-
Language:
English
-
Language:
English
JBoss EAP Continuous Delivery 12 Release Notes
For Use with JBoss Enterprise Application Platform continuous delivery 12
Abstract
Chapter 1. About JBoss EAP Continuous Delivery 12
The JBoss Enterprise Application Platform continuous delivery (JBoss EAP CD) release 12 is a Technology Preview release available in the cloud only. This JBoss EAP CD release introduces a new delivery stream of JBoss EAP, which provides incremental updates and new capabilities on a regular schedule for Red Hat OpenShift Online and the Red Hat OpenShift Container Platform.
The purpose of this new delivery model is to quickly introduce new features ahead of the traditional JBoss EAP GA release. The JBoss EAP CD releases are only available in the OpenShift image format and can be accessed from the Red Hat Container Catalog.
Traditional JBoss EAP GA releases, the next being JBoss EAP 7.2, will be based on an aggregate of JBoss EAP CD releases and will continue to be available through the normal distribution methods.
This continuous delivery release for JBoss EAP is provided as Technology Preview only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs), might not be functionally complete, and Red Hat does not recommend to use them for production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.
See Technology Preview Features Support Scope on the Red Hat Customer Portal for information about the support scope for Technology Preview features.
1.1. Differences Between JBoss EAP and JBoss EAP Continuous Delivery
There are notable differences between the JBoss EAP product and the continuous delivery release for JBoss EAP.
For descriptions of differences and details about feature support in the continuous delivery release for JBoss EAP, see the comparison table in Getting Started with JBoss EAP for OpenShift Container Platform or Getting Started with JBoss EAP for OpenShift Online.
Chapter 2. New Features and Enhancements
2.1. Java EE 8
Java EE 8 Preview Mode
By default, this continuous delivery release for JBoss EAP uses Java EE 7 APIs.
You can preview Java EE 8 functionality by setting the ee8.preview.mode
system property to true
on the JAVA_OPTS_APPEND
environment variable. The following is an example of how to set Java EE 8 functionality when using the oc new-app
command.
$ oc new-app IMAGE_STREAM~PATH_TO_SOURCE_CODE -e JAVA_OPTS_APPEND=-Dee8.preview.mode=true
For more information about how to configure environment variables, see Getting Started with JBoss EAP for OpenShift Container Platform.
This enables support for the following Java EE 8 standards:
2.2. Management CLI
Enhanced Help
The management CLI help
functionality has been updated to provide easier access to help information. The help
command now features tab completion and can also show help information for management CLI operations and command actions.
See the Management CLI Guide for more information on using the management CLI help
command.
Indicator for Required Attributes
When using tab completion in the management CLI, attributes that are required for the current operation are marked with a *
character.
/subsystem=naming/binding=test:add( [TAB] ! class module binding-type* environment type cache lookup value
In the above example, pressing Tab after entering /subsystem=naming/binding=test:add(
lists the available attributes and indicates that binding-type
is a required attribute for this operation.
Viewing Multi-page Output
When you run the management CLI in interactive mode and the operation results in multiple pages of output, the command processor pauses the screen at the end of the first page. This allows you to page through the output one line or page at a time. The occurrence of multiple pages of output is indicated by a line of text displaying --More(NNN%)--
at the end of the output.
See the Management CLI Guide for the options available if you encounter multiple page output when running a management CLI command.
Using for-done Control Flow
You can use for-done
control flow in the management CLI to iterate over a collection returned from an operation and execute commands on each item in the collection.
For more information, see Use for-done Control Flow in the Management CLI Guide.
Output Operation Responses in JSON Format
You can configure the management CLI to output operation responses in pure JSON format by setting the output-json
element to true
in the EAP_HOME/bin/jboss-cli.xml
file or by passing the --output-json
flag in when starting the management CLI. By default, operation responses are displayed in DMR format.
Redirecting Output
Instead of printing output from a management CLI operation to the terminal, you can redirect the output using the following operators:
-
>
: Write output to a file on the file system. -
>>
: Append output to a file on the file system. -
|
: Redirect output to thegrep
command for searching the output.
For more information, see Redirect Output in the Management CLI Guide.
Unified Deployment Command
The management CLI deployment
command allows you to manage your deployments using a unified interface to deploy, undeploy, enable, disable or list information about the deployments.
For more information, see Deploy an Application to a Standalone Server Using the Management CLI and Deploy an Application in a Managed Domain Using the Management CLI in the Configuration Guide.
2.3. Web Server
Forwarded HTTP Extension
This continuous delivery release for JBoss EAP introduces the Forwarded
handler, which implements RFC 7239, allowing servers behind a reverse proxy to receive peer and local addresses within the header.
Typically, this handler should not be used in conjunction with any of the X-Forwarded-*
headers enabled on the reverse proxy. This means that you should either use this handler or enable the proxy-address-forwarding
attribute in Undertow listeners.
Session Manager Operations
The following operations to get detailed session information are now available from the management CLI at /deployment=DEPLOYMENT_NAME/subsystem=undertow
.
-
get-session-attribute
: Return a specific attribute for a session. -
get-session-creation-time
: Get the session creation time in ISO-8601 format. -
get-session-creation-time-millis
: Get the session creation time in millseconds since the UNIX Epoch. -
get-session-last-accessed-time
: Get the session last accessed time in ISO-8601 format. -
get-session-last-accessed-time-millis
: Get the session last accessed time in milliseconds since the UNIX Epoch. -
list-session-attribute-names
: List the session attribute names. -
list-session-attributes
: List all attributes in a session. -
list-sessions
: List all active sessions.
2.4. JSF
Disallowing DOCTYPE Declarations in JSF Deployments
You can use the management CLI to disallow DOCTYPE
declarations in JSF deployments.
For more information, see Disallowing DOCTYPE Declarations in the Configuration Guide.
2.5. RESTEasy
JAX-RS Client Support for HTTP Redirects
JAX-RS ClientHttpEngine
implementations based on the Apache HttpClient
support HTTP redirection. For more information, see HTTP Redirect in Developing Web Services Applications.
Chapter 3. Unsupported and Deprecated Functionality
3.1. Unsupported Features
Support for some technologies are removed due to the high maintenance cost, low community interest, and better alternative solutions. The following features are not supported in this continuous delivery release for JBoss EAP.
The unsupported features listed in the Unsupported Features section of the 7.1.0 Release Notes also apply to this continuous delivery release for JBoss EAP, unless they are mentioned in the New Features and Enhancements section of this document.
3.2. Deprecated Features
Some features have been deprecated with this release. This means that no enhancements will be made to these features, and they may be removed in the future, usually the next major release.
Red Hat will continue providing full support and bug fixes under our standard support terms and conditions. For more information about the Red Hat support policy, see the Red Hat JBoss Middleware Product Update and Support Policy located on the Red Hat Customer Portal.
For details of which features have been deprecated, see the JBoss Enterprise Application Platform Component Details located on the Red Hat Customer Portal.
Chapter 4. Fixed CVEs
JBoss EAP CD 12 includes fixes for the following security related issues:
-
CVE-2017-12174:
artemis/hornetq
: Memory exhaustion via UDP and JGroups discovery -
CVE-2017-12629:
Solr
: Code execution via entity expansion -
CVE-2017-15089:
infinispan
: Unsafe deserialization of malicious object injected into data cache -
CVE-2017-12196:
undertow
: Client can use bogus uri in Digest authentication -
CVE-2018-8088:
slf4j
: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution -
CVE-2018-1047:
undertow
: Path traversal in ServletResourceManager class
Chapter 5. Known Issues
See Known Issues for JBoss EAP CD 12 to view the list of known issues for this release.
Revised on 2018-04-16 07:16:16 EDT