If a user with the frevvo.Reports role also has frevvo.Publisher or frevvo.ReadOnly roles assigned, the latter will take precedence and they will not see the reports tab.
Built-in Admin for LDAP Security Manager tenants
In previous releases, the Tenant admin could login directly to Live Forms or login with a user id who has been given tenant admin permissions in your Active Directory. Tenants using the LDAP(s) Security Manager now have the ability to configure a Backdoor built-in Admin account. This was not possible for this Security Manager in previous releases.
When you create a new tenant, you are prompted to set up a tenant admin user id, password and email address. This tenant admin does not authenticate via your LDAP IDP. It only exists in Live Forms. If you experience an issue with your LDAP configuration such that you can't login as an Active Directory authenticated user, this account provides a backdoor built-in you can use to login to your tenant as a tenant admin in order to fix your configuration issue. The Backdoor Admin built-in admin is able to access the
Browse this URL to login as the Backdoor Adminbuilt-in admin: <base_URL>/frevvo/web/admin/login. The <base_URL> is typically http(s)://<your servername>:<port>. For cloud customers the <base> is always https://app.frevvo.com.
You must use the admin specific URL - <base-url>/frevvo/web/admin/login - to login as the backdoor built-in admin.
Non admin users can also login using the admin specific URL.
Logging as your authenticated LDAP tenant admin. Click the Edit Tenant link. The Admin User information is displayed.
If logging in as the authenticated LDAP tenant admin is not possible, browse this admin specific URL - <base-url>/frevvo/web/admin/login. Enter the Backdoor Admin built-in admin userId. Click Forgot Password? Once you have changed the password, browse the admin specific URL again and login with the tenant admin user id and the new password. If you need to change the password again, or make changes to your tenant, click the Edit Tenant link. The Backdoor Admin built-in admin password can be changed on this screen.
This error message displays if any other user clicks on the Forgot Password? link after browsing the admin specific URL:
Refer to the Configuring the LDAP Security Manager for In-house and topics for more configuration information.
Changes to the
Built-in Admin for the Azure Security Manager
The Backdoor built-in admin for a tenant configured with the Azure Security Manager has changed.
- You must use the admin specific URL - <base-url>/frevvo/web/admin/login - to login as the backdoor built-in admin. The <base_url> is typically http(s)://<your servername>:<port>. For cloud customers the <base_url> is always https://app.frevvo.com.
Changes to the
Built-in Admin for the SAML Security Manager
The Backdoor built-in admin for a tenant configured with the SAML Security Manager has changed.
- You must use the admin specific URL - <base-url>/frevvo/web/admin/login - to login as the backdoor built-in admin. The <base_URL> is typically http(s)://<your servername>:<port>. For cloud customers the <base> is always https://app.frevvo.com.
Additional Information for In-House Customers
The initial release of
Enable users to create Strong Passwords (TIP-23488)
Enable users to create Strong Passwords
Good security is a desirable feature and is becoming mandatory with compliance initiatives like GDPR. This feature applies only to a tenant using the default security manager and to the backdoor built-in admin user for the LDAP, SAML and Azure security manager.
A user creating or resetting their password will be required to meet a password strength of Strong or Very Strong. Password strength is indicated as the user types by a Password Strength Meter visible below the entry. There are no specific length or character requirements, but the meter will detect the strength of the password based on use of uncommon words or phrases and unpredictable use of capitalization, numbers and special characters. Helpful suggestions appear to prompt the user towards a stronger password. Password length is limited to 100 characters and an error message will appear if user attempts to enter more than 100 characters. Users cannot use their old password or a temporary password as the new password.
Tenant Admins can expire passwords by checking Change Password on Next Login on the Edit User page. Tenant Admins can also update current users or add new users by uploading a CSV file. For security, the CSV file does not include a password column.
Setting notifyIfNewUser to TRUE causes
Users added manually will not get an automatic email prompt, but can be required to update their password on next login. This is by design to allow Admin users to add users prior to production, and then notify them to update their password later.
For in-house customers, policy strength and effective date are configurable properties in the <frevvo-home>\tomcat\conf\frevvp-config.properties using following properties.
To turn off the strong passwords feature, delete the line frevvo.password.policy.strength=<1-4>. To keep the feature but turn off only strength meter set frevvo.password.policy.strength=0.
JDBC Driver Upgrade
MySQL Connector/J 8.0 is highly recommended for use with MySQL Server 8.0, 5.7, 5.6, and 5.5. Note the difference in the driver classname:
Connector/J 5.1: driverClassName="com.mysql.jdbc.Driver"
Batch User Uploads
Uploading a CSV file to add or edit users normally runs quickly. However, if uploading a file in which the notifyIfNewUser property is TRUE for a large number of rows, this process may slow down on some email servers. Tenant Admins can configure Live Forms to run CSV-file user uploads in batches to improve upload time if needed. To adjust batch load size, configure the following property in <frevvo-home>\tomcat\conf\frevvo-config.properties.
Tenant/Flow admins no longer receive emails if submissions are created while the Refresh Searchable Fields process is running
The "Could not send submission for <flow name> Flow to insight server. HttpSolrClient.RemoteSolrException: Error from server at http://insight-server:8983/solr/<tenantid> missing required field: instanceid Exception is no longer logged when a submission is delayed because the batch is running at the same time. The tenant/flow admin will no longer receive emails to inform them that there was an issue with a submission. However, if an original submission could not be sent to the Insight server for some reason ( Insight server is not available or there are insufficient connections in the http connection pool), the exception will be logged and the administrators will be notified.
In-house customers must upgrade to JDK 11 before upgrading to
Tomcat and Insight Server version Upgrades
The version of tomcat has been upgraded to 9.0.19 in the Live Forms Cloud. and in the frevvo tomcat bundle for the v9.0 release.
The version of the Insight Server has been upgraded to Solr 7.5.0 in the Live Forms Cloud and in the frevvo tomcat bundle. Server functionality remains the same with the exception of the name of the directory in the tomcat bundle where Solr resides. In-house customers should review the Start the Insight server before Live Forms topic for the changes.
Hardware and Memory Requirements for your Live Forms Server
The minimum recommended hardware configuration for your Live Forms server is:
However you must size your hardware platform to your specific form usage characteristics. As the number of concurrent users and forms/flows increases so must the system memory. Refer to the memory configuration topic for the details.
There is a 60-second batch delay when running Refresh Searchable Fields (TIP-25408)
Must be authenticated superuser (instance admin) to download _data.properties file (TIP-21953)
The SQL Server JDBC Driver (mssql-jdbc-7.2.2.jre11.jar ) is included in the frevvo tomcat bundle in the <frevvo-home>\frevvo\tomcat\lib directory. (TIP-24982)
Global Logging Level properties corrected to logging.level.root=DEBUG and logging.level.root=WARN. (TIP-25936)
Enable users to create Strong Passwords (TIP-23488)
Insight Server Memory Requirements
It may be necessary to increase heap size for the Insight server, when reporting on/indexing a large number of submissions. Refer to the memory configuration topic for the details.