XNAT 184.108.40.206 covers a wide range of issues and improvements, primarily dealing with performance for power users and large-scale XNAT installations. However, it also contains a series of improvements and new feature support, including support for the new XNAT Desktop Client for upload and download management.
You can view a full list of publicly-viewable JIRA issues that were addressed in this release here: https://issues.xnat.org/secure/Dashboard.jspa?selectPageId=12200
Performance Issues and New Cache Management Features
The clock time required to perform very simple tasks — such as logging in and browsing project data — was increasing geometrically for power users on large XNAT installations, causing significant performance issues that trickled down to other users as well. Our test case was a user with access to more than 1,000 projects in a single XNAT. The root cause of this issue is related to the onerous process of cross-checking user permissions for users against each operation. This issue was addressed with a combination of SQL query efficiencies and a new caching feature that stores some baseline user permission data at server startup. This cache is updated whenever new events occur that affect user permissions, such as new project creation or data type installation. There is also a new command for users to be able to reset their own permissions cache, which can be useful as a troubleshooting step if it appears that a user cannot access data that they should have access to.
A number of security issues were addressed, including issues affecting public projects and LDAP authentication.
Plugin Compatibility Note
LDAP users must use the XNAT LDAP Authentication Provider Plugin for compatibility with XNAT 220.127.116.11. This will also require redefining your LDAP connections, using an updated definition file. The latest version is available here: https://bitbucket.org/xnatx/ldap-auth-plugin. Please review the updated documentation for Configuring Authentication Providers for guidance.
As an additional security feature, users can now view all active alias tokens that have been created for their logins. These tokens can be used by applications such as the Pipeline Engine or the XNAT Desktop Client to initiate and maintain a user session using your credentials and permissions.
DICOM SCP Receivers
Ongoing work on the DICOM Query-Retrieve plugin and general work on DICOM interactions has led to several improvements to DICOM SCP Receiver functionality and management in the Admin UI. This also includes fine-grained improvements to image session archive processors. XNAT now offers better support for complex setups with multiple DICOM entities. The full extent of these improvements will be more apparent when the DQR plugin is released.
Download Issues and Support for the XNAT Desktop Client
The end of browser support for embedded Java applets has meant that downloading large amounts of data in XNAT has become very painful. The XNAT Desktop Client was created to give users a new pathway for quickly and efficiently downloading large datasets again. When the XNAT Desktop Client has been installed, users in XNAT can initiate a download and the client will automatically open up and act as a download manager. The Desktop Client requires XNAT 1.7.5 or later.
Additional issues related to ZIP downloads were also addressed.
Embedded and Improved Selectable Scan Table UI
The Selectable Scan Table UI pattern was introduced as a plugin to offer support for scan-level actions in the Container Service plugin. This UI pattern proved to be very successful, and has now been fully baked into core XNAT with several improvements.
Plugin Compatibility Note
XNAT Administrators running the Selectable Scan Table plugin should delete the plugin jar while tomcat is shut down during the process of upgrading to XNAT 18.104.22.168. Leaving the plugin installed will overwrite UI improvements that appear in core XNAT.
General Backend Fixes
A series of improvements and bug fixes were committed affecting the backend, addressing issues with the guest user, anonymization, class mapping for data types and custom variables, image assessor XFT definitions, and several other issues.
General UI Fixes
A series of improvements and bug fixes were committed affecting UI and front-end issues, addressing issues with browser compatibility, consistency of appearance, user registration and project access request workflow improvements, and several other issues.
Notes for Plugin Developers: Changes to XAPI permission checks
In XNAT 22.214.171.124, there have been subtle but important changes to the XAPI "restrictTo" method that is used to allow or deny access to API based on their user role on the site or in a project. See the updated documentation here: Creating Swagger-enabled XNAT REST APIs in a Plugin.
XNAT Pipeline Engine Updated
A small fix was performed in the XNAT Pipeline Engine code that re-enabled native construction of image snapshots on image session archive. In order to run pipelines, XNAT 126.96.36.199 must use version 1.7.5 of the pipeline engine.
What Happened to XNAT 1.7.5?
XNAT 1.7.5 was an internal-only release. XNAT 188.8.131.52 includes a critical bugfix for IE interoperability that was discovered post-implementation on our local system. We strongly recommend migrating directly to 184.108.40.206, if you are upgrading from a previous version.
Known Issues with the XNAT 220.127.116.11 Release
The 18.104.22.168 release has several known issues that will be addressed in a future release. These issues are considered to be important, but not blockers to release or significant inhibitors of most workflows. Please review these issues closely before upgrading a production version of XNAT. Contact us on the XNAT Discussion Group if you have any questions about any of these issues.
View known-issues list in JIRA: 22.214.171.124 Known Issues