CORS is supported to resolve security issues that occur when you import external resources.

HTTP/2 (HTTP 2.0) Protocol is supported.

Server Pushes in the Servlet 4.0 specification are supported.

The Web listener command now includes the automatic tuning options.

Listener-related commands now support HTTP/2 options.

An option to enable a case-sensitive file system is supported. It resolves the issue that the file system is insensitive to letter case in a file name when a server cluster consists of both a Windows server and a Lunix server.

This option is sensitive to the letter case of a file name and indicates whether a file exists or not.

-Djeus.servlet.useCaseInsensitiveFileSystem

When a JSP program runs, a TLD file is scanned for in all JAR files in a specified claspath, most of which do not include a TLD file.

In response to such an inefficient scan mode, you could use a hard-coded option to select libraries which would be exempted from a TLD scan. This option is now replaced with an external properties file (JEUS_HOME/domains/jarscan.properties) that accommodates easy updates.

A jsessionid rewriting of a sticky session in URL causes the character "=" in an engine name to be converted to "%3D," which affects session routing by WebToB.

To prevent this issue, an option is added so that the character "=" is not converted by default. In case you may want to encode the jsessionid, the jeus.servlet.allowUrlEncodeJesssionId option is supported. When set to true, it encodes the jsessionid.

Use this feature to register and manage servlets with which external services can be run.

The access option has been added as default to the Backup Level setting.

This option updates attributes that are specified as target of the setAttribute and getAttribute methods.

The option -t is now available for the list-session command. By using the option, only the information about a target manager can be retrieved.

With JEUS 8, you can monitor the list-session information on WebAdmin.

Sticky encoding is enabled by using WebAdmin or jeusadmin. The options are BASE64 (default) and RAW.

BASE64 is based on the Base64 encoding algorithm while RAW uses the domain name and server name without encoding.

In DOMAIN_WIDE mode, you can receive a backup remotely by deploying a dummy application with the following system property:

-Djeus.sessionmanager.receive.backup.despite.no.deploy=true

JAX-RS Server-sent Events (SSE)

HTML 5's SSE provides a way to implement server-side browser push.

JAX-RS HTTP basic authentication

With Basic Authentication, a JAX-RS client can authenticate itself with a server.

JAX-RS asynchronous processing

JAX-RS JSON processing

JMS SAF is supported with JMS bridges.

HTML 5's SSE

Server-sent events (SSE) provides a better function than Comet techniques for providing a way to implement server-side browser push. (Server-Sent Events, W3C Candidate Recommendation 11 December 2012). For details, see https://www.w3.org/TR/eventsource/.

With Basic Authentication, JAX-RS clients can provide authentication information when a server requires it.

It implements javax.ws.rs.client.ClientRequestFilter to create an authentication header.

It improves password security by enabling the user to set requirements for a password that must be met when entering or modifying a password.

The default password validator provides requirement options such as special characters, numbers, uppercase letters, lowercase letters, minimum and maximum lengths, and inhibition of the ID.

A custom password validator is supported for the user to customize a password validator.

The library deployment function is enabled in DAS.

In previous versions, the same library is placed in each server by using lib/shared/libraries.xml. In JEUS 8, the library deployment function minimizes the use of resources by resolving the issue with the parent-child hierarchy by referencing a single classloader.

JEUS 8 provides the Spring JMX MBeanServerFactoryBean implementation. With the implementation, you can easily find and use a corresponding JEUS MBeanServer.

With the options, the server-log command can retrieve logs for a specific duration of time.

In the previous version, the server-log command could retrieve a specific number of lines beginning at the start time. In this release, the command can retrieve logs generated for a specific duration of time with the base time and end time options.

In previous versions, when you are using jeusadmin in script mode, the console displays the results of the script and other general results together. In this case, if you are relying on the results printed on the command prompt, you could not easily identify the information you want. To prevent this problem, the -verbose option is added to jeusadmin running in script mode.

The JEUS Network Library manual is provided in the Javadoc format.

The jeusadmin -licenseinfo command is changed to display sequence numbers (seqno).

A license with an expiration date can be selected.

The license for cloud is added.

NIO implementations such as jeus.servlet.connector and AsyncServlet available in JEUS 5 and 6 are removed. Settings related to the NIO implementations in each module are also removed.

In previous versions, the boot-time domain backup feature and the pack-domain command carried out backup differently. In this release, the boot-time domain backup method is changed to carry out the same actions as the pack-domain command.

The structure of the schema library-ref in domain.xml is changed so that configurations can be made by adding elements.

The failon-error and exact-match attributes of library-ref are changed to elements. Other related settings in the .xml file are changed in accordance.

Before change

<library-ref failon-error="true">
    <library-name>test</library-name>
    <specification-version exact-match="true">11</specification-version>
    <implementation-version exact-match="true">22</implementation-version>
</library-ref>

After change

<library-ref>
    <library-name>test</library-name>
     <failon-error>true</failon-error>
     <specification-version>
         <value>11</value>
         <exact-match>true</exact-match>
     </specification-version>
     <implementation-version>
         <value>22</value>
         <exact-match>true</exact-match>
     </implementation-version>
</library-ref>

A lock on the domain.xml file is shared among servers to prevent one server from writing to the file while another is reading it. This feature prevents inconsistency in the file.

In previous versions, the scope of the lock was too broad that an attempt at starting all servers at once with NodeManager would sometimes fail. In this release, this problem is prevented by adjusting the scope and enforcement time of the lock.

JSTL 1.2 is upgraded to JSTL 1.2.5.

The server-info command is improved to retrieve the runtime information along with the status more accurately.

In previous versions, the command calculated runtime from the time passed since the ServerStateInfo object that contains the server status is created. The calculated runtime was initialized when DAS was restarted. In this release, the runtime is calculated from the begin time obtained from SCF (GMS) and is more accurate.

When the begin time is unavailable, only the status information is returned.

The ASM API version for ClassVisitor is updated to ASM 5 for compatibility with JDK 8.

In this release, because NIO implementations for listners are removed in JEUS 8, the use-nio setting is removed from listners and connectors as well.

The use-nio and thread-pool settings are removed from webtob-connector. The use-nio and selector-count settings are removed from tmax-listener.

In this release, the default version of WebtoB-JEUS Protocol (WJP) is set to 2 for a WebtoB connection.

Versions earlier than WebtoB 4.1.6 do not provide WJP 2. For these versions, you need to set wjp-version to 1.

In previous versions, you had to configure jeus-web-dd.xml to use WebSocket. In this release, WebSocket is changed to a default setting requiring no additional configuration. As a result, it is no longer necessary to use the websocket option of the webddgen command to create jeus-web-dd.xml, and the option is removed.

In JEUS 7 and earlier versions, you could change the webinf-first schema by using mixed properties. In this release, you can change the schema by adding elements.

The distributed websocket session function enables websocket sessions with distinct jsessionids to share the same userproperties map. In this release, it is renamed to 'distributed user properties' to better represent its function, and the structure is changed from having attributes to having child elements.

When an emptry string is given as input value to HttpServletRequest.getParameter(), it returns an emptry string.

In previous versions, different values were returned for an empty string input. Query string and x-www-form-urlencode returned an emptry string, and multi-part/form-data returned the result of the new String() command. In this release, the three methods are changed so that they return an emptry string for an empty input value.

The following properties have been changed to options and are no longer available as system properties.

jeus.sessionserver.backupqueue.max    ⇒ Backup Queue Size
jeus.sessionserver.backupunit         ⇒ Backup Unit Size
jeus.session.exclude.das.in.cluster   ⇒ Exclude Das In Cluster
jeus.sessionserver.ignore.flowcontrol ⇒ Ignore Flow Control
jeus.sessionmanager.failback.allow    ⇒ Allow Fail Back
jeus.sessionmanager.prevent.migration ⇒ Prevent Migration 

The configuration method for session clustering in WebAdmin has been changed.

The settings for session clustering in the configuration file has been integrated.

The following modes have been renamed.

Application scope session clustering ⇒ Default session cluster  
Domain scope session clustering      ⇒ Domain wide session cluster 
User-defined scope session clusering  ⇒ Specific scope session cluster 

Options have been added to show-session-configuration and its usage has been changed.

Options have been added to modify-session-configuration and its usage has been changed.

The global lock on passivation has been removed to prevent competition between workers.

The existing files have been changed to be managed by session. The schema related to passivation has been changed.

Improved session management where access session, created by ServletRequestListener, is called twice.

Improved the processing of binding the same attribute that has been invoked by SetAttribute.

Optimized the session feature by removing unnecessary session class structures.

Enhanced stability of monitoring and migration where failback is used in the domain wide session cluster mode.

Enhanced stability of a failback from multiple servers to a single server by using multithreading.

EJB clustering performance is improved by removing the Dynamic Link Ref (DLR) and implementing LiveRef.

Load-balancing is improved for method invocation for stateless session beans.

In the previous version, a JNDI context was randomly selected in a cluster. In this release, it is selected on the basis of enabling local optimization.

In EJB 3.x, EJB home is exposed to the client side. In this release, it is hidden.

When a security domain is added without activation, the user creation menu is not displayed.

Abnormal operation is prevented by changing the method to check whether a security domain is created after adding it.

There have been some security issues with SSLv3, causing cautions about using a certain protocol.

The following has been added so that you can specify the SSL protocol version by using the <ssl><ssl-protocol> of the schema.

-Djeus.net.ssl.protocolVersions=TLSv1,SSLv3 

In previous versions, a journal file could be initialized only by deleting the directory. But now it can be initialized at JEUS startup.

In previous versions, you could only select one JAR file from a classloader when configuring a message bridge. But now you can select multiple JAR files by delimiting them with a comma.

Messages are not compatible with those created in earlier versions. When a connection is made to message stores made in other versions, the messages are printed immediately and the JMS engine is kept from starting.

The same procedure takes place when a connection is made to journals created in other versions.

The path to webservices-rt.jar and webservices-tools.jar has been changed from lib/system to lib/shared.

The function to disable a basic JAX-RS implementation in case a conflict in libraries is expected.

Instead of changing the relevant JAR file, you can just delete the settings for a JAX-RS implementation in ${JEUS_HOME}/lib/shared/libraries.xml to disable it.

The classloader is changed to remain unchanged while graceful redeployment is checked.

In previous versions, when an empty character string is given such as "", the hostname is set to ":9736." To prevent this problem, the hostname is replaced with localhost.

Abrnomal SSL settings used for listeners are changed.

The default password values for a keystore and truststore are removed.

The default pathnames for keystore and truststore files are removed.

Relative paths are allowed for keystore and trustore files. (The paths must start from the config directory in each domain.)

SSLContext used to handle a client's SSL can be configured only by using the configuration tags. System properties need to be set by the client.

A selector manages reading data and the buffer, which reduces unnecessary read count and simplifies the operational logic, thereby improving overall performance.

SSLSocketChannel 클래스의 inNetBuffer를 JeusSocketChannel의 read buffer와 통합하여 SSL 처리를 최적화하였다.

In previous versions, the jmx-manager schema is complicated and has unnecessary elements. In this release, it has been trimmed down and contains new necessary elements.

Deletions

Additions

In previous versions, you could not monitor the JEUS web server with an SNMP client because it failed to link to SNMPAgent and MBeanServer properly. In this release, this problem is fixed.

For logs with the configurations of log rotation, valid-hour, and append:false, their filenames contain 24-hour format timestamps so that you can tell the log creation hour from the rotation name.

The filename is in the format JeusServer_yyyyMMdd_HH.log[0000].

Before making a remote command to the ssh node, the connection to the ssh node is checked by using a Java command to run the ssd node and the method for checking whether it is working. Both methods are improved.

The Java command is changed to java -version. If the returned result beings with the character string "java version," the connection is working.

In this release, the word "uncompleted" is replaced with "incomplete." In accordance, the <tm-config><uncompleted-timeout> element in the schema is changed to <tm-config><incomplete-timeout>.

The "-ut" option of the modify-transaction-manager command for jeusadmin is changed to "-it."

JSF 2.1.3 is upgraded to JSF 2.2.13.