JBoss EAP Continuous Delivery 12 Release Notes

download PDF
JBoss Enterprise Application Platform Continuous Delivery 12

For Use with JBoss Enterprise Application Platform continuous delivery 12

Red Hat Customer Content Services


These release notes contain important information related to JBoss Enterprise Application Platform continuous delivery release 12, which is available as a Technology Preview release in the cloud only.

Chapter 1. About JBoss EAP Continuous Delivery 12

The JBoss Enterprise Application Platform continuous delivery (JBoss EAP CD) release 12 is a Technology Preview release available in the cloud only. This JBoss EAP CD release introduces a new delivery stream of JBoss EAP, which provides incremental updates and new capabilities on a regular schedule for Red Hat OpenShift Online and the Red Hat OpenShift Container Platform.

The purpose of this new delivery model is to quickly introduce new features ahead of the traditional JBoss EAP GA release. The JBoss EAP CD releases are only available in the OpenShift image format and can be accessed from the Red Hat Container Catalog.

Traditional JBoss EAP GA releases, the next being JBoss EAP 7.2, will be based on an aggregate of JBoss EAP CD releases and will continue to be available through the normal distribution methods.


This continuous delivery release for JBoss EAP is provided as Technology Preview only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs), might not be functionally complete, and Red Hat does not recommend to use them for production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.

See Technology Preview Features Support Scope on the Red Hat Customer Portal for information about the support scope for Technology Preview features.

1.1. Differences Between JBoss EAP and JBoss EAP Continuous Delivery

There are notable differences between the JBoss EAP product and the continuous delivery release for JBoss EAP.


For descriptions of differences and details about feature support in the continuous delivery release for JBoss EAP, see the comparison table in Getting Started with JBoss EAP for OpenShift Container Platform or Getting Started with JBoss EAP for OpenShift Online.

Chapter 2. New Features and Enhancements

2.1. Java EE 8

Java EE 8 Preview Mode

By default, this continuous delivery release for JBoss EAP uses Java EE 7 APIs.

You can preview Java EE 8 functionality by setting the ee8.preview.mode system property to true on the JAVA_OPTS_APPEND environment variable. The following is an example of how to set Java EE 8 functionality when using the oc new-app command.

$ oc new-app IMAGE_STREAM~PATH_TO_SOURCE_CODE -e JAVA_OPTS_APPEND=-Dee8.preview.mode=true

For more information about how to configure environment variables, see Getting Started with JBoss EAP for OpenShift Container Platform.

This enables support for the following Java EE 8 standards:

2.2. Management CLI

Enhanced Help

The management CLI help functionality has been updated to provide easier access to help information. The help command now features tab completion and can also show help information for management CLI operations and command actions.

See the Management CLI Guide for more information on using the management CLI help command.

Indicator for Required Attributes

When using tab completion in the management CLI, attributes that are required for the current operation are marked with a * character.

/subsystem=naming/binding=test:add( [TAB]
!              class          module
binding-type*  environment    type
cache          lookup         value

In the above example, pressing Tab after entering /subsystem=naming/binding=test:add( lists the available attributes and indicates that binding-type is a required attribute for this operation.

Viewing Multi-page Output

When you run the management CLI in interactive mode and the operation results in multiple pages of output, the command processor pauses the screen at the end of the first page. This allows you to page through the output one line or page at a time. The occurrence of multiple pages of output is indicated by a line of text displaying --More(NNN%)-- at the end of the output.

See the Management CLI Guide for the options available if you encounter multiple page output when running a management CLI command.

Using for-done Control Flow

You can use for-done control flow in the management CLI to iterate over a collection returned from an operation and execute commands on each item in the collection.

For more information, see Use for-done Control Flow in the Management CLI Guide.

Output Operation Responses in JSON Format

You can configure the management CLI to output operation responses in pure JSON format by setting the output-json element to true in the EAP_HOME/bin/jboss-cli.xml file or by passing the --output-json flag in when starting the management CLI. By default, operation responses are displayed in DMR format.

Redirecting Output

Instead of printing output from a management CLI operation to the terminal, you can redirect the output using the following operators:

  • >: Write output to a file on the file system.
  • >>: Append output to a file on the file system.
  • |: Redirect output to the grep command for searching the output.

For more information, see Redirect Output in the Management CLI Guide.

Unified Deployment Command

The management CLI deployment command allows you to manage your deployments using a unified interface to deploy, undeploy, enable, disable or list information about the deployments.

For more information, see Deploy an Application to a Standalone Server Using the Management CLI and Deploy an Application in a Managed Domain Using the Management CLI in the Configuration Guide.

2.3. Web Server

Forwarded HTTP Extension

This continuous delivery release for JBoss EAP introduces the Forwarded handler, which implements RFC 7239, allowing servers behind a reverse proxy to receive peer and local addresses within the header.

Typically, this handler should not be used in conjunction with any of the X-Forwarded-* headers enabled on the reverse proxy. This means that you should either use this handler or enable the proxy-address-forwarding attribute in Undertow listeners.

Session Manager Operations

The following operations to get detailed session information are now available from the management CLI at /deployment=DEPLOYMENT_NAME/subsystem=undertow.

  • get-session-attribute: Return a specific attribute for a session.
  • get-session-creation-time: Get the session creation time in ISO-8601 format.
  • get-session-creation-time-millis: Get the session creation time in millseconds since the UNIX Epoch.
  • get-session-last-accessed-time: Get the session last accessed time in ISO-8601 format.
  • get-session-last-accessed-time-millis: Get the session last accessed time in milliseconds since the UNIX Epoch.
  • list-session-attribute-names: List the session attribute names.
  • list-session-attributes: List all attributes in a session.
  • list-sessions: List all active sessions.

2.4. JSF

Disallowing DOCTYPE Declarations in JSF Deployments

You can use the management CLI to disallow DOCTYPE declarations in JSF deployments.

For more information, see Disallowing DOCTYPE Declarations in the Configuration Guide.

2.5. RESTEasy

JAX-RS Client Support for HTTP Redirects

JAX-RS ClientHttpEngine implementations based on the Apache HttpClient support HTTP redirection. For more information, see HTTP Redirect in Developing Web Services Applications.

Chapter 3. Unsupported and Deprecated Functionality

3.1. Unsupported Features

Support for some technologies are removed due to the high maintenance cost, low community interest, and better alternative solutions. The following features are not supported in this continuous delivery release for JBoss EAP.


The unsupported features listed in the Unsupported Features section of the 7.1.0 Release Notes also apply to this continuous delivery release for JBoss EAP, unless they are mentioned in the New Features and Enhancements section of this document.

3.2. Deprecated Features

Some features have been deprecated with this release. This means that no enhancements will be made to these features, and they may be removed in the future, usually the next major release.

Red Hat will continue providing full support and bug fixes under our standard support terms and conditions. For more information about the Red Hat support policy, see the Red Hat JBoss Middleware Product Update and Support Policy located on the Red Hat Customer Portal.

For details of which features have been deprecated, see the JBoss Enterprise Application Platform Component Details located on the Red Hat Customer Portal.

Chapter 4. Fixed CVEs

JBoss EAP CD 12 includes fixes for the following security related issues:

  • CVE-2017-12174: artemis/hornetq: Memory exhaustion via UDP and JGroups discovery
  • CVE-2017-12629: Solr: Code execution via entity expansion
  • CVE-2017-15089: infinispan: Unsafe deserialization of malicious object injected into data cache
  • CVE-2017-12196: undertow: Client can use bogus uri in Digest authentication
  • CVE-2018-8088: slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution
  • CVE-2018-1047: undertow: Path traversal in ServletResourceManager class

Chapter 5. Known Issues

See Known Issues for JBoss EAP CD 12 to view the list of known issues for this release.

Revised on 2018-04-16 07:16:16 EDT

Legal Notice

Copyright © 2018 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Red Hat logoGithubRedditYoutubeTwitter


Try, buy, & sell


About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.