Okiok releases version 4.15.0 of S-Filer/Portal™.
The key feature of this release is the introduction of Multi-Factor Authentication (MFA) into the solution to provide enhanced security to accounts. The multi-factor authentication available in the S-Filer/Portal™ solution is a security mechanism where access to features requires a second authentication factor. It will therefore be possible to use a mobile application such as Microsoft Authenticator or Google Authentication to provide an ephemeral code (TOTP) that acts as a second authentication factor. It is also possible to use access tokens as a password. The introduction of this feature is done in a non-intrusive way and users must choose whether they want to set up MFA on their account. The use of MFA in the solution applies to all protocols and clients supported by the solution except for FTP/S since there is no mechanism to request a second factor in this standard protocol (an account with MFA cannot be used in FTP/S).
This release also introduces a feature to restrict the exposure of the REST API documentation. The documentation is offered by default via the url :
It is now possible to control its content and decide which services are exposed.
The use of MFA in the solution is described in a separate article available here.
REST API RESTRICTION DOCUMENTATION EXPOSURE
This feature allows solution administrators to decide which section of the REST API documentation will be publicly exposed. A new link in the administrative console provides access to the control panel that manages the exposure of services. This feature only restricts the exposure of the documentation, the services will still be available to users based on their access rights.
The new control panel is located under the server section. By clicking on the link, all available REST services will be displayed and you can choose which ones to expose. By default, all documentation will be exposed.
API and compatibility changes
- New services are now available to manage the different authentication factors. Please refer to the API definition for full details:
- The sfiler-admin-cli application has been modified to allow for the management of MFA-related entities.
Minor improvements and bug fixes
- The gateway (Proxy) present on the sfiler-gateway has been removed from the configuration. This functionality has been replaced by an equivalent functionality in the web interface.
- Moving folders or files in the web interface causes an error to be displayed. This problem will be fixed in version 4.15.1 to come very soon.
- Reminder: The applet will soon be removed from the solution. It is recommended to migrate to the end-to-end encryption technology introduced in the solution and available with modern browsers.
This version introduces a change to the database model and requires the use of sfiler-config-cli to achieve this. We strongly recommend that you perform a full backup of the solution before upgrading. Do not hesitate to contact our support group if you have any questions regarding this upgrade. firstname.lastname@example.org