6.2.2 Release Notes

JBoss Enterprise Application Platform 6.2

For Use with Red Hat JBoss Enterprise Application Platform 6.2

Nidhi Chaudhary

Lucas Costi

Russell Dickenson

Sande Gilda

Vikram Goyal

Eamon Logue

Darrin Mison

Scott Mumford

David Ryan

Misty Stanley-Jones

Keerat Verma

Tom Wells


These release notes contain important information related to Red Hat JBoss Enterprise Application Platform 6.2.2. Read these Release Notes in their entirety before installing the product.

1. About Maintenance Releases

In order to better meet customer expectations, micro releases for JBoss EAP 6 have been discontinued upon the 6.2 release and replaced with patch updates delivered on a repeating schedule, targeting a new release every 6 weeks. The patch updates will be delivered for both ZIP and RPM based installations of JBoss EAP.
  • For installations originating from a ZIP file, a Cumulative Patch managed by a new EAP feature for applying patches, removing patches, and viewing patch state will be delivered.
  • For installations originating from RPMs, updated RPMs containing the identical fixes included in the Cumulative Patch will be delivered through Red Hat Network on the same repeating schedule.
Each new patch update will contain a number of bug fixes for customer reported issues and potentially a number of security fixes. We expect that the patch updates will substantially reduce the number of individual patches that we produce and that customers must manage to keep their installations up to date.
For more information see the following Red Hat Knowledgebase articles: Maintenance Release Changes in EAP 6.2+ (https://access.redhat.com/site/articles/547663) and Updated Patch Management with EAP 6.2+ (https://access.redhat.com/site/articles/547673).
JBoss EAP Patching Schedule

Figure 1. JBoss EAP Patching Schedule

2. Apply a Patch Update

The method of applying a patch update varies according to the installation method used to install JBoss EAP. See Patching and Upgrading JBoss EAP in the Installation Guide for further details.
For information about how to apply an incremental patch to a local Maven repository, see Apply a Patch to the Local Maven Repository in the Development Guide for JBoss EAP.

3. Bug Fixes

Class Loading

1054984 - Initialization of MBeans uses wrong TCCL

In previous versions of JBoss EAP, it was found that an application's TCCL (thread context class loader) was not appropriately set when initializing MBeans found in .sar files. This meant that resources in the deployment were not available to the MBean upon initialization. In this update to the product, the TCCL is now set appropriately surrounding the call to the MBean initialization and MBeans can now access deployment resources upon initialization.
1007181 - testConnection should account for deployment classloader

A bug was uncovered that could cause earlier versions of JBoss EAP to throw an exception when testing a datasource. The exception presented while using the LDAP protocol in the datasource connection-url tag. The product was failing to instantiate InitialContextFactory because the "org.jboss.as.connector" module was not able to access some of the JDK provided classes (such as com.sun.jndi.ldap.LdapCtxFactory). This resulted in a datasource connection test failure when the Datasource connection-url was using ldap:// protocol.

This issue was resolved by adding a dependency on sun.jdk to the org.jboss.as.connector module. This makes the required JDK classes accessible from the connector module and the datasource testing using CLI using "test-connection-in-pool" operation succeeds.


1051591 - Clustered session memory leaking

A memory leak was found in earlier versions of JBoss EAP. Lock objects that were created to track session ownership per node were not removed from memory if the session timed out, resulting in the memory leak. This release of the product ensures the lock objects are removed when sessions time out, resolving the memory leak.


1058959 - JBMETA-371: DefaultPropertyReplacer + PropertyResolver is broken for vault expressions

Property replacement failed when enabled via spec-descriptor-property-replacement because of a fault in the algorithm. It assumed that the contents of the expression string were contained between "${" and "}", also that it used a fixed format like the previous JBoss EAP system properties, for example, propertyname[: default value]). The PropertyResolver would proceed to resolve propertyname and that resolution attempt would fail. The algorithm has now been corrected and property replacement now occurs as expected.


1059914 - @Schedule EJB Timer not using timezone when calculating next timeout

In previous versions of JBoss EAP 6, a bug was encountered where, if the @Schedule EJB timer used a timezone that was different to that used by the server, any timer invocations after the initial invocation would not fire correctly. This release addresses this behavior and all timer invocations fire as expected when timezones differ between the server and the @Schedule.
1065519 - Remote ejb client code converts '$$' to '$' in passwords

It was found that password validation could fail under certain circumstances in earlier versions of JBoss EAP. The cause was found to be that the PropertiesBasedEJBClientConfiguration class treated the password as an expression. As a result, it would attempt to expand any passwords containing the string $$. This could result in the passwords differing between the client and the server and, hence, failing validation. A modification has been made to the PropertiesValueResolver so that it no longer attempts to expand password expressions by default. Users can return to earlier behavior by setting the jboss-ejb-client.expandPasswords to true to expand passwords.


1051652 - JAVASERVERFACES-3080: Issue when more than one f:viewParam is included in f:metadata.

Due to an upstream bug, including more than one f:viewParam inside f:metadata did not work in previous versions of JBoss EAP 6. An upgrade to the JSF component has resolved this issue and now more than one f:viewParam can now be included in f:metadata.


1032627 - /subsystem=logging/logger=any.category:assign-handler can not run under batch mode

An erroneous name attribute was added to the logging model in a previous version of JBoss EAP. This resulted in the operation trying to add the final handler name to the logger or async-handler multiple times. To correct this behavior, the name attribute is no longer added to the model and the operation correctly gets the handler name from the operation context. In this release of the product, adding handlers to a logger or async-handler in a composite operation works correctly.
1066607 - Using a log4j appender as a custom-handler should invoke the activateOptions if required

In previous versions of JBoss EAP, changing a property in a custom-handler that was a log4j appender did not invoke the OptionHandler.activateOptions() on the appender if the appender implemented OptionHandler. It required a restart of logging resources for the change to take effect. In this release, the activation method is now invoked if properties are changed on the log4j appender and a restart is no longer required for OptionHandler appenders.


1053426 - Remote Naming throws the same exception for different causes

In previous versions of JBoss EAP 6 the same exception was thrown in response to a number of connection errors that could arise when a Remote Naming client failed to connect to any host. This behavior was sub-optimal as it gave users no indication of the actual error encountered for any given server. The exception thrown in all cases was as follows.
javax.naming.NamingException: Failed to connect to any server. Servers tried: [remote://localhost:4447]

In this release the exceptions thrown align more closely to the actual cause of the failure.

If the host or port details are incorrect, the following CommunicationException will be thrown, indicating the connection timed-out:
javax.naming.CommunicationException: Failed to connect to
any server. Servers tried: [remote://localhost:4447 (Operation failed
with status WAITING after 5000 MILLISECONDS), remote://localhost2:4321
(Operation failed with status WAITING after 5000 MILLISECONDS)] [Root
exception is java.net.ConnectException: Operation failed with status

If one of the available servers responds, but the subsequent authentication fails, the following AuthenticationException will be thrown:
					javax.naming.AuthenticationException: Failed to connect to any server. Servers tried: [remote://localhost:4447 (Authentication failed: all available authentication mechanisms failed), remote://localhost2:4321 (Operation failed with status WAITING after 5000 MILLISECONDS)] [Root exception is javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed]

An appropriate message will be given for failures connecting to each server in the list.


1069190 - Patch conflict with JBoss EAP with natives installed

When attempting to apply the JBoss EAP 6.2.1 cumulative patch to an installation on which native components had been installed, the patch command failed with the error message:
Conflicts detected: org.hornetq:main, org.jboss.as.web:main
Use the --override or --preserve arguments in order to resolve the conflict.

However, installing the cumulative patch with the --override-modules argument disabled the native components. As a consequence, it is not possible to install the JBoss EAP 6.2.1 cumulative patch if native components are installed.

The JBoss EAP 6.2.2 cumulative patch is built differently and is compatible with native components.

Scripts and Commands

1056130 - add-user.sh syntax Cygwin fix

It was found that the add-user.sh script would fail when run in Cygwin environments. The cause was identified as a poorly formatted line of code in the script. The syntax has been corrected and the script now operates as expected in Cygwin environments.


1067599 - LdapExtended login module does not handle a user that has a slash character in the UID

In previous versions of JBoss EAP 6, the username string returned by the JVM's LDAP code was wrapped in double quotes if it contained a slash (/) character. This broke any further LDAP lookups, including those for authentication and role lookup.

This meant that users with a slash character in their username were not able to successfully authenticate when using the LdapExtended login module. In this version of the product the double quotes are removed from the username returned from LDAP and users with slashes in the username are correctly authenticated.
1067612 - Authentication attempts will fail if the DatabaseRolesMappingProvider's rolesQuery returns an empty set

In previous versions of JBoss EAP 6, the DatabaseRolesMappingProvider could attempt to get information from an empty SQL set in certain circumstances.

When this occurred, an exception was thrown which caused the authentication request to fail.

In this release of the product, the DatabaseRolesMappingProvider has been modified to avoid using an empty SQL set. Authentication requests that result in the DatabaseRolesMappingProvider rolesQuery returning an empty set are now handled correctly and do not fail.

Web Services

1062691 - Schema validation + multiple schema imports in same namespace + catalog lookup doesn't work

A bug that caused the catalog lookup to fail has been resolved in this release of JBoss EAP.

In previous versions of the product, if schema validation was enabled, catalog validation returned only the first schema found when WSDL references multiple schemas. This could cause the catalog lookup to fail.

In this release of the product, catalog lookup now resolves on the filename before falling back to namespace-only resolution. As a result, catalog validation no longer fails.

4. Known Issues


1058768 - OSGi subsystem does not honor patching mechanism

The OSGi helloworld quickstart does not deploy successfully in JBoss EAP 6.2.2. This is a known issue as the OSGi component has been deprecated in the product. This issue will not be resolved.
1043586 - Vault keystore conversion when upgrading from JBoss EAP 6.1.0 or earlier

If using a vault, when upgrading a JBoss EAP 6 instance from 6.1.0 or earlier, to 6.1.1 or later, the associated vault keystore is converted from JKS to JCEKS format. As a result, any applications or services which use the same keystore, such as SSL, will not work after the upgrade.

This issue is caused by a fix for a security issue that is resolved in JBoss EAP 6.1.1 and later. The security fix forces older keystores to be converted from JKS format with an RSA key to JCEKS format with an AES key, and this conversion process may not be successful when upgrading. To workaround this problem, customers can create a new vault and store the attributes there.

For more details on this issue and the workaround, see this Customer Portal Solution: https://access.redhat.com/support/cases/00998441/.

For further details on the original security issue, see the Red Hat security advisory for the JBoss EAP 6.1.1 release: https://access.redhat.com/support/cases/00998441/.

A. Revision History

Revision History
Revision 6.2.2-5Monday Mar 31 2014Russell Dickenson
Red Hat JBoss Enterprise Application Platform 6.2.2 - GA

Legal Notice

Copyright © 2014 Red Hat, Inc..
This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.