OLFS version 1.18.14 for Hyrax-1.17.0

Requires:

• bes-3.21.0-46
• libdap-3.21.0-27

NEWS:

• OLFS is now also compatible with Java17 (jdk17)
• Changed maxResponseSize type from int to long.
• Units scalar set to 2^10 (kilobytes) when the
  units value is junk.
• preformatted text for 400 errors
• Reduced beslistener pool from 200 to 25 for NGAP deployments
• Fixes EDL token handling so that redirected are not issued
  and session (aka cookie) management is not required of the client.

OLFS version 1.18.13 for Hyrax-1.16.8

Requires:

• bes-3.20.13
• libdap-3.20.11

NEWS:

• Setting BES timeOut to 55 seconds (thanks CloudFront) for the NGAP deployment
• Added Attributes with DAP4 types to the "No NetCDF-3 Downloads For You"
  feature.
• Updated ncWMS to version 2.5.2
• Migrated to Java-11
• Retiring various XSLT stuff
• Fixed dap4Contents.xsl so that the viewers link works.
• Migrated the schema.org annotations from the node_contents.xsl to
  dap4Contents.xsl
• Rewrote schema.org links to https.
• Removed commented out code.
• Fixed page formatting with new css type

OLFS Version 1.18.12 or Hyrax-1.16.7

Requires
bes-3.20.12

libdap-3.20.10

OLFS Version 1.18.11 for Hyrax-1.16.6

OLFS Version 1.18.11

Requires

• BES-3.20.11
• libdap-3.20.10

Updates

• Added code to detect client protcol change (HYRAX-141).
  Updated ReqInfo.getRequestUrlPath() so that it utilizes the request headers:
  ** "CloudFront-Forwarded-Proto"
  ** "X-Forwarded-Proto"
  ** "X-Forwarded-Port"
  In reconstructing the "request url" dereferenced by the initiating client. This
  means that if some upstream entity rewrites the URL (Like CloudFront does when
  it drops the https protocol in favor of http for internal access) it can be
  detected and the links built by the server and returned to the client are now
  correct.

• Patched bug where unexpected Authentication headers would trigger a redirect loop.

• Fixed broken service for delivering flat (not-data) files to clients.

• Made the "Get As NetCDF-3" an "Get As DAP2 Binary" buttons on the DAP4 Data
  Request form context sensitive. If the dataset in question contains variables
  whose data types are found in DAP4 and not in DAP2/NetCDF-3 then the buttons are
  disabled. A more complete solution is envisioned where the projected variables
  are assessed and if only DAP2/NetCDF-3 types are selected then the buttons would
  would be enabled. This fix is only a step in that more dynamic direction.

OLFS 1.18.10 for Hyrax-1.16.5

OLFS-1.18.10 requires

• bes-3.20.10
• libdap4-3.20.9

OLFS Configuration and behavior updates.

In order to make the server's behavior more understandable to users, and its configuration
more understandable to admins we have changed the way that the server responds to client
requests for the unadorned Dataset URL and the way that the server generates Data Request
Form links in its catalog pages. There are new configuration parameters to control these
behaviors.

<UseDAP2ResourceUrlResponse />

This configuration parameter has been DEPRECATED - Use the <DatasetUrlResponse /> and
<DataRequestForm /> elements to configure this behavior (see below).

<DatasetUrlResponse type="..." />

The DatasetUrlResponse element is used to configure the type of response
that the server will generate when a client attempts to access the unadorned Dataset URL.
The type of response is controlled by the value of the type attribute.

Allowed Values:

• dsr - The dap4 DSR response will be returned for the dataset URL. Note: This
  setting is not compatible with DataRequestForm type of "dap2" as the DSR response
  URL collides with the DAP2 Data Request Form URL.
• download - If the configuration parameter AllowDirectDataSourceAccess is set
  (present) then the source data file will be returned for the dataset URL. If the
  configuration parameter AllowDirectDataSourceAccess is not present then a 403
  forbidden will be returned for the dataset URL. (This is basically a file retrieval
  service, any constraint expression submitted with the unadorned dataset URL will be
  ignored.)
• requestForm - The Hyrax Data Request Form Page will be returned for the dataset URL.
  Which form is returned is controlled by the _ DataRequestForm_ configuration element.

Default: download
<DatasetUrlResponse type="download"/>

<DataRequestForm type="..." />

The DataRequestForm element defines the target DAP data model for the dataset links
in the "blue-bar" catalog.html pages. These links point to the DAP Data Request Form
for each dataset. This element also determines the type of Data request form page
returned when the DatasetUrlResponse type="requestForm" and the request is for the
Dataset URL. Allowed type values are: dap2 and dap4.

Default: dap4
<DataRequestForm type="dap4" />

<AllowDirectDataSourceAccess />

When enabled users will be able to use Hyrax as a file server and download
the underlying data files/granules/objects directly, without utilizing the DAP APIs.

Default: disabled.
<!--AllowDirectDataSourceAccess / -->

<ForceDataRequestFormLinkToHttps />

The presence of this element will cause the Data Request Form interfaces to
"force" the dataset URL to HTTPS. This is useful for situations where the sever
is sitting behind a connection management tool (like AWS CloudFront) whose outward
facing connections are HTTPS but Hyrax is not using HTTPS. Thus the internal URLs
being received by Hyrax are on HTTP. When these URLs are exposed via the Data
Request Forms they can cause some client's to have issues with session dropping
because the protocols are not consistent.

Default: disabled
<!-- ForceDataRequestFormLinkToHttps / -->

Dependency Library Updates

• Updated the dependency libraries as follows:
  • Upgraded gson-2.3.1 to gson-2.8.9
  • Upgraded slf4j-1.7.16 to slf4j-1.7.32
  • Upgraded logback-core-1.1.11 to logback-core-1.2.9
  • Upgraded logback-classic-1.2.0 to logback-classic-1.2.9

Log Sanitization

• Log entries for User-Agent, URL path, and query string are now scrubbed.

DAP2 Data Request Form

• Dropped link to in DAP2 Data Request Form to the no longer supported BES
  generated request form.

OLFS 1.18.9 for Hyrax 1.16.4

Requires:

• libdap-3.20.8
  
• bes-3.20.9
  

NASA/NGAP Updates

• Fixed gradle dependancies according snyk scan.
• Session serialization
• Added session manager jars to ngap resources.
• Updated production rules to include session manager code in the ngap application build.
• Made history_json output as JSONArray.
• New landing page for NGAP service.
• Added UNIX time to OLFS logs in NGAP.

Bug Fixes

• Fixed bug in computation of dimension sizes in the dap4 ifh xsl.
• Dropped DSR response for just the dataset_url.
• Fixed broken json error output.
• Changed the broken naming pattern for the PPT strings.
• Enabled ChunkedInputStream debugging and cleaned up the messages in support of stream pollution problem.
• Fixed broken css and deployment context links construction in DSR HTML page.

Performance Improvements

• Added file size and last modified headers to flat file transfer.
• Added auth.log independent of debug log.
• First pass at patching POST request handling.

OLFS 1.18.8 for Hyrax 1.16.3

Requires:

• libdap-3.20.7
  
• bes-30.20.8
  

NASA/NGAP Updates

• Changes to our packaging of the ngap-snapshot docker images.
• Added support for EDL token chaining (in concert with BES modifications)

Performance Improvements

• Improved BES connection lifecycle reliability improvements.

Bug Fixes

• Improved the servers response for HEAD requests, now the server correctly
  returns 405 Method Not Allowed
• Fixed bug in request routing for DAP4 requests.
• Fixed the JSON-LD content in the Data Request Form so that the required
  description property is generated from the data set using a heuristic, or
  if that fails a generic string is used. The length of this mandatory
  property is now correctly limited to [50 < length < 5000]

Technical Debt

• Started developing Gradle production rules.

OLFS 1.18.7 for Hyrax 1.16.2

This minor release is part of the Hyrax Data Server version 1.16.2

OLFS-1.18.7 requires:

• bes-3.20.7
• libdap4-3.20.6

Features

• Added an ngap service endpoint in support of the NASA NGAP project.

Bugs Fixed

• Improved content encoding/scrubbing on outbound error messages.
• Fixed bugs in bootstrap init and init for all the various init() components.
• Stabilized the order of output in WCS-2.0

OLFS 1.18.6 for Hyrax 1.16.1

OLFS 1.18.6 requires

• bes-3.20.6
• libdap4-3.20.5

Features

• Added (alpha) support support for server authentication credentials

  • Environment injection support for besstandalone and besd
  • A credentials configuration file for multiple sets, in which credentials are
    associated with URL prefixes and multiple credentials can be defined in a
    bes.conf environment.

• Combined Logs: The server can now be configured to add the OLFS request log content to the BES log.

• Earthdata Login User Authentication Support

• The Data Request Form requires data selection is now a configuration parameter,
  <RequireUserSelection /> in the olfs.xml file.

• NoDynamicNavigation - Added a trial configuration parameter <NoDynamicNavigation/>
  to the olfs.xml file. If this element is uncommented in the olfs.xml file then
  all of the dynamically generated catalog/navigation pages will be disabled.
  When enabled the server admin must either supply and maintain THREDDS
  catalogs to be read by the server, or they have to provide their
  own system of navigation and discovery to generate links to the
  dataset endpoints (ex. Data Request Form)

Performance Improvements

• No DAS construction for data response.

Bugs Fixed

• Memory leak fixed and unneeded copy removed in awsv4 code
• CovJson patch.
• ncml_handler: When an NCML aggregation named a dataset that the server could not read... crsh. Fixed..
• Server cache stabilization
• hdf4_handler: Fixed memory leaks
• hdf5_handler: Fixed memory leaks

OLFS 1.18.5 for Hyrax 1.16.0

OLFS version 1.18.5

Requires:
BES version 3.20.5

libdap version 3.20.4

This minor release adds:

• Experimental support for DMR++ Aggregations in which multi file aggregations can be described in a single dmr++ file, reaping all of the efficiency benefits (and pitfalls) of dmr++.
• Bug Fixes
  • OPeNDAP Data Request Forms and catalog pages.
    • Corrected JSON-LD encoding in the IFH generated pages.
    • Corrected javascript code generation problems.
  • Path construction bug (causing double "/" characters) in THREDDS catalog presentation pages. (HK-338)
• Security analysis and response.
  • Sonar Scan
  • Coverity Scan