-
Language:
English
-
Language:
English
JBoss EAP Continuous Delivery 15 Release Notes
For Use with JBoss Enterprise Application Platform Continuous Delivery 15
Abstract
Chapter 1. About JBoss EAP Continuous Delivery 15
The JBoss Enterprise Application Platform continuous delivery (JBoss EAP CD) release 15 is a Technology Preview release available in the cloud only. This JBoss EAP CD release introduces a new delivery stream of JBoss EAP, which provides incremental updates and new capabilities on a regular schedule for Red Hat OpenShift Online and the Red Hat OpenShift Container Platform.
The purpose of this new delivery model is to quickly introduce new features ahead of the traditional JBoss EAP GA release. The JBoss EAP CD releases are only available in the OpenShift image format and can be accessed from the Red Hat Container Catalog.
Traditional JBoss EAP GA releases, the next being JBoss EAP 7.3, will be based on an aggregate of JBoss EAP CD releases and will continue to be available through the normal distribution methods.
This continuous delivery release for JBoss EAP is provided as Technology Preview only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs), might not be functionally complete, and Red Hat does not recommend to use them for production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.
See Technology Preview Features Support Scope on the Red Hat Customer Portal for information about the support scope for Technology Preview features.
1.1. Differences Between JBoss EAP and JBoss EAP Continuous Delivery
There are notable differences between the JBoss EAP product and the continuous delivery release for JBoss EAP.
For descriptions of differences and details about feature support in the continuous delivery release for JBoss EAP, see the comparison table in Getting Started with JBoss EAP for OpenShift Container Platform or Getting Started with JBoss EAP for OpenShift Online.
Chapter 2. New Features and Enhancements
2.1. Security
Elytron Audit Logging Performance and Reliability Tuning
In JBoss EAP 7.2, the synchronized
attribute for Elytron file audit logging defined whether to flush the output stream and synchronize the file descriptor after every audit event.
This release introduces a new autoflush
attribute to separate stream flushing and file synchronizing, which allows for finer tuning of performance and reliability for Elytron audit logging.
For more information on configuring Elytron audit logging, see Elytron Audit Logging in How to Configure Server Security for JBoss EAP.
JwtValidator Enhancements
The JwtValidator in this release now includes support for multiple keys and for remote public keys. The key-store
attribute can now be combined with the certificate
attribute to be used as an alternate to the public-key
. The client-ssl-context
attribute defines the SSL context to use for a remote JSON Web Key (JWK). This enables you to use the URL from the jku
(JSON Key URL) header parameter to fetch public keys for token verification.
For more information, see the token-realm jwt Attributes table in How to Configure Server Security for JBoss EAP.
Default SSLContext
This release now registers a default SSLContext on startup that is available for use by any libraries that support use of the default context.
For more information, see Default SSLContext in How to Configure Server Security for JBoss EAP.
Java Authentication SPI for Containers (JASPI) Security Using Elytron
The elytron
subsystem in this release now provides an implementation of the Servlet
profile from the Java Authentication SPI for Containers (JASPI). This allows tighter integration with the security features provided by Elytron.
For more information, see Configure Java Authentication SPI for Containers (JASPI) Security Using Elytron in the Development Guide for JBoss EAP.
Server SSL Server Name Indication (SNI) Contexts
The server-ssl-sni-context
in this release is used for providing server-side SNI matching. It provides matching rules to correlate host names to SSL contexts, along with a default in case none of the provided host names are matched.
For more information, see Using a server-ssl-sni-context
in the How to Configure Server Security for JBoss EAP.
2.2. Server Management
Support for Eclipse MicroProfile Metrics
This release now includes the SmallRye Metrics component, which provides Eclipse MicroProfile Metrics functionality using the microprofile-metrics-smallrye
subsystem. This subsystem is used to provide monitoring data for the JBoss EAP instance, and is enabled by default.
For more information, see Eclipse MicroProfile Metrics in the Configuration Guide for JBoss EAP.
2.3. Management CLI
Disable Output Paging
By default, the JBoss EAP management CLI pauses after a page of output has been displayed, which allows you to browse and search the command output. You can now disable this behavior and print the entire output immediately by starting the management CLI with the --no-output-paging
argument or by setting the output-paging
element to true
in the EAP_HOME/bin/jboss-cli.xml
file.
Chapter 3. Unsupported and Deprecated Functionality
3.1. Unsupported Features
Support for some technologies are removed due to the high maintenance cost, low community interest, and better alternative solutions. This release does not introduce any newly unsupported features.
However, the unsupported features listed in the Unsupported Features section of the release notes for JBoss EAP 7.2 also apply to this continuous delivery release for JBoss EAP, unless they are mentioned in the New Features and Enhancements section of this document.
3.2. Deprecated Features
Some features have been deprecated with this release. This means that no enhancements will be made to these features, and they may be removed in the future, usually the next major release.
Red Hat will continue providing full support and bug fixes under our standard support terms and conditions. For more information about the Red Hat support policy, see the Red Hat JBoss Middleware Product Update and Support Policy located on the Red Hat Customer Portal.
For details of which features have been deprecated, see the JBoss Enterprise Application Platform Component Details located on the Red Hat Customer Portal.
Chapter 4. Resolved Issues
See Resolved Issues for JBoss EAP CD 15 to view the list of issues that have been resolved for this release.
Chapter 5. Fixed CVEs
JBoss EAP Continuous Delivery 15 includes fixes for the following security-related issues:
-
CVE-2018-7489:
jackson-databind
: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries -
CVE-2018-1000632:
dom4j
: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
Chapter 6. Known Issues
See Known Issues for JBoss EAP CD 15 to view the list of known issues for this release.
Revised on 2019-01-25 07:57:04 UTC