<h3>Release Notes - Activiti - Version 5.16.4</h3>
<h4>Highlights</h4>
<ul>
<li>First implementation of a new lock free job executor (<ahref="https://github.com/Activiti/Activiti/wiki/Notes-on-the-new-Actviti-Jobexecutor-(Oct-2014)">New job executor wiki</a>). Note that exclusive jobs and suspended process instances are not supported yet.</li>
<li>Restlet has been replaced with Spring MVC for the REST API</li>
<para>All REST-resources require a valid Activiti-user to be authenticated by default. Basic HTTP access authentication is used, so you should always include a <literal>Authorization: Basic ...==</literal> HTTP-header when performing requests or include the username and password in the request-url (eg. <literal>http://username:password@localhost...</literal>).
</para>
<para><emphasisrole="bold">It's recommended to use Basic Authentication in combination with HTTPS.</emphasis></para>
<sectionid="restUsageInTomcat">
</section>
<sectionid="restUsageInTomcat">
<title>Usage in Tomcat</title>
<para>Due to <ulinkurl="http://tomcat.apache.org/tomcat-7.0-doc/security-howto.html"> default security properties on Tomcat</ulink>, <emphasisrole="bold">escaped forward slashes (<literal>%2F</literal> and <literal>%5C</literal>) are not allowed by default (400-result is returned).</emphasis>
This may have an impact on the deployment resources and their data-URL, as the URL can potentially contain escaped forward slashes.
...
...
@@ -11702,6 +11702,5 @@ Only the attachment name is required to create a new attachment.