server(s) show as not ready.
To work around this issue, access the server node using SSH and run cspctl cluster reset. Be aware that this command resets the node to a clean state and any application data is lost, so only run it as needed on first installation if this issue appears. (13.3)
When using the migration tool to migrate from a system with Terminal ID Manager configured, Terminal ID Manager will fail to start on the new system after migration. To work around this issue please contact Support. (13.3)
Automated Sign-on for Host Access is currently not functioning. This will be addressed in an upcoming release. (13.3)
Support for X.509 authentication through a load balancer is not currently functioning. (13.3)
Reflection/InfoConnect Desktop FTP sessions that run through the Security Proxy may fail with a "Failed to establish an FTP Gateway session" message. Please contact Support for assistance. (13.3)
Support for session personalization is not currently functioning. This will be addressed in an upcoming release. (13.3)
Security Updates:
Reflection for the Web Documentation:
Reference Guide, which includes:
Management and Security Server (MSS) Documentation:
© 2024 Open Text or one of its affiliates
The only warranties for products and services of Open Text and its affiliates and licensors (“Open Text”) are as may be set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Open Text shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice.