Added recommended Category Definition inside the build.
Corrected roles in the documentation.
Added option to disable recording of history data into the database.
FT-Index: Adjusted FT indexer to fallback to the generic tag query provider whenever more than one day of content is pending to get indexed. (As a side effect there's no also a progress property that is exported to JMX).
Added option to ignore recording to table file_content_statistics. Note that if we disable recording, the query of unknown file_contents value will not be recorded to file_content table.
Added exception message why package has been rejected.
Logging: Adjusted log configuration to avoid producing a possible memory leak within the log buffer caused by keeping log parameters in heap using strong references (This problem was mainly visible when writing large portions to the database as persistence contexts can use quite a lot of memory and where held in memory).
Improved mem cache efficiency by introducing a negative result cache (this is also reflected inside the monitoring).
Added new tag query handlers that do no longer require the proprietary fulltext search in MSSQL making ACL independent to the underlying database. (See Module Jpa Datasource & Module - MSSQL Datasource)
Added MD5 only queries
Added interface to query files using the URL of their origin
Added numerous additional REST interfaces to provide query capabilities that previously required a SOAP call (see GRID REST Reference).
Added error monitoring to the HTML5 report showing the error classes (fatal error, expected error, invalid queries, unauthorized queries).
Added a Maven repository for bundled java client libraries to simplify development of Maven based projects.
Defined, assigned and documented user roles all relevant SOAP and REST API methods. Roles are not yet enforced in the production sites, however the page Server API / Access Control shows a matrix what roles will be required after authentication has been made a requirement.
Implemented Features:
Added general support for using API-keys to authenticate. (Depends on login authentication which is not fully implemented).
Implemented the missing internals to perform role based service call verifications.
Split the java client library into CLI and library packages to solve issues with internalizing SLF4J. The updated maven artifact does now depend on 'slf4j' as internalization causes problems when used as library. http://redmine.cttl.trendmicro.de/issues/336
Version 1.2 - 2011-04-30
Extended the API documentation with:
Code samples in multiple script languages (in addition to java samples).
Scoped class diagrams of the data model.
Scoped method reference lists.
Stripped down the bundled, ready-to-use, java client to contain only libraries that are really needed (resulting in 1/4 of the previous size). In addition all bundled 3rd party libraries were internalized so that they do not conflict with libraries used in derived projects. A full source package is now included to simplify development and debugging.
Decorated service methods with role mappings to implement a fine grained access control with the next release. Role mappings will get documented with the next minor release. Users of this service should check this page again soon and collect role names of the methods they need to access. Role enforcement may get enabled in Q3-2011.
Implemented Features:
Added an experimental, cluster-aware monitoring service (SOAP, REST & HTML5) to add visibility on the current load, process times and efficiency.
Added initial support for distributed caching using hash and name based maps on Information and Details objects. Queries that can be answered from evaluating these objects are served directly without hitting the CoreDB. Roughly speaking most queries that are hash or name based are served from the cache resulting in a typical speed increase of a factor of 5 - 10. http://redmine.cttl.trendmicro.de/issues/88
SOAP methods with return type Collection<Boolean> return true or false as collection values. Pre 1.2, these methods could internally contain 'null' values (3-way boolean) which were swallowed by the SOAP framework (bug: 248).
All SOAP methods that map input against output collections are now defined with xml nillable. Pre 1.2 these methods returned invalid content when an input collection value mapped to a 'null' value in the output collection (bug: 248).
The processing interface does no longer accept processed content that refers to a job that is already closed. This is to protect the system from half-done content for jobs that ran into a failure state. It is however still possible to send content using the fake job ID '00000000-0000-0000-0000-000000000000' (used for internal purposes like replication & migration).
Requests to methods expecting a file identifier (sha1/md5) lead to the recording of access counts within the CoreDB. This includes previously unknown files (=> get created with the unknown flag set to 'true').
Batch requests are now limited to 100 elements per batch (see limits) to protect the server from DOS attacks. (All affected interfaces use "BatchCollection" as input parameter type)
Version 1.1 - 2011-01-15
Verified all new features using the introduced test suite running on Hudson CI server with every new build.
