Chapter 4. Fixed Issues
Issues fixed for Enterprise Application Platform 5.1.1 are listed by component.
Build
- JBPAPP-4621
- The following unnecessary files were included in the installation of Enterprise Web Platform that only pertained to Enterprise Application Platform.
jboss-ewp-5.1/jboss-as-web/server/default/conf/props/messaging-users.properties
jboss-ewp-5.1/jboss-as-web/server/default/conf/props/messaging-roles.properties
These files have been removed from the installation procedure. - JBPAPP-4970
- The version of Seam distributed with JBoss Enterprise Application Platform 5 included a superfluous dependency on the Hyper Structured Query Language Database (HSQLDB). This dependency has been removed.
- JBPAPP-5155
- JBoss Native Zips did not contain the sha256sum value within the zip archive. The values were included in a separate file, which had to be downloaded separately with the native zip archive. This caused problems with the release process, and maintaining an accurate sha256sum list. The sha256sum values are now included in the zip archive.
Clustering
- JBPAPP-3549
- When a multicast address (
mcast_addr
) was incorrectly configured, the warning that appeared in the log included an outdated URL. The URL has been updated. - JBPAPP-3795
- Class
org.jboss.system.server.profileservice.repository.clustered.local.file.AbstractFileWriteAction
has a member variabletempFile
, which is set to a newly created file ingetTempFile()
. This file is called fromgetOutputStream()
, which is called fromwriteBytes()
. However,writeBytes
is only called if there is data in the file.If the file is empty,tempFile
is never set, andAbstractFileWriteAction.modifyTarget
passes a nullFile
parameter toFileUtil.localMove
, where theNullPointerException
happens.AbstractFileWriteAction.modifyTarget
now callsgetTempFile()
, which creates the file if needed, instead of usingtempFile
directly. - JBPAPP-4947
- The
encrypt
class of JGroups had bugs related to threading in the Cipher routine. These have been addressed. - JBPAPP-5171
- A software error resulted in a situation where neither the process of serving the login page nor handling the
POST
toj_security_check
resulted in a call intoClusteredSessionValve
, which is the part of the request pipeline that triggers replication of the session by storing it in the database.FormAuthenticator
directly dispatched to the login page, and handledj_security_check
itself.As a result, the session that was created before serving the login page was not persisted. When the authentication was complete and the request for the original URL came in, the session manager checked with the distributed store to see whether the local session copy was out of date. WithDataSourcePersistentManager
, that check was made to classVersionBasedOutdatedSessionChecker
.VersionBasedOutdatedSessionChecker
returned true because it could not find the session in the database. Because of thetrue
return value, the session manager could not use the local session. It attempted to read it from the persistent store. It did not exist in the persistent store either, so a new session was created.To address this issue,VersionBasedOutdatedSessionChecker
now checks the session'sgetLastReplicated
method if it cannot find a persisted session. If the value is 0, the session is new, and has never been persisted, so it cannot be outdated. In that case it returns false. - JBPAPP-5406
- An incorrect subsystem was set during remoting client creation, due to the order of superclass constructor operations. This created
NullPointerExceptions
andClassCastExceptions
. Constructors have been altered to initialize the client after the correct subsystem is set. - JBPAPP-5843
- A timer that is shared across all channels in a group did not stop when one of the channels was closed. If OOB messages were passed around at the time a channel left a group, messages were added to the Retransmitter after the channel closed. This happened because messages which were added to the Retransmitter continued to be requested after
Retransmitter.reset()
completed. This issue is resolved by fixing the condition that caused retransmission requests when a message from a node is processed at the same time the node leaves the cluster. - JBPAPP-5844
- In Microsoft Windows, when the network interface was disrupted, such as by removing the network cable and reinserting it, JGroups received an exception of type
NoRouteToHostException
every time it attempted to send a message. This continued until the server was restarted. This problem is solved by new behavior in JGroups, which re-binds the socket to the interface, allowing JGroups to send messages again. - JBPAPP-5851
- The
asym_provider
andsym_provider
security provider options of the ENCRYPT algorithm previously were only used by theKeyGenerator
lookup. These options are now implemented in theCipher
lookup as well. - JBPAPP-5855
- The JGroups
FD_SOCK
protocol is a failure detection protocol based on sockets. The client side of theFD_SOCK
TCP connection was not binding to a specific IP address. If you tried to open a firewall connection specific to each individual application, there was unnecessary cross-talk between applications.client_bind_port
,port_range
, andbind_addr
were added toFD_SOCK
, which allows you to bind the outgoing connections to a specific IP address and/or port range. - JBPAPP-5900
- A race condition in the JGroups
FLUSH
protocol caused messages to be processed in the wrong order when the master node left the cluster, so the master node left before sending a new view (with a new master). Therefore, the other nodes did not detect the master's absence, or elect a new master, until the master's absence was detected by the failure detection protocol. The message ordering has been corrected, and the race condition no longer occurs. - JBPAPP-5912
- When a JBoss Cache instance configured for asynchronous serialization was shunned from the cluster, all future replications would fail until the cache was restarted. The cause was a naming conflict between a method and its parent class. This has been fixed by renaming method
CommandAwareRpcDispatcher.stop()
tostopDispatcher()
. - JBPAPP-6011
- The JGroups configuration in the binding manager now implements the system properties added to the JGroups configurations in Enterprise Application Platform 5.1. In addition, hard-coded ports have been removed, and the default multicast addresses are set to the same values used in version 5.0 of the platform.
Consoles
- JBPAPP-3928
- If a user waits too long to log in after going to the Admin Console login page, the session times out. Previously, this caused an exception. A user-friendly timeout message is now displayed.
- JBPAPP-4791
- If a topic or queue was created with the same name as an existing topic or queue, the new one overwrote the old one. This has been resolved by causing an attempt to create a topic or queue with a duplicate name to fail, generating an error.
- JBPAPP-4886
- The
ApplicationServerDiscoveryComponent
class does not use JBoss variables because the paths are hardcoded to thejar
files. If JBoss library locations and the JBoss variables for the libraries (jboss.lib.url
,jboss.common.lib.url
andjboss.server.lib.url
) were changed, the JBoss Admin Console failed to open. This issue is resolved by addingBootstrapAction.createPluginContainerConfiguration()
to the Admin Console.
Documentation
- JBPAPP-4387
- Seam Reference User Guide source code blocks did not have syntax highlighting, which made the source code difficult to read. The affected code has been updated with the correct highlighting.
- JBPAPP-4616
- The Microcontainer User Guide contained references to some outdated Maven artifacts. Please review the document shipped with the current release for updated information.
- JBPAPP-4958
- In the Hibernate Core User Guide, a reference was made to an incorrect POM file. This reference has been updated in the documentation for the current release.
- JBPAPP-5223
- The configuration information in the JMS Clustering Notes section of the guide was inaccurate. The guide has been corrected with an updated configuration example, which fixes the issue.
- JBPAPP-5584
- A change to the default value of the
max_prepared_transactions
datasource property in PostgreSQL versions 8.2 and 8.4 resulted in XA Transactions being denied. An Important admonition was added to Appendix A.7 PostgreSQL of the Administration and Configuration Guide for the XA Datasource example, to highlight the requirement. - JBPAPP-5907
- The Security Guide released with earlier versions of the Enterprise Application Platform missed the instructions for encrypting the datasource password. The documentation now includes the step. The instructions to configure the
server.password
file by running the following command:java -cp jboss-as/common/lib/jbosssx.jar org.jboss.security.plugins.FilePassword \ SALT COUNT MASTER_PASSWORD PASSWORD_FILE
- JBPAPP-6199
- The HTTP Connectors Guide is a new user guide for JBoss Enterprise Application Platform 5.1.1. This guide supercedes and improves upon the mod_cluster User Guide and the HTTP Services section of the Administration and Configuration Guide. It also contains information about the ISAPI and NSAPI connectors.
EJB
- JBPAPP-3392
- EJB3 clients did not use existing socket connections on subsequent invocations. Instead, they created a new connection for each invocation, which was destroyed when the connection was complete. A delay has been added so that connections remain open for use in subsequent invocations.
- JBPAPP-5167
- In two cases, the
UnifiedClassLoader
was used instead of an isolated EAR's classloader. The first case occurred when a EJB2 Entity Bean was packaged inside of an isolated EAR and an EJB client was packaged in the same isolated EAR. When the EJB Entity Bean was passivated, aClassNotFound
exception was thrown. This was caused by the usage ofUnifiedClassLoader
instead of the EAR's isolated classloader. The second case occured when a deployed EJB2 Entity Bean had a local interface of the same name as an interface in theUnifiedClassLoader
, resulting in aClassCastException
. The correct classloader is now used in both cases, and the errors no longer occur. - JBPAPP-5476
- A bug in
org.jboss.ejb.plugins.SecurityInterceptor
caused problems with setting the runas-identity context method invocation on stateless session EJBs that were not originally runas-deployed. Invocations used the identity of any authenticated context sent to the EJB, which resulted in invocations being executed as if the EJB was runas-deployed. The only way to stop this behavior was to restart the server.SecurityInterceptor
now looks at the run-as role of the original EJB, and ensures that runAsRole is available to any calls made by the EJB for declarative security checks. - JBPAPP-5618
- When an EJB Timer service was configured to use the
GeneralPurposeDatabasePersistencePlugin
, and theCachedConnectionManager
was set to debug, the following warning was recorded in the server log:WARN [org.jboss.resource.adapter.jdbc.WrappedConnection] Closing a result set you left open! Please close it yourself.
This occurred because theGeneralPurposeDatabasePersistencePlugin
did not close an internally-usedResultSet
. TheCachedConnectionManager
closed theResultSet
and correctly informed the user of the error. TheGeneralPurposeDatabasePersistencePlugin
has been modified to close theResultSet
, so the warning no longer appears. - JBPAPP-6102
- If you use JDK 6 update 19 or newer, and your application sends or receives
java.io.File
objects, a serialization exception may occur. This exception can also happen if you are using clustering with a stateful session containing ajava.io.File
object.To prevent this exception, a new property has been added. Set the system property-Dorg.jboss.serial.SYNC_SERIALIZATION_BINARY_FORMATS=true
, for all JBoss instances that communicate with each other.
Hibernate
- JBPAPP-4175
- When Hibernate executed a cacheable query using a
ResultTransformer
, it attempted to cache the results after applying theResultTransformer
. However, the data might be modified so that Hibernate could not read it. In this case, aClassCastException
would occur when attempting to cache the results.This issue is fixed by introducing three new classes to the API:org.hibernate.transform.AliasedTupleSubsetResultTransformer
org.hibernate.transform.CacheableResultTransformer
org.hibernate.transform.TupleSubsetResultTransformer
Review the Javadoc for Hibernate for more details. - JBPAPP-4738
- Dialect
org.hibernate.dialect.SQLServer2008Dialect
has been added to Hibernate, to address changes to the Microsoft SQL dialect introduced in Microsoft SQL Server version 2008. - JBPAPP-4895
- When a
refresh()
method was invoked immediately prior to aninsert()
, and second-level caching was enabled, the entity was inserted into the second-level cache. If therefresh()
committed successfully, however, the cached data was not automatically evicted. This occurred becauserefresh()
did not track entity state.refresh()
now tracks entity state, and evicts the cached data on a successful commit. - JBPAPP-4904
- JBoss Marshalling failed to serialize a session, due to a flaw in the serialization logic of
org.hibernate.impl.SessionImpl
. This class now adheres to the Java Serialization specification listed at http://java.sun.com/javase/6/docs/platform/serialization/spec/output.html#86, and serialization works properly and as expected. - JBPAPP-4905
org.hibernate.type.EnumType
used a static map to cache the enum values, because getting the value of the enum by reflecting is expensive. However, this implementation had the potential to cause memory leaks in come circumstances, especially when using Hibernate in the application server. This is because the cached objects would never be garbage-collected, so the Map acting as cache kept growing infinitely.Instead of using a global enum cache, Hibernate now uses a transient array for eachEnumType
instance to cache the enum values. This improves performance and eliminates the memory leak.- JBPAPP-4926
- The
cascade-save
operation was incorrectly handling auto-incremented Primary Key (PK) tables that linked to parent tables with an assigned PK. The fix now allows thecascade-save
operation to handle the parent-child relationship between tables. - JBPAPP-5394
- An issue with
QueryPlanCache
was discovered that caused a memory leak due to soft references held by the unboundSoftLimitMRUCache
. TheSoftLimitMRUCache
eventually filled up until a major stop-the-world garbage collection was necessary to clean theSoftLimitMRUCache
soft references.The solution involves constraining the amount of soft and strong unbound references held in the cache. Entries are evicted using an LRU policy, or by memory pressure from the GC in the case of soft references.Two configuration options are now available, which solve the issue:hibernate.query.plan_cache_max_strong_references
which defaults to 128hibernate.query.plan_cache_max_soft_references
which defaults to 2048
Users that want to emulate previous behavior, can sethibernate.query.plan_cache_max_soft_references
to Integer.MAX_VALUE - JBPAPP-5405
- According to the JPA persistence specification, the
AS
keyword is optional for collection declarations, such as the following:collection_member_declaration ::= IN (collection_valued_path_expression) [AS] identification_variable
A HQL/JPQA such as the one below syntax caused a parser exception:SELECT o FROM EntityBean AS o, IN (o.items) AS l WHERE l.itemValue = '1'
This occurred because Hibernate did not implement theAS
keyword. Hibernate now follows the specification in this area, and allows the optional keyword. - JBPAPP-5409
- Hibernate's
ByteCodeHelper.readByteCode()
was previously limited to 409600 bytes, but can now handle an entity class of any size. - JBPAPP-5478
ChainedPropertyAccessor
was used byAliasToBeanResultTransformer
.ChainedPropertyAccessor
was not serializable. Therefore, any cacheable queries usingAliasToBeanResultTransformer
broke during cache replication. For example, this query could not be replicated or cached to disk:session.createQuery("select foo").setResultTransformer(new AliasToBeanResultTransformer(SimpleCount.class)).setCacheable(true).list();
The behavior ofAliasToBeanResultTransformer
has been changed. When theAliasToBeanResultTransformer
is created/deserialized, it recreates theChainedPropertyAccessor
instance according to the cachedresultClass
. Cacheable queries usingAliasToBeanResultTransformer
continue to work during cache replication.- JBPAPP-5479
AliasToBeanResultTransformer.hashCode
relied onpropertyAccessor.hashCode()
. Implementations ofPropertyAccessor
do not overridehashCode()
orequals()
. Therefore, Cache lookups involving aQueryKey
with anAliasToBeanResultTransformer
resulted in a cache miss.TwoAliasToBeanResultTransformer
objects should only be equal and use the same hash code if theirresultClass
is equal. Getters are determined by aliases, which are provided as an argument, so they are not needed to determine equality. Setters should be used to computeequals()
andhashCode()
. However, due to the implementations of Setter, Setters do not overridehashCode()
orequals()
.The fix is to cache the aliases corresponding to the Setters and use that to check for equality. Cache lookups involving aQueryKey
with anAliasToBeanResultTransformer
no longer result in a cache miss.- JBPAPP-5481
- When Hibernate executed a cacheable query using a
ResultTransformer
, it attempted to cache the results. However, the data had the potential to be modified so that Hibernate could not read it.PropertyAccessException
was thrown when all of the following are true:- The query has a
ResultTransformer
- Results are cached before being transformed
- Each result has a single value
This issue is fixed by introducing three new API calls:org.hibernate.transform.AliasedTupleSubsetResultTransformer
org.hibernate.transform.CacheableResultTransformer
org.hibernate.transform.TupleSubsetResultTransformer
Refer to the Hibernate Javadoc for more details. - JBPAPP-5581
- Hibernate Core
EntityMetamodel entityNameByInheritenceClassNameMap
field was used inconsistently. It used a class for puts to the map, but a method for gets from it. An exception was thrown when saving instances of subclasses with specific entity names. TheEntityModel
class has been updated to use classInheritenceClass
instead of itsgetName()
method. Saving instances of subclasses no longer causes an exception in these cases. - JBPAPP-5763
- When
org.hibernate.id.enhanced.OptimizerFactory.PooledOptimizer
was used in multiple JVMs with the same database, there was a risk of duplicate sequenced values being generated. This occurred because a method was invoked twice to initialize two different values (value and hiValue). If another JVM requested a sequence value between these invocations, the sequence related to the second invocation. This issue has been corrected by limiting the double-read to optimizer initialization, when the first read gives Hibernate theinitialValue
. - JBPAPP-5765
- If an entity defined a collection with a property-ref-based key as cacheable, there was a problem loading the collection and putting it into its second level cache region. Hibernate used the incorrect key for the owning entity. It attempted to use the referenced property value instead of the corresponding ID value.Hibernate now checks whether the collection key is defined by a property-ref. If so, the key of the owner instance associated with the collection itself is used, if it exists. Hibernate resolves the owner of the collection against the owner of the Persistence Context.
- JBPAPP-5814
- Synchronizing access to
Map
caused performance degredation. Synchronization ofMap
is now managed byReentrantReadWriteLock
andConcurrentHashMap
, which improves performance. - JBPAPP-5817
- Many well-formatted and indented
String
s were built up for each element of a parsed HQL string, for each tree node. The purpose was to feed invocations oflog.trace()
. The information was added to the log regardless of the log level. This caused extra output and larger log files. Hibernate now checks the log level, and only includes the formatted output when the log level isTRACE
. - JBPAPP-5898
- A customer reported an issue with the ScrollableResults JoinFetch, where ScrollableResults set child collection correctly at the first parent object, but after the second parent object only the first element of a child collection was included.The ScrollableResults logic has been improved to read sequentially. When a new parent is encountered, ScrollableResults assumes it has finished processing all rows for the previous parent.
Important
This fix relies on results being ordered consistently. Because some databases do not return sorted data (such as H2) you should explicitly apply "order by" for ScrollableResults result ordering.
IOPP
- JBPAPP-3134
jboss-log4j.xml
has been updated to include thejacorb.config
log level. The priority has been set toERROR
to avoid printing unnecessary messages to the console during server startup.
Installer
- JBPAPP-2724
- In the graphical installer, the directory selection dialog used the language specified in the environment where the installer was run, rather than the language requested by the user at the beginning of the installation. The installer has been updated so that the directory selection screen uses the language selected by the user at the beginning of the installation process.
- JBPAPP-4262
- During installation of the Enterprise Application Platform on Solaris, the user was prompted for the root password. This was caused by permission issues when the installer tried to create some optional shortcuts (symbolic links). This issue has been fixed by removing the ability for Solaris platforms to create shortcuts through the installer. You can still create the symbolic links manually if needed.
- JBPAPP-5049
- Previously, scripts for all operating systems were included when JBoss Enterprise Application Platform was installed, rather than being restricted to operating system being installed onto. The installer has been updated so that only appropriate scripts are included in the bin/ directory of the platform. Shell scripts are installed for Linux and UNIX systems, and batch scripts are included for Microsoft environments.
- JBPAPP-5087
- The Red Hat documentation page has moved from http://www.redhat.com/docs to http://docs.redhat.com/. The link has been updated in all documentation.
- JBPAPP-5110
- The graphical installer allows you to specify a custom JAAS security domain for securing consoles and invokers. However, in the past, the Tomcat console was always secured with the JAAS security domain
jmx-console
, even if it does not exist.This issue is fixed, and the Tomcat console is secured with the security domain you specify during installation. - JBPAPP-5116
- When a custom JAAS security domain was created during the graphical installation process, the custom JAAS security domain continued to use
jmx-console-users.properties
andjmx-console-roles.properties
. This incorrect behavior has been changed, so that the custom JAAS security domain called NAME usesNAME-users.properties
andNAME-roles.properties
files instead. - JBPAPP-5129
- Seam examples were not correctly deployed using
ant explode
due to faulty path delimiters in thebuild.properties
file. This caused Seam example deployment to fail. Thebuild.properties
file now uses the correct path delimiters. - JBPAPP-5132
- In Microsoft Windows installations of the Seam examples, the Deploy Hotel Booking Seam Demo shortcut in the Start Menu pointed to a directory one level above the JBoss Enterprise Application Platform installation. This caused an error of type
NoClassDefFoundError
to appear in the log, and the example not to deploy. The path has been corrected, and the example now deploys from the shortcut. - JBPAPP-5435
- The security configuration screen of the graphical installer contained incorrect links to the documentation portal and user documentation. All links have been corrected.
JCA
- JBPAPP-4964
- Due to a regression introduced by the fix in JBAS-5929, the JCA pool sometimes shut down without looking for checked-out connections. This issue has been fixed, and the JCA pool looks for checked-out connections before shutting down.
- JBPAPP-5119
XAManagedConnectionFactory
class did not allow for theis
methodName form for getting and setting properties. This caused problems for XA DataSources when the property was a boolean type.XAManagedConnectionFactory
now allows for theis
format and handles boolean types without errors.- JBPAPP-5374
- Passing a negative timeout value to method
Thread.sleep
in classNewMsgsWorker#run()
caused theMail
message-driven bean to stop checking for new messages. This has been fixed by not allowing a negative timeout value. - JBPAPP-5596
- The JCA code did not properly handle multi-threaded access, due to several potential causes of deadlocks involving JDBC operations and the JBossTS transaction reaper thread. The JCA code has been updated to resolve these problems, and multi-threaded access should work properly in the JCA.
Metadata
- JBPAPP-4041
- The
ServiceMetaDataParser.parseValueFactoryParameter()
method only considered the first child of the<parameter>
element. If the<null/>
element was surrounded by carriage returns, the node was treated as a text value and the parameter was not correctly substituted elsewhere. The following example failed, but now works properly.<parameter> <null/> </parameter>
JMX
- JBPAPP-5690
- The
JMXOpsAccessControlFilter
class did not retain the role mappings for a user if the roles were set with theDeploymentRolesMappingProvider
. The filter class has been corrected, and the mappings are now retained as expected.
Messaging
- JBPAPP-5241
- Some debugging code was inadvertently left in
ChannelSupport.afterRecoveryEx()
, and this code was visible in log files. It has been removed, making log files clearer and easier to read. - JBPAPP-5280
- The MessageSucker is responsible for migrating messages between different members of a cluster. The
onMessage
routine attempts to deliver messages to the local queue, among other tasks. If delivery failed, messages appeared to be lost. They were still in the database, but it was difficult to redeliver them.This was a defect in the JBoss Messaging component, and has been fixed in that component. The fix is complex, and is discussed in JBMESSAGING-1822. In short, a new layer of reliability has been added to the message delivery logic. - JBPAPP-5415
- A potential race condition could occur if a session was closed while a transaction was committing. In this case, an exception was thrown. A check has been added such that a committed message is not cancelled.
mod_cluster
- JBPAPP-3463
- Because of problems with the
pause()
method of the connector, a race condition could occur when applications were undeployed. Sessions that were forwarded to the application server by mod_cluster before receiving an undeploy notification could result in anerror 503 - This application is not currently available
. The method has been updated, addressing these issues. - JBPAPP-5048
- The status page of the mod_cluster manager was not updated upon failover, so worker nodes were listed as active and available after they had failed. The status page now updates when nodes fail.
- JBPAPP-5237
- A server configured for failover with an application deployed in a subdirectory such as
/webapp
, and another application deployed in/
, occasionally caused an error. This was because the failed-over application tried to deploy in/
instead of/webapp
. This situation has been fixed, and failover now occurs as expected. - JBPAPP-5283
- The maximum length for cluster aliases has been raised from
40
to64
, to accommodate longer aliases. - JBPAPP-5315
- Clustered nodes were only retired after the worker retry timeout (set to 60 seconds). This resulted in error messages suggesting that a node was in error for 60 seconds when it was likely the node had retired correctly during this period. Nodes are now retired when the node receives a STATUS message, broadcast by the nodes approximately every 10 seconds.
- JBPAPP-5511
mod_rewrite
could not rewrite from the root (/) in httpd if there was noROOT
context deployed in JBoss Enterprise Application Platform. This occurred because mod_cluster attempted to use the original URI instead of the URI provided bymod_rewrite
. The rewrite rule now works regardless of whether theROOT
context is deployed to the platform.
Other
- JBPAPP-3083
- When AopC was in use, report generation failed with an exception of type
ArrayIndexOutOfBoundsException
. This has been resolved so that a report is now generated as expected, and no exception is thrown. - JBPAPP-3308
- In isolated deployments, a
ClassNotFoundException
was thrown when the application server tried to deserialize an info object associated with the Timer. This occurred because the wrong classloader (threadContextClassLoader
) was used to deserialize the object. This bug has been fixed and the correct classloader is now used. - JBPAPP-5148
- Deployment file names were not previously checked for legal paths. Poorly-constructed file names could cause unexpected file deletions or alterations. The deployment files are now checked for legal paths, and an exception is thrown if an illegal path is used.
- JBPAPP-5232
- Due to a casting problem where a long was cast to an int, using
org.jboss.varia.scheduler.ScheduleManager
with a short period, such as 1 ms, could cause negative repeat values. This has been remedied by using a long instead of an int.
Profile Service
- JBPAPP-2698
- A bug in the Profile service caused the status of deployments to be reported incorrectly if they are started and stopped very quickly. This bug is still present. However, modifications have been made to the console to work around this by updating the status after a short delay, or after the page is refreshed. In normal usage, the status is shown as expected.
Remoting
- JBPAPP-5748
- Sending multiple requests from a WS client and using
fastinfoset
caused an increase of sockets in aCLOSE_WAIT
state and incorrect shutdown. This issue was fixed by introducing theorg.jboss.ws.client.remoting.disconnect.after.use
JVM property, which causes the client remote to disconnect immediately. This property is enabled by default. If you disable it,HttpURLConnections
remain open.
RESTEasy
- JBPAPP-2993
- The
spring-hibernate-contacts
example failed with the error:java.lang.IllegalArgumentException: object is not an instance of declaring class
This occurred because thegetContactById(@PathParam("id") Long id)
method in theContactServiceImpl
class was missing the @GET annotation. This error has been corrected, and the example code now works as expected.
Scripts and commands
- JBPAPP-5403
- When starting the server using
service.bat
, no options were inherited fromrun.conf.bat
. This occurred becauseservice.bat
setJAVA_OPTS
to a placeholder value, which was not overridden by values set inrun.conf.bat
due to a faulty check. This issue has been fixed, and options set inrun.conf.bat
are now used when starting the server withservice.bat
.
Seam
- JBPAPP-3520
- The
JpdlParser
in JBPM included some hard-coded file names of XSDs, which referred to internet locations and ignored XSDs in the classpath. This caused failures when those internet locations were unavailable. The hard-coded paths have been removed and the classpath is now searched for the XSDs. - JBPAPP-4231
- A
NullPointerException
occured when undeploying or uninstalling Seam examples. It did not cause any application to fail, but the error was incorrect. The issue occurred in the nestedbooking, dvdstore, itext, and excel examples, but not in the ui example. The cause was a bug in the EJB3 deployer, and an upgrade to that component resolved the issue. TheNullPointerException
no longer occurs in the examples listed above. - JBPAPP-4508
- When uploading files with
<s:fileUpload>
inside<h:dataTable>
, errors occurred which led to identical filenames and incorrect content. This occurred because the local value was not returned by thegetLocalValue()
method. This problem has been fixed by correcting the method, and the problems with the filenames and content no longer occur. - JBPAPP-4582
- The IBM JVM v1.6 was not handling annotations that were UNKNOWN during runtime. This caused problems with the Chatroom example. The underlying issue is resolved on IBM JVM version 1.6.0 (SR9 FP1).
Note
To make the chatroom example work with IBM JVM versions prior to 1.6.0 (SR9 FP1), copy http://repository.jboss.org/maven2/net/jcip/jcip-annotations/1.0/jcip-annotations-1.0.jar into JBOSS_HOME/server/PROFILE/lib.Restart the server after adding the specified file. - JBPAPP-5013
- The Seampay example had an issue with the duration between the first payment and the second payment in the example. Users with a combination of fast hardware, Java 6 runtime, and Windows Server 2003 found the set delay between payments to be too short. The example has been fixed to extend the duration between payments, which fixes the issue.
- JBPAPP-5015
- The
jta.jar
was being included as a third-party dependency of Eclipse by the seam-gen process. Thejboss-transaction-api.jar
was included in the seam-gen process, but the two files caused a.classpath
conflict. All Hibernate dependencies have been updated to exclude thejta.jar
file, which fixes the dependency issue. - JBPAPP-5056
- The SeamBay example shipped as part of the Enterprise Platform contained an incompatibility with Internet Explorer 8. This has been resolved, and the example once again works with Internet Explorer 8.
- JBPAPP-5078
- There were two identical
ant.jar
libraries in the Seam distribution within the Enterprise Platform:/seam/lib/ant.jar
/seam/lib/gen/ant.jar
This issue has been fixed by removing theant.jar
fromseam/lib/
. - JBPAPP-5410
- An asynchronous invocation of JBPM which required transactional capabilities could cause the asynchronous action not to execute, if a transaction was not started. An exception was thrown and processing did not continue. This is fixed by checking whether transactions are required, and starting a new one if it is not already active, before initiating the asynchronous JBPM processing.
- JBPAPP-5469
- During transactions where application exceptions were thrown, the transaction was neither committed nor rolled back. Instead it remained in memory. Transactions now roll back properly when exceptions are thrown, and are cleared from memory.
- JBPAPP-5496
- The configuration for persistence service in
jbpm.cfg.xml
has been updated in the Todo and DvdStore examples, to use the following value:<service name="persistence" factory="org.jbpm.persistence.jta.JtaDbPersistenceServiceFactory" />
- JBPAPP-5517
- If any exception occurred while a Seam EL expression was being evaluated during the
jbpm-jpdl
process definition, JBPM's transaction handling sometimes committed transactions that should have been rolled back. Rollback only occurred on the Seam side, because Seam tried to close the JBPM Context while the JBPM process was committing. Seam now closes the JPBM context immediately after rolling back the transaction, and the dirty commits no longer occur. - JBPAPP-5590
- Invoking EntityQuery.resultCount() resulted in a query such as
select count( entity )...
. However, if the persistence provider is Hibernate and the Entity has a composite key, the exception[ERROR JDBCExceptionReporter] Operand should contain 1 column(s)
is triggered, because Hibernate does not support composite keys incount
queries.This constraint prevented you from using seam-gen and JBoss Developer Studio to generate CRUDs if you had Entities with composite keys and you use Hibernate. Hibernate extensively usesEntityQuery.resultCount()
in the generated code, and this class triggered the exception.Seam has been updated, so that if the persistence provider is Hibernate, Seam builds the query using the notationselect count( * )
instead ofselect count ( entity )
. This method works, even with composite keys. With this fix in place,EntityQuery.resultCount()
works for all entities and all persistence providers, as do generated CRUDs. - JBPAPP-5823
- Seam-RESTEasy integration module allowed anemic session requests to remain open when an exception occured during the JAX-RS request invocation. Accessing previously authenticated sessions was possible even if incorrect credentials were passed in a request. The code responsible for invalidating the session is now contained in a Java
finally
block. This fix prevents anemic session requests from remaining open. - JBPAPP-6283
s:link
was not working if pages containing thes:link
were not previously rendered on the JBoss Enterprise Platform instance. This caused an IllegalStateException: Unable to read <page>, because the method binding for the Seam UI page actions were not added to the SafeActions on other servers.viewId
now includes the path to the web context root in each searching path, which allows pages to remain active when workload is moved between nodes.- JBPAPP-6362
- In seam-gen, Entity fields that were annotated by
@Version
were set as an Integer data type. The Update operation was not compatible with the Integer data type, and terminated with aNullPointerException
. The@Version
data type has been changed from Integer to int. Entity Update operations now complete successfully. - JBPAPP-6387
- It was found that JBoss Seam did not properly block access to JBoss Expression Language (EL) constructs in page exception handling, allowing arbitrary Java methods to be executed. A remote attacker could use this flaw to execute arbitrary code through a specially-crafted URL provided to certain applications based on the JBoss Seam 2 framework.
Note
A properly configured and enabled Java Security Manager would prevent exploitation of this flaw. CVE-2011-1484) - JBPAPP-6770
- It was found that the fix for CVE-2011-1484 was incomplete: JBoss Seam 2 did not block access to all malicious JBoss Expression Language (EL) constructs in page exception handling, allowing arbitrary Java methods to be executed. A remote attacker could use this flaw to execute arbitrary code via a specially-crafted URL provided to certain applications based on the JBoss Seam 2 framework.
Note
A properly configured and enabled Java Security Manager would prevent exploitation of this flaw. (CVE-2011-2196)
Security
- JBPAPP-2598
- Applying the workaround for JBAS-7049 causes servers using OpenJDK 6 and running the security manager to fail to start the Enterprise Application Platform. This was due to upstream issues in OpenJDK. These issues have been addressed in the OpenJDK software, which is a third-party product. Therefore, the Enterprise Application Platform now starts as expected on affected systems with upgraded OpenJDK.
- JBPAPP-5459
- Due to an error in the order of services starting up,
JNDIContextEstablishment
could potentially start later than expected, causingNamingExceptions
because the contextjava:/jaas
was not bound in JNDI. This binding is now handled inJaasSecurityManagerService
, which starts before any service in thedeploy/
directory. - JBPAPP-5691
unauthenticatedIdentity
The option did not work with theLdapExtLoginModule
class, even when the method invoked did not require a specific role. The security libraries have been updated to fix this issue.- JBPAPP-5729
- The
org.jboss.security.plugins.FilePassword
file previously required write permission even for decoding the password. The file could not be changed to read-only for regular users because it was inaccessible. This issue has been fixed by changing the file permissions from to read-only. - JBPAPP-5940
LdapExtLoginModule
queried LDAP for theroleNameAttributeID
instead of checking the returned distinguished name. This was slow. To improve performance, aparseRoleNameFromDN
option has been added to the module.
System
- JBPAPP-5608
- The
QueuedPessimisticEJBLock
in JBoss Transactions did not always detect that a waiting transaction had timed out, so the lock would remain active when it should have been released. This eventually resulted in a threadpool-wide lock, with all transactions waiting for the lock to release, or the locked transaction to be registered as timed out. TheisTxExpired()
method has been modified to ensure that timeouts are registered, so that transactions are informed of locks.
Transactions
- JBPAPP-5175
- The JBossTS TransactionReaper contained a bug which caused it to execute continuously when it was running in dynamic mode, rather than pausing between runs. This caused performance degradation. To fix this issue, JBossTS was updated. As a result, the Reaper now pauses between runs, leading to better performance.
- JBPAPP-5195
- The Transactions Recovery Manager searched for XIDs in need of recovery in such a way that sometimes recoverable XIDs were missed. This happened when consecutive recovery scans for a given resource manager returned non-equal lists of in-doubt XIDs. The matching algorithm has been enhanced to handle recoverable XIDs.When using TX Resource managers, which are JDBC drivers that support XA, it is an anti-pattern to rely on the order of the XIDs the Resource Manager returns to you, because you risk losing XIDs and causing heuristic exceptions, in which you will need to manually commit or roll back the transaction.
- JBPAPP-5775
- When nodes unexpectedly die during active transaction processing, zero length transaction journal files may be created. Upon node restart, the processing of these files caused logged warning messages, even though they do not contain any information that can be used to recover the transactions in question. This fix suppresses the log for this specific situation.
Varia
- JBPAPP-5566
- A bug in class
org.jboss.mail.SessionObjectFactory
caused only one mail service to ever be resolved, even if more than one service was configured and present in the JNDI tree. The class now resolves more than one mail service if one is configured.
Web
- JBPAPP-4960
sendNotification
was present inorg.jboss.web.tomcat.service.deployers.TomcatServices.java
, but was disabled, so thejboss.tomcat.connectors.started notification
was missing. The Barrier Controller depended on that notification and was unavailable to manage subscriptions. This problem has been fixed by reinstatingsendNotification
.- JBPAPP-5168
- Customers migrating from Oracle WebLogic need the ability to rewrite URLs in a different context from the webapp. This feature is now implemented. To override the context, set
-Dorg.apache.catalina.connector.Response.REWRITE_CONTEXT_CHECK=false
. - JBPAPP-5293
- The HTTPS connector used
addHandshakeCompletedListener()
to verify a SSL handshake was successfully negotiated between the connector and listener.addHandshakeCompletedListener()
added the listener after the notification thread started running, which required SSL handshake renegotiation.setEnabledCipherSuites(new String[0])
is now used to verify SSL Handshake negotiations, which fixes the issue. This issue was introduced by a fix for CVE-2009-3555. - JBPAPP-5813
- When using the
org.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false
property, cookies containing characters\
,(
,)
,:
,<
,=
,>
,?
,@
,[
,\\
,]
,{
,}
,(
,:
were truncated to the first occurrence of one of the listed characters. Changes have been made to the way these characters are handled in the code which prevents cookies containing these characters being incorrectly truncated.
Web Services
- JBPAPP-4346
- Fault signing and encryption have been added to JBoss WS. These features can be enabled by specifying
includeFaults="true"
on a sign or encrypt element. For the client, specifyincludeFaults="true"
in the encryption and signature elements that are within a<requires>
tag to enforce signed/encrypted faults. - JBPAPP-4506
- When services were deployed to JBoss Web Services Native, any XML Schema Declaration (XSD) imports with relative URLs were rewritten as absolute URLs relative to the WSDL service contract. This worked fine, unless an imported XSD imported a second XSD using a relative path. In this case, the path of the second XSD was incorrectly rewritten to be relative to the first XSD instead of the WSDL service contract. This problem has been resolved, and the paths are now rewritten relative to the WSDL service contract.
- JBPAPP-4564
- You can now disable chunked encoding using the SAAJ API, by calling
soapMessage.getMimeHeaders().addHeader("Transfer-Encoding", "disabled");
. - JBPAPP-4920
- Generating WSDL for JAX-WS resulted in an incorrect namespace prefix for the message part in the WSDL. The wrong namespace prefix was referenced if the exception was mapped to a different namespace that used the @WebFault annotation. This issue has been fixed by correcting how WSDL is generated, and the correct namespaces prefixes are now used.
- JBPAPP-5450
- Due to an error in the SAAJ implementation in the JBossWS libraries, SOAP nodes previously had the same prefix as the
<Envelope>
node. This has been corrected, so that SOAP nodes now have their own prefix. - JBPAPP-5494
- DescriptorDeploymentAspect loaded the
/cxf.xml
in the classpath and put it in the deployment attachment as the CXF endpoint deployment descriptor. This prevented theMETA-INF/jbossws-cxf.xml
orWEB-INF/jbossws-cxf.xml
from being loaded. These are intended to co-exist with/cxf.xml
, which creates the CXF bus. The code has been updated so that these files are now loaded properly. - JBPAPP-5545
- Appending an
Element
to aSOAPBody
resulted in ajava.lang.IllegalArgumentException
. The code has been updated so that adding anElement
now results in theElement
being converted to aSOAPElement
, and no exception is thrown. - JBPAPP-5577
- The logging level for
MessageContextJAXWS
was too high when the conversion of a WSDL URL to a URI failed. This caused excessive log messages. The logging level for these messages has been lowered to reflect the true severity. - JBPAPP-5710
- When a request with an
application/fastinfoset
content-type header was sent to theFastInfoset
web service, the response was returned with an incorrect header ofapplication/soap+xml
ortext/xml
. This issue has been corrected with an upgrade of the JBoss Web Services component. - JBPAPP-5826
- JBossWS does not reuse an established SSL connection when sending multiple requests over SSL to JBoss Enterprise Application Platform. This means an SSL handshake occurs on every request. This issue has been fixed and the SSL handshake occurs once and is reused for every subsequent request, if a local WSDL is used.