Release Notes 5.1.1

JBoss Enterprise Application Platform 5

for use with JBoss Enterprise Application Platform 5.1.1

Edition 5.1.1

Red Hat Documentation Group


These release notes contain important information related to JBoss Enterprise Application Platform 5.1.1 that may not be currently available in the product manuals. You should read these Release Notes in their entirety before installing JBoss Enterprise Application Platform 5.1.1.

Chapter 1. Introduction

These release notes contain important information related to JBoss Enterprise Application Platform 5.1.1. New features, issues fixed in this release, and other known issues are addressed here.

1.1. About JBoss Enterprise Application Platform

JBoss Enterprise Application Platform is the next evolutionary step in open source enterprise software. It is a powerful tool for developing rich, high performance Web 2.0 applications on a pure Java Platform.
By integrating best-of-breed open source frameworks such as JBoss Seam, Hibernate, CXF Web Services, JBoss Cache, and JBoss Messaging, the Platform takes advantage of innovations in the open source community. As well, JBoss Enterprise Application Platform is fully tested and supported by Red Hat, and is certified to work on many leading enterprise hardware and software products.

1.2. About this release

JBoss Enterprise Application Platform 5.1.1 is a minor release. Minor releases aggregate the contents of prior patches and Cumulative Patches (CPs), and may add additional new functionality. Subsequent patches and Cumulative Patches assume the installation of the minor update that preceded them.
During the life cycle of a product's major version, Red Hat makes commercially reasonable efforts to maintain API-level compatibility across all minor releases and asynchronous patches, ensuring that, for example, JBoss Enterprise Application Platform 5.1.1 maintains API-level compatibility with JBoss Enterprise Application Platform 5.0.0, the initial release of JBoss Enterprise Application Platform 5. Possible exceptions to this rule include fixes addressing critical security issues.
With the release of JBoss Enterprise Application Platform 5.1.1, JBoss Enterprise Application Platform 5 customers should update to JBoss Enterprise Application Platform 5.1.1.
Refer to for more information about the JBoss Enterprise Middleware Product Update and Support Policy.

1.3. What's New

Refer to Chapter 3, New Features for information relating to new features at the component level.

1.4. Excluded, Removed, or Deprecated Items


An item that has never featured in a product release but is otherwise part of one of the open source components of the product.
An item that will be removed from a future release, usually the next major version.
An item that was previously in a release of the product and is no longer included. Items will usually be deprecated before being removed.
JBoss Enterprise Application Platform is a minor release. Compatibility is maintained throughout all minor releases with a major release. This means that all 5.x releases maintain binary compatibility with the initial release, 5.0.0. For this reason, no items are excluded, removed, or deprecated from this release.

Chapter 2. Installation Notes

2.1. Supported Configurations

An up-to-date matrix of compatible and certified configurations is available at Please refer to this list for information on tested and supported configurations.

2.2. Installing JBoss Enterprise Application Platform

Refer to the Installation Guide for instructions on installing and verifying the installation of the JBoss Enterprise Application Platform.

2.3. Default Startup Profile

The default startup profile is default, which is a base Java EE 5 server profile containing a default set of services. It contains the most frequently used services required to deploy a Java EE 5 application. It does not include the JAXR service, the IIOP service, or any of the clustering services.
The default profile is not intended for production use, or for running load, stress, availability or performance tests.

2.5. Product Support

If you find a problem with the product, you should raise a JBoss support case through the Customer Support Portal at

Chapter 3. New Features

New features of Enterprise Application Platform 5.1.1 are discussed in general, and then by component.

3.1. General


HornetQ is offered as a technology preview (TP) in JBoss Enterprise Application Platform 5.1.1. You must download and install HornetQ separately to JBoss Enterprise Application Platform 5.1.1, using the standalone zip available from the Customer Portal. Refer to the HornetQ User Guide for more information.

Red Hat Enterprise Linux 6 RPMs

JBoss Enterprise Application Platform 5.1.1 is now available as certified RPMs, which adds to the certified installation zip files available for Red Hat Enterprise Linux 6.

New Database Certifications

The following database and JDBC combinations are now certified to run with JBoss Enterprise Application Platform 5.1.1:

PostgreSQL 8.4.x
Certified to run with JDBC4 PostgreSQL Driver, Version 8.4-702
Sybase ASE 15.5
Certified to run with Sybase jConnect JDBC driver v7 (Build 26502/EBF17993)
Microsoft SQL Server 2008 R2
Certified to run with Microsoft SQL Server JDBC Driver 3.0.1301.101
Apache httpd Connectors

Apache httpd Connectors mod_cluster, and mod_jk are certified to work with the Apache httpd version shipped in Red Hat Enterprise Linux 6. Refer to for more information.

3.2. By component


Property substitution did not work for <min-pool-size> and <max-pool-size> in deployment descriptors. This problem has been fixed, and property substitution now works for all properties in deployment descriptors.


Class SchemaUpdate now creates indexes automatically, when property variable is set to either create or update. The previous behavior was to only update when the variable was set to create.


A new property called ORBGracefulShutdown has been added to the iiop-service.xml file. The default value, false, retains the old behavior. A value of true causes the ORB to wait for completion of outstanding calls before it shuts down.


If multiple images were used on the same page, and s:graphicImage was used to do transformation on the images, page loading was sometimes slow. This has been resolved by making s:graphicImage cachable.
Previously, BMP images were not supported for s:graphicImage. BMP image support is now available, as content type image/bmp.


Exposing the keystore or truststore password in JaasSecurityDomain is insecure. Two methods have been added to retrieve private keys and certificates directly from the JSD, so that they can be used by external components. These methods are getKey and getCertificate. The getKey method requires you to provide a security token.
The JBossWS configuration management layer could not reference a JaasSecurityDomain JNDI name, which also prevented the JBossWS security layer from accessing keystores and truststores normally exposed by the Security Domain. The JBossWS management and security layers were updated to permit alternate jboss-wsse-server.xml and jboss-wsse-client.xml files. The alternate XML files allow a JaasSecurityDomain JNDI name to be specified. The keystores and truststores for the security domain are exposed, providing greater security for JBossWS transactions.
Exposing the keystore or truststore password in JaasSecurityDomain is insecure. Two options have been added to retrieve private keys and certificates directly from the JSD, so that they can be used by external components. These methods are getKey and getCertificate. The getKey method requires you to provide a security token.
JaasSecurity Domain now includes clientAlias and serverAlias options. You can configure them in the same way as keyStoreAlias.

Chapter 4. Fixed Issues

Issues fixed for Enterprise Application Platform 5.1.1 are listed by component.


The following unnecessary files were included in the installation of Enterprise Web Platform that only pertained to Enterprise Application Platform.
  • jboss-ewp-5.1/jboss-as-web/server/default/conf/props/
  • jboss-ewp-5.1/jboss-as-web/server/default/conf/props/
These files have been removed from the installation procedure.
The version of Seam distributed with JBoss Enterprise Application Platform 5 included a superfluous dependency on the Hyper Structured Query Language Database (HSQLDB). This dependency has been removed.
JBoss Native Zips did not contain the sha256sum value within the zip archive. The values were included in a separate file, which had to be downloaded separately with the native zip archive. This caused problems with the release process, and maintaining an accurate sha256sum list. The sha256sum values are now included in the zip archive.


When a multicast address (mcast_addr) was incorrectly configured, the warning that appeared in the log included an outdated URL. The URL has been updated.
Class org.jboss.system.server.profileservice.repository.clustered.local.file.AbstractFileWriteAction has a member variable tempFile, which is set to a newly created file in getTempFile(). This file is called from getOutputStream(), which is called from writeBytes(). However, writeBytes is only called if there is data in the file.
If the file is empty, tempFile is never set, and AbstractFileWriteAction.modifyTarget passes a null File parameter to FileUtil.localMove, where the NullPointerException happens.
AbstractFileWriteAction.modifyTarget now calls getTempFile(), which creates the file if needed, instead of using tempFile directly.
The encrypt class of JGroups had bugs related to threading in the Cipher routine. These have been addressed.
A software error resulted in a situation where neither the process of serving the login page nor handling the POST to j_security_check resulted in a call into ClusteredSessionValve, which is the part of the request pipeline that triggers replication of the session by storing it in the database. FormAuthenticator directly dispatched to the login page, and handled j_security_check itself.
As a result, the session that was created before serving the login page was not persisted. When the authentication was complete and the request for the original URL came in, the session manager checked with the distributed store to see whether the local session copy was out of date. With DataSourcePersistentManager, that check was made to class VersionBasedOutdatedSessionChecker. VersionBasedOutdatedSessionChecker returned true because it could not find the session in the database. Because of the true return value, the session manager could not use the local session. It attempted to read it from the persistent store. It did not exist in the persistent store either, so a new session was created.
To address this issue, VersionBasedOutdatedSessionChecker now checks the session's getLastReplicated method if it cannot find a persisted session. If the value is 0, the session is new, and has never been persisted, so it cannot be outdated. In that case it returns false.
An incorrect subsystem was set during remoting client creation, due to the order of superclass constructor operations. This created NullPointerExceptions and ClassCastExceptions. Constructors have been altered to initialize the client after the correct subsystem is set.
A timer that is shared across all channels in a group did not stop when one of the channels was closed. If OOB messages were passed around at the time a channel left a group, messages were added to the Retransmitter after the channel closed. This happened because messages which were added to the Retransmitter continued to be requested after Retransmitter.reset() completed. This issue is resolved by fixing the condition that caused retransmission requests when a message from a node is processed at the same time the node leaves the cluster.
In Microsoft Windows, when the network interface was disrupted, such as by removing the network cable and reinserting it, JGroups received an exception of type NoRouteToHostException every time it attempted to send a message. This continued until the server was restarted. This problem is solved by new behavior in JGroups, which re-binds the socket to the interface, allowing JGroups to send messages again.
The asym_provider and sym_provider security provider options of the ENCRYPT algorithm previously were only used by the KeyGenerator lookup. These options are now implemented in the Cipher lookup as well.
The JGroups FD_SOCK protocol is a failure detection protocol based on sockets. The client side of the FD_SOCK TCP connection was not binding to a specific IP address. If you tried to open a firewall connection specific to each individual application, there was unnecessary cross-talk between applications. client_bind_port, port_range, and bind_addr were added to FD_SOCK, which allows you to bind the outgoing connections to a specific IP address and/or port range.
A race condition in the JGroups FLUSH protocol caused messages to be processed in the wrong order when the master node left the cluster, so the master node left before sending a new view (with a new master). Therefore, the other nodes did not detect the master's absence, or elect a new master, until the master's absence was detected by the failure detection protocol. The message ordering has been corrected, and the race condition no longer occurs.
When a JBoss Cache instance configured for asynchronous serialization was shunned from the cluster, all future replications would fail until the cache was restarted. The cause was a naming conflict between a method and its parent class. This has been fixed by renaming method CommandAwareRpcDispatcher.stop() to stopDispatcher().
The JGroups configuration in the binding manager now implements the system properties added to the JGroups configurations in Enterprise Application Platform 5.1. In addition, hard-coded ports have been removed, and the default multicast addresses are set to the same values used in version 5.0 of the platform.


If a user waits too long to log in after going to the Admin Console login page, the session times out. Previously, this caused an exception. A user-friendly timeout message is now displayed.
If a topic or queue was created with the same name as an existing topic or queue, the new one overwrote the old one. This has been resolved by causing an attempt to create a topic or queue with a duplicate name to fail, generating an error.
The ApplicationServerDiscoveryComponent class does not use JBoss variables because the paths are hardcoded to the jar files. If JBoss library locations and the JBoss variables for the libraries (jboss.lib.url, jboss.common.lib.url and jboss.server.lib.url) were changed, the JBoss Admin Console failed to open. This issue is resolved by adding BootstrapAction.createPluginContainerConfiguration() to the Admin Console.


Seam Reference User Guide source code blocks did not have syntax highlighting, which made the source code difficult to read. The affected code has been updated with the correct highlighting.
The Microcontainer User Guide contained references to some outdated Maven artifacts. Please review the document shipped with the current release for updated information.
In the Hibernate Core User Guide, a reference was made to an incorrect POM file. This reference has been updated in the documentation for the current release.
The configuration information in the JMS Clustering Notes section of the guide was inaccurate. The guide has been corrected with an updated configuration example, which fixes the issue.
A change to the default value of the max_prepared_transactions datasource property in PostgreSQL versions 8.2 and 8.4 resulted in XA Transactions being denied. An Important admonition was added to Appendix A.7 PostgreSQL of the Administration and Configuration Guide for the XA Datasource example, to highlight the requirement.
The Security Guide released with earlier versions of the Enterprise Application Platform missed the instructions for encrypting the datasource password. The documentation now includes the step. The instructions to configure the server.password file by running the following command:
java -cp jboss-as/common/lib/jbosssx.jar \
The HTTP Connectors Guide is a new user guide for JBoss Enterprise Application Platform 5.1.1. This guide supercedes and improves upon the mod_cluster User Guide and the HTTP Services section of the Administration and Configuration Guide. It also contains information about the ISAPI and NSAPI connectors.


EJB3 clients did not use existing socket connections on subsequent invocations. Instead, they created a new connection for each invocation, which was destroyed when the connection was complete. A delay has been added so that connections remain open for use in subsequent invocations.
In two cases, the UnifiedClassLoader was used instead of an isolated EAR's classloader. The first case occurred when a EJB2 Entity Bean was packaged inside of an isolated EAR and an EJB client was packaged in the same isolated EAR. When the EJB Entity Bean was passivated, a ClassNotFound exception was thrown. This was caused by the usage of UnifiedClassLoader instead of the EAR's isolated classloader. The second case occured when a deployed EJB2 Entity Bean had a local interface of the same name as an interface in the UnifiedClassLoader, resulting in a ClassCastException. The correct classloader is now used in both cases, and the errors no longer occur.
A bug in org.jboss.ejb.plugins.SecurityInterceptor caused problems with setting the runas-identity context method invocation on stateless session EJBs that were not originally runas-deployed. Invocations used the identity of any authenticated context sent to the EJB, which resulted in invocations being executed as if the EJB was runas-deployed. The only way to stop this behavior was to restart the server. SecurityInterceptor now looks at the run-as role of the original EJB, and ensures that runAsRole is available to any calls made by the EJB for declarative security checks.
When an EJB Timer service was configured to use the GeneralPurposeDatabasePersistencePlugin, and the CachedConnectionManager was set to debug, the following warning was recorded in the server log:
WARN [org.jboss.resource.adapter.jdbc.WrappedConnection] Closing a result set you left open! Please close it yourself.
This occurred because the GeneralPurposeDatabasePersistencePlugin did not close an internally-used ResultSet. The CachedConnectionManager closed the ResultSet and correctly informed the user of the error. The GeneralPurposeDatabasePersistencePlugin has been modified to close the ResultSet, so the warning no longer appears.
If you use JDK 6 update 19 or newer, and your application sends or receives objects, a serialization exception may occur. This exception can also happen if you are using clustering with a stateful session containing a object.
To prevent this exception, a new property has been added. Set the system property -Dorg.jboss.serial.SYNC_SERIALIZATION_BINARY_FORMATS=true, for all JBoss instances that communicate with each other.


When Hibernate executed a cacheable query using a ResultTransformer, it attempted to cache the results after applying the ResultTransformer. However, the data might be modified so that Hibernate could not read it. In this case, a ClassCastException would occur when attempting to cache the results.
This issue is fixed by introducing three new classes to the API:
  • org.hibernate.transform.AliasedTupleSubsetResultTransformer
  • org.hibernate.transform.CacheableResultTransformer
  • org.hibernate.transform.TupleSubsetResultTransformer
Review the Javadoc for Hibernate for more details.
Dialect org.hibernate.dialect.SQLServer2008Dialect has been added to Hibernate, to address changes to the Microsoft SQL dialect introduced in Microsoft SQL Server version 2008.
When a refresh() method was invoked immediately prior to an insert(), and second-level caching was enabled, the entity was inserted into the second-level cache. If the refresh() committed successfully, however, the cached data was not automatically evicted. This occurred because refresh() did not track entity state. refresh() now tracks entity state, and evicts the cached data on a successful commit.
JBoss Marshalling failed to serialize a session, due to a flaw in the serialization logic of org.hibernate.impl.SessionImpl. This class now adheres to the Java Serialization specification listed at, and serialization works properly and as expected.
org.hibernate.type.EnumType used a static map to cache the enum values, because getting the value of the enum by reflecting is expensive. However, this implementation had the potential to cause memory leaks in come circumstances, especially when using Hibernate in the application server. This is because the cached objects would never be garbage-collected, so the Map acting as cache kept growing infinitely.
Instead of using a global enum cache, Hibernate now uses a transient array for each EnumType instance to cache the enum values. This improves performance and eliminates the memory leak.
The cascade-save operation was incorrectly handling auto-incremented Primary Key (PK) tables that linked to parent tables with an assigned PK. The fix now allows the cascade-save operation to handle the parent-child relationship between tables.
An issue with QueryPlanCache was discovered that caused a memory leak due to soft references held by the unbound SoftLimitMRUCache. The SoftLimitMRUCache eventually filled up until a major stop-the-world garbage collection was necessary to clean the SoftLimitMRUCache soft references.
The solution involves constraining the amount of soft and strong unbound references held in the cache. Entries are evicted using an LRU policy, or by memory pressure from the GC in the case of soft references.
Two configuration options are now available, which solve the issue:
  • hibernate.query.plan_cache_max_strong_references which defaults to 128
  • hibernate.query.plan_cache_max_soft_references which defaults to 2048
Users that want to emulate previous behavior, can set hibernate.query.plan_cache_max_soft_references to Integer.MAX_VALUE
According to the JPA persistence specification, the AS keyword is optional for collection declarations, such as the following:
collection_member_declaration ::= IN (collection_valued_path_expression)
[AS] identification_variable
A HQL/JPQA such as the one below syntax caused a parser exception:
SELECT o FROM EntityBean AS o, IN (o.items) AS l WHERE l.itemValue = '1'
This occurred because Hibernate did not implement the AS keyword. Hibernate now follows the specification in this area, and allows the optional keyword.
Hibernate's ByteCodeHelper.readByteCode() was previously limited to 409600 bytes, but can now handle an entity class of any size.
ChainedPropertyAccessor was used by AliasToBeanResultTransformer. ChainedPropertyAccessor was not serializable. Therefore, any cacheable queries using AliasToBeanResultTransformer broke during cache replication. For example, this query could not be replicated or cached to disk:
session.createQuery("select foo").setResultTransformer(new AliasToBeanResultTransformer(SimpleCount.class)).setCacheable(true).list();
The behavior of AliasToBeanResultTransformer has been changed. When the AliasToBeanResultTransformer is created/deserialized, it recreates the ChainedPropertyAccessor instance according to the cached resultClass. Cacheable queries using AliasToBeanResultTransformer continue to work during cache replication.
AliasToBeanResultTransformer.hashCode relied on propertyAccessor.hashCode(). Implementations of PropertyAccessor do not override hashCode() or equals(). Therefore, Cache lookups involving a QueryKey with an AliasToBeanResultTransformer resulted in a cache miss.
Two AliasToBeanResultTransformer objects should only be equal and use the same hash code if their resultClass is equal. Getters are determined by aliases, which are provided as an argument, so they are not needed to determine equality. Setters should be used to compute equals() and hashCode(). However, due to the implementations of Setter, Setters do not override hashCode() or equals().
The fix is to cache the aliases corresponding to the Setters and use that to check for equality. Cache lookups involving a QueryKey with an AliasToBeanResultTransformer no longer result in a cache miss.
When Hibernate executed a cacheable query using a ResultTransformer, it attempted to cache the results. However, the data had the potential to be modified so that Hibernate could not read it.
PropertyAccessException was thrown when all of the following are true:
  • The query has a ResultTransformer
  • Results are cached before being transformed
  • Each result has a single value
This issue is fixed by introducing three new API calls:
  • org.hibernate.transform.AliasedTupleSubsetResultTransformer
  • org.hibernate.transform.CacheableResultTransformer
  • org.hibernate.transform.TupleSubsetResultTransformer
Refer to the Hibernate Javadoc for more details.
Hibernate Core EntityMetamodel entityNameByInheritenceClassNameMap field was used inconsistently. It used a class for puts to the map, but a method for gets from it. An exception was thrown when saving instances of subclasses with specific entity names. The EntityModel class has been updated to use class InheritenceClass instead of its getName() method. Saving instances of subclasses no longer causes an exception in these cases.
When was used in multiple JVMs with the same database, there was a risk of duplicate sequenced values being generated. This occurred because a method was invoked twice to initialize two different values (value and hiValue). If another JVM requested a sequence value between these invocations, the sequence related to the second invocation. This issue has been corrected by limiting the double-read to optimizer initialization, when the first read gives Hibernate the initialValue.
If an entity defined a collection with a property-ref-based key as cacheable, there was a problem loading the collection and putting it into its second level cache region. Hibernate used the incorrect key for the owning entity. It attempted to use the referenced property value instead of the corresponding ID value.
Hibernate now checks whether the collection key is defined by a property-ref. If so, the key of the owner instance associated with the collection itself is used, if it exists. Hibernate resolves the owner of the collection against the owner of the Persistence Context.
Synchronizing access to Map caused performance degredation. Synchronization of Map is now managed by ReentrantReadWriteLock and ConcurrentHashMap, which improves performance.
Many well-formatted and indented Strings were built up for each element of a parsed HQL string, for each tree node. The purpose was to feed invocations of log.trace(). The information was added to the log regardless of the log level. This caused extra output and larger log files. Hibernate now checks the log level, and only includes the formatted output when the log level is TRACE.
A customer reported an issue with the ScrollableResults JoinFetch, where ScrollableResults set child collection correctly at the first parent object, but after the second parent object only the first element of a child collection was included.
The ScrollableResults logic has been improved to read sequentially. When a new parent is encountered, ScrollableResults assumes it has finished processing all rows for the previous parent.


This fix relies on results being ordered consistently. Because some databases do not return sorted data (such as H2) you should explicitly apply "order by" for ScrollableResults result ordering.


jboss-log4j.xml has been updated to include the jacorb.config log level. The priority has been set to ERROR to avoid printing unnecessary messages to the console during server startup.


In the graphical installer, the directory selection dialog used the language specified in the environment where the installer was run, rather than the language requested by the user at the beginning of the installation. The installer has been updated so that the directory selection screen uses the language selected by the user at the beginning of the installation process.
During installation of the Enterprise Application Platform on Solaris, the user was prompted for the root password. This was caused by permission issues when the installer tried to create some optional shortcuts (symbolic links). This issue has been fixed by removing the ability for Solaris platforms to create shortcuts through the installer. You can still create the symbolic links manually if needed.
Previously, scripts for all operating systems were included when JBoss Enterprise Application Platform was installed, rather than being restricted to operating system being installed onto. The installer has been updated so that only appropriate scripts are included in the bin/ directory of the platform. Shell scripts are installed for Linux and UNIX systems, and batch scripts are included for Microsoft environments.
The Red Hat documentation page has moved from to The link has been updated in all documentation.
The graphical installer allows you to specify a custom JAAS security domain for securing consoles and invokers. However, in the past, the Tomcat console was always secured with the JAAS security domain jmx-console, even if it does not exist.
This issue is fixed, and the Tomcat console is secured with the security domain you specify during installation.
When a custom JAAS security domain was created during the graphical installation process, the custom JAAS security domain continued to use and This incorrect behavior has been changed, so that the custom JAAS security domain called NAME uses and files instead.
Seam examples were not correctly deployed using ant explode due to faulty path delimiters in the file. This caused Seam example deployment to fail. The file now uses the correct path delimiters.
In Microsoft Windows installations of the Seam examples, the Deploy Hotel Booking Seam Demo shortcut in the Start Menu pointed to a directory one level above the JBoss Enterprise Application Platform installation. This caused an error of type NoClassDefFoundError to appear in the log, and the example not to deploy. The path has been corrected, and the example now deploys from the shortcut.
The security configuration screen of the graphical installer contained incorrect links to the documentation portal and user documentation. All links have been corrected.


Due to a regression introduced by the fix in JBAS-5929, the JCA pool sometimes shut down without looking for checked-out connections. This issue has been fixed, and the JCA pool looks for checked-out connections before shutting down.
XAManagedConnectionFactory class did not allow for the is methodName form for getting and setting properties. This caused problems for XA DataSources when the property was a boolean type. XAManagedConnectionFactory now allows for the is format and handles boolean types without errors.
Passing a negative timeout value to method Thread.sleep in class NewMsgsWorker#run() caused the Mail message-driven bean to stop checking for new messages. This has been fixed by not allowing a negative timeout value.
The JCA code did not properly handle multi-threaded access, due to several potential causes of deadlocks involving JDBC operations and the JBossTS transaction reaper thread. The JCA code has been updated to resolve these problems, and multi-threaded access should work properly in the JCA.


The ServiceMetaDataParser.parseValueFactoryParameter() method only considered the first child of the <parameter> element. If the <null/> element was surrounded by carriage returns, the node was treated as a text value and the parameter was not correctly substituted elsewhere. The following example failed, but now works properly.


The JMXOpsAccessControlFilter class did not retain the role mappings for a user if the roles were set with the DeploymentRolesMappingProvider. The filter class has been corrected, and the mappings are now retained as expected.


Some debugging code was inadvertently left in ChannelSupport.afterRecoveryEx(), and this code was visible in log files. It has been removed, making log files clearer and easier to read.
The MessageSucker is responsible for migrating messages between different members of a cluster. The onMessage routine attempts to deliver messages to the local queue, among other tasks. If delivery failed, messages appeared to be lost. They were still in the database, but it was difficult to redeliver them.
This was a defect in the JBoss Messaging component, and has been fixed in that component. The fix is complex, and is discussed in JBMESSAGING-1822. In short, a new layer of reliability has been added to the message delivery logic.
A potential race condition could occur if a session was closed while a transaction was committing. In this case, an exception was thrown. A check has been added such that a committed message is not cancelled.


Because of problems with the pause() method of the connector, a race condition could occur when applications were undeployed. Sessions that were forwarded to the application server by mod_cluster before receiving an undeploy notification could result in an error 503 - This application is not currently available. The method has been updated, addressing these issues.
The status page of the mod_cluster manager was not updated upon failover, so worker nodes were listed as active and available after they had failed. The status page now updates when nodes fail.
A server configured for failover with an application deployed in a subdirectory such as /webapp, and another application deployed in /, occasionally caused an error. This was because the failed-over application tried to deploy in / instead of /webapp. This situation has been fixed, and failover now occurs as expected.
The maximum length for cluster aliases has been raised from 40 to 64, to accommodate longer aliases.
Clustered nodes were only retired after the worker retry timeout (set to 60 seconds). This resulted in error messages suggesting that a node was in error for 60 seconds when it was likely the node had retired correctly during this period. Nodes are now retired when the node receives a STATUS message, broadcast by the nodes approximately every 10 seconds.
mod_rewrite could not rewrite from the root (/) in httpd if there was no ROOT context deployed in JBoss Enterprise Application Platform. This occurred because mod_cluster attempted to use the original URI instead of the URI provided by mod_rewrite. The rewrite rule now works regardless of whether the ROOT context is deployed to the platform.


When AopC was in use, report generation failed with an exception of type ArrayIndexOutOfBoundsException. This has been resolved so that a report is now generated as expected, and no exception is thrown.
In isolated deployments, a ClassNotFoundException was thrown when the application server tried to deserialize an info object associated with the Timer. This occurred because the wrong classloader (threadContextClassLoader) was used to deserialize the object. This bug has been fixed and the correct classloader is now used.
Deployment file names were not previously checked for legal paths. Poorly-constructed file names could cause unexpected file deletions or alterations. The deployment files are now checked for legal paths, and an exception is thrown if an illegal path is used.
Due to a casting problem where a long was cast to an int, using org.jboss.varia.scheduler.ScheduleManager with a short period, such as 1 ms, could cause negative repeat values. This has been remedied by using a long instead of an int.

Profile Service

A bug in the Profile service caused the status of deployments to be reported incorrectly if they are started and stopped very quickly. This bug is still present. However, modifications have been made to the console to work around this by updating the status after a short delay, or after the page is refreshed. In normal usage, the status is shown as expected.


Sending multiple requests from a WS client and using fastinfoset caused an increase of sockets in a CLOSE_WAIT state and incorrect shutdown. This issue was fixed by introducing the JVM property, which causes the client remote to disconnect immediately. This property is enabled by default. If you disable it, HttpURLConnections remain open.


The spring-hibernate-contacts example failed with the error:
java.lang.IllegalArgumentException: object is not an instance of declaring class
This occurred because the getContactById(@PathParam("id") Long id) method in the ContactServiceImpl class was missing the @GET annotation. This error has been corrected, and the example code now works as expected.

Scripts and commands

When starting the server using service.bat, no options were inherited from run.conf.bat. This occurred because service.bat set JAVA_OPTS to a placeholder value, which was not overridden by values set in run.conf.bat due to a faulty check. This issue has been fixed, and options set in run.conf.bat are now used when starting the server with service.bat.


The JpdlParser in JBPM included some hard-coded file names of XSDs, which referred to internet locations and ignored XSDs in the classpath. This caused failures when those internet locations were unavailable. The hard-coded paths have been removed and the classpath is now searched for the XSDs.
A NullPointerException occured when undeploying or uninstalling Seam examples. It did not cause any application to fail, but the error was incorrect. The issue occurred in the nestedbooking, dvdstore, itext, and excel examples, but not in the ui example. The cause was a bug in the EJB3 deployer, and an upgrade to that component resolved the issue. The NullPointerException no longer occurs in the examples listed above.
When uploading files with <s:fileUpload> inside <h:dataTable>, errors occurred which led to identical filenames and incorrect content. This occurred because the local value was not returned by the getLocalValue() method. This problem has been fixed by correcting the method, and the problems with the filenames and content no longer occur.
The IBM JVM v1.6 was not handling annotations that were UNKNOWN during runtime. This caused problems with the Chatroom example. The underlying issue is resolved on IBM JVM version 1.6.0 (SR9 FP1).


To make the chatroom example work with IBM JVM versions prior to 1.6.0 (SR9 FP1), copy into JBOSS_HOME/server/PROFILE/lib.
Restart the server after adding the specified file.
The Seampay example had an issue with the duration between the first payment and the second payment in the example. Users with a combination of fast hardware, Java 6 runtime, and Windows Server 2003 found the set delay between payments to be too short. The example has been fixed to extend the duration between payments, which fixes the issue.
The jta.jar was being included as a third-party dependency of Eclipse by the seam-gen process. The jboss-transaction-api.jar was included in the seam-gen process, but the two files caused a .classpath conflict. All Hibernate dependencies have been updated to exclude the jta.jar file, which fixes the dependency issue.
The SeamBay example shipped as part of the Enterprise Platform contained an incompatibility with Internet Explorer 8. This has been resolved, and the example once again works with Internet Explorer 8.
There were two identical ant.jar libraries in the Seam distribution within the Enterprise Platform:
  • /seam/lib/ant.jar
  • /seam/lib/gen/ant.jar
This issue has been fixed by removing the ant.jar from seam/lib/.
An asynchronous invocation of JBPM which required transactional capabilities could cause the asynchronous action not to execute, if a transaction was not started. An exception was thrown and processing did not continue. This is fixed by checking whether transactions are required, and starting a new one if it is not already active, before initiating the asynchronous JBPM processing.
During transactions where application exceptions were thrown, the transaction was neither committed nor rolled back. Instead it remained in memory. Transactions now roll back properly when exceptions are thrown, and are cleared from memory.
The configuration for persistence service in jbpm.cfg.xml has been updated in the Todo and DvdStore examples, to use the following value: <service name="persistence" factory="org.jbpm.persistence.jta.JtaDbPersistenceServiceFactory" />
If any exception occurred while a Seam EL expression was being evaluated during the jbpm-jpdl process definition, JBPM's transaction handling sometimes committed transactions that should have been rolled back. Rollback only occurred on the Seam side, because Seam tried to close the JBPM Context while the JBPM process was committing. Seam now closes the JPBM context immediately after rolling back the transaction, and the dirty commits no longer occur.
Invoking EntityQuery.resultCount() resulted in a query such as select count( entity ).... However, if the persistence provider is Hibernate and the Entity has a composite key, the exception [ERROR JDBCExceptionReporter] Operand should contain 1 column(s) is triggered, because Hibernate does not support composite keys in count queries.
This constraint prevented you from using seam-gen and JBoss Developer Studio to generate CRUDs if you had Entities with composite keys and you use Hibernate. Hibernate extensively uses EntityQuery.resultCount() in the generated code, and this class triggered the exception.
Seam has been updated, so that if the persistence provider is Hibernate, Seam builds the query using the notation select count( * ) instead of select count ( entity ). This method works, even with composite keys. With this fix in place, EntityQuery.resultCount() works for all entities and all persistence providers, as do generated CRUDs.
Seam-RESTEasy integration module allowed anemic session requests to remain open when an exception occured during the JAX-RS request invocation. Accessing previously authenticated sessions was possible even if incorrect credentials were passed in a request. The code responsible for invalidating the session is now contained in a Java finally block. This fix prevents anemic session requests from remaining open.
s:link was not working if pages containing the s:link were not previously rendered on the JBoss Enterprise Platform instance. This caused an IllegalStateException: Unable to read <page>, because the method binding for the Seam UI page actions were not added to the SafeActions on other servers. viewId now includes the path to the web context root in each searching path, which allows pages to remain active when workload is moved between nodes.
In seam-gen, Entity fields that were annotated by @Version were set as an Integer data type. The Update operation was not compatible with the Integer data type, and terminated with a NullPointerException. The @Version data type has been changed from Integer to int. Entity Update operations now complete successfully.
It was found that JBoss Seam did not properly block access to JBoss Expression Language (EL) constructs in page exception handling, allowing arbitrary Java methods to be executed. A remote attacker could use this flaw to execute arbitrary code through a specially-crafted URL provided to certain applications based on the JBoss Seam 2 framework.


A properly configured and enabled Java Security Manager would prevent exploitation of this flaw. CVE-2011-1484)
It was found that the fix for CVE-2011-1484 was incomplete: JBoss Seam 2 did not block access to all malicious JBoss Expression Language (EL) constructs in page exception handling, allowing arbitrary Java methods to be executed. A remote attacker could use this flaw to execute arbitrary code via a specially-crafted URL provided to certain applications based on the JBoss Seam 2 framework.


A properly configured and enabled Java Security Manager would prevent exploitation of this flaw. (CVE-2011-2196)


Applying the workaround for JBAS-7049 causes servers using OpenJDK 6 and running the security manager to fail to start the Enterprise Application Platform. This was due to upstream issues in OpenJDK. These issues have been addressed in the OpenJDK software, which is a third-party product. Therefore, the Enterprise Application Platform now starts as expected on affected systems with upgraded OpenJDK.
Due to an error in the order of services starting up, JNDIContextEstablishment could potentially start later than expected, causing NamingExceptions because the context java:/jaas was not bound in JNDI. This binding is now handled in JaasSecurityManagerService, which starts before any service in the deploy/ directory.
unauthenticatedIdentity The option did not work with the LdapExtLoginModule class, even when the method invoked did not require a specific role. The security libraries have been updated to fix this issue.
The file previously required write permission even for decoding the password. The file could not be changed to read-only for regular users because it was inaccessible. This issue has been fixed by changing the file permissions from to read-only.
LdapExtLoginModule queried LDAP for the roleNameAttributeID instead of checking the returned distinguished name. This was slow. To improve performance, a parseRoleNameFromDN option has been added to the module.


The QueuedPessimisticEJBLock in JBoss Transactions did not always detect that a waiting transaction had timed out, so the lock would remain active when it should have been released. This eventually resulted in a threadpool-wide lock, with all transactions waiting for the lock to release, or the locked transaction to be registered as timed out. The isTxExpired() method has been modified to ensure that timeouts are registered, so that transactions are informed of locks.


The JBossTS TransactionReaper contained a bug which caused it to execute continuously when it was running in dynamic mode, rather than pausing between runs. This caused performance degradation. To fix this issue, JBossTS was updated. As a result, the Reaper now pauses between runs, leading to better performance.
The Transactions Recovery Manager searched for XIDs in need of recovery in such a way that sometimes recoverable XIDs were missed. This happened when consecutive recovery scans for a given resource manager returned non-equal lists of in-doubt XIDs. The matching algorithm has been enhanced to handle recoverable XIDs.
When using TX Resource managers, which are JDBC drivers that support XA, it is an anti-pattern to rely on the order of the XIDs the Resource Manager returns to you, because you risk losing XIDs and causing heuristic exceptions, in which you will need to manually commit or roll back the transaction.
When nodes unexpectedly die during active transaction processing, zero length transaction journal files may be created. Upon node restart, the processing of these files caused logged warning messages, even though they do not contain any information that can be used to recover the transactions in question. This fix suppresses the log for this specific situation.


A bug in class org.jboss.mail.SessionObjectFactory caused only one mail service to ever be resolved, even if more than one service was configured and present in the JNDI tree. The class now resolves more than one mail service if one is configured.


sendNotification was present in, but was disabled, so the jboss.tomcat.connectors.started notification was missing. The Barrier Controller depended on that notification and was unavailable to manage subscriptions. This problem has been fixed by reinstating sendNotification.
Customers migrating from Oracle WebLogic need the ability to rewrite URLs in a different context from the webapp. This feature is now implemented. To override the context, set -Dorg.apache.catalina.connector.Response.REWRITE_CONTEXT_CHECK=false.
The HTTPS connector used addHandshakeCompletedListener() to verify a SSL handshake was successfully negotiated between the connector and listener. addHandshakeCompletedListener() added the listener after the notification thread started running, which required SSL handshake renegotiation. setEnabledCipherSuites(new String[0]) is now used to verify SSL Handshake negotiations, which fixes the issue. This issue was introduced by a fix for CVE-2009-3555.
When using the org.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false property, cookies containing characters \, (, ), :, <, =, >, ?, @, [, \\, ], {, }, (, : were truncated to the first occurrence of one of the listed characters. Changes have been made to the way these characters are handled in the code which prevents cookies containing these characters being incorrectly truncated.

Web Services

Fault signing and encryption have been added to JBoss WS. These features can be enabled by specifying includeFaults="true" on a sign or encrypt element. For the client, specify includeFaults="true" in the encryption and signature elements that are within a <requires> tag to enforce signed/encrypted faults.
When services were deployed to JBoss Web Services Native, any XML Schema Declaration (XSD) imports with relative URLs were rewritten as absolute URLs relative to the WSDL service contract. This worked fine, unless an imported XSD imported a second XSD using a relative path. In this case, the path of the second XSD was incorrectly rewritten to be relative to the first XSD instead of the WSDL service contract. This problem has been resolved, and the paths are now rewritten relative to the WSDL service contract.
You can now disable chunked encoding using the SAAJ API, by calling soapMessage.getMimeHeaders().addHeader("Transfer-Encoding", "disabled");.
Generating WSDL for JAX-WS resulted in an incorrect namespace prefix for the message part in the WSDL. The wrong namespace prefix was referenced if the exception was mapped to a different namespace that used the @WebFault annotation. This issue has been fixed by correcting how WSDL is generated, and the correct namespaces prefixes are now used.
Due to an error in the SAAJ implementation in the JBossWS libraries, SOAP nodes previously had the same prefix as the <Envelope> node. This has been corrected, so that SOAP nodes now have their own prefix.
DescriptorDeploymentAspect loaded the /cxf.xml in the classpath and put it in the deployment attachment as the CXF endpoint deployment descriptor. This prevented the META-INF/jbossws-cxf.xml or WEB-INF/jbossws-cxf.xml from being loaded. These are intended to co-exist with /cxf.xml, which creates the CXF bus. The code has been updated so that these files are now loaded properly.
Appending an Element to a SOAPBody resulted in a java.lang.IllegalArgumentException. The code has been updated so that adding an Element now results in the Element being converted to a SOAPElement, and no exception is thrown.
The logging level for MessageContextJAXWS was too high when the conversion of a WSDL URL to a URI failed. This caused excessive log messages. The logging level for these messages has been lowered to reflect the true severity.
When a request with an application/fastinfoset content-type header was sent to the FastInfoset web service, the response was returned with an incorrect header of application/soap+xml or text/xml. This issue has been corrected with an upgrade of the JBoss Web Services component.
JBossWS does not reuse an established SSL connection when sending multiple requests over SSL to JBoss Enterprise Application Platform. This means an SSL handshake occurs on every request. This issue has been fixed and the SSL handshake occurs once and is reused for every subsequent request, if a local WSDL is used.

Chapter 5. Known Issues

Known issues in Enterprise Application Platform 5.1.1 are listed by component.


If you use the partitionName property on the MCBean:ServerConfig Profile Service managed component, it returns a null value. Instead, use the partionName from the MCBean:HAPartition managed component, which is the correct property.
Using the Hibernate SecondLevel Cache at the InitialState phase causes a NullPointerException. To work around this issue, disable the query cache. To disable the query cache, edit persistence.xml to either explicitly set the query_cache to false, as follows, or remove the line altogether, since the query cache is disabled by default.
<property name="hibernate.cache.use_query_cache" value="false"/>


If you change the database properties via the Admin Console, the changes are persistent. However, if you undo the changes, the old values still persist when you restart the Application Server. This problem is not yet resolved, but you can work around it by editing the associated attachments file in server/PROFILE/data/attachments, to force the datasource configuration to use the new settings.


Compiling jboss-ejb3-core-1.3.5 with default setting LANG=C causes an unmappable character for encoding ASCII error. Use LANG=en_US.UTF-8 to work around this issue.
The deployment of a persistence unit into an EAR will fail when the unit is outside of the EAR and the bean attempting to inject the persistence unit is within the EAR. The injection fails because the persistence unit cannot be found. This is expected behavior of the EJB3 spec. For strict EJB3-spec compliance, the persistence unit should be packaged within the EAR. A JBoss-specific behavior allows persistence units to exist outside EARs. This is configured in the file deployers/ejb3.deployer/META-INF/jpa-deployer-jboss-beans.xml under a JBoss AS server profile. The relevant section is:
<bean name="PersistenceUnitDependencyResolver" class="org.jboss.jpa.resolvers.DynamicPersistenceUnitDependencyResolver"/>
By default, the DynamicPersistenceUnitDependencyResolver is used, which allows the spec-compliant behavior to be controlled through the MBean in the JMX Console. The spec-noncompliant JBoss variant search strategy can be found here.


When using the Criteria API with LEFT OUTER JOIN to add criteria to children, the child collections will only contain those children matching the criteria. This behavior also applies when not using any Filters. For example:
criteria.createCriteria("children", JoinFragment.LEFT_OUTER_JOIN)
There is no workaround for this issue.
org.hibernate.PropertyAccessException may be thrown if an Entity contains the following conditions:
  1. Uses @EmbeddedId
  2. Uses @JoinTable on a collection or association property/field, which references another property/field of the entity.
For example:
private MyPk id;
private Long name;
joinColumns=@JoinColumn(name="text_id", referencedColumnName="name"))
private Set<String> globalNotes = new HashSet<String>();
There is no workaround for this issue, other than not using @EmbeddedId.


Oracle JDBC driver version causes the JBoss Messaging Transaction Service to fail with a SQLException ("Bigger type length than Maximum") on Oracle 11g R1.
This is caused by a regression in Oracle JDBC driver
We recommend Oracle JDBC driver version for use with Oracle 11g R1, Oracle 11g R2, Oracle RAC 11g R1 and Oracle RAC 11g R2.
Two JBoss Messaging Test Suite tests fail on Oracle 11g R1, R2 and RAC with the latest JDBC driver, version
  • QueueManagementTest.testDestroyDestinationProgrammatically
  • QueueManagementTest.testDestroyDestinationProgrammaticallyWithParams
These tests use a large value for the fullSize queue configuration parameter, which is passed to the setFetchSize method on the java.sql.PreparedStatement. A problem with the JDBC driver means that more than the usual amount of memory is consumed when executeQuery() is called, which results in a java.lang.OutOfMemoryError, causing the test to fail.
When using Sybase database with the JDBC driver Sybase jConnect JDBC driver v7 (Build 26502), a MaxParams attribute in the sybase-persistence-service.xml configuration file cannot be set higher than 481 due to a limitation of the PreparedStatement class in this driver. Unexpected failures can occur when the MaxParams attribute is set to a value higher than 481. To avoid this issue, set MaxParams to a smaller value than 481.
If a message-driven bean is deployed with the default settings useDLQ=true, DLQMaxResent=5 and message redelivery is prompted, a message remains in the queue in a delivering state even after the message is delivered to the dead letter queue. The workaround for this issue is to disable the dead letter queue handling on the MDB side by setting useDLQ=false.


IPv6 is not supported in version 5 of the Enterprise Platform.


Resteasy-guice applications fail to deploy because of a java.lang.SecurityException. An error message similar to the following is displayed:
java.lang.SecurityException: class "org.jboss.resteasy.examples.guice.hello.DefaultGreeter$$FastClassByGuice$$70fd68d0"'s signer information does not match signer information of other classes in the same package
This occurs because the cglib.jar in JBoss Enterprise Application Platform is signed, and the cglib-instrumented proxy uses the cglib.jar signer information instead of the signer information of the application target class.
The TwitterClient example is deprecated in RESTEasy 1.2.x due to Twitter deprecating the Basic Authentication method in August 2010. All applications must now use OAuth. RESTEasy 2.x contains a reworked TwitterClient example that includes OAuth. Download the example from RESTEasy 2.x for testing purposes.
The jettison.jar file is not included in the jboss-eap-5.1/resteasy/lib directory of To work around this issue, use the jettison.jar file included in the Seam distribution, jboss-eap-5.1.1/seam/lib/jettison.jar.


The script has been removed from distribution. Instead, use your own script to customize start-up of the Enterprise Platform.


An incompatibility with Microsoft Internet Explorer 8 and the Seam Tasks Example resulted in text appended to a task being represented as a blank line in the task list. There is no work-around to this issue.
Some examples included in the jboss-seam2-examples distribution are designed to showcase functionality of the JBoss Enterprise Application Platform server. Those examples that require a full Application Platform server will not run on a JBoss Enterprise Web Platform server.


When java.sql.Date.valueOf attempts to parse dates of the format yyyy-mm-dd, the TCK test threw a java.lang.IllegalArgumentException. This was due to a regression in the latest Sun JVM, Sun JDK 1.6.0_24 (see for more information). The workaround for this issue is to downgrade to Sun JDK 1.6.0_17.


A NullPointerException was thrown when a datasource depended upon by a webapp was restarted. The error has been changed to an IllegalStateException, which returns "WebModules cannot be restarted, and must be redeployed".

Appendix A. Revision History

Revision History
Revision 5.1.1-106.4002013-10-31Rüdiger Landmann
Rebuild with publican 4.0.0
Revision 5.1.1-1062012-07-18Anthony Towns
Rebuild for Publican 3.0
Revision 5.1.1-105Mon Jul 18 2011Jared Morgan
Incorporated changes for JBoss Enterprise Application Platform 5.1.1 GA.

Legal Notice

Copyright © 2011 Red Hat.
This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.