What's New in Spotfire 12.5

Introduction

Spotfire 12.5 provides quicker access to you favorite items in the Library, enables the execution of data functions using the open-source R programming language, simplifies OIDC/Auth2 workflows for external data sources. In addition, it also increases speed, robustness, security and troubleshooting of Spotfire services.



To return to the What's New in Spotfire page for all releases click here.

Data Access

Initiate OAuth2 flow from Information Services

Information Services now support initiating OAuth2 flows, when needed to authenticate users. This is useful in cases where Spotfire and the external data source use different identity providers or when using an identity provider (e.g. AzureAD) that does not allow scopes for different resources in the same access token requested through OIDC.

Prompt for data source username and password in Information Designer

In Information Designer, you can now create data sources where end users must log in with their credentials both to access data, and to create a new information link. To achieve this, select the User authentication check box for the data source, and do not input the username and password.

OpenID Connect /OAuth2 refresh token persistence and token management

When a user logs in with OpenID Connect or using an OAuth2 flow to authorize Spotfire to access data sources (in Information Services or TIBCO Data Virtualization connections), any refresh token is now persisted to be reused across sessions. This means that the user does not get prompted to log in as much as before.

On the My account page in the Spotfire web administration pages, it is now possible view and manage all active access and refresh tokens.

Work with stored data connections in the TIBCO Cloud Spotfire web client

With this Spotfire release, users of the TIBCO Cloud Spotfire web client can simply select existing data connections in the Spotfire Library and use them as a start for a new analysis. Data connections can also be used to add additional data to existing analysis files.

Creating data connections and sharing them through the Spotfire Library is a great way to prepare sometimes complex data models for other users. Business users can with just a few clicks use these existing models to connect to their data and immediately start visualizing it.

Connector for TIBCO Data Virtualization supports BOOLEAN

You can now access BOOLEAN type data with the connector for TIBCO Data Virtualization.

Data Management

Data tables & columns properties overview in data canvas

The Spotfire data canvas now provides a comprehensive way to view and manage all data tables, data tables properties, and column properties, both in the installed client and the web client.

Users can reload or delete selected data tables and specify metadata for data tables and columns as custom properties applicable throughout the document that may be used inside expressions using calculated columns or custom expressions.

Data Science

Faster Python execution

The Python data function execution speed has been significantly improved, leading to more efficient workflows and better productivity.

Beyond generic improvements, run-length encoding (RLE) compression is now enabled also for Python data functions, helping further to improve the overall experience. This is accomplished by reducing the size of data, and therefore reducing network latency.

In the cases where RLE compression is not desired, an administrator can disable this feature via a group preference (PythonServiceUseRunLengthEncoding), using the Administration Manager.

Spotfire Service for R

The new TIBCO Spotfire® Service for R enables the execution of data functions using the open-source R programming language.

With open source R, users can leverage the vast collection of R packages and libraries and benefit from the active open source R community, unlocking a wider range of statistical and data analysis techniques with more options and flexibility to address diverse analytical and data science tasks.

Analyses that are created in Spotfire Analyst and take advantage of R scripts are available for Spotfire Business Author and Consumer users in the web client through the Spotfire® Service for R.

Note: The Spotfire Service for R does not provide a local engine so any R scripts executed with the R service always run on the server. Because of this, users who are not members of the Script Author group cannot run R scripts (even their own) unless the script has been trusted by a script author. However, a Spotfire Server administrator might bypass this security measure. See the TIBCO Spotfire® Service for R Installation and Administration guide for more information.

Visual Analytics

Markings panel

The new Markings panel enables adding, editing and removing markings both in the installed client and the web client and now also to quickly see the number of visualizations using a specific marking or limited by a specific marking with ability to directly jump to a visualization.

Markings in Spotfire are a visual representation of user-selected data in visualizations, providing a powerful way to interact with and explore data. Markings can be used to perform a variety of operations in Spotfire, such as highlighting selected data points, filtering data, and linking multiple visualizations together.

Skia graphics engine

Spotfire now uses Skia as the default rendering engine. Skia is a modern graphics library that provides advantages over System.Drawing (GDI+/libgdiplus) in terms of performance and cross-platform compatibility, making it easier to have a consistent experience across different devices and operating systems.

The transition from System.Drawing to Skia has been thoroughly tested and validated, ensuring that there will be no adverse effects on existing analyses, functionality or user experience. However, client-side and server-side toggles are available to switch back to System.Drawing on the Spotfire desktop and web clients running on Microsoft Windows operating systems should you encounter any issues with Skia.

Note that if you use TIBCO Spotfire Qualification, the compare tool will not report any differences between the gold standard and the comparison exports, however, you might notice slight visual differences between the analyses in Spotfire and the exports.

Analytics Apps

Action conditions

During configuration of a data view parameter of an external action, you will now see information about any existing row limits directly in the Configure action flyout. When triggering an action, you will be prevented from running it if the number of rows are not within the specified row limit range. Additionally, an action that works on marked data can be grayed out until some data is marked, guiding the user to trigger the action in the right context.

Administration

Library favorites

You can now mark individual items (e.g. files, folders, information links, data connections, etc.) as favorites in the Spotfire library from the web UI.

• You can add and remove an item as a favorite by clicking the "star" icon next to the item, in the Files and data flyout or the web view of the library. 
• You can quickly access your favorite items in the web UI by clicking in "Favorites", in the Files and data flyout or the web view of the library.
• The favorite item list is private, only visible to the person that created it.
• The favorites counter, next to the favorites icon, shows the number of users that currently have that item as a favorite.
• The favorites counter is visible to all users that have access to the View favorite counter license feature.

Note: The Spotfire Server administrator can disable the favorites feature for the entire Spotfire environment, 

Note: The Spotfire Server administrator can hide the favorites counter from all users except for library administrators (or another group) using the View favorite counter license feature (under the TIBCO Spotfire Consumer license).

Increased security of Spotfire services communication

A Content Security Policy response header is now set by default on most responses (all except for Web Player responses). 

Content Security Policy (CSP) is a computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context. CSP is a Candidate Recommendation of the W3C working group on Web Application Security and widely supported by modern web browsers.

Note: CSP may break certain functionality deployed through co-branding packages or similar (e.g. inline scripts). Any violations will be logged to csp-violations.log, you can review this log and adjust the policy if needed.

Note: The deprecated Cross-site scripting (XSS) HTTP X-XSS-Protection header is no longer set on responses.

Distributed Spotfire services communication

Several improvements for increased robustness and resilience:

• Requests from the node manager to the Spotfire Server are now spread among all the known online Spotfire Server instances. 

Note: This can be disabled by setting the JVM system property -Dspotfire.load-balance-requests=false, for example, through the JAVA_OPTS environment variable (see also Add custom JVM arguments).

• Node manager Java OCSP requests are now using a local OCSP load balancing proxy and cache. 

Note: The proxy can be disabled by setting the JVM system property -Dspotfire.ocsp.use-local-proxy=false and caching can be disabled with -Dspotfire.ocsp.local-proxy.cache-responses=false, for example, through the JAVA_OPTS environment variable.

• HTTP Cache-Control response headers have been added for OCSP and code trust responses in Spotfire Server.
• Plus several other smaller improvements, like additional retries when needed.

All of these contribute to improve the resilience when Spotfire servers are restarted, since the nodes can now communicate with all the servers and the load is spread more evenly among the Spotfire Server instances.

Ignite cache replication

It is now possible to make the Spotfire Server system more robust by replicating Ignite data to more cluster instances than default. This is useful for scenarios when Spotfire Server instances are often restarted or if there are network communication issues in the cluster. 

• To enable full replication in ALL the cluster instances:

  config.sh set-config-prop \     --name=clustering.apacheignite.caches.defaults.cache-mode \     --value=REPLICATED

• To change the default replication to a custom number of cluster instances:

  config.sh set-config-prop \     --name=clustering.apacheignite.caches.defaults.backups \     --value=3

Note: Cache replication might lead to lower write performance and increased use of memory resources.

Note: For more information, see the Apache Ignite troubleshooting and tuning page in the Spotfire documentation and the Apache Ignite Network Configuration documentation.

Faster detection of client connection failures

In certain environments with network issues, or for tuning purposes, you might want to detect connection failures earlier. Up to 12.4, it was possible to configure the IgniteConfiguration.setFailureDetectionTimeout and some other timeouts for network operations for server nodes, but not for the network operations for client nodes. Now, you can also configure client failure detection timeouts.

• To configure a timeout (ms): 

  config.sh set-config-prop \     --name=clustering.apacheignite.timeouts.client-failure-detection-timeout \     --value=10000

Note: For more information, see the Apache Ignite troubleshooting and tuning page in the Spotfire documentation and the Apache Ignite Network Configuration documentation.

Configurable timeout for Ignite cache operations

In certain environments and situations, for example if the network is unstable or high network latency, the Ignite cache operations (e.g. get/modify a value) can stall or hang for a long time, perhaps until the Spotfire server instance is restarted. By adding a timeout for these operations, it is easier to detect and diagnose such errors.

• To configure a timeout (ms): 

  config.sh set-config-prop \     --name=clustering.apacheignite.timeouts.cache-operations-milliseconds \     --value=10000

Also, when such a timeout occurs, the load balancer health URL will also indicate that the Spotfire Server instance is unhealthy to the load balancers and in the metrics.

Improved memory management for Spotfire Web Player

• Memory management for Spotfire Web Player services on Linux has been improved. For tighter control and more fine-tuning as needed, see the new settings in the file Spotfire.Dxp.Worker.Web.config, in the section RecoverMemory.
• The RecoverMemory settings help the system in the case where memory is exhausted and the last user session is removed. This state may occur if GC was not triggered by the system when freeing up large resources.
• It now includes new actions to cover blocking/non-blocking GC and malloc_trim that are useful on Linux.

Product license information included in documentation

The Spotfire® Server Installation and Administration guide now includes more detailed information on product license models and license types.