Changelogs

The button for updating the INUBIT BPC modules has been removed. Please ensure that the corresponding modules are present in the BPC’s deploy directory. If the BPC is deployed via the installer, the modules should be present.

The Data Stream Analyzer could be forced to use MimeUtil to determine the MIME type using the special module property "datastreamanalyzer.mode." This option has now been removed. Apache Tika is now always used for analysis.

Breaking Change

If the module property "datastreamanalyzer.mode" is explicitly set in the Data Stream Analyzer, it no longer has any effect. Apache Tika is always executed internally to analyze the data stream. This may lead to a change in the detected MIME type.

The spring boot library has been updated.

The tika library has been updated.

The ZUGFeRD utility has been extended to support reading and writing of PDFs of type PDF/A-3B and PDF/A-3U.

The button for updating the INUBIT BPC modules has been removed. Please ensure that the corresponding modules are present in the BPC’s deploy directory. If the BPC is deployed via the installer, the modules should be present.

The "Migrate to Saxon 10" option has been removed from the Workbench. The necessary Saxon adjustments will be performed automatically during the migration or import.

The REST API endpoints now return the response in the format requested by the client. The same applies to error messages. The default is "application/json"; for XML, "application/xml" must be specified in the Accept header.

The Data Stream Analyzer could be forced to use MimeUtil to determine the MIME type using the special module property "datastreamanalyzer.mode." This option has now been removed. Apache Tika is now always used for analysis.

Breaking Change

If the module property "datastreamanalyzer.mode" is explicitly set in the Data Stream Analyzer, it no longer has any effect. Apache Tika is always executed internally to analyze the data stream. This may lead to a change in the detected MIME type.

If INUBIT is used with Keycloak, the backup files created so far are incomplete and the diagram, module, and repository data of INUBIT users are missing. This ticket will resolve the issue, and the backup files created from now on will be complete.

The FTP Connector plugin has been corrected so that it now terminates correctly in a timeout situation and the workflow aborts with a corresponding message due to this error.

Fixed an issue in the module wizard on the MDN validator page that prevented the stored certificate from being displayed.

An error when creating an SQL statement caused an error when executing the Midnight Task and has now been fixed.

The online documentation in version 9.0 is now called from the INUBIT 9.0 Workbench.

In the module wizard, the correct online help pages are now called from the Connection Pooling dialog when you click F1.

The Remote Connector has been updated with INUBIT 9.0.

Breaking Change

The Remote Connector in INUBIT 9.0 can no longer be used in INUBIT 8.1 and earlier. Adding it in the Connection Manager is no longer possible, significantly limiting maintenance and monitoring.

The HTTP status description available in the restConnector.responseStatusDescription variable has changed. If you need the value of this variable, adjust your logic to the new values.

The following table illustrates the new values:

Starting with INUBIT 9.0, REST connectors containing multiple path parameters with the same name will no longer execute.

The following actions will result in errors in the corresponding connectors:

Path parameter names must not be used multiple times. Correct any duplicates accordingly.

Starting with INUBIT 9.0, REST connectors whose path parameter contains a "." (period) will no longer be executed. The following actions will cause errors in the corresponding connectors:

Breaking Change

Path parameter names may no longer contain periods. Correct any incorrect names accordingly.

The feature available up to and including INUBIT 8.1, which allowed sending a request with the query parameter method=<HTTP method> and thus overriding the HTTP method at the endpoint, has been deprecated and is no longer available.

Breaking Change

Endpoints must now be called using the HTTP method with which they are exposed in the API. Overriding the HTTP method is no longer possible.

Keycloak has been updated.

A potential XXE vulnerability in the INUBIT REST API has been fixed. The following switches can be used to reject XML data that potentially exploits vulnerabilities:

Recommendation: Enable these switches in production systems to prevent potential security issues when processing XML.

Apache Tomcat has been updated.

The Web Service Connector module wizard has been enhanced so that when a keystore is stored, the keystore password is also saved and used at runtime. If the keystore and password do not match, the module will fail to execute, or the keystore cannot be stored in the module.

If the FTP connector is configured with a server via FTP or FTPS and the connection must be made via a proxy, this can now be configured accordingly in the module properties.

The Remote Connector has been updated with INUBIT 9.0.

Breaking Change

The Remote Connector in INUBIT 9.0 can no longer be used in INUBIT 8.1 and earlier. Adding it in the Connection Manager is no longer possible, significantly limiting maintenance and monitoring.

A problem with the task filter REST API endpoint has been fixed so that all tasks on the process engine that match the filter criteria can now be queried across all roles.

Accessing the Process Engine via CLI is now possible even on systems that do not support a browser UI.

Logging in via Workbench to a process engine that uses Keycloak as an identity provider is now token-based (OAuth). The user switches to the browser and logs in directly to Keycloak. Workbench then only uses the access token that Keycloak returns upon success.

The Workbench login screen has been redesigned and now supports login when using Keycloak as well as internal user management.

If Keycloak is used as an IdP, the session running there will be removed from the workbench when a user logs out.

Login via CLI against the internal user management is still supported with user and password.

INUBIT installer uses InstallAnywhere version IA2025 now.

The certificates to be stored in the connector can now also be integrated via the Credentials Manager.

The certificates, keystores and truststores to be stored in the connector can now also be integrated via the Credentials Manager.

The certificates, keystores and truststores to be stored in the connector can now also be integrated via the Credentials Manager.

The Credentials Manager now supports certificate storage. This can be used in modules to securely store public keys or certificates.

The Credentials Manager now supports key pair storage. This can be used in modules to securely store private keys or key pairs.

Certificates for remote connector configuration can now be integrated into system connectors via the Credentials Manager.

The AS4 gateway now works on Apache Tomcat 10.

The option to limit GUI threads has been removed under "General Settings". Any number of UIs can now connect to the Process Engine.

The tunnel functionality of the INUBIT Process Engine has already been discontinued and is now removed.

The Apache Camel library has been updated.

Additional endpoints for deleting diagrams and modules, as well as their versions, have been added to the Process Engine REST API.

INUBIT now supports Windows 2025.

A potential XXE vulnerability when reading the as4-gateway.xml file has been closed.

Support for "userType=processUser" has been removed from the following REST API endpoints:

When OAuth is enabled, the CLI now redirects to the configured authorization server to perform user login via OAuth.

The INUBIT CLI now allows OAuth authentication even when no browser is available.

The SOAP API in the INUBIT Process Engine has been removed. All access is now via the REST API.

Workbench and CLI now use OAuth for authentication against the Process Engine. Basic Auth is still supported as a fallback, but it is deprecated and no longer recommended for security reasons.

The JSON validator uses only modern way to validate the JSON with backward compatibility. Removed the legacy way to validate the JSON.

To set the username and password for the Keycloak connection, the values can now be passed as environment variables:

If the environment variables are not set, the values from the JSON configuration file are used.

Keycloak is now the default preconfigured user management system in the INUBIT Process Engine. Please fill out the required JSON configuration file correctly so that the server can start successfully.

Internal user management is still offered, but is not suitable for use in production environments.

When executing asynchronous workflow jumps with the same process ID via WFC, in which a multiplexer bundles incoming data streams, it is currently not possible to distinguish between the different executions at the mux. Therefore, the mux merges the first incoming data streams, which is not always desired.

The new module property "CreateModuleRunId" (type: Boolean) has been introduced at the workflow connector, which allows the multiplexer to distinguish between different asynchronous workflow executions. The module property must be created manually and assigned the desired value ("true", "false").

The keycloak_template.json file has been expanded to include a description of all available options. This means you can find the documentation directly in the file, rather than in the online documentation.

Keycloak has been included in the standard install set. This bundles the appropriate components for productive installation in one package.

A problem with detecting the port on which the INUBIT Process Engine is running has been improved so that it now works flawlessly even when using multiple ports.

Fixed a memory issue in the Workbench when repeatedly running diagram deployment.

A performance issue when inserting large amounts of data into a MySQL database has been fixed.

Reading the contents of database tables failed when using some database types (including MySQL). This issue has now been resolved.

If Keycloak is configured as the IdP in a process engine, the user base will not be changed during migration or backup restoration. All INUBIT users must be manually created in Keycloak before the migration/backup.

Using the CLI has changed slightly. To access the help, you must explicitly pass the -h or --help parameter.

The HTTP status description available in the restConnector.responseStatusDescription variable has changed. If you need the value of this variable, adjust your logic to the new values.

The following table illustrates the new values:

Starting with INUBIT 9.0, REST connectors containing multiple path parameters with the same name will no longer execute.

The following actions will result in errors in the corresponding connectors:

Path parameter names must not be used multiple times. Correct any duplicates accordingly.

Starting with INUBIT 9.0, REST connectors whose path parameter contains a "." (period) will no longer be executed. The following actions will cause errors in the corresponding connectors:

Breaking Change

Path parameter names may no longer contain periods. Correct any incorrect names accordingly.

The feature available up to and including INUBIT 8.1, which allowed sending a request with the query parameter method=<HTTP method> and thus overriding the HTTP method at the endpoint, has been deprecated and is no longer available.

Breaking Change

Endpoints must now be called using the HTTP method with which they are exposed in the API. Overriding the HTTP method is no longer possible.