JBoss Enterprise Application Platform 6

Beta Release Notes

For use with JBoss Enterprise Application Platform 6 Beta

Copyright 2012 Red Hat, Inc.. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons AttributionShare Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux is the registered trademark of Linus Torvalds in the United States and other countries. Java is a registered trademark of Oracle and/or its affiliates. XFS is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL is a registered trademark of MySQL AB in the United States, the European Union and other countries. All other trademarks are the property of their respective owners. Abstract Release notes for the JBoss Enterprise Application Platform 6 Beta, including new features and known issues. 1

Beta Release Notes 1. Overview ................................................................................................................................ 2 2. New Features ......................................................................................................................... 2 3. Known Issues ......................................................................................................................... 2 A. Revision History Index 4 5

1. Overview
Thank you for participating in the JBoss Enterprise Application Platform 6 Beta evaluation program. Your feedback is valuable. To assist you with your evaluation, please take the time to review the sections below for new features, untested configurations, and known issues. To provide feedback on your experience, contact Red Hat Global Support Services.

2. New Features
JBoss Enterprise Application Platform 6 Beta is based upon JBoss Application Server 7.1.0. It is a certified implementation of the Java Enterprise Edition 6 Full Profile specification. Some of the key features of JBoss Enterprise Application Platform 6 include: Fully-modular classloading system - Classes are loaded and unloaded as needed, for a small footprint and efficient use of system resources. This makes the container slim by default, and increases security by only exposing APIs you actually use. Flexible management - You can manage the Enterprise Application Platform using the web-based Management Console, console-based Management CLI, or the Management API, which uses a REST-like interface and JSON output. You can use batch scripts or custom applications, to ease administration. Managed domains - Managed domains combine virtual servers on physical hosts into server groups, which share configuration and deployments which propagate automatically. All configuration is performed centrally, from the domain controller. You can also run multiple instances on the same physical host easily, due to the socket binding groups and automatic port offsets. Fast server starts and restarts - Developers will appreciate how quickly JBoss Enterprise Application Platform starts and restarts. This has benefits in production environments, but is indespensible in development environments where frequent restarts are necessary. Less time spent waiting means more time spent developing.

3. Known Issues
Application Server 1 AS7-4002 - Some configuration subsystems are hard-coded to use the IP address 127.0.0.1. Some subsystems, notably Web Services Transactions (XTS) hard-code the IP address to 127.0.0.1. Clustering 2 JBPAPP-7516 - mod_cluster does not listen to the balancer's advertising In some obscure cases, mod_cluster does not listen to advertisements. The root cause is still under investigation.

1 2

https://issues.jboss.org/browse/AS7-4002 https://issues.jboss.org/browse/JBPAPP-7516

Known Issues JBPAPP-8423 - Failover during state transfer sometimes fails with exception StateTransferInProgressException. Failovers during state transfer can fail with the above exception, due to problems with the Infinispan cache. This can cause the entire cluster to become unresponsive. JBPAPP-8424 - CacheLoaderException when File.listFiles(...) returns null Due to a cache issue, File.listFiles(...) can report that root not directory or IO error occurred. This will be fixed in the Infinispan component. JBPAPP-8425 - Failures in the cluster cause significant disruptions. Cluster failures can cause exceptions such as IllegalStateException and errors such as Rolling back to cache view Y, but last committed view is Z. The root cause is still under investigation. JBPAPP-8426 - Clean shutdown of a cluster results in an error message. If you shut down your cluster cleanly, you may still receive error messages such as Problems unmarshalling remote command from byte buffer. JBPAPP-8428 - A JGroups error can occur because of a crashed cluster. You may see messages such as failed sending diag rsp to /10.16.88.172:47231: java.io.IOException: Message too long if a cluster node crashes. The root cause of this issue is still under investigation. JBPAPP-8429 - A crash occurs in a cluster accessed by a remote EJB client NotSerializableException can occur when an EJB client accesses a cluster. The root cause of this issue is still under investigation. AS7-3788 - Management CLI :write-attribute operation does not work in the clustering subsystem as expected. The Management CLI (jboss-cli.sh) command /subsystem=modcluster/modcluster-config=configuration:write-attribute(name=excluded-contexts, value="admin-console,invoker,jbossws,jmx-console,juddi,web-console") fails. The problem is that one of the parameters is being checked as a string rather than a boolean value. EJB 10 AS7-3975 - EJB client invocations sometimes hang indefinitely. EJB client invocations sometimes hang indefinitely. This is due to a problem in the Remoting subsystem. EJBCLIENT-32 - EJB client implementationdoes not account for undeployment notification time lag while handling invocations. The current implementation of the EJB client API can cause a node to be selected to handle invocations even if the application might has been undeployed from that node. The EJB
11 9 8 7 6 5 4 3

3 4

https://issues.jboss.org/browse/JBPAPP-8423 https://issues.jboss.org/browse/JBPAPP-8424 5 https://issues.jboss.org/browse/JBPAPP-8425 6 https://issues.jboss.org/browse/JBPAPP-8426 7 https://issues.jboss.org/browse/JBPAPP-8428 8 https://issues.jboss.org/browse/JBPAPP-8429 9 https://issues.jboss.org/browse/AS7-3788 10 https://issues.jboss.org/browse/AS7-3975 11 https://issues.jboss.org/browse/EJBCLIENT-32

Beta Release Notes client API implementation should retry that invocation on a different node, if it fails with a NoSuchEJBException. JBPAPP-8138 - isDOne() method does not return true after cancel() call on EJB asynchronous method Method isDone() does not return true after call of the cancel() method on Future object bound to call of EJB asynchronous method. JBPAPP-8139 - Remote JNDI EJB calls do not work for methods defined as asynchronous An exception is thrown when a called method is defined as asynchronous. A fix is expected in a future release. Security 14 CVE-2011-1096 - JBoss Services has vulnerabilities to character encoding pattern attacks. Tibor Jager, Juraj Somorovsky, Meiko Jensen, and Jorg Schwenk described an attack technique against the W3C XML Encryption Standard, when the block ciphers were used in cipher-block chaining (CBC) mode of operation. A remote attacker, aware of a cryptographic weakness of the CBC mode, could use this flaw to conduct chosen-ciphertext attacks, leading to the recovery of the entire clear of a particular cryptogram by examining of the differences between SOAP responses, sent from JBossWS, J2EE Web Services server. This problem is due to a bug in the W3C XML Encryption Specification. A fix has been developed and will be shipped as part of a future release. Red Hat would like to thank Juraj Somorovsky of Ruhr-University Bochum for reporting this issue. CVE-2012-1094 - When using the standalone.ha.xml profile, mod_cluster registers and exposes the root context of a server by default, even if ROOT is in the excluded-contexts list. When you use the standalone-ha.xml profile, mod_cluster registers and exposes the root context of server by default, despite ROOT being in the excluded-contexts list. The excluded-contexts list requires the hostname and path to be set to correctly identify a context. Due to a mismatch between the container and mod_cluster concerning the default hostname, the contents of the excluded-contexts list are not matched by mod_cluster You can work around this issue by prepending localhost: to the ROOT context. The upstream bug relating to this issue is https://issues.jboss.org/browse/AS7-3620.
15 13 12

A. Revision History
Revision 1-5 Mon Mar 18 2012 Misty Stanley-Jones misty@redhat.com Fixed upstream URL for the release note for CVE-2012-1094 .

Revision 0-0 Tue Mar 13 2012 Initial creation of release notes. Fixed abstract.

Misty Stanley-Jones misty@redhat.com

12 13

https://issues.jboss.org/browseJBPAPP-8138 https://issues.jboss.org/browseJBPAPP-8139 14 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1096 15 https://bugzilla.redhat.com/show_bug.cgi?id&=CVE-2012-1094

Revision History

Index