Release Notes for Mindbreeze InSpire

Online demo about the new features

In our webinar “What's New − Mindbreeze InSpire 2017 Summer Release“, Patrick Geschwentner presents all the new features in detail and demonstrates how to configure them.

The recording is available for download: Download Recordings: What's New - Mindbreeze InSpire 2017 Summer Release.

Innovations and new features

Global configuration of query and item transformation plugins

In the new “Global Index Settings“ area, you can now configure transformation plugins that are automatically active for all indices. This does away with the more complex individual configuration.

For more information, see Mindbreeze InSpire configuration .

Profiles on the client

Profiles now allow you to change the language for individual users and to define the number of search results to be loaded per page.

For more information about the configuration, see Profile configuration.

Improved relevance

The order of the search results now clearly reflects their relevance to the search query. In the new update, the order of search results is automatically altered so that the first hits better match the search query. Extended settings in the relevance model can be configured extensively in the Management Center.

More information at Mindbreeze Query Expression Transformation

Updates in Management Center

In the future, new Mindbreeze InSpire updates can be installed using the new update wizard. The new SFX file is uploaded without the command line, and the update is executed on a new Mindbreeze InSpire version.

For more information see: Mindbreeze-InSpire-SFX-Update

Exporting search results in Excel and JSON file formats

In addition to the CSV file format, search results can now also be downloaded in Excel (xlsx), JSON, and ZIP file formats.

For configuration details, see Configuration---Export functionality

PDF preview: new features

Navigation between search results

In addition to color highlighting the search query, navigation buttons now enable you to navigate to the next hit in the PDF preview.

New interaction possibilities with hyperlinks in PDFs

An API extension allows developers to react to hyperlinks in the PDF preview. For example, an interactive tooltip for a component in a technical drawing can be displayed.

For more information, see Development of search applications

New "suggestlist" component in the search app designer

The new “suggestlist“ component lists the suggestions from the suggest API. For example, “popular searches“ can be displayed under the results list.

For more information, see Development of search applications

New connectors

SharePoint Online connector

With this new connector, the content from SharePoint Online can now be indexed. For more information, see SharePoint Online connector configuration.

Google Drive connector

Mindbreeze InSpire can now index all stored files and Google Docs documents from Google Drive. For more information, see Google-Drive-Connector configuration.

IBM Connections connector

The new IBM Connections connector allows all content from IBM's on-premises solutions to be indexed. See IBM Connections connector configuration for more information.

GitHub connector

With the new GitHub connector, content from public and private GitHub repositories can be indexed. See GitHub connector configuration for more information.

Atlassian Jira connector

Mindbreeze InSpire now supports indexing content from Atlassian Jira. For more information, visit Configuration – Jira Connector.

GSA feed adapter: GSA content feeds

The GSA adapter now supports Google GSA content feeds. More information at GSA adapter service configuration.

Technical upgrades

Web Connector: support for googleon/googleoff tags

Explanation: Google GSA defines a mechanism for marking certain parts within a single HTML website (e.g. menu, footer) as “non-searchable“. Consequently, these designated sections are not indexed, although the rest of the page is. The marks take the form of HTML comments that are set in pairs.

Example: fish <!--googleoff: index-->shark <!--googleon: index-->dog
“fish“ and “dog“ are indexed, “shark“ is not.

The Mindbreeze InSpire Web Connector now detects googleon/googleoff tags and automatically skips unwanted sections without the need for complicated configuration using XPath rules.

For more information, see Web Connector configuration .

Faster restart of services

The system for starting and stopping services has been improved. Indexes are now shut down simultaneously. This reduces the waiting time for configuration changes, especially in large installations. In addition, only the affected services will be restarted if the configuration is changed.

For more information, see Service Restart Behavior after Configuration Changes.

Easier Kerberos configuration with keytab assistant

The new keytab assistant in Management Center simplifies the setup of Kerberos. The assistant automatically detects the Kerberos configuration, diagnoses possible errors, and ensures that the configuration is correct. In the event of an error, the system outputs a detailed error message.

For more information see: Configuration-Kerberos-Authentication

Various optimizations

Performance optimizations

• The index has been optimized and now requires less memory. In addition, performance optimizations mean that the index is also faster now.
• The configuration surface now loads much faster in large installations.

New version of app.telemetry

Mindbreeze InSpire now has the new app.telemetry version 17.1. release notes.

In rare cases, the updated version is not installed automatically. In this case, please request an updated app.telemetry license.

Additional Changes

Spectre and Meltdown

Spectre and Meltdown refer to 3 vulnerabilities (Variant 1 – 3) that allow an unprivileged attacker to bypass conventional memory security restrictions in order to gain read access to privileged memory that would otherwise be inaccessible. Mindbreeze strongly advises to install the fixes for InSpire as soon as they are available. Please note that as of this writing the firmware updates are not yet released by Dell and therefore are not available to be updated according to [1].  The fixes have a negative performance impact. As all updates are not yet available we can only measure parts of the impact, which is considered low. Mindbreeze InSpire is interacting with unprivileged third party code remotely via HTTPS, therefore the immediate risk of gaining access to privileged memory is considered impractical [2].

As of today Redhat has already released operating system patches included in the currently released InSpire Update Image. This addresses variant 1, and variant 3. Variant 2 requires firmware update. As soon as the firmware is made available, we will make the update available to our customers.

[1] http://www.dell.com/support/article/at/de/atbsdt1/sln308588/microprocessor-side-channel-vulnerabilities-cve-2017-5715-cve-2017-5753-cve-2017-5754-impact-on-dell-emc-products-dell-enterprise-servers-storage-and-networking-?lang=en

[2] https://github.com/marcan/speculation-bugs/blob/master/README.md

New features

• Support for translation of metadata based on a plugin. Documentation.
• Start Optional Producer without QEng and without queryable announcement. Documentation.
• Search behavior reporting (clicks, preview, etc.) based on additional metadata (country, data source, language, etc.). Documentation.
• Collected results can be persisted. Documentation.
• Configurable delay for reinverting at index start so that all plugins can register. Documentation.
• Support for per-record ACLs in GSA adapter service. Documentation.
• Performace inprovements

Defects

The version contains fixes for the following defects:

• Operating System patches for Spectre/Meltdown
• Security improvements
• Exchange Mailboxpermissions are not added as ACLs
• Search Apps: collect-component wiht persistence cannot be used standalone
• Search Apps: search restriction is not applied on export
• PDF Highlighting search hit is highlighted incorrectly
• Race-Condition in custom plugin component
• Tomcat Update to 8.5.23
• Service: API Transformation Endpoint (XSLT Transformation / Manipulation Response-JSON)
• LicenceCheck without master adds 20 second deyals to queries
• Egnyte Connector: Regression with path-metadata
• Error im Manager UI
• Nodeconfig Builder Problem: two plugins having the same ID
• MetadataAuthorizationTransformer with View-/Zone-Restrictions only works with One Phase Search and Enrich
• LDAP-Principal-Cache hangs
• Mindbreeze Web Client: selection of quoted query terms
• Memory leak in `SandboxedPrincipalResolver::resolvePrincipals()`
• Web Client: Preview empty when exporting search results
• NWayMergeDocumentEntryIterator Optimization
• HTTP configuration for Management Center: SSL Parameter optimization
• HTTP-based ItemTransformation: no Retry on Connection Errors
• Manuelle Backups (z.B. mesconfig.xml.backup_2017_08_31) are preventing conig saves
• Protobuffer Parsing Error
• SharePoint Connector: Metadata with duplicate values" (e.g. sp_ContentTypeId: 2x same value)"
• FileConnector ACL problem (domain controller builtin groups)
• Filesystem Crawler Performance Problem
• Support for SHA256 Signatures for SAML 2.0
• split function in the PropertyExpr language
• Confluence Sitemap Generator does not work with Confluence 6.1.4.
• Memory leak in PropertyExprEvaluationSDKValueEnvironment<ContextT>::_emitStringAsParsedDate()` function
• APIV2SearchRequestResponseTransformer url should include the pluginID
• SFX Update GUI: /tmp cannot be used to execute SFX
• Security improvements
• java Security Update 8u151
• Umlauts in Alerting Queries are not working
• Shortcut-DynamicConstraint source_expr is not simplified (searches everything)
• Custom AuthorizationService + PrincipalResolutionService does not replace existing access Plugin
• Exchange Connector: ACLs are not lowercase
• Missing permission to create the index directory results in an error that is difficult to diagnose
• GitHub crawler proxy is hardcoded
• Performance problems at ACL cache flush times
• ACL Internalisation-Cache defines empty ACL as ownACL with outcome INCONCLUSIVE (instead of forwarding to the next authorizer)
• ClassifyingAuthorizationAdapter is default enabled and cannot be configured
• Dynamic Constraints yield no results if emptied (empty query)
• When “Suppress Internal Identity Conversion” is activated, the configured “Identity Conversion Services” are no longer called up
• Category icon missing for new data sources (GitHub, SharePoint Online, etc.)
• Kerberos configuration error in Detect Config
• Null pointer exception with XLSX export
• Timeline view can’t be overwritten (prototype)
• Export writes “Export job was canceled” in the export output with repeated clicks (although the last export job must be processed correctly)
• (LDAP Principals cache) The user name in the generated UPN is not sAMAccountName
• Novell sitemap generator generates an unnecessarily large amount of network traffic
• IBM Connections: Wiki binary attachments cause the crawl run to abort
• IBM Connections: Forum replies are not parsed correctly
• IBM Connections: Wiki attachments – relative URLs in seed list cause “404 not found”
• GSA Feed Adapter: URL-s with whitespace are indexed without metadata
• GSA URL-encoded feeds are incorrectly decoded:  "+" is interpreted as whitespace.
• GSA feed adapter: delete only works if content is set
• GSA feed adapter: ACL parser delivers errors
• GSA feed adapter: Unsupported file extension “.bin”
• GSA feed adapter cannot parse <meta .. > “metadata with multiple values”
• GSA content feed performance problems
• GSA feed adapter: Unparsable date
• GSA connector indexes metadata with the metadatum: “Prefix for content feeds”
• Launched service remote service stubs are only generated if service and launched service are running on the same node
• apps/pdfviewer/index.html instead of apps/client/pdfviewer.html (too sensitive when the application is moved)
• HTML title overwrites e-mail subject
• FilterAndIndexClient cannot shut down its ExecuterService
• Diacritical variants of a word (e.g., über vs. uber) are not highlighted in preview
• Index plugins properties are not fully forwarded in the NodeConfigBuilder to the appropriate Extenspoint service
• Race condition with cache identity::hashCode (not thread safe)
• Telemetry no longer works with embedded search applications
• Jive principals cache: Anonymous users cannot find the public content
• NoSuchMethodError with Apache Tika and Office documents
• JSON format: Parse error if missing field is an empty JSON object or array
• Google Drive connector OAuth doesn’t work without proxy
• File connector ACL problems (domain controller Builtin groups)