MuseKnowledge™ Proxy 5.5 is Available

The MuseKnowledge team is proud to announce the availability of MuseKnowledge™ Proxy version 5.5, coming after a period of prolific development of new and exciting features.

The most significant addition is the support for the Learning Tools Interoperability® (LTI®), version 1.3 standard. New features were implemented for the end-user interface template like a Tools section with useful action forms for URL encoding and prefixing, necessary for crafting entry point URLs and unrewriting an already rewritten Muse Proxy URL.

The Muse Proxy Administrator Console received new features and enhancements as well, the most important ones being the authentication using 2FA (TOTP - time based one time password) for the administrator user and a global search functionality in all Muse Proxy Applications for a resource.
New security related features were introduced, like being able to specify the list of disabled SSL ciphers to keep the pace with the security requirements for the Muse Proxy front-end service and still be able to use some weak algorithms to communicate with vendors in the back-end.

Many useful features were introduced for the rewriting engine too. For example, new configuration elements are available like MIME_MAPPING, to solve cases where the provided content type is unknown to Muse Proxy and would not be interpreted. The performance was improved in the case of CSS content processing and the pattern matching can now use the more efficient regular expressions API from the JDK, from stack and processor point of view.

The new MuseKnowledge™ Proxy version is available for trial, purchase or upgrade. We recommend all our partners and customers to upgrade to this latest release.

The detailed list of changes is available in the MuseKnowledge™ Proxy Release Notes PDF Document, some items are provided below.

  • The Learning Tools Interoperability® (LTI®), version 1.3 standard can now be used to include a MuseKnowledge Proxy Application or proxified source directly within the Learning Management System (LMS) platform as a Tool in a new window. LTI version 1.3 improves upon older versions by moving away from the use of OAuth 1.0a-style signing for authentication and towards a new security model, using OpenID Connect, signed JWTs, and OAuth2.0 workflows for authentication. LTI 1.3 still acts as a half way SSO, in the sense that starting from the platform (LMS system) the access to the MuseKnowledge Proxy Application is seamlessly. The LTI 1.3 standard does not allow for callbacks URLs so accessing directly the same MuseKnowledge Proxy Application as standalone requires a distinct authentication group defined with a distinct authentication method. Hence, once a user is authenticated to the platform (LMS) (s)he can access a MuseKnowledge Proxy application or source being defined as a Tool.
    Because the new version comes with extra security and this also implies a greater complexity for configuration than previous LTI versions, extensive instructions are given in Muse Proxy Administrator console, in the new page Configuration / LTI 1.3 Authentication.
  • In Muse Proxy Administrator Console, Manage Applications section one can now search for a source in all the applications and perform modifications to it. The fields to query can be chosen from Source ID, Source Name and Source Description or a mix of them. The comparison type can be selected as Exact match / Contains / Wildcard.
    Another extension in the console is that Quick Filter for Applications screen and for Application/Sources screen can now be applied selectively on ID and Name, because some-times searching just through the IDs is more helpful.
  • The front-end MKPF application interface features a new Tools section where "URL Encode and Prefix" and "Un-Rewrite URL and Prefix" are possible. The prefix bit refers to creating an URL as an entry point to Muse Proxy, for the current application either from a normal vendor link, or back from an URL that results in the process of navigating a certain proxy source (Rewrite by Host or Rewrite by Path), and which should, actually, never be bookmarked or advertised as such.
  • Authentication using 2FA (TOTP - time based one time password) for the administrator user is available. This is working with 2FA Time base OTP applications such as Google Authenticator, Authy, TOTP Authenticator. Follow the instruction from Muse Proxy Administrator Console, for the admin users (use the new key icon in the users table). Note that Muse Administrator accounts are also required to be IP authenticated as well, so what is achieved now by TOTP is actually a 3FA.
  • Implemented post-authentication logic for the HMAC login module via SCRIPT section similar to what is available for SAML and LDAP cases.
  • To have a finer-grained control (when the global redirect setting is off) ENFORCE_HTTPS is now available to be set selectively for Root, Administrator and Public web modules in their corresponding web.xml files.
  • Custom HTTP headers defined in the WebContexts.xml file can now be reloaded without a full proxy restart. This can be done via Muse Proxy Admin using the Refresh Custom HTTP Headers button within the page Advanced/Operations.
  • Also, related to Custom Http Headers, the WebModuleSAML in Root/web.xml is now having two new boolean parameters, DISABLE_CUSTOM_HEADERS_RELAY and DISABLE_CUSTOM_HEADERS_LOCAL in order to avoid passing the custom headers for resources relayed from the ssoRWP* servlets as well as potential error pages generated by Muse Proxy when accessing these servlets. These will allow, for example, for security headers to be set for Root context, but not inferred for the LTI authentication responses steps.
  • Reloading non-application Web Contexts configurations is now possible without an entire server restart by using the Refresh Non-Application Web Contexts button within the page Advanced/Operations from Muse Proxy Administrator Console.
  • Pattern matching is now achieved, by default, through the new flag
    <JDK_REGEX>true</JDK_REGEX> in MuseProxy.xml, based on the regular expression API from JDK, which is more efficient in the usage of the stack and processor than the legacy ones.
  • A new source configuration element, MIME_MAPPING will solve cases where the provided content type is unknown to Muse Proxy and would not be interpreted, or when it is wrongly advertised or even missing and we need to direct the rewriting engine to interpret it differently. The structure of the configuration in the source profile is given below:
    <MIME_MAPPING from="Content-Type header value from Reply (can be empty for cases when there is no Content-Type)" to="a defined category" patterns="Optional - URL Patterns for this source for when this mapping is applied.">
  • A new boolean flag, KEEP_HEADER_ORDER, for global and individual source configuration is available. If the flag is true for a certain source best efforts are made to keep the request headers order when relaying as a rewriting proxy. Normally, according to the HTTP RFC, the order of distinct header fields shouldn't matter but request fingerprinting started to be used more often for security reasons on vendors side. If using a reverse proxy/load balancer it should as well preserve the order, otherwise the effects will not be achieved.
  • A new global option, SSL_DISABLED_CIPHERS, is available. Its purpose is for Muse Proxy instances facing directly the internet to score grade A (hence this is not needed for SSL Termination scenarios) and at the same time use weak ciphers against vendors still requiring weak ciphers. This was needed because JVM jre/lib/ does not differentiate between server and client disabled ciphers, and for the other end, client, Muse Proxy should still be able to use some weak algorithms to communicate with vendors not keeping the pace with the security requirements.
  • There are reverse proxies / load balancers that cannot remove the existent X-Forwarded-For headers from the request. They just add one, or one value to it in the end. In order to make sure the correct value for client IP is detected in such cases the processor mode attribute for XForwarded-For field can now be specified. It defaults to "right". It tells what will the client address be in case there are more IPs separated by ',' (in case there are more X-Forwarded-For fields they are equivalent to a comma separated list, so "right" will assume the last one).
  • TRUST_X_FORWARDED_PROTO is set to false in MuseProxy.xml. If a load balancer/reverse proxy is used and this is not using the HAProxy PROXY Protocol then set it to true.
  • SAML Discovery for IDP Selection was extended in order to add support to specify friendly names for the configured IDP's, as well as, leaving room for setting other properties. If, in securityContext-metadata.xml you configured the <bean id="aliases" class="java.util.HashMap"> for Local Discovery (this was provided in an XML comment section), for this new version the bean structure must be updated according to the newest securityContext-metadata.xml from a fresh install - the structure is between the comments <!--START_LOCAL_DISCOVERY --> and <!-- END_LOCAL_DISCOVERY -->. This includes referencing beans for IDPs where more properties entries, such as friendly Name are specified.
  • HTTP headers to avoid browser caching were added for more Muse Proxy responses cor responding to non-static resources, such as the action=sources response for the application interface.
  • Added the requested URL scheme information in the Debug log (on NOTICE level) on the line "Received request for" as [scheme=https] or [scheme=http]. It is useful to have it especially as browsers are discontinuing plain http:// (step by step) and now in FireFox one cannot mix https:// with http:// due to cookie visibility.
  • Login Modules are also logging the besides the in the same log line in the Debug log. This is helpful to identify login failures for a certain application in a multi-tenant environment without using a stateful parser.
  • The MKPF template contains a workaround for SAML/SSO authenticated proxy to have proxified links/sources or just the application interface included in IFrame, if the IFrames implementation is mandatory required (assuming third-party cookies are enabled). IFrame is not recommended for in tegrations because of the browser security enforced and even vendor protection for this. IDPs are usually denying frame inclusion, and, in case multiple proxified iframes are in the same page, concurrent authentication to SAML/SSO can result in errors because the HTTP session needs to be created by a single flow.
  • Parameters from the source profile are now resolved in the value attribute in the HEADER rules in the Replacer FILTER via ${PARAM_NAME} style. The source parameters can also be bound to SCRIPT for HEADER rule if SCRIPT's attribute useParameters="true" is present - they can be accessed as the parameters map - access them only as read only to read parameters values. Also, logUserID is now bound to the HEADER SCRIPT in order to process it.
  • The processing of CSS content type was optimized offering better CPU times, especially for large CSS.

Since the beginning of the COVID-19 global crisis, the MuseKnowledge™ Proxy Trial periods are extended from 30 days to 90 days. Request your Trial License Key by simply filling in the trial form.

You are receiving this email because you are in a contractual relation with MuseGlobal, the developers and maintainers of MuseKnowledge™ Proxy. If you do not want to receive such notifications anymore, please reply to this email with your request and we won't send you emails anymore.

We are pleased to announce the latest release of The Muse Platform, version Our team has been working quite hard for the last few years on developing brand new products and extending with new features the existing ones. Our goal continues to provide a world class digital library platform and information management to enjoy the best possible user experience.

Some of the highlights of the new version are presented below, including a description of the new products and the detailed list of changes is available in Muse Release Notes PDF Document.

New Products


  • Discover Search

    The Discover Search is our pure index search application, introduced under the Muse Search Application starting with version 8.2. The content searched by Discover is provided by Muse Central Index, which contains article and title metadata harvested from various publishers.

    The Discover Search comes with all powerful features of the index search such as faceting and full result set availability. And many post-search functions that are also available in the Federated Search (now labeled as OneSearch), like viewing and saving the selected records in various formats.

    The Muse Search application is fully configurable, allowing both the Federated Search and Discover Search, or just Federated Search or just Discover Search pages. Enabling, disabling the search features are done through the Muse Console for Applications Administration (MCAA).

  • Muse LinkResolver, version

    This is our standalone link resolver application, implementing the OpenURL standard version 0.1. The content on which the links resolver relies is provided by Muse Central Index, the metadata received in the OpenURL request is searched in Muse Central Index and the results are displayed. Some of the features available in the current version are:

    • Support for displaying third party links to external specialized providers, passing the OpenURL parameters received by the linkresolver. Examples: Google Scholar, Clarivate JCR, EigenFactor, etc.  Links to other linkresolvers can be created as well.
    • The Muse LinkResolver user interface theme is preserving the same Muse Search Application theme, for a smooth user experience.
    • Extended the user authentication methods by implementing IP authentication. Thus the end user authentication for Muse LinkResolver can be done based on the browser's IP address. Anonymous authentication can be configured as well, by allowing access from any IP address.

    The complete release notes are available in the Muse LinkResolver Release Notes.pdf document.

  • The Muse Identity Manager, version

    Muse Identity Manager (Muse IDM) is our new web based application with processes for identifying, authenticating and authorizing individuals or groups of people to access configured applications by associating user rights and restrictions with established identities.

    • Various registration workflows can be configured for user registration:
      • allow direct registration with or without email validation;
      • allow registration only from specific predefine domains;
      • allow registration after email validation and administrator approval.
    • Custom fields can be defined for the users registration form. Each custom field defined can have predefined values and validation rules. For example, validation rules can be specified for a Telephone number, to allow phone numbers from a specific country, operator. Mandatory custom fields can be specified.
    • An administration interface for centralized users management is available with many features like user searching and filtering, bulk updates, sending emails, export as CSV, import from CSV file, login history and user statistics.
    • A payment workflow care be enabled in the registration process, the following vendors were successfully tested: Stripe, Paystack and Verifone Payment Platforms.
    • The following authentication protocols are supported:
      • SAML 2.0. SAML integrations come with the following features: SAML 2.0 based Single Logout (SLO), metadata profile and SAML attributes filtering.
      • OAuth 2.0. Muse IDM can be configured as Authorization Server and offers support to manage OAuth2 clients through the Administrator Console. This feature was successfully tested with Muse Proxy, miniOrange(an OAuth2 client for WordPress) and Moodle version 3.7.1
      • HMAC. Integrations with Muse Search and Muse Proxy applications through HMAC authentication protocol.

    The complete release notes are available in the Muse Identity Manager Release Notes.pdf document.

New Features and Enhancements


  • Muse Search Application, version 8.4
    • Extended the results display in the Search Results page to include the link for Muse LinkResolver, which will open in a new browser tab, receiving citation details in OpenURL format.
      The Muse LinkResolver does not replace the existing external Link Resolver, it is an add-on. The availability of link resolvers for the Muse results is fully configurable, both Muse LinkResolver and another external link resolver can be available at the same time, or either one of them or none.
    • Added text translation for the results metadata (e.g. Title, Description, Subject, Notes, etc.) in any of the 12 languages in which the interface is available: Arabic, Greek, Spanish, Romanian, Latin American Spanish, French, Dutch, German, Turkish, Japanese, Chinese Traditional, Chinese Simplified. Thus, in the footer section of each result, a dropdown with the Language icon is available, from which the end user can select the translation language. The translated texts are displayed inline under the original text.
      The Muse translation module uses Microsoft's Translator API.
    • The following libraries used in the application were updated to their latest versions available: AngularJS, JQuery, Microsoft Cognitive Services Speech, Virtual Keyboard, Twitter Typeahead.
  • Muse Proxy, version

    The complete release notes are available in the Muse Proxy Release Notes.pdf document

  • Muse Core and Modules
    • Introduced a new core service for query spell-checking. Multiple implementations are available: spellcheck against the collection of queries used by the end users in a Muse system, against imported dictionaries, against a third-party service.
    • Created the structure and module for integrating with Document Delivery service workflows.
    • Implemented core support for validating and normalizing the standard identifiers such as ISBN, ISSN and DOI. These operations are automatically done when the Muse records are being formed.
    • Implemented query suggestions feature using the embedded Solr service starting from the indexed queries used by the end users in a Muse system. The entire set of tools was created to deal with queries extraction and indexing on a daily basis. In a multitenant system with end users from different domains (legal, medical, engineering, etc.) it is possible to make available only the queries used in a specific application.
    • Created an API for connectors for gRPC (google's Remote Procedure Calls) -
  • Muse Administrator Console (MCAA)
    • Added support for Syntax Highlight when raw editing any configuration file (for example of login modules, of Source Packages, etc.).
    • Extended the HTTPS Certificates section to display the validity status (e.g. expired/valid) for each certificate. The about to expire certificates are highlighted.
    • In the MCAA console, "Information" section, the administrator can configure the email settings to be used for the Send Records by Email functionality from within the application. It is now possible to check the edited email settings. To perform this test an email will be sent using email parameters specified in ${APPLICATION_HOME}/profiles/SendMail.xml.
    • The sources group names and descriptions can now be edited and set per language, hence it is possible to have now the sources group names translated in all interface available languages.
  • Muse Control Center
    • Changing the way task files are displayed in case their number is large in the web interface. A dropdown selector is used when number of loaded files exceeds a specified number.
    • Extended the download log file mechanism present in Ant, FTP, Log tasks in order to allow downloading all the associated log files (e.g. FTPUpload.log, FTPUpload.log.1, ...,FTPUpload.log.n) as an archive.
    • To improve the administrator's experience, the following were implemented: allow tasks listing in the default order after a sort operation by Name, Type, Status took place; display an indicator to show the sorting direction after being applied.
    • Extended the existing FTP task in order to upload/download file on SFTP servers using key authentication.
    • The tasks in a taskfile can now be visually arranged more quickly by drag-n-drop.
    • Multiple tasks from within a taskfile can be selected and deleted in one action.
    • Added filtering capabilities to narrow down the list of tasks in a task file, to quickly locate a task or set of tasks. The filtering is done by Name, Description, Task Type and Status.
    • New features were implemented for managing the task files: The "Save as" action allows now choosing the destination folder where the *.tsk file is saved; The "Load" action provides a file browser feature to locate and load the *.tsk file; The "New" action provides the same file browser to create the new task file.
    • Improved the editing of an Ant task by adding a raw edit feature for its XML configuration files.
    • Added support to view in the Muse Control Center interface the log files associated with Ant and FTP and Log tasks.
  • Muse Central Index
    • Extended the Muse Central Index to allow more flexibility when running in multitenant implementations, to be able to specify lists of source identifiers to act as filters for the searches. Thus it is possible now in a multitenant Muse system to have a single index for all tenants and specify lists of source IDs to search for.
    • Started the work of harvesting publisher metadata to grow the Muse Central Index. We started with getting the titles metadata which are provided by each vendor in different ways, mostly by KBART standard.
    • Implemented support for ingesting data from the JATS (Journal Article Tag Suite) format.
    • Created a new data model for the database where the records are stored, to be used more efficiently by the new Discover application. Also, to allow support for filtering on various criteria (like source, created at date, etc.).
    • Ingesting ZIP archives that contain XML files is now possible.
    • Added support for re-indexing updated records in the database. For implementing such a feature, it was needed to add timestamp values for each record in the database, like createdDate and lastModifiedDate.
  • Muse Statistics Platform
    • The Muse Statistics Platform is our service for customers and partners for offering usage statistical information. Muse log files are uploaded on daily basis from customers and partners Muse installations and used for generating rich statistical information. Each customer, partner has access details to view the statistics.
    • Statistics are generated for both Muse Search and Muse Proxy, the following dashboards are available:
      Muse Search
      • Application Logins. Showing statistical information on Muse Search user logins and sessions per various criteria (by date, by user identifier, by application identifier, by user country and by server), in the selected period of time. The statistics information is based on the content of the ICECoreStatistics.log files.
      • Application Searches. Showing statistical information on user searches per various criteria (by date, by user identifier, by application identifier, by user country, by server, by resource), in the selected period of time. The most searched terms can also be seen. The statistics information is based on the content of the ICECoreStatistics.log files.
      • Expert Statistics. Showing expert statistical information that can be used by administrators to troubleshoot a Muse Search installation from sources point of view (connectors), such as download speed, time consumed on records processing versus the time spent on network for download and unsupported queries. The statistics information is based on the content of the ICECoreStatistics.log files.
      • Java Virtual Machine. Statistical information on the heap, runtime and used memory and number of threads used by Muse Search. The statistics information is based on the content of the ICECoreStatistics.log files.
      • Security. Showing the users accessing from different, multiple geographies. The user IDs present in this information could be from compromised accounts, a more thorough analysis is recommended before taking any actions to disable them.
      • Sessions per Server (in case of load balanced implementation with more than one servers). Showing statistical information on active client sessions per server. The statistics information is based on the content of the ICECoreStatistics.log files.
      • User Activity. Showing statistical information for an individual user selected from the list or entered manually. The statistics information is about the logins, total time spent, searches, and it is based on the content of the ICECoreStatistics.log files.
      • User-Agent Information. Statistical information about user device, browser engine and operating system. The statistics information is based on the content of the Muse Embedded Tomcat access log files.
      Muse Proxy
      • General Usage Statistics: Application Logins. Showing statistical information on the user logins into Muse Proxy Applications per various criteria (by date, by user identifier, by application identifier, by user country and by server), in the selected period of time. The statistics information is based on the content of the MuseProxyStatistics.log files.
      • General Usage Statistics: Client Sessions. Showing the user active sessions in the selected period of time as maximum, minimum and average values. The statistics information is based on the content of the MuseProxyStatistics.log files.
      • General Usage Statistics: Source Accesses. Showing the number of accesses per each Target (Muse Proxy Source Profile). A Muse Proxy Source Profile is a configuration file which stores the necessary code and credentials to access the Target Data Source. The statistics information is based on the content of the MuseProxyStatistics.log files.
      • Publisher Content Access Statistics. Access statistical information to see how users make use of the subscribed electronic resources. The information presented contains details on the accessed resources, from the name of the platform to type and format of the resource accessed and user details such as the country. Where a publisher knowledge base is available, the information is enriched with additional metadata such as the publisher name, publication title, print and online identifiers and DOI. The statistics information is based on the analysis of the Muse Proxy access.log files.
      • Security. Showing the users accessing from different, multiple geographies. The user IDs present in this information could be from compromised accounts, a more thorough analysis is recommended before taking any actions to disable them.
      • User Activity. Showing statistical information on active client sessions per server. Showing statistical information for an individual user selected from the list or entered manually. The statistics information is about the logins, total time spent, accessed resources, and it is based on the content of the MuseProxyStatistics.log and Muse Proxy access.log files.
      • User-Agent and Referer Information. Statistical information about user device, browser engine, operating system and referer URL. The statistics information is based on the content of the access.log files.

We offer a Free 30 Day Trial period to fully evaluate the latest version of the Muse Search Application. You can obtain the access by simply filling in the trial form.

A new version of the MuseKnowledge Application was released, containing new exciting features for a better user experience. Some of the new features are listed below:

  1. Create Bibliography items out of search results in various styles: APA, BibTexX, Nature, IEEE, MLA, Chicago, NLM, etc. The generated bibliography elements can be printed or copied for insertion into external documents.
  2. Integrated a Document Delivery service workflow. Document Delivery is a service that provides electronic delivery of an article or book chapter (subject to copyright restrictions) which are not part of the institution' subscriptions. Usually the delivery is covered by an existing institution subscription plan at the document delivery platform.
    Currently the integration was done with the ReprintsDesk platform at API level, but any vendor of document delivery services supporting a similar workflow can be integrated.
    - The document delivery button (with a vendor logo) is available at the results that qualify for the workflow, e.g. there are no fulltext links available in the metadata content, or the searched source is marked explicitly as not having fulltext by configuration.

    - Clicking the button opens a modal window in which the article's availability is checked at the document delivery platform and if existing the estimated price is displayed:

    - The user can further request the article by filling in the form:

    - If a quick download of the article is available, the PDF file can be downloaded immediately.
  3. Extended the metadata elements displayed for each result to include detailed Coverage information if available.
  4. New features implemented for Discover:
    - Added support for different sources of suggestions based on the search attribute selected, in the Discover page search form. For example when searching with the Subject attribute, the suggestions offered when writing the query are from all indexed subject values. Associating the suggester source to be used for each search attribute can be done from the Muse Administration Console.
    - Added query Highlight functionality, e.g. the searched terms are highlighted in the results contents.
    - Added Email Results functionality, e.g. the selected results can be sent by email.

As usual we offer a Free 30 Day Trial period to fully evaluate the new version of MuseKnowledge™ Application. You can request a trial access by simply filling in the trial form.

To address the recent widespread Apache Log4j 2 emerged vulnerabilities (, the MuseKnowledge team released a new version of MuseKnowledge™ Proxy to contain the latest Log4j library version - 2.17.0.
The Apache Log4j 2 library is used by few components in Muse Proxy. The core logging mechanism of the Muse Proxy is based on the in-house built logger and logs such as access.log, MuseProxy.log, MuseProxyStatistics.log are produced using the in-house logger, and not Log4j.

When upgrading make sure that the entire Library ecosystem stay safe by updating any Java based related software used in the portal, authentication services (LDAP, SAML, etc.), log processing, monitoring infrastructure, etc. as per the Log4j CVEs.

The new MuseKnowledge™ Proxy version is available for trial, purchase or upgrade. Besides the security update, several new features are available and presented below. The detailed list of changes is available in MuseKnowledge™ Proxy Release Notes PDF Document.

  • The TLSv1.3 standard can now be used on both ends of Muse Proxy if running under JVM version 8, at least, update 262. For the server end Muse Proxy is now configured with TLSv1.2 and TLSv1.3 only as enabled protocols. For sources' end TLS v1.3 can be configured if needed, however, there are still many servers not supporting it, hence, by default TLS v1.3 cannot be enabled for all the sources.
  • In the Muse Proxy Administrator Console, Utilities section, the Un-Rewrite URL tool was extended to support un-rewrite "Rewrite By Host" URLs.
  • The Find/Replace filter is able to process (rewrite, unrewrite, rewriteHostHTTPS, etc) strings that represents the Base64 encoded form of an URL/Host and then re-encode it back. By using the attribute base64 we can achieve decode, rewrite (or any other group process) and then re-encode in Base 64 as long as the replacement group represents the Base64 sole representation of an URL/host.

Since the beginning of the COVID-19 global crisis, the MuseKnowledge™ Proxy Trial periods are extended from 30 days to 90 days. Request your Trial License Key by simply filling in the trial form.

A new version of the MuseKnowledge Application was released, containing new exciting features for a better user experience. The new features are listed below:

1. Implemented a new feature in the Search Sources panel that allows end-users to make decisions when selecting the sources to search, based on performance and popularity metrics. More exactly,  nesides sorting alphabetically, there are two other options available in the sort feature of the Search Sources panel:

  • Fastest Sources. When selecting, the sources are displaying sorted by their performance metrics, from the fastest ones in retrieving results to the slowest one. A graphical representation of their performance is displayed next to each source name, consisting in colored bricks according to the value. It is a strength-style visual indicator. A tooltip is displayed on the graphical bars with the actual performance values, in seconds.
  • Popular Sources. When selecting, the sources are displaying sorted by their popularity, e.g. by how many record links from the search results were accessed for each source. The end users may navigate more on results of some specific sources. The same visual strength-style representation is displayed next to each source name.

2. A Live Chat feature was implemented to allow users connecting in real time via chat with a Library representative (operator) for online support. The chat box allows users to ask any questions they may have for clarification about the MuseKnowledge™ Application and its resources. An operator will respond when available and engage into conversation.Depending on the integrated chat platform, the may see the chat box only when an operator is available at the Library and logged into the chat server. Or, the user may get the chat box but it allows only to send an email to the offline operator. In most cases, to be able to use the chat functionality, the user is requested to enter a name and email address.Many Live Chat Platforms can be integrated into the MuseKnowledge Search Application.

The following platforms were tested successfully: Live Helper Chat, LiveChat and Pure Chat.

More details about this feature are available in the following article: MuseKnowledge Live Chat | EduLib

3. Enhanced the "Email Results" functionality with a new option - "Send to Library". If "Send to Library" option is checked, the email is sent to the Library email address. Users can use this option if they're having a problem with the search results, availability of subscribed content, or just want to tell us their thoughts about how it's working. A library email address where the emails are sent must be configured.

4. A new CSS file was introduced specifically for the Right-to-Left display to allow customizations. The new CSS file is editable through the Muse Administration Console.

As usual we offer a Free 30 Day Trial period to fully evaluate the new version of MuseKnowledge™ Application. You can request a trial access by simply filling in the trial form.

A new version of MuseKnowledge™ Proxy was released and it is available for trial, purchase or upgrade. The highlights of the new version are presented below. The detailed list of changes is available in MuseKnowledge™ Proxy Release Notes PDF Document.

  • An Audit Report can now be generated using the MuseKnowledge Administrator Console, Manage Applications section for the current selection of applications. The report includes a cumulative section, individual application details, and Source Profiles details.
  • Testing and managing the Authentication for LDAP Configuration in the MuseKnowledge Administrator Console is now possible. In order to ease the LDAP authentication configuration visual management and step by step tests are available. Check Network Parameters, Check Root (Bind) Authentication, discovering Search Bases, searching for the user (or any Search String), entirely testing the whole chain with a User and Password are now possible in an intuitive manner from the same screen allowing visual edit. Raw edit is still available.
  • The Priority cookie attribute is now set to MuseKnowledge Proxy Session and ID cookies. This attribute is interpreted by Chrome, Microsoft Edge and other Chromium based browsers, while the others are ignoring it. This way, in case the per domain cookie capacity (usually 180 cookies) exceeds on the end-user browser side, the proxy session cookie is not evicted hence the session could still be maintained. This is configurable through the priority="High" XML attribute of the PRIMARY_COOKIE_CONFIG and SECONDARY_COOKIE_CONFIG elements in the MuseProxy.xml configuration file. Note that these two settings, PRIMARY_COOKIE_CONFIG and SECONDARY_COOKIE_CONFIG, are overwritten when upgrading, so the customized bits need to be manually reverted.
  • In this release the JavaScript libraries involved in the default application interface templates (MKPF and MuseProxyFoundation), in the static pages and in the MuseKnowledge Administration Console were updated to newer versions.
  • Expired link corresponding to applications with indirect authentication (SAML, SSO,  RemoteAuth) are not triggering the login flow if the HTTP request headers Purpose: prefetch or Sec-Purpose: prefetch are present.
  • A Request Timeout for reading the entire HTTP request is now available in the MuseProxy.xml configuration file. Note that it must be significantly higher than the KEEP_ALIVE_INTERVAL and READ_TIMEOUT value. In case a load balancer or a reverse proxy is used in front of the MuseKnowledge Proxy they normally take care of this aspect.
  • The logUserID is now available in the Application FreeMarker model and can be accessed through session.getLogUserID() in the FreeMarker templates, in cases of applications which may have clear human readable userIDs and no displayName is available in the post-authentication properties or the authentication module does not have such properties.
  • The debug log now adds more information about client connection, especially on some client side errors so that the client / peer IP (end-user / load-balancer IP in case the end-user IP is not encoded by the load balancer) is also part of the same log entry without the need to identify it in previous entries or in entries from other log files. For the vendor side of connection efforts were made so that the source.ip and target.hostPort are logged in the same error entry for some errors. The client.ip, source.ip and target.hostPort information is, however, not duplicated for each log entry with a []. Hints about HTTP Tunnel connections are now present.

To support libraries during COVID-19 global crisis, MuseKnowledge™ Proxy Trial periods are now extended from 30 days to 90 days. Request your Trial License Key by simply filling in the trial form.

Craiova, Romania, 1st February 2021

EduLib S.R.L., a specialist software development company serving the library and education technology market for over 20 years, is pleased to announce the launch of its newly redesigned website. Over the past year, the EduLib team has been working to build a new website that better reflects its development and support service offerings, improves navigation to its technical materials and provides a refreshed look and feel to welcome and engage its partners and customers.

EduLib’s goal with this new website is to provide partners and customers with up-to-date and in-depth technical content about the Muse Knowledge platform and the range of Muse development, support and technical services exclusively provided by the EduLib team. EduLib plans to update its new website regularly to reflect all of the latest product information and technical resources for the Muse Knowledge platform and related offerings.

Since 1998, EduLib has successfully served as the exclusive development partner for Muse solutions, and today, the EduLib team of experts proudly leads development of the Muse Knowledge digital library platform, launched in 2016.

EduLib is excited to share its new website with you and your feedback is important to us. Please share any questions, comments or concerns to this email form here.

MuseKnowledge™ Proxy 5.2 is Available

We are excited to announce the release of a new MuseKnowledge™ Proxy version 5.2, which is now available for download, trial and purchase/upgrade.

MuseKnowledge™ Proxy Version 5.2 brings significant features and improvements to support easier, faster setup and administration of MuseKnowledge™ Proxy in Self-Hosted environments. The detailed list of changes is available in MuseKnowledge™ Proxy Release Notes PDF Document.

Added SIP (Session Initiation Protocol, version 2.0) authentication module. Both Telnet and TCP/IP layers are supported.

POP authentication Login module is now available for legacy setups to authenticate users through the Post Office Protocol. It is recommended to use this module only with self-managed email services (on-premise) and not with global email providers, where SSO / SAML is actually encouraged.

For uniformity, LOG_USER_ID, LOG_USER_ID_MODE and USED_PARAMS configuration entries can now be read and interpreted by more of the direct login modules: U/P, FTP, SIP, IMAP,POP.

The Muse Proxy cookies were enhanced with a second cookie that is sent on plain http:// and cast without the SameSite=None attribute. All these were implemented to address the Chrome browser changes with regard to the cookie cross-domain standards and the introduction of the requirement for SameSite=None; Secure attributes.

First steps on implementing localization were done, including support for localizing the server messages and also messages reported by configured login modules. The LOCALE element was added globally in MuseProxy.xml configuration file, but can also be configured at the application level in ${APPLICATION_HOME}/WEB-INF/web.xml configuration file or, for some login modules, which support the SCRIPT Post-authentication logic, via the special variable locale; there is also some support for using the locale= parameter for the application actions to some extent – specifying an explicit locale parameter while login means the whole session will use it, while specifying for a certain action means direct errors will be yielded in that language (although the source navigation will use the session locale).

Muse Proxy Application expiry test logic was modified in order to benefit from the specific web.xml application locale and possibly use the application customized expiry key.

The cyclic refresh is now skipping the Shortcut Mappings update for the expired applications.

The following new optional entries are available for the authentication process in the ${WEB_CONTEXT_HOME}/profiles/AuthenticationGroups.xml configuration file:

  • A Pre-authentication module is available to interpret a set of rules which ensures that the configured login modules are called only if the request is successfully validated against those rules. This can limit the number of login requests against the back-end services for black-listed user names, because only valid requests will reach the login module.
  • For a chain of sufficient login modules, an explicit sources group identifier can be set per login module using the SOURCES_GROUP_ID entry under AUTHENTICATION_GROUPS/AUTHENTICATION_GROUP/AUTHENTICATIONS/AUTHENTICATION, and this value will be used if the successfully authenticated login module doesn’t provide another value for source group identifier via its own configuration module.
  • Similarly, the PROXY_HOST and PROXY_PORT configurations located inside of AUTHENTICATION_GROUPS/AUTHENTICATION_GROUP/AUTHENTICATIONS/AUTHENTICATION can be used as default values if the successfully authenticated login module doesn’t provide another values via its own configuration module.

Changes were made in order to make sure that the Navigation Manager will relay the Server Sent Events, a standard which is now part of HTML5. However, no filtering support is currently available for this type of request.

In the Administrator Console, Manage Applications area, the speed of extracting details for all the configured applications was improved; loading hundreds of applications offers now a better experience, especially on multi-core CPUs installations.

Creating authentication groups from scratch is a new feature added in Administrator Console / Manage Applications area.

The Add New Source feature is available in Administrator Console / Manage Applications to provide support to create and add a new source from scratch based on the usual frequent fields.

Starting with this version, the DEF configuration entry from an existent source profile can be visually edited from Administrator Console / Manage Applications.

In Manage Applications section from the Administrator Console it is now possible to visually manage the users defined in the ${WEB_CONTEXT_HOME}/profiles/login/ProxyLoginModuleUserPassword.xml configuration file of an application. The following actions can be done through the admin web interface: manage the file groups, add a new user, edit a user, delete selected users, import users from a CSV file and export selected users as a CSV file.

To support libraries during COVID-19 global crisis, MuseKnowledge™ Proxy Trial periods are now extended from 30 days to 90 days. Request your Trial License Key by simply filling in the trial form.

Following its development trail, MuseKnowledge™ Proxy recently reached version 5.1 Build 02, version which is now available for download, trial and purchase/upgrade. The results of our work are briefly presented in this news item.

  • Source pages containing Internationalized Domain Names (IDN), instead of their ASCII can now be rewritten if the source profile contains a new configuration, TRY_IDN. So far MuseKnowledge Proxy was able to rewrite the ASCII equivalent (e.g. in a HTML page, but now it is possible to rewrite directly hrefs containing IDNs, for example <a href="http://www.româ">
  • In order to ease the management of SSL keys and certificates for proxies where SSL termination is not involved, we have created a new section, named Server KeyStores, in the MuseKnowledge Administrator Console.
  • A Library Card’s Barcode application authentication module is available using multiple pattern rules. NUM, NUMMOD10, CODE39 and CODE39MOD43 are the algorithms supported at this time for the barcode validation.
  • Continued the work on integration with LTI standard – starting with this version a MuseKnowledge Proxy system can be certified as being LTI Compliant as an external service tool consumer by IMS Global Learning Consortium. This version can pass all necessary certification tests for LTI 1.0 standard.
  • With the newer versions of web browsers implementing Intelligent Tracking Prevention (3rd party cookies) and this option being enabled by default more changes were performed in order to run in an iframe within the LMS systems (Canvas, for example).
  • For SAML authentication, the signing and digest method algorithms to be used in signing SAML messages and metadata can now be specified per tenant not just globally thus allowing both for the deprecated SHA1 and for the recommended SHA256 configuration to function in the same MuseKnowledge Proxy instance.
  • Type 1 URL’s originating from a MuseKnowledge Search application are signed with a HMAC signature. The MuseKnowledge Search application(s) that connects to this new version of Muse Knowledge Proxy must be updated to use modulesutil.jar version 1.2338 or higher.
  • This version is introducing the Usage Limits component in order to limit against automated process or abusive users. Though available, it is recommended to use this component only for isolated cases because the current de-facto standard of web applications implies dozens of requests and big JavaScript code just to reach, for example, a journal issue. If lower limits are set this may create the opposite effect.
  • The order of login modules can be visually changed in Administrator Console from Edit Authentication Groups within Manage Applications.
  • Custom Single Sign on Login integration (Remote Auth) is possible, starting with this release. It involves a Remote Authentication CGI script where proxy will redirect the request to validate credentials if a new session is necessary and then the script returns back to proxy via HMAC.
  • Some more advanced elements were introduced for sources and for authentication configuration to cover complex rewritten and authentication scenarios.

The detailed list of changes is available in MuseKnowledge™ Proxy Release Notes PDF Document. As usual, we offer a Free 30 Day Trial period to fully evaluate the new version of MuseKnowledge Proxy. You can request a Trial License Key by simply filling in the trial form.

A new version of Muse™ Proxy was released on 21 June 2018. Muse™ Proxy version 5.0 is now available for download, trial and purchase/upgrade. The highlights of the new version are presented below.

Starting with this version, Muse™ Proxy supports relaying and filtering the WebSocket Protocol. According to the RFC 6455 the theoretic definition is: “The WebSocket Protocol enables two-way communication between a client running untrusted code in a controlled environment to a remote host that has opted-in to communications from that code”. To control WebSocket filtering and frame serialization mode the WEBSOCKET configuration element was introduced in the source profile.

A new proxy application template, MKPF, with a new look and feel is available. MuseProxyFoundation, the old one is still maintained and available with all the features up to date. On a fresh install Anonymous, MuseProxyFoundation and MKPF will all be installed and available, while on an update MKPF will be installed but not linked to in the Applications.xml file to avoid compatibility issues.

The Administrator Console is now based on a new theme and a new component is available to help the administrator of Muse™ Proxy to manage and maintain the applications and their sources.
This section can be accessed from the Applications menu via the Manage Applications link as long as SERVLET_ENGINE_ENABLED is set on true. There are visual actions for the common elements and raw view/update actions, where directly the XML files behind are edited in a simple JavaScript editor ensuring XML well-formedness. An application can be edited, copied, exported, imported, backed up, restored, checked or deleted. A source can have its profile edited, backed up and restored, while the other attributes from the Sources.xml file related to a source, such as image, visibility, module, attributes and parameters can be also managed. Source grouping including defining new visual areas and categories is also possible. Authentication to an application can be managed, details for the login module set and their configuration files can be edited in a raw XML form. The Manage Applications tools work with the last MKPF and old-style MuseProxyFoundation provided with the current setup, while for the existent applications not all the functions will be active.

A Muse™ Proxy source can be integrated with OLSA API to create the user dynamically and perform the signon. This is based on SOAP requests which are made transparently when the configured source with this integration is accessed by a Muse™ Proxy user. If all the configurations related to the organization are done, with this new feature a user of Muse™ Proxy application can jump into the Skillsoft Skillport 8i platform as an authenticated user of this platform without the need for continuous content proxy rewriting.

The integration within a Learning Management System (LMS) was extended and starting with this version, a Muse™ Proxy application can be integrated as Rich Content Editor in a Canvas LMS. Note that only the latest MuseProxyFoundation and MKPF applications can be integrated.

Starting with this version the ProxyLoginModuleLDAP can be configured with a script to take final decisions based on attributes and membership of user which log in. Also in this module, the referral configuration for LDAP authentication is possible via the new REFERRAL element with either ignore, follow or stop values. Two new attributes have been added, startTls="false/true" and sslTrustAll="false/true", ensuring a wider integration of Muse™ Proxy with LDAP servers. More details can be found in the comments from ProxyLoginModuleLDAP.xml and in the manuals.

In addition to the ECMA script processing via the Oracle Nashorn engine, the reference process in a source profile can now be done via BeanShell scripting engine.

A new CLASSPATH structure to create ClassLoaders was added in the MuseProxy.xml configuration file in order to reliably support third party libraries for various platform integrations in Muse™ Proxy.

A new pattern option, named excludeLocal, was added in order to exclude from main source(Link Out) but rewrite with others if matching. This option can be used within include and exclude pattern options from REWRITTING_PATTERNS configuration entry from the source profile.

A new element EXPIRY_ERROR inside the Applications.xml file was added in order to specify a response status for an expired application and if the specific error message will be displayed or not based on flag value of this configuration.

A new attribute method was added for URL configuration entry from the source profile to specify which HTTP method to be used for the request done – each URL part of an extract and navigate scenario can have its own method attribute (if empty GET or POST is assumed).

The HEADER element is a new configuration item in the source profile aiming to set HTTP headers for each preliminary request.

An option to refresh java policy files was added in Administrator Console and can be found under Advanced menu – Operations page. Java Policy Files which will be refreshed by this action are ${MUSE_HOME}/java.policy and ${MUSE_HOME}/jaas.policy.

In the Administrator Console was added support to refresh SAML and SSO configurations without restarting the entire Servlet Engine.

For source profiling a new boolean flag, DYN_HOST_MAPPING is available. It indicates that host mapping to a shorter generated value will be used on the fly if the https version of the host label exceeds 63 characters.

The detailed list of changes is available in Muse™ Proxy Release Notes PDF Document and the new features are described in the manuals that are part of the distribution. As usual, we offer a Free 30 Day Trial period to fully evaluate the new version of Muse™ Proxy. You can request a Trial License Key by simply filling in the trial form.