openxava
Blog

September 24, 2025

XavaPro 7.6 released


XavaPro 7.6 has the next new features:

  • Handwritten signature for mobile and desktop by means of @HandwrittenSignature annotation.
  • Force upper and lower case letters and force special characters for password as options in Configuration.
  • Added RolesFilter to restrict record visibility based on user roles.
  • Users are joined automatically to organizations on first access with shared users enabled.
  • Password policy properties in naviox.properties included in the security section of documentation.
  • Properties in @Tab editableProperties respect read-only settings defined at role level.
  • Images are not shown for each record in the list for mobile UI.
  • In the mobile list UI, the fields of a reference are grouped under a single label.
  • Works with OpenXava 7.6.
Learn more about XavaPro

Handwritten signature

To allow the user to sign by hand and save their signature in a property, you have to annotate the property with @HandwrittenSignature:

import com.openxava.annotations.*; 

...

@HandwrittenSignature
@Column(length=32)  
private String customerSignature;

Note how the annotation is in the package com.openxava.annotations (from XavaPro) and not in org.openxava.annotations.

The property would be displayed like this:

The user will be able to sign with their finger or a stylus for touch screens, especially designed for mobile phones and tablets, although it is also possible to sign using the mouse. On a mobile it would look like this:

The property type is a String of 32 characters where an id is stored, not the signature itself. Signatures can be stored in the file system or in the database, using the same mechanism as @File and @Files. It is also possible to manipulate signatures programmatically with FilePersistorFactory as with @File and @Files.

Stronger passwords

We have two new options in the configuration module that allow us to require users to use stronger passwords:

These are the options framed in red: Force upper and lower case in password and Force special characters in password.

Restricting data by role

XavaPro 7.6 includes a new filter called RolesFilter that allows restricting data access based on the current user's roles. This filter works by comparing the user's roles with a property of the entity that contains a role name.

To implement this restriction, follow these steps:

1. Define a property for the role in your entity

@Column(length=30, columnDefinition = "VARCHAR(30) DEFAULT 'user'")
private String role;

This property will store the name of the role that has permission to access the record. You can set a default value if you wish, as in the previous example where the default value is 'user'.

2. Configure the filter in the @Tab annotation

@Tab(baseCondition = "${role} IN (?)",
    filter=com.openxava.naviox.filters.RolesFilter.class,
    properties="year, number, date, customer.number, customer.name, ...")

The base condition ${role} IN (?) indicates that records will be filtered where the value of the role property is included in the list of roles of the current user. The RolesFilter automatically provides this list of roles.

3. How it works

When a user accesses the list, the RolesFilter gets all the roles assigned to the current user and uses them to filter the data. For example:

  • If a user has only the 'user' role assigned, they will only see records where the role property has the value 'user'.
  • If a user has the 'admin' and 'user' roles assigned, they will see the records where the role property has the value 'admin' or 'user'.
This allows implementing a role-based data access system, where different types of users can see different sets of data according to their assigned roles.
Remember to import the necessary classes: 
import com.openxava.naviox.filters.RolesFilter;

Notice that the package is com.openxava.naviox, not org.openxava.

Better usability with shared users

When you use multitenancy with XavaPro, each company has its own group of users completely independent from the other organizations. However, you can configure it to have the same group of users for all organizations. This is done by selecting the corresponding option in the configuration module:

This feature has been available for some time. With "Shared users" enabled, the users and passwords for all organizations are those of the root application. You only need to create the users in the root application. What’s new in version 7.6 is that when these users access an organization for the first time, they will automatically be joined to it.

That is, they no longer need to answer this unnecessary question, as before:

Try it yourself

Demo: https://www.openxava.org/xavaprotest (User: demo, Password: demo)

If you want to try the admin features reply to this email asking for the admin password.
If you want to try the mobile features access to above URL using your mobile phone.

To learn more go to the XavaPro page.

If you're an Enterprise customer you will receive an email with the upgraded Enterprise edition.

blog comments powered by Disqus

Español