CDI/Weld

1101968 - Interceptor creation fails - WELD-1683

In previous versions of JBoss EAP 6, Weld incorrectly included inaccessible package-private interfaces from different packages in the set of bean types of beans which implement a package-private interface.

This resulted in a deployment failure due to an IllegalAccessError whenever such bean used any CDI features, including interception or injection.

In this release, Weld no longer includes inaccessible package-private interfaces in the set of bean types of a bean. Beans which directly or indirectly implement package-private interfaces even from different packages now support all CDI operations correctly.

Domain Management

1102753 - deployed applications are not distributed to host controller(s)

In previous versions of JBoss EAP 6, deployments were only copied to host controllers as needed.

Host contollers started with the --backup switch did not have all deployments available, so could not be promoted to a domain controller in a failover.

In this release all content is copied to the host controller when started with --backup allowing for promotion in a failover.

EJB

1093752 - Remote client transaction timeout values are overwritten by hardcoded values

Previous releases of JBoss EAP 6 carried an issue that resulted in remote client transactions spanning multiple servers timing out earlier or later than expected.

The issue arose because timeout values were not propagated across servers correctly, leaving the system to rely on the hardcoded timeout value (300 seconds)

The hardcoded timeouts have been removed in this release and transactions now time out as and when expected.

EJB,Remoting

1098879 - EJB client failed initially if a cluster should used for EJB invocation with Could not create a connection for cluster node ClusterNode{} -> Operation failed with status WAITING

Due to a race-condition the connections to the different server nodes, provided as cluster-view after the initial connection, are not established. Under most conditions the client was stopped and continue work after all connection requests are timed out.

Hibernate

1094080 - HHH-8749 Error flushing with a many-to-many Map defined with unique="true" and cascading orphan delete

In previous versions of JBoss EAP 6, when using an indexed collection (Map or List) mapped as Many-to-Many with unique= true and cascading orphan deletes, an exception ( Unable to resolve property: null), was thrown on flush. This has now been corrected.

JCA

1103238 - Back port of WFL-2912 into JBoss EAP

In previous versions of JBoss EAP 6, contextual information was not correctly checked during the Resource Adapter add operation which was preventing deployment of the generic JMS adapter in domain mode.

This issue has been resolved in this release.

Other

1101925 - Missing javadoc for org.jboss.dmr

The javadoc for org.jboss.dmr was missing in earlier releases of JBoss EAP 6. The javadoc has been reinstated in this release.

RESTEasy

1091547 - DataSourceProvider uses an insecure method to read the input stream

The datasource provider that ships with RESTeasy uses the InputStream::available method, which, as stated in the Javadoc, is inappropriate:

Note that while some implementations of InputStream will return the total number of bytes in the stream, many will not. It is never correct to use the return value of this method to allocate a buffer intended to hold all data in this stream.

This release of JBoss EAP 6 avoids using this method.

Security

1098365 - Repair 'Continuation Required' logic

A fix implemented for a Negotiation issue had an adverse affect on the NegotiationAuthenticator's negotiation logic ("Continuation Required"). The issue prevented some browsers from being able to properly connect to a Negotiation protected web application.

In this release, the "Continuation Required" logic has been corrected so that it works along with the "fallback to FORM" logic when an NTLM token is received.

1086795 - LdapExt login module fetches to many attributes in RoleSearch

In previous versions of JBoss EAP 6, the LdapExtended login module was found to be returning too many attributes when performing an authentication query using RoleSearch. The issue was caused by the removal of a constraint filter ( constraints.setReturningAttributes(new String[0]);). This filter code has been reintroduced in this release of the product and the problem not longer presents.

1105330 - Fix the fallback to form SSO handling in NegotiationAuthenticator

In previous releases of JBoss EAP 6, the NegotiationAuthenticator did not support SSO when the fallback to form logic was triggered. As a consequence, SSO, both clustered and non-clustered, did not work if the user logged in with a username and password (fallback to form).

In this release the the SSO logic has been added to the NegotiationAuthenticator and SSO now works as expected when falling back to form authentication.

Transaction Manager

1096947 - JBTM-1702: one-phase optimization: XAException by XAResource swallowed and bean invocation falsely a success

In previous versions of JBoss EAP 6, it was found that XAExceptions thrown by XAResource were being swallowed and that bean invocation was falsely appearing to succeed.

The issue presented when one-phase optimization was in use and the XAResource.end() method threw an XA_RBCOMMFAIL error. The bean client would seem to complete the bean method invocation successfully, however the transaction would have been rolled back by the database causing any subsequent bean invocations to fail as data assumed to be stored was not available.

In this release, if the transaction fails in the XAResource, it is still rolled back, however an exception is now thrown so that the calling code can detect an error instead of assuming a success.

Web

1103891 - NIO can improperly lead to request/response objects being used concurrently

In previous versions of JBoss EAP 6, using NIO with async servlets could lead to a processor and its request/response objects being used by multiple threads to process different requests at once.

This issue would present if two events occurred on the same channel and executed Http11NioProtocol.event at the same time. If they result in a SocketState other than LONG, both offered the same processor to recycledProcessors in the finally block. This would then allow two different requests to poll the same processor at once from reycledProcessors.

This behavior was incorrect as a processor should only ever have one entry in recycledProcessors.

The issue has been resolved in this release of the product.

1103018 - High CPU in concurrent access to the JSSESupport keySizeCache map

In previous versions of JBoss EAP 6, the keySizeCache in JSSESupport was not properly synchronized.

Because of this, concurrent access to the JSSESupport keySizeCache could result in high CPU hash map loops.

In this release, access to the keySizeCache in JSSESupport is synchronized and oncurrent access to the keySizeCache does not occur and high CPU hash map loops are avoided.

1101472 - ContextNotActiveException thrown on session invalidation when using clustered SSO

In previous versions of of JBoss EAP 6, the SSO valves did not set the context when expiring sessions associated with SSO.

This meant that ClusteredSingleSignOn would call WeldListener.sessionDestroyed(event) after the session has been destroyed, resulting in a ContextNotActiveException upon session invalidation.

In this version of the product, the SSO valves now set the context when expiring sessions associated with SSO and the ContextNotActiveException is avoided upon session invalidation.

1097410 - NIO EventPoller thread dies from uncaught NPE

In previous versions of the product, particular concurrency between a request thread and the NIO EventPoller thread could result in the EventPoller seeing an unaccounted for null ChannelInfo object in its maintain loop.

As a result, the NIO EventPoller thread could then die from an uncaught NullPointerException. This could then lead to overall server unresponsiveness and connections remaining unclosed until the pool is exhausted.

In this release the EventPoller thread accounts for any such null to prevent the NullPointerException from being thrown and the EventPoller thread will no longer die from such a NullPointerException.

Web Services

1069352 - Schema imports in CXF can have naming conflicts in the URL used to retrieve them

In previous versions of JBoss EAP 6, CXF did not resolve external WSDL schema links properly for sd files with the same name but different path. This meant that WSDL schemas could not be downloaded properly in certain situations.

This release of the product includes enough information in schema links to make each schema file unique and WSDL schemas can now be downloaded without issue.

1079044 - MessageContext is lost when JAX-WS client is invoked from within a JAX-WS endpoint impl

A bug was present in previous versions of JBoss EAP 6 that, when a JAX-WS client is invoked inside an endpoint, caused the endpoint's MessageContext to be removed from the ThreadLocal and not replaced at the end of the client call. This caused the MessageContext to be unavailable to endpoints after they make any JAX-WS invocation.

This bug has been resolved by an upgrade of the Apache CXF component (from 2.7.10 to 2.7.11).

1040703 - JAXBDataBinding can not handle the exception with generic objects like ObjectWithGenerics<Boolean, Integer>

Previous releases of JBoss EAP 6 carried an issue wherein, when an Exception class has some members with type parameters defined as in the following example, the WSDL generated from the exception class is incorrect and the SOAP fault message is not expected.

@javaxml.ws.WebFault
public class GenericsException extends Exception {
    private static final long serialVersionUID = 1L;
    private ObjectWithGenerics<Boolean, Integer> obj;

    public ObjectWithGenerics<Boolean, Integer> getObj {
        return obj;
    }
    public void setObj(ObjectWithGenerics<Boolean, Integer> obj) {
        this.obj = obj;
    }
}

This issue has been resolved in this release.

1077262 - HttpServletRequestSnapshot is not created for requests with WSA ReplyTo prop set

In previous versions of JBoss EAP 6, the servlet request object would, under certain circumstances, not be cloned before queuing a request with the WSA replyTo property set to be processed on a different thread.

As a consequence, JBossWeb would recycle the stale request object after the initiator received its acknowledgment response, causing invalid data to be used when the endpoint implementation tries to access the stale request object.

This release ensures the servlet request object is cloned when it needs to be and invalid data is no longer used by endpoint implementations that execute on a different thread than the original HTTP request.

Documentation

1058768 - OSGi subsystem does not honor patching mechanism

The OSGi helloworld quickstart does not deploy successfully in JBoss EAP 6. This is a known issue as the OSGi component has been deprecated in the product. This issue will not be resolved.

Scripts and Commands

1072227 - Wrong handling of --debug argument by standalone.[sh|bat] scripts

This release of JBoss EAP 6 carries a bug where-in the shell script for running EAP in standalone mode ( standalone.sh|bat) does not use the default port (port 8787) when the script is used with debug argument without a port number.

As a result execution of the script with debug argument results in an error and does not start the server.

A possible workaround for this issue is to specify a port number when the script is used with the debug argument:

standalone.[sh|bat] --debug [port number]

This issue is expected to be resolved in a future release of the product.

Patching

1108952 - OutOfMemoryError with large patches.

This release of JBoss EAP 6 carries a bug that, when installing large patches, may cause an OutOfMemoryError to occur on child host controllers. This could occur when installing CP04 via the domain controller with the default memory settings.

The error presents because attachment data passed from master to slave host controllers is read fully into memory.

To workaround this issue: Edit bin/domain.conf or bin/domain.conf.bat, and append -Xmx1024m to the HOST_CONTROLLER_JAVA_OPTS setting on child host controllers temporarily if patches need to be installed from the domain controller.

This issue is expected to be resolved in a future release.