Skip to content

3.12.0 What's New

Chris Turczynskyj edited this page Nov 3, 2021 · 6 revisions

Mirth Connect 3.12.0 includes database performance improvements, improves visual HL7 representation, message pruning, keystore handling, PDF generation, community contributions, and fixes several security vulnerabilities. This release also contains many improvements to commercial extensions.

You can find the list of completed issues for this release here.

Core Mirth Connect

HAPI Library Update and Friendly Names Support

We have updated HAPI libraries supporting HL7 v2.7+ and showing friendly names for versions 2.5.1, 2.6, 2.7, 2.7.1, 2.8, 2.8.1, 2.8.2. (Community Issue)

NOTE: The new version of HAPI should be mostly backwards compatible, but if you run into errors after upgrading, you may need to uncheck "Strip Namespaces" in your HL7 v2.x data type properties.

Message Metadata Table Drag and Drop Behavior

We have fixed drag and drop behavior to insert a variable with the proper syntax (just variable instead of ${variable}) in the Message Metadata table. (Community Issue)

Message Metadata

Pruning Error Messages

Channels may now have the data pruner configured to prune messages with a status of ERROR. By default this is disabled for new channels and channels migrating to 3.12.0 as turning this on could cause you to lose ERRORed messages without even seeing them if a prune event occurs before you see the errors. (Community Issue)

Error Message Pruning

Setting Mirth Keystore Type

Mirth Connect now respects the keystore.type property in mirth.properties instead of using the hardcoded JCEKS type. (Thanks @pattersp for the fix) (Community Issue)

Message Browser Filtering Pending

The message browser can now filter messages with the PENDING status. (Community Issue)

Message Browser Pending

Fix Database Columns Showing Out of Order from Database Connectors

We have fixed a bug regarding the database receiver and XML results of database queries run in Database Connectors will now return with columns in the proper order. (Community Issue)

New Library for PDF Generation

We have migrated away from iText to a newer PDF Generation library based on PDFBox (OpenHtmlToPdf), compatible with Mirth Connect's license. This gives Mirth Connect an upgrade path for future PDF format and library updates.

Address XML External Entity Vulnerability

We have fixed a XXE injection security vulnerability by disallowing external entity resolution anywhere XML is parsed.

Address CSRF for Login and API Pages

We have fixed a CSRF security vulnerability by adding a new setting in mirth.properties (server.api.require-requested-with) which, when enabled, requires all API calls to include a X-Requested-With header. Users with any sort of automation around the API will want to add this header to all API calls. This setting is disabled for servers migrating to 3.12.0 but new Mirth Connect servers will have it enabled by default.

Database Improvements

We have removed unnecessary database rollback calls whenever a database connection is closed. This should reduce the load on some databases that were experiencing rollback pileups even when the rollback wasn't going to do anything. This effects core Mirth Connect and the Advanced Clustering plugin.

Commercial Extension Improvements

Advanced Clustering

Strict Channel Synchronization

A new Cluster setting exists ("Strict Channel Synchronization") that can loosen the restrictions on Cluster node synchronization allowing nodes to start up faster and makes updating channels feel more responsive. If "Strict Channel Synchronization" is enabled (the default setting), Advanced Clustering will behave as it always has, locking channel state changes until the current channel state change has been completed across all nodes in the cluster. If disabled, those locks will no longer trigger which means channels can be out of sync temporarily but reaching eventual sync as the individual cluster nodes update themselves to match each channel's desired state.

Clustering Strict Channel Synchronization

Configuration Map Syncing

Configuration map changes will now sync with other cluster nodes without requiring server restarts.

Thread Deadlock Fix

We have fixed a race condition that could cause a thread deadlock on startup.

Server Logging Improvements

We have fixed an issue where a server logging many messages per second (Server log, Connection log, etc.) could slow down and when trying to shut down would wait for all log messages to be dispatched to the log which could end up being a very long time or forever if there are many messages to log or log messages continue streaming in while the server is attempting to shut down.

Health Data Hub

Health Data Hub Resource Fix

We have fixed an issue where Health Data Hub resources, created before 3.11.0, would fail to deserialize and the resources would become unusable. Those resources will now deserialize properly and work as they should.

Results CDR

XStream Security

Previous versions of the Results extension would complain about "Security framework of XStream not initialized, XStream is probably vulnerable". We have updated how we initialize XStream, setting up default security for XStream and users should no longer see this log message.

Interoperability Connector Suite

Multipart Boundary Configuration

We have added functionality allowing HTTP multipart boundaries to be configured by the user. Some servers may require a specific multipart boundary in MTOM responses so we have added the ability to add your own custom multipart boundary in all of the interop source connectors.

Store Full SOAP Payloads

We have added the ability to store the full SOAP payload being sent in or out of any of the interop connectors. This is helpful when troubleshooting parts of messages that are generated outside of the normal message pipeline, like SAML headers (WS-Security). This will cause messages to consume more database space but can be helpful for debugging.

Interoperability SOAP Payload

Support mustUnderstand Attribute

We have added the ability to add the mustUnderstand attribute for WS-Addressing headers. With this option enabled on interop source and destination connectors the mustUnderstand attribute will be added to the To, RelatesTo, Action, and MessageID headers on all SOAP responses.

Interoperability mustUnderstand

Clone this wiki locally