Functional improvements and bug fixes in current version 5.5.0

HAN 5.5 updates basic HAN server components

Apache version 3.4.55 with Open SSL library 1.1.1t

• MongoDB version 3.4.24
• current HAN kernel
• latest Open ID Connect module

New features:

Thematic lists: Now you can create dynamic A-Z lists in HAN. To do this, you save additional attributes in the e-scripts properties and let the list be dynamically created based on these attributes.

Each list has a fixed ID, via which content can be retrieved.
Named licenses: In addition to concurrent licenses, you can now also assign named licenses to e-scripts. Named licenses can be defined in three ways:

• Licenses are permanently bound to users
• Licenses are dynamically assigned to users for a defined period of time. e.g. ten people (ten licenses) are guaranteed a license for a period of 30 days from their first access. Accesses within this period extend the reservation. If there is no further access from this person, the license is released on the 31st day and is available for other people again.
• Combination of fixed and dynamic allocation. For example out of ten licenses, five are assigned to fixed people and another five are available dynamically.

AJAX login supports deep links: The architecture for AJAX login has been modified so that even when full-text URLs are called via HAN, the login is performed automatically first and only then the target page is accessed. Alternatively, a fixed target page can be saved, which is called automatically after login.

HAN over HAN: Authentication of a secondary HAN server on a primary HAN server can be defined as an alternative to IP authentication. For this purpose, the FQDN (Full Qualified Domain Name) of the secondary HAN server is stored on the primary HAN server. Authentication takes place via HTTP header. Thus, accesses by different users of the secondary server to the primary HAN server can be differentiated in statistics in a data protection compliant manner. In addition, secondary server accesses can be grouped automatically via the "cost center" statistics function.

License evaluation: When accessing licensed electronic resources, HAN detects whether the same user (usually in the same browser) has already accessed them. If so, no login to the provider occurs and no additional license is consumed.

Forwarding to original URL if rights aren't met: In permissions, it is possible to specify that instead of an info page, an (automatic) forwarding to the original URL without UAN takes place. This allows e.g. access to abstracts, etc. for people who are not authorized to access full texts.

Further changes

• In HAN settings you can specify that certificate revocation lists should not be evaluated. This is especially useful when working with systems in institutions that use their own certificates to examine HTTPS traffic. In these cases it was often necessary to enable an option that invalid certificates are allowed in each e-script. With the new setting this need can be bypassed.

• Alternative hash mechanism in header authentication.

• New query options available in e-script management.

• Fast search capability via sort id within e-script management.

Note

Due to changes in the Ajax login logic, e-scripts from HAN 5.5 that contain this configuration are not compatible with older versions. This applies to importing E-Scripts created with HAN 5.5 into older HAN versions.

The HAN 5.5 kernel is not compatible with older versions!