A complete list of the latest updates and known issues can be found in the Release Notes available at http://docs.diffusiondata.com/docs/6.12.0/ReleaseNotice.html

See Upgrading from version 6.11 to version 6.12 for considerations when upgrading to release 6.12.

Topic Selection Scopes

Previously, if two different components of a client application sharing a single Diffusion connection subscribed to a topic and one of them later unsubscribed, the topic would be unsubscribed for the session and thus for all components. This is often not what is required as the other component may still want the topic.

Now, it is possible to specify a named scope when subscribing, such that a later unsubscription specifying that scope has no effect on other subscriptions that named a different scope. This allows subscriptions to be localised to the components that need them.

There are now new subscription and unsubscription methods that take a 'scope' parameter to support this. Applications using the old methods will continue to work as before, as their subscriptions will all be assigned to a 'default' scope. An application that uses scopes should specify a named scope to all subscribe and unsubscribe calls.

Metric Alerts

There is a new Metrics notifications feature which allows metrics alerts to be notified to topics when certain criteria are satisfied.

For example, an alert could be set up which will write to a topic when the memory utilisation exceeds a specified threshold.

Alerts can be configured using the Java or .NET SDKs (within the Metrics feature) or within the Diffusion Management Console.

Session Authentication Expiry

There is now a new session property called $ExpiryTime which can be set by an authenticator and if set will cause the session to be automatically closed by the server when the specified time is reached. The expiry time is specified in milliseconds since the epoch. If it is not set, the session will not expire.

The client session can re-authenticate before it expires using the new reauthenticate method provided in the Security feature. This replaces the changePrincipal method (deprecated at this release) as it can be used to change the principal, or re-authenticate using the same principal. It also allows session properties to be proposed. The session properties may be the same as when supplied when the session was opened, or can be different.

The client session itself now has a new getSessionProperties method, which allows it to get the values of its own fixed session properties, and thus determine when it is due to expire.

The AuthenticationControl feature also has a new revokeAuthentication method, which allows a session with sufficient privilege to revoke the authentication of a client session, causing its immediate closure.

New Extended Functionality in the set Operation of the Topic Views process Clause

The set operation in the Topic Views process clause has been enhanced in several ways in order to satisfy additional use cases.

1. It is now possible to empty structures in the output.

   Previously, when there was a large amount of input data and the view only required a small number of items to be output, it was very difficult to remove those items that were not required. It is now possible to clear output structures (objects or arrays, even the root) and then copy only the required items (optionally renaming them) to the output data. An output structure can be cleared by using some new special values in the 'set to value' variant of the set operation. These are empty_object and empty array (shorthand $O and $A respectively). So, to clear the whole data structure, you could use set(, $O) or to clear a specific data structure, you could use set(/pointer, $O). You can then follow this (in the same process) by copying selected items into the structure as described in 2 and 3 below. This can also be used to create empty parent structures, which can be populated in any way you require.

2. It is now possible to copy items to the same location in the output.

   The previous 'set to scalar' variant only catered for copying a scalar value to one at a different pointer. The new 'set to pointer' capability (see 3 below) allows the item (scalar or structure) to be copied with the same pointer, which is useful when a structure has previously been cleared as described in 1 above. Rather than specifying the same pointer twice, if you specify a single pointer only, it will copy to the same pointer location (e.g. set(/pointer)).

3. It is now possible to copy data structures, as well as scalar values.

   Previously, the 'set to scalar' variant of the set operation only supported setting a scalar item in the output from a scalar item in the input. The 'set to scalar' variant has now been extended/renamed to be the 'set to pointer' variant, so the item being set can be an object or an array, as well as a scalar value. This means that whole structures can now be moved from the input to the output. This is mainly useful if a higher-level structure has been cleared (see 1 above), but also allows for copying to entirely different structures.

Topic View inserts now Allowed at any Point in the Specification

In previous releases topic view insert clauses could only occur at the end of the topic view specification. This restriction has now been lifted so that inserts can be interspersed with other topic view transformations.

Regular Expression Matching for String Comparison in Topic Views

There is now a new matches or =~ operator available in topic view process conditionals. This allows for string comparisons using regular expressions.

Session Lock Query API

There is now a new API available in the ClientControl feature, which enables control clients to query session locks. There is a getSessionLocks method, which returns details of all current session locks, as well as a getSessionLock method to query a specific named session lock.

SubscriptionControl Feature now Cluster Aware

In previous releases, the SubscriptionControl feature methods to subscribe and unsubscribe sessions would only work for sessions connected to the same server as the control client using the feature. This meant that when Diffusion was running in a cluster a control client would need to connect separately to all servers in the cluster in order to manage all sessions. At this release, all methods in the SubscriptionControl feature apply to all sessions across a cluster.

SELECT_TOPIC Permissions Changes

Starting with this release, the SELECT_TOPIC path permission is required for all paths that a topic selector may match — not just the path prefix.

In earlier versions, SELECT_TOPIC permission was only required for the prefix of a topic selector. A session could use a selector to access an entire branch of the topic tree as long as it had permission at the top-level path. As a result, it was not possible to selectively remove access from a sub-branch — access to the parent path implicitly granted access to everything below it.

For example, if a session had SELECT_TOPIC permission for a/b, but not a/b/c, it could still use a selector like ?a/b// to fetch a/b/c/d.

The permission model has now been made more restrictive. To fetch or subscribe using a topic selector, a session must now have SELECT_TOPIC permission for each individual path that the selector may match. This allows SELECT_TOPIC to be granted to a branch of the topic tree and explicitly revoked for specific sub-branches.

For full path pattern topic selectors, the model is even more restrictive: SELECT_TOPIC permission is required for all paths at and below the path prefix. This is necessary to prevent circumvention using advanced regular expressions.

This change enables more granular and secure control over topic access when using selectors, improving both flexibility and protection in permission management.

Server and Client have dependency on Java 17

From this release, both the Diffusion server and the Java Client have a dependency on Java 17. Older clients running on earlier Java versions will still be able to access the new server, but to benefit from all the new features, the 6.12 Java Client will be required.

Improvements to the Journal Feature

The Journal feature has been available in Diffusion since release 6.8 but was difficult to configure, requiring the setting of system properties, inputting a control file, and editing the Log4j2.xml file.

At this release, it has all been simplified:-

The feature is now configured in the Server.xml configuration file, and the issued file contains a sample block with the feature disabled.

A sample configuration file is now issued in the Diffusion ./etc installation directory which has all possible actions that can be configured, but with all disabled. This can easily be edited to journal what is required.

Other Improvements

• The JavaScript Client and Console now support the Safari Browser.
• The Dotnet SDK client can now specify a custom URL path to connect to Diffusion through use of the new parameterless ISessionFactory Open and OpenAsync API in conjunction with the new ISessionFactory attributes: ServerHost, ServerPort, SecureTransport and RequestPath.
• There have been refinements to the Management Console.

Plus other minor improvements - see the release notes for full details.