Created by Jonke Korzelius, April 26, 2021

In the upcoming new release of Uniface 10.4.01, we are making a technical upgrade to our IDE repository to prepare for future enhancements. In an earlier blog [add link], we explained that you have to plan for a migration. In this blog, we take a deeper dive into the changes we are making and how they will affect you.

A new minor version for Uniface allows us to make changes in the fixed length sections of the repositories' entities. Although we can make changes in the variable length sections of repository entities in a patch release, changes to the fixed length sections can only be made in major and minor versions of Uniface.

So what are these changes?

We are extending the field sizes for Description (UDESCR) and Alternative Name (UALT_NAME) properties to make it easier to search and find development objects and templates more easily. The Smart Suggestions feature searches these fields to look for matching objects, so being able to provide an informative name or description increases the likelihood of success. For example, when you start typing in the U-Bar, Uniface searches the Name and Description fields. The same applies to the Alternative Name property, which can help you identify a Template or Palette object in the Resource Browsers. Note that you can enter formatting characters in the Alternative Name.

We are reintroducing the Date Modified (UTIMESTAMP) field for sub-objects and adding a Purpose (UPURPOSE) field so that _in the future_, we can handle sub-objects similar to main development objects. We have learned that the granularity of our concept to only record changes and export main development objects is not flexible enough, especially for objects in libraries. For example, if you want to edit and export a Global ProcScript, you currently have to export the whole library. _*Note* This first release of 10.4 does not yet make use of these changes, it just makes enhancement possible!_

To support another future enhancement, we are adding new field Keywords (UKEYWORDS) in every entity, which can later be used to filter objects in the Resource Browser or for searching.

So now you know more, not only about the IDE Repository changes, but some of our planned enhancements for future versions of Uniface.

Created by Jonke Korzelius,  June 1, 2021

A minor version update for Uniface, what does that mean for you? There is an upcoming new release of Uniface 10.4.01.

In this blog we will look at what this means for migrating your Development Environment's (IDE) Repository. Upgrading to a minor version gives the Uniface Lab the opportunity to change the physical table definitions. We changed some fixed-length fields of the Repository's entity definitions to support future enhancements to the IDE.

To take advantage of these future IDE enhancements, you have to recreate your database table definitions. To do so, just export your existing Repository data and then import it into 10.4.01.  Tables are automatically recreated using the new entity descriptors when you import. This is a technical migration to your Repository database; we are not re-mapping, splitting, or merging fields in any way. Application data can be used as-is in 10.4.

Uniface 10.4.01 will not start if it detects you are using an older repository version, you need to prepare your upgrade to 10.4.01 by first exporting all Repository definitions to an XML file.

For example, to prepare to migrate from Uniface 10.3 to 10.4:

  1. In the Uniface 10.3 IDE, click the Main Menu ( ≡ ) and choose Export to open the Export tool.
  2. Select all options, choose the file name, and click Export.

To import the file, use the Uniface 10.4 IDE or the command line:

  • In the Uniface 10.4 IDE, choose Main Menu ( ≡ ) > Import XML, select the XML file, and press Import.
  • For the command line, start the IDE with the /imp switch and specify the file name.

The migration is automatically handled so you don't have to worry about it.

Alternatively, you can use any source control system, like Git, commit your work and import from your Git work area into a freshly installed Uniface 10.4 IDE. To speed up the import, when using, for example, a source control system, it is advised to rebase your sources on Uniface 10.4.01. Otherwise, source migration happens every time you perform an import. 

The Repository migration procedure is the same for both the Community and Enterprise Edition. Good to know: you can migrate directly from Uniface 9.7, 10.2, or 10.3 to 10.4, although migrations from pre-10.3.02 Uniface versions entail a little more as they might affect your source data. There is no need for intermediate migrations. This is to help you develop your application in the best possible way!

You can find more information in the Migration Guide, which will be updated with the release of Uniface 10.4.01.

Created by Frank Doodeman,  Apr 06, 2021

The Uniface Router Monitor is a small but practical Uniface Windows application that you can use to fine-tune parts of your running application. It can monitor the Uniface Router to which it is connected and the Uniface Servers that are using that Uniface Router, as well as the clients that are using those servers. Moreover, it can dynamically change Uniface Router parameters, reload the Uniface Router's assignment file, start and stop Uniface Servers, and stop the Uniface Router.

All of this can come in very handy, for example when your application is experiencing problems in the area of response times.

This useful tool has been around for quite a while and has proven its worth in application setups that involve TCP connections between the Uniface Router, its Servers, and their clients. The introduction of the new TLS connector in Uniface 10.3 opened up the possibility for more secure connections, so the need arose to upgrade the Router Monitor to handle those more secure connections.

In Uniface 10.4, the Router Monitor API will be enhanced to make it fully support both TCP and TLS connections. This involves a change in the descriptors of some entities that are used as parameters to some of the Monitor API operations. Fields that represent the port number for a TCP connection will be increased in size, to accommodate the TLS profile that accompanies the port number of TLS connections. In addition to the API change, the affected fields in the Router Monitor's Form components will be made larger so that the Router Monitor has room to display the port and profile combination for TLS connections.

The Router Monitor's Start Server utility will also get a convenient enhancement, providing an easy way to choose one of the available connections when starting a new server:

In brief, if you intend to use the more secure TLS connections between your application's Router(s), its Servers and their clients, then the 10.4 Router Monitor will offer the same services for your setup that you were already used to for setups that use TCP connections.

Important note regarding applications that use the Router Monitor API

If you have a custom application that uses the Router Monitor API then, like the Uniface Router Monitor, that application will need to be recompiled when you move to Uniface 10.4. This will require only a few simple migration steps:

  • Import the updated definitions of the affected entities. These will be available in uniface/misc/uroutmon_entities.xml, under the 10.4 installation directory.
  • Recompile your application.

Like for the Uniface Router Monitor, you may also want to make small updates to some of your application's Form components, specifically the Form components that show connection port numbers. You could increase those fields in size, to make them wide enough to show the combination of port number and TLS profile, for TLS connections.

More information will be available in the Uniface 10.4 documentation, under What's New in Uniface 10.4.

Uniface CE and EE licensing

Uniface CE and EE licensing 

The observant amongst us may have noticed that last week a new edition of the Uniface 10 Development Environment was released. This new edition is the Community Editiona free to use, non-commercial version of the Uniface 10 IDE for Windows 10 and SQLLiteit is available today from Although the deployment options are limited, the product is complete, and all features are available for use. 

Several product enhancements and features were needed to allow us to deliver this new Community Edition: 

  • An improved installer/patcher experience 
  • Updated branding (more to come) 
  • Replacement of our license manager (DLM) 

All of these enhancements will also be coming to the Enterprise Edition (EE) when it is appropriate to add them. We can update the branding in a patch, but the installer/patching updates require a full installa process not practical for most customers until 10.4. 


The most significant addition to the product is a new license management system which enables a Cloud-Leased Licenses model. With this new license model, customers will no longer need to harvest information from each platform (DLM info) but instead only enter an entitlement id during installation (like we do to activate Windows). The license manager will collect the fingerprint information, register the system, and download a valid license. For Uniface 10 CE, the entitlement allows Uniface to be installed on three separate PCs using the same key. Rehosting is also possible by returning a license on one system and claiming it again on another.  


As the term "Cloud-Leased" suggests, the downloaded license is leased and valid for a fixed period. During regular operation of an application, Uniface will periodically renew the license, extending the expiry date and applying any changes that have happened to the entitlement on the Cloud serverssuch as the addition of a connector. It will be possible to update a lease upon request and have the changes become active immediately. 


Cloud-Leased Licenses work uninterrupted when running offline for the period of the lease, with a default duration of 30 days from when the license was last renewed.  


For Enterprise Edition there will be extra options available 

We will supply a new local Rights Management System (RMS) serversimilar to DLM serverto allow concurrent usage and central hosting of licenses. The licenses installed on the RMS server will also be available as Cloud-Leased Licenses.  


For organizations where online access is not an option (i.e. due to legal or security restrictions), it will also be possible to run the cloud activation using a token exchange process via offline storage like a USB key. 


An exciting opportunity provided by the new licensing system is the possibility to license cloud environments more reliably especially Docker containers. 


We are working towards enabling all our existing license models in the new license manager. 


A portal will be made available, enabling customers to see the usage data for their entitlement. We also plan for this portal to allow ISV/VARs to see the usage of their end-users.  


It is our goal with this license system to dramatically simplify the effort required to install and maintain the licenses needed for your and your customer's applications.  


Blog by Barbara Douma and Jyoti Singh

Dynamic server pages (DSPs) provide the user interface for web applications. They enable users to view and modify data in a browser, and provide a lot of built-in functionality to ensure that data is formatted and displayed correctly, and to ensure that data entered by the user is correct before it is stored.

For example, a DSP automatically checks that a Numeric field does not contain alphabetic characters. This happens in the browser, in the client side of the DSP, even before the data is submitted to the backend server, where the data is validated again before being stored. Having the client side of the DSP handle formatting and syntax checking prevents unnecessary round trips to the server.

DSPs provide a lot of default data formatting out the box, to ensure that the data is correctly displayed. For example, a Numeric field with four decimals may be formatted to show only two decimals.

By default, for fields with an EditBox widget (or any widget mapped to and HTML input of type text):

  • Uniface non-String fields (Numeric,  Float, Date, Time, Datetime, Boolean) are formatted on the DSP client in the browser. The client applies supported display formats as defined by the field’s Field Layout property.
  • Uniface String fields are formatted in the server-side of the DSP by the Uniface Server. The server applies any display formats defined by the field’s Field Layout property before sending the formatted String to the browser.

(For more information on DSP widgets, see the widget reference documentation in the Uniface Library.)

In most cases, its is best to rely on default behavior for formatting non-String fields in DSPs. By sending unformatted data to the server, the original data remains available in the DSP client’s data layer, and the client has all the information it needs to format the data for display, but also to deformat it for transport back to server.

However, there can be circumstances when you want to use server-side formatting. For example:

  • You might want to specify a Uniface display format that is not supported by client-side formatting in DSPs, such as a minus sign for a negative number.
  • You might want to customize behaviour, such as implementing a custom date/datetime picker using JavaScript instead of relying on browser feature support.
  • The data is read-only and shouldn’t be formatted in the browser.

Client-Side Formatting

In client-side formatting, the Uniface Server sends the field’s value to the client as unformatted data, and expects to get unformatted data back.  

The DSP client formats the received data using its display format (Field Layout), and assigns the formatted values to the widget for display. If the value of a field is changed in the browser (either by the user editing the field or some code that assigns a new value), the DSP client:

  • Deformats the changed value using the display format definition (in the Field Layout property).
  • Validates the field syntax using the deformatted value (assuming the widget property Syntax Check on Browser is enabled).
  • If syntax validation fails, it displays or returns an error, and prevents the data from being submitted to the server until it is corrected.
  • If syntax validation succeeds, the new value is formatted again to get displayed, and the data can be submitted to the server.

Once the data is submitted, the data is validated on the Uniface Server, either through an explicit validate statement or when stored to the database.

Client-side formatting and deformatting allows the user to get immediate feedback on any changes—the DSP client updates the displayed value and reports errors. This prevents unnecessary round trips to the server to get the same feedback.

The disadvantage is that gives the developer less control.

Server-Side Formatting

In server-side formatting, the Uniface Server formats the data before sending it to the DSP client, and deformats the data when it is received from the client so that it can be stored

As mentioned before, String fields are always formatted on the server rather than the client, but it is now possible to do this for non-String fields too. The advantage is that it gives the developer more control over formatting, but it also means the developer is responsible ensuring that data is correctly deformatted and validated.

To do so, you can use the new widget property Data Formatting on Server (serverDataFormatting).

Note: This is the new name for a previously undocumented property: datatype=string. This property continues to work for compatibility purposes.

When a non-String field with Data Formatting on Server set to true, the Uniface Server:

  • Formats the field value using the display format (defined in Field Layout property).
  • Executes trigger formatToDisplay, if defined. This trigger enables the developer to complete customize the data formatting.
  • Sends the resulting formatted string to the DSP client

The DSP client assigns the formatted string to the widget for display. If the field value changes on the DSP client, the client does not deformat or validate the data (the widget property Syntax Check on Browser is ignored).  This is because the DSP client does not have the information needed for deformatting, such as the NLS locale and display formats used.

When the DSP client submits its data for which server-side formatting is enabled, it sends the field data to the Uniface Server as is. The Uniface Server then:

  • Deformats the field data using the Field Layout definition.
  • Executes trigger formatFromDisplay, if defined. This trigger enables the developer to control how the data is deformatted.
  • Validates the deformatted value, either in response to an explicit validate statement or when stored to the database.
  • Returns a response to the DSP client with the updated data or validation errors.

Server-side formatting enables the developer to have complete control over formatting and deformatting but it means that a full round-trip to the server is required before the display can be updated or errors reported. 

The following diagram shows the data formatting mechanisms in DSP:


Property: Data Formatting on Server (serverdataformatting)

Server-side formatting is made possible by the widget property Data Formatting on Server. This is the new name for a previously undocumented property: datatype=string. This property continues to work for compatibility purposes.

Other characteristics:

  • Default value: false (no server-side data formatting)
  • Not applicable to fields with Uniface data type String. String fields are always formatted/deformatted on the server
  • If set to true, the widget property Syntax Check on Browser is ignored

For more information about this property, see the Uniface documentation. 

Start Using the New Property

The configuration file for the new property will be delivered with the next Uniface release and not with a patch. So to have the new property displayed in the DSP Widget Properties dialog, you need to install the patch and then manually edit the file uproperties.ini:

  • Open the file uproperties.ini, located in UnifaceInstallDir\uniface\adm 
  • In the section [propertygroups], add the property serverdataformatting to grp:uniface_all .
  • Add the following property definition at the end of the file:

description=Data Formatting on Server
tooltip=Format the field data on the server in string type
TLS support for LDAP driver

TLS support for LDAP driver

Blog by Rasmus Stahl

With the Introduction of the LDAP U3.0 driver Uniface offers native connectivity to LDAP and Microsoft’s Active Directory using TLS connections.

LDAP is the latest delivery from an ongoing initiative to elevate all Uniface network traffic to use TLS, and will help protect applications from man in the middle attacks, as described in: LDAP over TLS has also been a popular request from customers.

To Use LDAP over TLS you will need to update the driver settings in your ASN file and setup correct server verification.

More detailed information is available in the Uniface documentation. See LDAP over TLS.

Reported issues search now available in an interactive form.

By Jan Cees Boogaard

As a result of our efforts to make relevant information about Uniface as easily accessible as possible, the known issues can now be queried in an interactive form. The new form shows more details about the issues and it allows for extensive filtering.

On the main page, you will find a list of issues that were reported in the current version of Uniface and a list with information from our archives. For help with the use of the form, there is a quick users guide at the top of the page.

The new feature can be found in the menu under Support/Reported Issues (new) or by directly going here. The old list is still available under Maintenance/Known Issues (old), but will be phased out in the future.

This new feature on is a first step towards sharing full information about Uniface maintenance. More features will be added in the near future. As we are looking to expand and improve, we are keen on your feedback. Please leave your comments in the known-Issues-information topic in the Community/Questions section.

Pathscrambler Security Enhancements

Blog by Andy Holzman

“From simple encoding to strong encryption, read on to learn about the latest security our third iteration of the path scrambler brings”

With this blog we announce a change to the Pathscrambler encryption of the Uniface assignment files that will become available in one of the upcoming patches.

We have enhanced the security provided by the Pathscrambler, the Uniface utility used to encrypt sensitive information and values in assignment files and login strings. The Pathscrambler will now append a digest to any assignment file line or string in which it has encrypted some text. This ensures that the encrypted line cannot be tampered with in any way.

The difference in behavior is significant enough that we can speak of an old and a new Pathscrambler, although there are no changes in the way the Pathscrambler is used to encrypt files and strings.

The previous Pathscrambler functionality is still supported, so older assignment files will continue to work as they did before. However, it is no longer possible to regenerate those encrypted assignment files or strings using the new Pathscrambler. It will always generate new files and strings with the enhanced security.

There are some consequences to this extra security:

  • Any assignment file line or string with a digest cannot be altered in any way.

For example, previously any text not encrypted could be changed. With the new Pathscrambler, not even a space can be changed, as this would invalidate the digest.

  • The encrypted line or string must be used in its entirety. A single line or string cannot contain a mixture of old and new encryption. This has an impact in the way that an encrypted string can be used in the open Proc statement and with the{{ /log}} command line qualifier.

For example, in the past, the string used in the open statement for a database path could be dynamically constructed in Proc, possibly using an encrypted password string that had been supplied by the Pathscrambler. This is no longer possible. The complete open string must be provided by the Pathscrambler, otherwise the digest validation will fail.

You can still dynamically construct an open string for a database path using the $password function, but no other parts of the string can be provided by the Pathscrambler. $user can be used as that does not encrypt the data.

  • All the lines in an assignment file must be of the same encryption. You cannot mix lines from an old assignment file and a new one.

It is possible to still include an old assignment file in a newly encoded one, using #FILE, but you cannot mix actual lines in the same assignment file. You cannot cut and paste some lines from an older assignment file into a new one. This means that it is no longer possible to start with a previously-encoded file that contains some of the older Pathscrambler's encoding, and then add new encoding to it. The result would be a mixture of encodings, which is not allowed.

  • The output from the Pathscrambler cannot be re-submitted to the Pathscrambler. If previously encrypted items are submitted to the Pathscrambler, the resulting strings will not be usable by Uniface. If changes are required, they must be done in the original un-encrypted file, and that file should be re-submitted to the Pathscrambler.

We strongly recommend that anyone that has security concerns about the contents of their assignment files, should use the new Pathscrambler to encrypt their assignment files.

Client-side triggers for server-side validation errors

Blog by Barbara Douma

Dynamic server pages already support client-side field syntax checks, which prevent incorrect data from being submitted to the server.  Uniface provides a default mechanism for reporting and displaying syntax errors in the browser, and web triggers for customizing the error reporting and display.

However, field syntax checks are just a subset of the data constraints that Uniface validates when it is instructed to reconnect, store, or validate data. Other declarative constraints as well as procedural constraints are validated on the server and, until now, there was no customized way of reporting such errors in the browser.

With Uniface, Uniface introduces support for server-side validation error reporting for fields.

  • Default formatting and error reporting for fields that are in error and visible in the browser. This is the same mechanism available for client-side syntax errors: the -ufld-highlight-error- style and uflderror bound error element.
  • New showError and clearError web triggers, which enable you to customize error display and reporting. These triggers are defined on fields in the component structure and they are executed in the data layer of the client. This means they can be executed for fields in error, even if the field is not in the layout, is in a hidden view, or is no longer available in the browser.
  • Enhancements to the Uniface JavaScript API to make the error information accessible to JavaScript in these triggers. The new FieldErrorContext object holds information about the field that is or was in error, and provides the methods getField(), getError(), and getBoundElement(), so that you can access the field, report the error, and update DOM elements. It is the JavaScript this element in the showError and clearError

When you define a showError trigger, you need to define a corresponding clearError trigger. For example:

webtrigger showError
    // this returns the FieldErrorContext object for the error 
    // get the field that is in error 
    var errorField = this.getField();

    // if the field is present in the data structure ... 
    if (errorField) {
      // style the error and add the error message as a tooltip
      errorField.setProperty("style:color", "red");
      errorField.setProperty("html:title", this.getError().message);
    // Return false to suppress Uniface's default error reporting
    return false;

webtrigger clearError
    // this returns the FieldErrorContext object for the error 
    // get the field that was in error 
    var errorField = this.getField();

    // if the field is present in the data structure...
    if (errorField) {
      // clear the properties that were set in showError

To see this code in action, you can download a new sample from Uniface Samples. In addition to this code, which uses Field.setProperty(), the sample demonstrates the default error display, the use of   this.getBoundElement()to navigate and style other elements in the DOM, and the use of an error count and error list to display multiple errors.

For more information, consult the documentation:

Blog by Peter Lammersma

For today’s businesses, they say, data is more important than ever. I don’t agree with the ‘today’ part: data always has been businesses’ most important asset, and always will be. There is a difference between now and back then, though. The IT landscape is now extremely dynamic and reliant on innovative IT. Dependence on technology leads to enormous growth of data and, at the same time, of the number of attacks on the data.

Can a potential risk be turned into a business opportunity? During our second workshop / ‘pizza session’ of 2019 we answered that question. Before I explain how, we need to look at the cause of the growth of security problems. Although we all think security problems will never happen to us, investments in security were never higher than they are today.  Return on security investment is one of the key figures that management uses to steer the business.


We feel safe with ‘good old’ client/server, with all the visible security measures: it’s like having a barrier to the carpark, a security guard near the entrance and a kind but resolute receptionist. Contracts and non-disclosure agreements must be signed, and sometimes employees must have a certificate of conduct. Before one can even start working with the application, passwords on computers and networks are mandatory. And, on top of all these safeguards, you and I have created the best authorization and authentication algorithms in the world!

Within this ‘fortress’, it feels as if the data is safe inside the organization walls. But it is not, despite all the visible and invisible security. According to ‘IBM 2016 Cyber Security Intelligence Index’ more than 60% (!) of all attacks on data have an internal cause. These are people you trusted! Did they break through all the security precautions? Are they spies? Criminals? The reality is less exciting, but just as frustrating. In most cases, the problem is just that the innocent users of the application opened an attachment that they should not have opened.

All the effort in securing the building, the network infrastructure, the workstation, the database, and the application has lost its value because of one detail: the connection to the data(base). Once you know how to get to the data, there’s not much that can stop you. Compare it with a defensive wall that loses its value with every hole. The connection from the client to the database looks like a tunnel. A long tunnel, perhaps, but at the end you see the data as shining gold.

It doesn’t matter what technology is being used on the client. Every technology has its ‘holes’. Criminals are not interested in any of the secure parts, but in that one single thing that is not: SQL injections, readable connection strings in assignment files, data source names from your ODBC or SQLNet. Allowing direct access to the data is a risk. Somewhere in the application, a connection string to the database must be available. As soon as this connection string can be found on the computer, all other security has lost its value.

Even the size of the application is irrelevant. Let’s assume you have a web application with hundreds of DSPs. From a user’s perspective there is no direct connection to the database. But what if this application also has one or two forms for maintaining a table? Then this can be the rabbit hole leading to your data. As we learned in the pizza session, prevention is better than cure, so let’s see what can be done to plug this rabbit hole.

Multi-layer versus multi-tier

It’s not client/server, per se, that causes the problems. It’s the way it is used. Traditionally, client/server is two-tier: the client for presentation and the server to store the data. But an application is more than just presentation and data. The real value is in the business rules and the business logic. By the way, those are not the same! I have seen a lot of applications that claim to be multi-tier (multi > 2 😊), but they are multi-tier in name only. They are really only multi-layer.

So what’s the difference between multi-layer and multi-tier?” Multilayer is separation in the application’s logic. Services for reading data, services for business rules, reports, forms, etc., are layers. Using multiple layers in the application structure is a very good habit, but it does not do anything for security.

Multi-tier, on the other hand, is a technical separation. It allows the application to run its processes on several machines: the presentation layer on the client, the business logic on an application server, and the business rules on the database server.

The fun part is that Uniface allows us to move layers into tiers – without changing our coding! At least, you can if you’ve used the layers consistently. In the pizza session we worked on this concept.

Moving data access to a server

The starting point of the pizza session was a typical client/server application: all the processing on the client and all the data on a server. Take a look at Figure 1: you’ll see a Uniface application on the client with two form components and one service. Reading and writing is done in the components.

In the worst case, the assignment file has one of the following path settings:

·       $DATA_DBMS_MQL = MQL:server:database|username|password

·       $DATA_DBMS_TLS = TLS:server+port|username|password|database

·       $DATA_DBMS_MSS = MSS:DataSource:database|username|password

·       $DATA_DBMS_ORA = ORA:t:host:database|username|password

You might have secured everything, but the connection string to the data is readable in the assignment file. This means your data is as open as it can be! The technology that is used to connect to the data is not relevant, nor is the security of the connection, application or network.

A setup like this is only fine for development purposes – with fake data.

In my Uniface career I have seen hundreds of applications, and a lot of them had the database details in assignment files on the client, even in production environments. Having the connection string data in a readable format in the assignment file makes it pretty obvious. Using the Uniface PathScrambler makes the connection strings unreadable. That feels a bit safer. But remember that somewhere in the process, the connection string must be unscrambled. That information is stored in memory and so it can be found with the right tools.

It’s a good habit to use a service for reading and writing to the database. In the pizza session, we changed the application in Figure 1 to something like Figure 2.

The normal behavior of the Uniface read process is, as we all know, activating the retrieve trigger. Uniface then invokes the read trigger to read and fetch the data from the database. To change this so a service can be used to read the data, an operation on a service must be called. On the form for the entity, the ‘Data access’ property is set to ‘non-database’.

Advice: create subtypes for all modeled entities. Have one subtype that allows database access and another subtype that is non-database. The first can be used on a service that does the reading and writing. The other can be used on the client to display the data.

At this point, two things are achieved:

1.       The application uses a service to read and write. Officially, the application has a Service Oriented Architecture.

2.       The application is multi-layer.

So, we’ve scored points! However, from a security perspective nothing has changed. As shown in Figure 2, there is still a direct connection from the client to the database.

But now take a look at Figure 3. The only thing that’s changed is the execution of the service. For a Uniface developer, this is just a small step:

1.       In the assignment file on the client:

a.       All connections to the database can and must be removed;

b.       Replace them with a path to the server:

$TCP_EXEC = TCP:servername+port|username|password|pizza_2_exec

c.       Add:

* = $TCP_EXEC:*

2.       Install URouter on the server. In the URouter’s assignment file:

pizza_2_exec = userver -asn=pizza.asn -dir=path -adm=path

3.       In the assignment file (in this example pizza.asn), add the connection string to the data.

Now, when the service is activated from the form, the processing is executed on the server – without any modification to the application! Suddenly the application is multi-tier.

Why is this more secure? From now on, when someone tries to look into the metaphorical tunnel between client and server, there is no shining gold data but just a Uniface UServer-process. There is no direct access to the database. It is impossible to send SQL requests to the database on the server, because there is no direct access to the database.

From here on, it is up to developers like you and me. The only way to access the data on the server is by requesting data or submitting a change to a Uniface service. With our development skills, we can secure this data: it’s just a matter of authentication and authorization.

But there is more!

In the workshop/'pizza session',  we played with the configuration. The data is safely hidden behind a service. The only possible way to read the data is by calling the service from the Uniface form components. But what if you want to be able to read the data with other tools?

It’s highly advisable to implement all your business rules in services and execute these on a server. So, now you have your data and the business rules on the server. Let’s suppose that, although you’re happy with your Uniface desktop application, you also want to be able to make the data available to an external system, or you want your data to be part of a mobile solution.

As soon as you have your most valuable assets (business rules and data) executing on the server, you can access them with any technology you want. Look at Figure 4. By adding a webservice to the configuration, all of a sudden, the Uniface service can be used by and/or in any other technology!


In just a few steps, a potential risk can be turned into a huge business opportunity.

When you started reading this article, your data felt secured but in reality it wasn’t. With a few changes in the Uniface configuration your data is very secured. And, at the same time, you created a new business perspective because the data can be made available to third parties in a way that you can control.

To summarize, the steps are:

  1. Stop reading and writing in the presentation layer
  2. Implement services that do all the reading and writing
  3. Move the execution of these services to the server
  4. Add webservice functionality to the services

If you want advice about the level of security of you application or need any help with the configuration of your deployment environment, you can always contact me. In the next Blog/pizza sessions, we will take a closer look at the fourth step and beyond. Trust me, with Uniface you can do anything.


Utilities for Uniface 10

Utilities for Uniface 10

Modern application development environments need to allow close integration of customer or community tools and utilities, to further enhance developer productivity. The IDE, delivered with Uniface 10, enables closely integrated extension through user defined worksheets and menu options.  

Many of you know that the Uniface Support team often creates utilities to automate or simplify some our day to day activities. With the new user defined integration, we have an ideal way of making these available to the community so have collected a number of these utilities, mainly enhanced versions of components found in the Uniface 9 IDF, together and packaged them up for anyone to use.

 What is included in this toolkit?

  • Create Referential Integrity
  • XSLT Workbench
  • Global Search
  • Cross Reference
  • Copy user data from entity editor


Create Referential Integrity

Generate SQL scripts for maintaining referential integrity within the database


XSLT Workbench

The XSLT Workbench is a tool for creating and testing XSLT stylesheets.

Global (Proc) Search

You can use the Global Proc Search dialog to search for commands, expressions, and operands in all Proc. It now also features a button that allows to directly open from the search result the related Code Editor.


Cross Reference Viewer

With the Cross Reference Viewer you can generate reports from the data of the cross-reference table. It now also allows you to directly open the related Code Editor from the cross-reference search results.

Additions menu

The different utilities can easily be accessed from the Main Menu ( ≡ ) of the IDE.

Additional stuff

The Uniface 10.3 IDE Additions project also includes an extra menu item for the Entity Editor that allows you to directly export the user data of the entity. This can be seen as a partial replacement of the Convert Data utility of the version 9 IDF.

Work in Progress

We still plan to add more features to the Uniface 10.3 IDE Additions project - so this is very much “Work in Progress”.

And the good news is that we are not going to keep this stuff to ourselves. The Additions can be downloaded from here (Uniface utilities, addons and extras). And in order to get the utilities working you just need to include the additions.asn at the top of your (or the default) ide.asn.

ASN example
; your ide.asn

; ...

; ...

We hope the Additions utilities are helpful,

Uniface Customer Support

Please note, that although the utilities are uploaded by the Uniface team, it is made available as-is and is not in any way part of the regular Uniface product. Therefore the rules and regulations for Uniface maintenance and support do not apply to the Additions utilities.

Blog by Peter Lammersma - 

Recently, a dozen Uniface developers gathered at Uniface headquarters in Amsterdam. Some of them had driven for several hours to be here on time.

What was so important about this meeting? The answer is that these developers represent several organizations with one thing in common: they all trust Uniface for their most vital and business-critical applications. Something else the organizations have in common is that they all want to migrate to Uniface 10. That’s why they sent their developers to learn more about it.

A few weeks earlier, most of these developers had participated in a webinar where I told them about the major changes and enhancements in the latest version of Uniface. So, they had heard and seen a lot about these changes already, but on that particular evening in April it was time for some hands-on experience. As a well-known Uniface expert and business partner, I had been asked to guide my fellow developers through this process, and we had decided that ‘pizza session’ was a good name for it (more about this choice below).

The name reminds me of some evenings in my past. Software, cold pizza, and warm cola; what more does a developer need?

The evening consisted of three parts, starting with an optional slot for configuration support. Beforehand, the participants had received instructions on how to install Uniface on their notebooks and create a development environment. If they had run into problems, they were invited to arrive early so we could help them with the configuration. As luck would have it, someone did show up during this pre-pizza config support part of the evening. No, he didn’t need help, though – he just had a three-hour drive and loved to be on time.

According to Mr. Maslow and his hierarchy of needs  the second part of the evening was the most important. It’s obvious that in 1943, when he published his theory, software as we know it had not yet been invented. Nevertheless, everybody enjoys pizzas. Thirty minutes later, a dozen pizzas had completely disappeared, leaving the same number of developers eager to start.

The third and final part of the evening was the hands-on bit. At the back of the classroom, Ton Blankers, Uniface account manager, and Gerton Leijdekker, software architect, were present to answer any questions I couldn’t handle. I kicked off with some theory – just enough for the participants to get started. For the next two hours, a classroom filled with software developers worked on a couple of assignments.

This pizza session was all about the changes to the Uniface 10 IDE. I can talk for hours about these, but as I was limited to a 30-minute timebox, I focused on the major changes – for instance:

-          The terminology. What is a Main Development Object?

-          … and how is it related to the editors in Uniface?

-          What is the difference between Templates, Objects and Models?

-          … and is this really different from what we are used to?

-          What is the Compiled Modules Inspector?

The assignments were about enhancing the IDE with your own utilities. In three exercises, the developers created User Defined Worksheets and User Defined Menus. They learned how to use the IDE in Uniface 10. But the assignments were also about the changes in the meta dictionary to gain full control over the IDE.

Was it a successful evening? Everybody was able to install and configure Uniface 10 (which takes no more than 5 minutes), the pizzas were great, and everyone finished the exercises. But most importantly, the developers discovered themselves why Uniface 10 is so much better than all previous versions. And now they believe it is time to migrate to version 10.

We at Uniface were more than satisfied with the outcome of the very first pizza session of 2019. The security guys were curious, though: what was everyone so happy about? Mission accomplished.

Why do we call it ‘pizza session’? Uniface is just like pizza. Everybody loves it. It’s convenient. And with the right basis (the bottom), everything is possible. Used as a plural, pizza sessions, it is a reusable concept. Yes, we want to organize these sessions a few times a year. There is so much more to discuss and learn about Uniface. The next pizza session is planned for June.

Blog by Barbara Douma

Since the introduction of Uniface 10.3, we have been rolling out a feature called smart suggestions, which adds search and filtering functionality on the basis of object name and description. This makes it easier and faster to find an object that you want to open, edit, or use in a given context. As you type a keyword or part of an object name, the Uniface IDE provides a list of suggestions for objects that match the provided string and are appropriate to the context.

Smart suggestions were originally introduced on the Main U-Bar in Uniface (see the blog Smart Suggestions in the Main U-Bar of the IDE). Since then, we've added this feature to the Component Editor when editing name-based properties. You get smart suggestions when you:

·       Rename entities, fields, and labels in the Component Editor (

·       Define the Modeled Component and Bound To properties in a derived component (

Now our focus is on the Resource Browser, starting with the Component Editor. As of Uniface, the Uniface IDE provides suggestions in the Model tab, so that you can easily find the modeled entities and fields that you need to use. 

Resource Browser: Model Tab

The Model tab of the Resource Browser has been redesigned. It now includes a U-Bar that can be used to find and filter the modeled entities displayed in the tab. The list of entities includes subtype (specialization) entities. Icons indicate whether an entity is a normal modeled entity ()

or a subtype entity ( ).

To ensure fast performance, a maximum of 50 objects can be displayed. You can override this by clicking Show all, or configure to a different maximum using the  UBAR_RESULTS_MAXHITS logical. 

Suggestions for Modeled Entities and Fields

Instead of browsing through hundreds of entities, just start typing a string that occurs in the object name or description in the Model tab's U-Bar. As you type, the list is filtered to show only matching entities and sub-entities. 

As usual, suggestions are offered in the following order:

1.     Objects whose name starts with the entered text

2.     Objects whose name contains the entered text

3.     Objects whose description contains the entered text

You can scroll through the list of suggestions using the Up and Down arrow keys or the scroll bar. 

To insert an entity into the component structure, highlight the entity in the list, then drag and drop the entity into the component structure (or draw the entity frame for a form or report component.)  

To add the entity's fields to the component structure, you first need to select the entity—highlight the entity in the Model tab and press Enter, or double-click the item. This copies the entity URL to the U-Bar and, by default, displays the entity's fields. (Notice that the fld: code is appended to the URL.)

What if you selected an entity to display its fields before you inserted the entity? No worries. Just right-click on a a field and choose Parent Entity from the context menu.

 The parent entity is then displayed in the Model tab so you can highlight and insert it.

Suggestions for Parent or Subtype Entities

As you saw already, subtype entities are easy to recognize in the Model tab, but you can also find the parent or subtypes of a given entity.

For example, to get the supertype of a subtype entity, right-click the subtype in the Model tab, and choose Parent Entity

You can also use the context menu to show the subtypes of an entity. For example, the following suggestions are shown when you choose Subtype Entities  for the UTREE_PERSON.UTREE entity:

Notice that the ent: object code has been added to the entity URL.

If you now select one of the subtypes, the complete URL, including the supertype is copied to the U-Bar and its fields are displayed: 

Navigation Using the Object URL

If you want to return to the supertype object, you can click on the object's name and press Enter. In fact, each element of the URL is like a button that can be clicked to navigate up the object URL.

When you select an object name, a list of the subobject types is displayed. For entities, these are ent: for subtypes and fld: (the default) for fields.

We hope you will enjoy the Resource Browser improvements that we have introduced so far.

But it doesn't end there! As of Uniface, smart suggestions are provided in Model tab of the Entity Editor when you add modeled entities to a relationship, and in the Project Editor when you add create derived components from a modeled component. The principles and behavior are the same as in the Component Editor.

Blog by Jorge Nuñez-Orellana

Recently, we had the presentations of the first Creative Sprint and let me tell you it was a great success. I’ll start by taking you back in time while sharing what are the thoughts which drive this initiative.

The Uniface’s lab is still a startup, yes! A 35-year-old startup in that sense. As with all startups, we thrive through the innovation that comes from the brilliant minds that continue to form the Lab throughout these years.

When working on technology, one tends to adapt the new high-tech trends to produce business value. This is a creative quirk. This challenge rewards the individual with satisfaction and fulfillment. To maximize the benefit from such experience, one repeats the process with certain periodicity, making it part of the development process.

In general, Agile is associated with a creative/iterative development process, following that line of thought, it is common practice in technology minded organizations to include a moment to trigger the creative spirit and embed it on the execution cycle of the production of software. Additionally, that moment serves as a source of wisdom to individuals who use that time to attempt new ways, find new ideas, discover new possibilities.

At the Uniface Lab, we are no different. Already for a few years, we have been trying to stimulate this inspirational flare in between our regular sprint schedule. To spark imagination a bit more, we have adopted a Creative Sprint; a one-day sprint where the goal is to ignite curiosity, play with new ideas and have fun.

Our creative sprint is also a welcome break in our tight schedule. A break which is an investment too. A break as it allows us to step out of the production harness and an investment because it spawns our technological paraphernalia (ideas and tooling).

As competitive as we are, we want to deliver the outmost in one day, producing great value for our time. To illustrate that, I want to share some of the ideas from the creative sprint:

·       Apply cucumber and selenium to web testing

·       Investigate using JavaScript as the scripting language for Uniface’s ProcScript

·       Prototype a message/service bus

·       Use Node.js as a Web-server for a DSP application

·       Investigate enhancements to our threading model

·       Calling Uniface functions from Python

·       Prototype using regular expressions in ProcScript

·       Prototype porting sources to C++ 11 compatible

·       Entries for field, collection and/or occurrence entries as extensions of only component

The results were astonishing, a lot of enthusiasm and tons of valuable information which serves as food for thought. All in a very short span of time. Besides there is more to come as we get a chance to spend some time on innovation every two weeks. How great is that!


Blog by Jyoti Singh

The purpose of this blog is to inform you about some changes in the way widgets are documented and described.

Widgets are the elements that enable the user to interact with a Uniface application. In Uniface, we recognize two types of widgets:

·       Physical widgets are the implementations that provide the functionality to the user. They vary depending on the underlying GUI technology.

·       Logical widgets are named configurations of the physical widgets. Developers can configure physical widgets to use specific properties/styles to create their own logical widgets.  Consequently, one physical widget can be referenced by multiple logical widgets. The available widget properties are dictated by the physical widget, and it is the physical widget that knows how to interpret properties. Logical widget definitions are defined in the [webwidgets] and [widgets] sections from the initialization file.

The logical widget definitions are available to the Development Environment (IDE), where they are shown in the Widget Type property for entities and fields, allowing developers to select one for use. By default, a Uniface installation provides a default set of logical widgets , but this set can be customized by the developer.

The logical widgets used in the application must also be made available at runtime via the [webwidgets] and [widgets] sections from the initialization file in the runtime environment. Forms, Reports, and Dynamic Server Pages (DSPs) use this mechanism.

With the introduction of the physical widget HTMLINPUT for DSPs, which can be used to specify very different input elements, the emphasis is moving more and more towards the capabilities of the physical widget rather than the logical widget.  To reflect this shift in emphasis, the widget documentation for Uniface 10 has been restructured. It now documents the functionality, triggers, and properties of physical widgets, and describes logical widgets in terms of their purpose, since the functionality and properties can be changed by the developer.

To illustrate with an example:

By default, physical widget HTMLINPUT is mapped to EDITBOX, but HTMLINPUT can also be customized to get a custom Input search field which can set or return the value of the placeholder attribute.

Ini file:


Editbox = htmlinput(html:type=text;detail=dblclick)     

Searchbox = htmlinput(html:type=text;html:size=20;html:placeholder="Type to search")

Above two configurations of same physical widget would result into two logical widgets with different capabilities:

If you are interested to know more about the widgets in Uniface, please visit the online documentation