Release Notes - Application Development Framework 1.2.0 (PoolParty 2022 R3)

End-users can now switch between multiple configurations using a drop-down on the main user interface. The availability of configurations for selection depends on the settings in the administration backend.

Configurations are now public or private depending on the settings of the GraphSearch search space. Private configurations on the main user interface are only accessible to logged-in users. Public configurations on the main user interface are available to all users unless authentication has been enforced in the ADF.properties file.

ADF now uses credentials of the logged-in user to authenticate and authorize API calls to PoolParty. The calls are protected with OAuth 2.0.

We took preliminary steps to enable future localization of the user interface.

We have fixed a bug where recommendations were loaded twice if the URL contained certain parameters.

We have disabled the CSRF protection in the ADF APIs to make external POST requests easier.

Empty lists of similar documents no longer lead to a blank screen.

The Keycloak realm specified during the installation is taken into account.

We have corrected the UI text and improved the documentation.

Updated org.json:json to version 20231013.

Updated axios to version 1.6.7 (Cross-Site Request Forgery Vulnerability).

Removed the option to completely disable the authentication via the ADF.properties file (CVE-2023-5072: DoS Vulnerability in JSON-JAVA).

The base path can be customized during installation or by modifying the ADF.properties file and the Tomcat Server.xml file.