Jan 2023 | Improved Microsoft AD and Azure directory lookup; Support for Azure AD profile pictures; Security update
Traction® TeamPage Releases 6.2.59 - 6.2.61 deliver improved Microsoft AD and Microsoft Azure AD external directory performance. TeamPage now supports retrieving, storing and using profile pictures associated with external users and/or groups and roles. Improved Document view security. The releases include over 44 bug fixes and improvements, see TeamPage Change Log for a description of each update. Please read on for a summary.
Improvements
External Directory Service Integration
• Greatly improved the performance of user searches when using an external directory service such as Microsoft ActiveDirectory or Microsoft Azure AD. This affects all kinds of user lookups as well as email lookups, such as type-ahead completions offered for users in the unified search box, task Assigned to and Notify fields, the email reply and email articles pages' To, Cc and Bcc fields, and everywhere TeamPage offers searches for users. Performance improvements have also been made in the same area for native TeamPage user accounts. Improvements will be most noticeable in environments with a large number of users (e.g., several thousand).
• Greatly improved the performance of the principal details dialog for groups defined in Azure AD which have a large number of members, or for any Azure AD principal (user, group or role) that belong to a large number of groups and/or roles.
• Added optional support for migrating references to externally defined groups when migrating to a new user directory configuration. References to each externally defined group appearing in ACLs or TeamPage's local group definitions can either be replaced by a reference to a group defined in the new directory service, left alone (for later cleanup), or removed.
• Correspondingly, the user directory test dialog now includes the option to test group lookups as well as the existing options to test user lookup and authentication (when applicable and supported).
External Profile Picture Images
TeamPage now supports retrieving, storing and using profile pictures associated with external users and/or groups and roles. This currently applies only to Microsoft Azure AD configurations, since that is the only external directory service that TeamPage supports which has support for profile picture images.
- For TeamPage accounts associated with external user accounts, TeamPage checks for a profile picture image belonging to the external user account. If it finds one, it retrieves it and stores it in the TeamPage user's profile picture collection.
- Approximately once every 24 hours, TeamPage checks whether a new picture is available, and updates the locally stored copy as necessary.
- Profile picture images from external sources can be distinguished by a title tip that appears on hover identifying their source and the last time they were retrieved.
- Administrators can indicate whether TeamPage should support external profile pictures from Azure AD at all, and if they are supported, whether users must opt in or opt out of having TeamPage automatically retrieve them. In the opt-in mode, TeamPage will not retrieve a particular user's profile picture image from Azure AD until the user navigates to their account settings > Personal Info page under Profile Picture and select "yes" for the setting labeled "Allow TeamPage to Retrieve and Retain the Profile Picture from My External Account". In the opt-out mode, TeamPage will automatically attempt to retrieve the profile picture image from Azure AD until and unless the user chooses "yes" for the same setting.
- Users can also manually request that TeamPage retrieve or refresh the local copy of the external profile picture image using the control in the profile picture manager.
Security
• Added an additional countermeasure against CSRF attacks to the handling of requests that are used in Documents views to implement file operations.
Bug Fixes
Document Management
• Fixed several issues that prevented various features in the "classic" documents view from working properly. (The classic view is not actively maintained and should not generally be used, but some users of old and otherwise unsupported browsers may still find they need to use it.)
• Fixed a URL encoding issue that could prevent some document links from working properly if one of its ancestor folder's names contained certain characters.
• Fixed a bug that prevented the "Enable Version Control" and "Check Out" document management operations from being available even if the requesting user should have been able to use them.
• Fixed a bug that prevented TeamPage's document management pages from correctly notifying users of certain kings of errors or failures that happened during an attempt to perform certain file management operations.
• Fixed a bug that caused literal HTML formatting markup to be displayed in the file history details dialog.
Email Articles
• Fixed a bug that caused generated URLs appearing in the emailed articles body that referred to files on the server to be incorrect.
• Fixed a bug that caused the "Click here to view these articles in TeamPage" link to improperly appear after each article in the emailed articles body when emailing multiple articles.
Calendar
• Fixed a bug which, in certain cases, could prevent some events (or other entries) from appearing in the default calendar view. (This issue does not affect servers using the FullCalendar plug-in.)
• Fixed a bug affecting the calendar view when using the FullCalendar plug-in which could, in some situations, cause tasks dragged and dropped from one date to another not to have the correct date modification set, in which case the task would appear to be due one day off from the desired due date.
Kanban
• Fixed an issues that could cause the wrong set of cards to appear after moving a card when a text filter is applied.
• Fixed a minor issues that could, in certain cases, cause extra whitespace at the bottom of a column.
• Fixed a bug affecting the Project > Kanban page for Projects that have only Kanban Board, which caused the creation of a new card to navigate to a single entry view of the newly created entry rather than updating the board.
Signature Requirements
• Fixed the link for the "Requirement" column on the User Profile > Signatures pages so that it links to the individual requirement entry, rather than linking back to the same page with an unsupported drill-down filter query parameter added to the URL. (Naturally, since requirements only ever appear in those pages at most once for a given user, there is no need to support "drilling down" on that column.)
Setup and Administration
• Fixed a regression introduced in a recent version that caused changes to the "Enable Incoming Email" checkbox appearing under server settings > Email > Incoming Mail (IMAP/POP3) > Basic to save the wrong value, enabling mailbox reading when the checkbox was unchecked and disabling it when the checkbox was checked.
• Fixed a bug that prevented failures from being correctly reported in the user directory settings Test dialog. Such failures would simply cause the request progress indicator animation to stop, and no message to be displayed; and the page would have to be reloaded to attempt the same sort of test. Messages related to test failures in both authentication and user and/or group lookups are now be correctly reported when applicable.
• Fixed a bug that prevented using TeamPage's built-in file inspector to review log files when the TeamPage server was running without a current journal data set.
General
• Fixed a regression introduced in TeamPage 6.2.57 which could, in some cases, prevent TeamPage from generating certain setup pages. The requesting user would see either an error page, or a partial page with a generic error message embedded in it ("java.lang.NullPointerException: There was an unexpected problem servicing this request.")
• Fixed an issue that prevented TeamPage from gracefully handling the case of two TeamPage user accounts being mapped to the same external user account security principal. TeamPage will now also always scan all user accounts on startup to ensure no users are mapped to the same external user, and if any duplicate is found, one of the accounts will be migrated to a native TeamPage user account security principal to avoid any unexpected issues. This type of collision should be very rare, since this is not normally a condition that TeamPage allows to occur, but if it does happen, it will no longer cause unpredictable behaviors, such as preventing some setup pages from being usable.
• Fixed a rare bug related to TeamPage's background task management that could cause too many threads of execution to be spawned, exhausting resources and preventing further incoming requests from being properly serviced, with the result that the server would appear to be unresponsive.
• Fixed a bug that could, in certain cases, cause a diagnostic message to be printed to TeamPage's log files that spuriously indicated security check failure when a new websocket connection was being created.
• TeamPage's html.js SDL tag now correctly handles protocol-relative URLs.
For Developers
• Modify Log tag to support using Warning and Info as well as Err level logging for better control of reporting volume.
• com.traction.sdk.EntryClass
now has an isCopyTarget
method, which is used by the Copy ViewAction. This enables plug-in authors to decide whether their custom entry types can opt out of being eligible for the "Copy" action.
• The "Custom Text Pattern Widgets" setting (custom_html_tokens) now presents options for all configured HTML TokenRenderers that have regex[N]= properties, not just those that use com.traction.sdk.token.MessageFormatRenderer
. This means that any type of custom TokenRenderer, including for example those that specify sdl= to implement their renderings, can be used (and can be individually enabled or disabled by server administrators) with dynamically generated tokens represented matches for regular expression patterns.
• Added some CSS rules that can be applied to any tables to make them look more presentable by default.
Related
Microsoft Azure AD Cloud support for cloud and on-premises authentication and user management An example of how TeamPage External User Directory Integration works
The Work Graph Model: TeamPage style Understand how TeamPage connects people and their work.
A Fabric, not a Platform Making work actionable as well as observable: Objects, context, conversation, connection.
Follow TractionTeam on Twitter for news.