New Features

Extensible Authentication

In this release of RED we have added a new feature enabling Extensible Authentication for Connections in RED. This feature combines connection resilience, authentication scripts and extended RED Profile attributes to create a framework for connecting to systems which require complicated client side authentication workflows not provided directly by their respective ODBC drivers and/or tools.

This feature enables working with authentication workflows such as oAuth 2.0 but also allows a way to pop-out to additional authentication UI's such as for entry of Time-based One-Time Passwords for multi-factor authentication.

This feature is enabled through the following new functionalities of RED for ODBC/Database and Extensible Source Connections:

New Advanced Connect Parameters on Connections

Two new groups under Advanced Connect Parameters have been added to Connections, all of these session-level fields are in-memory only and can be persisted to your RED Profile between sessions.

WhereScape RED 10.6.0.3 > RED Release Notes > image-2025-10-29_10-39-29.png

Auth Configuration

Auth Configuration JSON - Arbitrary JSON storage of any required authentication attributes for this connection.
Auth Script Command - When specified this command will be triggered during RED's authentication process to this connection.
Auth Expires After - Duration in mins after which RED will reconnect at the next opportunity.

Auth Tokens

Token (1,2,3) - Three new encrypted fields which can be used in connection strings using the token format $AUTHTKN_[1|2|3]$ for expansion at runtime. Display names can be adjusted via the RED Profile to suit a particular authentication type.

Scripted Authentication

Scripted Authentication can be enabled for a connection by providing a command line to run in the 'Auth Script Command' field. This command will be triggered by RED when it needs to authenticate with this connection for the first time and then again whenever the 'Auth Expires After' minutes has been exceeded.

When RED executes the 'Auth Script Command' this is the typical workflow:

RED UI
1. Saves the current RED Profile to disk and provide access to this Profile file and the connection name requiring authentication via environment variables.
2. Runs the 'Auth Script Command'.
Authentication Script
1. Reads the RED Profile and retrieves any required Connection details from it.
2. Performs the required authentication workflow for the connection.
3. Updates the RED Profile on disk with refreshed Auth Tokens and other Auth Configuration values as required.
RED UI
1. Merges the updated RED Profile file back into memory.
2. Completes the authentication process for the connection.
3. Resets the internal expiry for the connection based on 'Auth Expires After' mins.

Authentication Environment Variables for All Scripts

The Extensible Authentication feature also enables the following new environment variables in RED Scripts, both via Azkaban and RED UI:

WSL_[META|SRC|TGT]_AUTHCFG - contains the complete JSON structure in the 'Auth Configuration JSON' field.
WSL_[META|SRC|TGT]_AUTHTKN_[1|2|3] - Sets of three decrypted Token values from the 'Auth Tokens' fields.

The RED Scheduler Profile table has been updated to incorporate these new fields in order to provide these values to Azkaban jobs, these can be maintained via the Scheduler Profile Maintenance script. Scripted Authentication is not supported for Azkaban in this version.

Other Improvements

Performance Improvements

This release adds new indexes to the RED Metadata to enhance metadata query performance throughout the product.
Improved the performance of opening object properties on large repositories.

Scheduler Improvements

Improved publishing of Jobs via Application deployment

Detailed Changes in RED 10.6.0.0

The following changes have been implemented since 10.5.0.0

Improvements

JIRA	Release Note
RED-12352	Updated the wsl_scheduler_profile_maintenance script to support the new authentication fields added in 10.6.0.0
RED-12343	Added Scripted Authentication support to RED UI enabling extensible authentication methods for RED ODBC, Database and Extensible Source Connections
RED-12320	Improved performance of opening object properties on large repositories.
RED-12302	Added support to the RED Scheduler Plugin to support the new authentication tokens and connection string expansion added in RED 10.6.0.0, additional fields have been added to redadmin.ws_scheduler_profile to securely store these tokens.
RED-12092	Improved performance of the RED Metadata by adding indexes to support the common metadata join patterns throughout the product.

Fixes

JIRA	Release Note
RED-12361	Fixed an issue where creating deployment applications via the command line was broken in 10.5.0.0
RED-12347	Fixed a 3D export to RED issue where Named Targets; SQL Server, Oracle and Teradata were unable to be resolved during deployment.
RED-12328	Fixed a RED Metadata syntax issue which caused update failures during manual alterations of Index Objects in RED, affecting PostgreSQL versions 15+
RED-12322	Deleting jobs via application deployment will now trigger the scheduler integration script to remove the job from Azkaban.
RED-12314	The new 'execute-script' method of scheduler-util.jar is now thread safe when running in multi-threaded jobs.
RED-12309	The RED feature in Azkaban to execute a kill script in case of a job being manually aborted now inherits the JRE from the parent process, avoiding the need to have java on the system path.
RED-12308	Resolved a RED Scheduler Plugin issue where replacements of Extended Properties via the token format $WSL_EXP_<property_name>$ were not working
RED-12295	Fixed an issue where Application Deployment of Jobs was not setting the credentials for the Scheduler REST API, causing publishing of deployed jobs to fail.

Important Messages When Upgrading