Chapter 2. New Features and Enhancements
Ability to Combine Multiple Security Realms for Authorization in an Aggregate Realm
You can now use multiple security realms for authorization in an
aggregate-realm with the
For more information, see Configure Authentication and Authorization Using Multiple Identity Stores in the How to Configure Identity Management guide for JBoss EAP.
Ability to Use the Subject Alternative Name Extension From X.509 Certificate as the Principal
You can now configure an evidence decoder to use a subject alternative name from an X.509 certificate as the principal associated with that certificate.
For more information, see Configuring Evidence Decoder for X.509 Certificate with Subject Alternative Name Extension in the How to Configure Server Security guide.
Ability to Combine Multiple Evidence Decoders with Aggregate Evidence Decoder
Elytron now provides an aggregate evidence decoder to combine two or more evidence decoders into a single decoder.
For more information, see Configuring an Aggregate Evidence Decoder in the How to Configure Server Security guide.
Certificate Revocation Capability using OCSP
Elytron now provides certificate revocation capability using Online Certificate Status Protocol (OCSP), defined in RFC6960, when undertow is used as a load balancer.
Syslog Audit Logging Enhancements
A new attribute,
reconnect-attempts, is now available to configure the maximum number of times Elytron attempts to send successive messages to a syslog server before closing the connection when using UDP.
Client and Server Interceptors
JBoss EAP 7.2 and earlier only supported EJB interceptors configured in the container.
In JBoss EAP 7.3, client interceptors and server interceptors are now supported. Client and server interceptors can be configured globally.
Ability to Specify Ranked Multiple Routes Session Affinity
You can now specify session affinity as an ordered list of nodes. If your load balancer supports multiple, ordered routes, in the event of a primary node failure, it can choose the optimal nodes in the order defined. It also ensures a definite failover target, if the primary owner of a specific session is inactive.
For information about the ranked affinity options, see The distributable-web subsystem for Distributable Web Session Configurations in the Development Guide for JBoss EAP. For information on how to enable ranked session affinity in your load balancer, see Enabling Ranked Session Affinity in Your Load Balancer in the Configuration Guide for JBoss EAP.
Enabling Statistics for Remote Cache Containers
You can now use the HotRod client to expose remote cache container statistics. The
statistics-enabled attribute can be configured for remote cache containers using the management CLI. For more information, see Configuring Remote Cache Containers in the Configuration Guide for JBoss EAP.
2.5. Web Services
Optional <T> Parameter Types Available for RESTEasy
RESTEasy now supports the following
java.util.Optional parameters as wrapper object types:
For more information, see
java.util.Optional Parameter Types in the Developing Web Services Applications book for JBoss EAP.
Reduce Memory Footprint with Galleon Feature-packs
You can now customize the main JBoss EAP for OpenShift image configuration to include only the capabilities that you require, thereby reducing the memory footprint. The provisioning tool, Galleon, offers several layers that you can select to control the capabilities present in the JBoss EAP server.
Additionally, you can package customized capabilities as Galleon feature-packs that are installed during the JBoss EAP server Galleon provisioning. For JBoss EAP for OpenShift Source-to-Image (S2I), you can build your feature-packs offline, deploy them to Maven and reference them in your
EAP Operator for Automating Application Deployment on OpenShift
JBoss EAP now offers EAP operator, a JBoss EAP-specific controller, to automate common deployment-related tasks. You can install the EAP operator using OperatorHub, the graphical interface that OpenShift cluster administrators use to discover, install, and upgrade operators.
EAP Operator for Safe Transaction Recovery and EJB Remoting
The EAP operator ensures safe transaction recovery in your application cluster by verifying that all transactions are completed before scaling down the replicas and marking the pod as
clean for termination.
The EAP operator uses
StatefulSet for the appropriate handling of EJB remoting and transaction recovery processing. The
StatefulSet ensures persistent storage and network hostname preservation even after the pods are restarted.
Calculate JVM Memory Settings
JBoss EAP 7.2 and earlier did not address conditions where JVM memory settings are higher than the container limit.
The OpenShift JBoss EAP image can now calculate default JVM memory settings when a container limit has been defined and the JVM memory settings are higher than the container limit.
2.7. Quickstarts and BOMs
New Client BOM for JAX-WS
JBoss EAP now provides a new client BOM,
wildfly-jaxws-client-bom, to manage JAX-WS dependencies. For information on how to add the
wildfly-jaxws-client-bom dependencies to your project, see JBoss EAP Client BOMs in the Development Guide for JBoss EAP.