We have just published the first version of our open source SMP server: Holodeck-SMP. It’s a stand alone SMP server with a modular design and a user friendly UI. With Holodeck SMP you can query both the Peppol SMP and OASIS SMP v2.0 (BPC) with the same single multiprotocol SMP server! Participant capabilities are managed using templates making it fast and easy to add a new participant and reducing the risk of errors. Service group templates also make it easy to update all customers if your supported services change: just update the template and all customers will be updated. A significant time and cost saving.
We’ve been working on a lot of things this past year and one of them was a big update of Holodeck B2B. This major update introduces a lot of internal changes, of which the following are most interesting to users:
You can now define the service type to be used in the P-Mode. This saves having to define the service type for every submitter.
We’ve upgraded to Java 11. And although Holodeck B2B was already very fast and resource-efficient, we’ve improved resource management even further.
Most importantly this release includes a new, extended API. We’ve added new interfaces for delivery of message units to the back-end. There is now also support for a-synchronous delivery of messages and for redelivery. This major update means that when updating Holodeck B2B you will also need to update all extensions and connectors that you use. If you’ve created your own extensions to Holodeck B2B, you will also have to update these.
You can find the full list of changes in the Changelog, also included in the download.
Some notable new features: – You now have the possibility to use message properties in P-Mode matching. This is useful on for example the “finalRecipient” property used in the EPREL and EUDAMED networks. – Worker pool management by the core, including ‘on the fly’ reconfiguration. – Improved logging. – Receiving of messages with over 30 signed attachments is now possible. – A new message processing state was added to the options in the API for outgoing messages that encounter an internal error. These can now be processed again without having to be resubmitted by the back end. – Support for Apache Commons Daemon, which adds another option for running Holodeck B2B as a Windows service.
Important fixes in this version are: – an upgrade to Log4J 2.15.0 to fix the Log4Shell vulnerability. – Improved support for a 2-Way Message Exchange Pattern: Push & Push.
For a full overview of all changes, please consult the Changelog in the download.
Holodeck B2B uses Apache Log4J for logging, which means gateways are potentially vulnerable to the Log4Shell exploit.
Please patch your Holodeck B2B gateway following the steps below to update Log4J as soon as possible. You can also upgrade your gateway to version 5.3.1.
Installing this Log4J update will require stopping and restarting your gateway. Please read through all steps of the process beforehand.
1. Download the most recent Log4J 2 release from the official project website: https://logging.apache.org/log4j/2.x/download.html and extract it 2. Go to the lib directory of the Holodeck B2B installation. 3. In the lib directory, locate all files where the name starts with ‘log4j-*’ and find the file with the same name in the downloaded archive. The downloaded archive will contain more files than needed. You only need the files with the same names as those that are in the lib folder. 4. Create a temporary folder on your machine and copy these files from the downloaded archive to this folder. 5. Stop Holodeck B2B 6. Replace the old files in the Holodeck B2B lib directory with the downloaded files from your temporary folder 7. Restart Holodeck B2B
Holodeck B2B 5.0 is out and these are the changes we’d like to highlight.
Although Holodeck B2B is back end software, we thought that system admins would appreciate a quick and easy way to monitor the gateway without referring to the business system logs. That’s why we’ve added two user interfaces to Holodeck B2B. With these UI’s, gateway admins can monitor message status and check gateway configuration.
Command line UI: Overviews of P-Modes, Certificates, Message status and Message history are included. Run the tool without entering a parameter for a list of all available functions. Graphic UI: lets you quickly see how your gateway is configured in a graphical interface. You’ll find an overview of the UI functions available in the documentation.
We’d love to hear what you think of the new UI and if there is anything else you’d like to be able to monitor. Let us know through our contact form or our social media!
2-way Asynchronous messaging
You can now specify a 2-way Async message exchange in 1 single P-Mode for simpler gateway configuration. This increases the ways in which you can manage P-Modes.
We are continuously making Holodeck B2B more modular and flexible. This release, we’ve added a new separate Certificate Manager to Holodeck B2B. It manages trust validation of signing and encryption certificates, as well as more security configuration options. The default security manager supports OCSP validation. This is used in for example the Peppol network. You can now check the Peppol CA online to validate whether a certificate is still valid or has been revoked. In addition, the Certificate manager lets you implement your own certificate policies.
You can add a REST interface to your gateway for connecting with your back end system using our new REST extension.
And there’s more…
For a full overview of all changes, please consult the Changelog in the download.
The latest release of Holodeck B2B sees the the addition of support for sending a selective pull request. We’ve also added enhancements in the message processing event mechanism and improvements in the P-Mode finding algorithm. Together with some smaller adjustments these improve the interoperability with other AS4 gateways used for implementation of the ENTSOG and ATO SBR ebMS profiles.
Holodeck B2B already featured support for Pull messaging scenarios. With support for sending selective pull requests using simple selection items as described in section 5.1 of the ebMS 3 Part 2 specification, you now have more ways of configuring how and when you want your gateway to send a pull request. Another big change is that the back end system can now trigger a pull request, instead of having to use the default interval defined in the gateway itself. In this release, the support is limited to sending of selective pull requests with “simple selection items” as described in the specification. Selection criteria are not used when processing received pull requests. To use these new features, you will need to add the Holodeck B2B Pull Request Trigger extension to your gateway.
New Pull Request Trigger extension
In addition to the new version of Holodeck B2B, we’ve also released a new extension which you will need to install to use the new selective pulling functionality. This extension allows the Consumer application (your back end application) to control when a Pull Request is sent by Holodeck B2B instead of using the default fixed intervals. It is also where you configure the criteria for your selective pull requests.
More message processing events
But wait, there’s more! 😉 We’ve also added more message processing events around message submission, processing and header validation. These give you even more hooks to add custom functionality to your solution. And of course we’ve fixed a few bugs along the way. You’ll find the full overview of additions in the Change Log.
Looking for support on your AS4 gateway? Chasquis, the creators and maintainers of Holodeck B2B are available to provide support contracts and consultancy services. We can help you get your gateway up and running, or optimise your existing gateway. We also offer fixed-price packages for installed on-premises gateways that include profile specific extensions, for example for PEPPOL, ENTSOG and ATO Single Touch Payroll (STP), as well as full service hosted gateways. Get in touch and let us know how we can help you.
Just a few more weeks until FOSDEM 2019, the big open source software conference in Brussels! For any developer who contributes to or uses open source software this is a highly recommended event.
We’ll be attending, so if you are too and would like to have a coffee, just drop us a message or keep an eye out for people wearing a t-shirt with the Holodeck B2B logo on it.
FOSDEM, the Free and Open source Software Developers’ European Meeting, is a yearly conference held in Brussels. This year it will be on February 2 and 3. Location is the ULB, Campus du Solbosch on the Av. F. D. Roosevelt 50 in Brussels, Belgium. Registration is not necessary, it is free to visit.
The Holodeck B2B stack is growing! Today we’ve released the latest version of our AS4 gateway, as well as a new open source extension you can use to add AS2 messaging functionality to your gateway. Finally, we’ve also made the BDXR Common toolkit available – a set of libraries you can use to build SML/SMP clients.
Holodeck B2B 4.0
This latest release adds some important new features to an already highly configurable message service handler that still works out of the box.
More validation options:
Strict validation of ebMS headers.
Implement your own validations that will run during message processing by the gateway. Problems that are caught kan be reported directly back to the receiver. On ebMS level messages can also be rejected based on business rules.
More flexible configuration of retries. Interval times are individually configurable – for example, a very quick first retry and increasingly larger intervals for the following retries.
More message processing events. These allow automated monitoring of message processing and let you follow up on certain events by a technical management system or on the business application layer.
Improved logging. Operators can follow the message flow on various levels of detail.
Option to add AS2 functionality using the Holodeck B2B AS2 extension.
Introduction of a security module. You now have the option to use your own security module, which may be needed for specific security policies / business requirements.
Holodeck B2B AS2 is an extension for Holodeck B2B 4.0 and higher that lets you add AS2 messaging functionality to your existing AS4 gateway. Whether the gateway uses AS2 or AS4 can be configured in the P-Mode of the message exchange. Chasquis (the creators of Holodeck B2B) offer even more functionality in their PEPPOL gateway, that adds auto configuration using SMP – including automatic selection of the correct protocol to use per receiver (AS2 or AS4).
We have created this extension for businesses that need to make the transition from AS2 to AS4. Instead of having to switch from one gateway to another on a cut off date you can now plan your migration on your own terms. When the time comes for you to switch from AS2 to AS4, all you need to do is edit the P-Mode for the message exchange – no more than a few minutes work. The AS2 module includes the following features:
Signing (including SHA-256 and many others)
Configuration based on Holodeck B2B P-Modes
Download the Holodeck B2B AS2 extension from the repository.
BDXR Common toolkit
A toolkit containing libraries for building SML / SMP clients, to retrieve messaging partners’ metadata from the SMP. This metadata is then used to configure the gateway. This setup is required by the PEPPOL messaging profile. This toolkit is aimed at developers who want to create their own client. It is not a ready to use SMP client. The download does include a sample client for you to base your work on. Like Holodeck B2B, it’s design is modular and it can easily be adapted to the needs of your business environment. Download the BDXR Common toolkit.
In this latest release we take the modular architecture of Holodeck B2B a step further – making it an even more flexible AS4 messaging solution.
Further modularisation of Holodeck B2B
To make Holodeck B2B as flexible as possible, one of the things we’ve been working on is further splitting functionality into separate modules, with an interface through which they can communicate with the core and external programs. This flexible, modular approach is the main philosophy behind the architecture of Holodeck B2B and has now been applied to meta data persistency with the introduction of the “persistency provider” concept. The Holodeck B2B core now uses a pluggable persistency provider to store the meta-data of processed messages. The interface of the persistency provider has been added to the Interfaces module. Separating storage of message unit meta data makes it possible to choose your own persistency solution. For example, you can connect the gateway with your own database or make your gateway perform even faster by using an in-memory solution. A default implementation using an internal database as in previous versions is included in the Holodeck B2B package.
Unit tests and integration tests
We’ve added unit tests and integration tests to further improve code quality.
A new feature in version 3.0 separates validation of P-Modes from both their internal and external storage, allowing you to choose your own method of adding and storing P-Modes. This could be in an external database, for example. A default implementation using XML is included.
The same API also lets you apply domain specific guidelines to P-Modes, only allowing P-Modes containing certain parameters that are specific to the domain you are using the gateway in. This ensures messages are conformant with your domain’s specific requirements.
Profiles and conformance
Holodeck B2B is suitable for use in any situation requiring an ebMS3/AS4 gateway, whether to connect to the ATO in Australia or an e-invoicing solution in Europe. For use in Europe, it’s good to know that this version has again been CEF conformance tested by Chasquis Consulting. It can be used for EU-CEG, ENTSOG or PEPPOL gateways and any project using CEF eDelivery.
Today we’ve released a large update for our popular open source AS4 messaging software, Holodeck B2B 2.1. We’ve added some important new functionality, fixed several bugs and made some general code improvements.
The most important new features of Holodeck B2B 2.1 are:
Multi-hop messaging, where a message passes through multiple intermediaries to reach it’s destination but still maintains end-to-end security
Messages without attachments sent as single part messages and not SOAP with attachments
Trust store to hold the certificates of trusted Certificate Authorities
Event framework to enable additional notification to external components
Automatic message purging cleans up all meta data (including payload data for User Messages) after a configurable number of days
Flexible configuration of pulling, giving the option to build your own policies
All received ebMS error signals are logged, even if they can’t be processed or are not for Holodeck B2B
e-SENS and EESSI compliant
Holodeck B2B 2.1 is again fully AS4, ENTSOG and e-SENS compliant, having passed the eSENS compliancy test. And with the introduction of Multi-hop messaging, it now also EESSI compliant. It has been interoperability tested with various other AS4 open source and commercial products including .Net implementations.
Get the latest version now from the Download page.
Support and consultancy
If you are looking for support for your Holodeck B2B AS4 gateway, or would like advice on how our MSH can be used with your current business software, feel free to contact us at info@Chasquis-consulting.com