Chapter 3. Key new features and enhancements in the Red Hat JBoss Web Server 5.0

The improvements introduced in the Red Hat JBoss Web Server 5.0 include:

3.1. Based on Apache Tomcat 9.0.7:

The enhancements introduced by basing the JBoss Web Server 5.0 on Apache Tomcat 9.0.7 rather than Apache Tomcat 8 used by the JBoss Web Server 3.1 include:

3.1.1. HTTP/2 support

The Hypertext Transfer Protocols are standard methods of transmitting data between applications (such as servers and browsers) over the internet. HTTP/2 improves on HTTP/1.1 by providing enhancements such as:

  • header compression - reducing the size of the header transmitted by omitting implied information, and
  • multiple requests and responses over a single connection - using binary framing to break down response messages, as opposed to textual framing.

Using HTTP/2 with the JBoss Web Server:

  • is supported for encrypted connections over TLS (h2).
  • is not supported for unencrypted connections over TCP (h2c).

For configuration instructions, see: The Red Hat JBoss Web Server 5.0 Installation Guide - Enabling HTTP/2 for the Red Hat JBoss Web Server

3.1.2. Support for using OpenSSL for TLS support with the JSSE connectors (NIO and NIO2)

For JBoss Web Server 5.0, the Java Secure Socket Extension (JSSE) connectors (NIO and NIO2) can access OpenSSL directly though tomcat-native. This allows NIO and NIO2 connector to use OpenSSL without the APR connector.

3.1.3. The NIO connector is the default for HTTP/1.1 connections when the tomcat-native is installed

The JBoss Web Server 5.0 defaults to using the NIO connector for HTTP/1.1 connections when the tomcat-native libraries (for example APR) are installed.

To set APR as the default connector, set useAprConnector="true" on the AprLifecycleListener defined in the <JWS_HOME>/conf/server.xml and restart the JBoss Web Server.

For example:

<Listener className="org.apache.catalina.core.AprLifecycleListener"
    useAprConnector="true" SSLEngine="on"/>

For more information on the APR Lifecycle Listener, see: Apache Tomcat 9 Configuration Reference: The LifeCycle Listener Component - APR Lifecycle Listener

For an additional example of using the useAprConnector, see: Apache Tomcat 9: SSL/TLS Configuration HOW-TO - Edit the Tomcat Configuration File

3.1.4. Support for TLS virtual hosting (SNI)

Server Name Indication (SNI) using the SSLHostConfig element allows for more than one SSL configuration for a given connector (including multiple certificates for a given connector).

For more information on Server Name Indication, see: Apache Tomcat 9 Configuration Reference: The HTTP Connector - Nested Components

For information on configuring SSLHostConfig, see: Apache Tomcat 9 Configuration Reference: The HTTP Connector - SSL Support

3.2. System daemon integration scripts provided for the Red Hat Enterprise Linux users installing from .zip archives

Red Hat Enterprise Linux users installing JBoss Web Server from .zip archives are provided post-install scripts to assist with setting up JBoss Web Server as a systemd or SysV service.

Using the JBoss Web Server with a system daemon provides a method of starting the JBoss Web Server services at system boot. The system daemon also provides start, stop and status check functions.

For setup instructions see: The Red Hat JBoss Web Server 5.0 Installation Guide - Configuring JBoss Web Server to start at boot for .zip installations on Red Hat Enterprise Linux

3.3. The tomcat-vault installation process has been improved

The Tomcat Password Vault is included in the jws-application-server-5.0.0.zip file used for installing JBoss Web Server and is pre-installed at jws-5.0/tomcat/lib/tomcat-vault.jar and can be used once configured.

For Red Hat Enterprise Linux users installing JBoss Web Server from RPMs using YUM, the Tomcat vault can now be installed using YUM:

yum install jws5-tomcat-vault

3.4. The vault.properties file for tomcat-vault can be stored outside JWS_HOME

As of the JBoss Web Server 5.0, the vault.properties file for the tomcat-vault can be stored outside of <JWS_HOME> in the CATALINA_BASE directory (if set).

To set the CATALINA_BASE directory, follow the instructions in the section 'Advanced Configuration - Multiple Tomcat Instances' in the Running The Apache Tomcat 9.0 Servlet/JSP Container document found on the Apache Tomcat Website.

Note that the default location for CATALINA_BASE is <JWS_HOME>/tomcat/ (also known as CATALINA_HOME).

For more information on the tomcat-vault, see: Using a Password Vault with Red Hat JBoss Web Server 5.0

For more information on setting CATALINA_BASE, see: Apache Tomcat 9: Introduction - Directories and Files

3.5. Change in manager and host-manager webapp behavior

The manager and host-manager web-applications can now only be accessed from the localhost. This is a new default restriction within the context.xml configuration files of the manager applications set using the Remote Address Valve (RemoteAddrValve).

For example:

  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />

To view or change this setting, see:

  • <JWS_HOME>/webapps/manager/META-INF/context.xml
  • <JWS_HOME>/webapps/host-manager/META-INF/context.xml

For more information on:

3.6. Change to mod_cluster 1.4 - a connector needs to be specified.

Previous versions of mod_cluster automatically determined which connector to use. As a result, mod_cluster defaulted to the AJP connector and this behavior was difficult to override.

To improve usability, the mod_cluster 1.4 (provided with the JBoss Web Server 5.0) requires a connector to be explicitly set. One or more of the following new attributes require configuration for mod_cluster 1.4:

  • connectorPort
  • connectorAddress

For example:

<Listener className="org.jboss.modcluster.container.tomcat.ModClusterListener"
    advertise="true"
    advertiseInterface="172.16.27.10"
    advertiseGroupAddress="224.0.1.105"
    advertisePort="23364"
    connectorPort="8009"
/>

For more information on using an Apache HTTP Server as a load balancer for JBoss Web Server, see: Red Hat JBoss Core Services 2.4.29: Apache HTTP Server Connectors and Load Balancing Guide - mod_cluster Connector

For additional information on this change, see: JBoss Developer JIRA: mod_cluster - Expose Tomcat configuration to explicitly specify a connector to register with the proxy

3.7. Allows the configuration of multiple properties files

The JBoss Web Server 5.0 includes the listener LoadExternalPropertiesListener, allowing users to load multiple .properties files. The files are specified using the file.N attribute where N specifies the order in which the property files are loaded.

For example:

<Listener className="org.apache.catalina.core.LoadExternalPropertiesListener"
        file.0="/path/to/file1.properties"
        file.1="/path/to/file2.properties"
        file.2="/path/to/file3.properties"
        overwrite="false" loadFirst="file.1" />

For more information on using multiple property files, the documentation has been included in jws-application-server-5.0.0.zip, see: <JWS_HOME>/webapps/docs/config/listeners.html#Load_external_properties_files_-_org.apache.catalina.core.LoadExternalPropertiesListener

3.8. Logging JBoss Web Server with log4j deprecated

Log4j is not supported for Red Hat JBoss Web Server 5.0 and is not provided by the Red Hat JBoss Web Server 5.0 packages or maven repository.

To use log4j with JBoss Web Server, log4j 2.x can be downloaded from the Apache Log4j 2 web site.

3.9. Changes to JBoss Web Server Plus

The JBoss Web Server Hibernate Engine is provided by the Red Hat JBoss Web Server 5.0 Maven Repository.

To download the JBoss Web Server Maven Repository (jboss-web-server-5.0.0.GA-maven-repository.zip), visit the Software Downloads page on the Red Hat Website (available to all JBoss Web Server 5.0 subscribers).

The Hibernate Engine is not provided as a separate .zip package as it was for previous versions of JBoss Web Server.

3.10. Tomcat embedded included in the Red Hat JBoss Web Server 5.0 maven repository

Embedding tomcat in java applications can be useful for development and providing a dedicated instance of tomcat for shipping java applications to customers.

Tomcat embedded has been included in the Red Hat JBoss Web Server 5.0 Maven Repository.

To download the JBoss Web Server Maven Repository (jboss-web-server-5.0.0.GA-maven-repository.zip), visit the Software Downloads page on the Red Hat Website (available to all JBoss Web Server 5.0 subscribers).

The tomcat embedded artifacts can be found in the maven repository at: jboss-web-server-5.0.0.GA-maven-repository/maven-repository/org/apache/tomcat/embed/

For more information on using tomcat embedded, see the Apache Tomcat 9.0 API documentation: org.apache.catalina.startup - Class Tomcat.