Security

Version	Type	Description	ID
19.2.0.0	ENH	Native SSL support has been added to Trapeze applications using the Trapeze4 platform.	DEVCORE3-5356
19.7.0.0	ENH	Security permissions granted to system administrators and Trapeze6 Client Shell users for some operations have been configured to be always set to Deny for Anonymous users. The security permissions granted system administrators are: Core/Admin/ Core/Context/Write Core/Security/Edit Users and Groups Core/Security/Set Permissions Core/TableEdit/ Core/SqlDirect/ The security permissions granted Trapeze6 Client Shell users are: Core/File/Browse Core/File/Write	DEVCORE3-5430
19.9.0.0	CORR	The issue of users being unable to continue to log on unless they change their password immediately after a warning that their password will expire in X days appears has been fixed.	DEVCORE3-5469 This task is related to DEVCORE-4301.
19.10.0.0	CORR	The issue of FX Security setting the connection to Read-Only for non-FX Security related functions has been fixed.	FX-11586
19.16.0.0	CORR	An issue where an error message appeared when saving attribute changes on built-in identity type users has been fixed.	DEVCORE3-5486
19.16.0.0	ENH	A new option, None has been added to the Core/Security/Use SameSite Cookies switch. (Previously, the only options were: Lax and Strict.)	DEVCORE3-5516
19.18.0.0	ENH	The following enhancements have been added to prevent the accidental editing of data of a sign-up period currently used in Production: The system automatically checks in the early morning if the current date falls within the date range of the sign-up period marked in Production. If so, it automatically selects the Frozen checkbox shown in the Edit dialog of the Sign-up Period screen. A new security key, Trapeze4/Fixed Ancillary Data/Sign-Up Periods - Freeze has been added. If users are granted permission for this key, they are able to select or clear the Frozen option on sign-up periods.	FX-12677
19.21.0.0	CORR	The message that appears when users attempt to set the Access Type to Read-Write for Divisions, Lines, Services, Line Group, and Service Group in FX Security has been improved. It now includes reference to using the Set Rights To <All> feature.	FX-12924

19.2.0.0

ENH

Native SSL support has been added to Trapeze applications using the Trapeze4 platform.

DEVCORE3-5356

19.7.0.0

ENH

Security permissions granted to system administrators and Trapeze6 Client Shell users for some operations have been configured to be always set to Deny for Anonymous users. The security permissions granted system administrators are:

Core/Admin/
Core/Context/Write
Core/Security/Edit Users and Groups
Core/Security/Set Permissions
Core/TableEdit/
Core/SqlDirect/

The security permissions granted Trapeze6 Client Shell users are:

Core/File/Browse
Core/File/Write

DEVCORE3-5430

19.9.0.0

CORR

The issue of users being unable to continue to log on unless they change their password immediately after a warning that their password will expire in X days appears has been fixed.

DEVCORE3-5469

This task is related to DEVCORE-4301.

19.10.0.0

CORR

The issue of FX Security setting the connection to Read-Only for non-FX Security related functions has been fixed.

FX-11586

19.16.0.0

CORR

An issue where an error message appeared when saving attribute changes on built-in identity type users has been fixed.

DEVCORE3-5486

19.16.0.0

ENH

A new option, None has been added to the Core/Security/Use SameSite Cookies switch. (Previously, the only options were: Lax and Strict.)

DEVCORE3-5516

19.18.0.0

ENH

The following enhancements have been added to prevent the accidental editing of data of a sign-up period currently used in Production:

The system automatically checks in the early morning if the current date falls within the date range of the sign-up period marked in Production. If so, it automatically selects the Frozen checkbox shown in the Edit dialog of the Sign-up Period screen.
A new security key, Trapeze4/Fixed Ancillary Data/Sign-Up Periods - Freeze has been added. If users are granted permission for this key, they are able to select or clear the Frozen option on sign-up periods.

FX-12677

19.21.0.0

CORR

The message that appears when users attempt to set the Access Type to Read-Write for Divisions, Lines, Services, Line Group, and Service Group in FX Security has been improved. It now includes reference to using the Set Rights To <All> feature.

FX-12924