|
Changes in BEA WebLogic Server 5.1
In addition to the items listed in the Upgrade section, this section discusses additional changes made since the 4.5.1 release. Changes have been made in the following areas:
For changes that apply to Java 2 Enterprise Edition features, see the Standard Compliance Support of this document.
Starting WebLogic Server
The following issues have been addressed in this release:
The following issue has been addressed in this release:
The following issue has been addressed in this release:
The following issue has been addressed in this release:
HTTP Extended Log Format Support
The HTTP extended log file format provides finer control over the HTTP log information recorded. This release supports extended log format. For more information see Setting up HTTP server log files.
CGI Support
This release provides support for CGI scripts. For more information, see Using legacy CGI.
Apache Support
This release incorporates support for the Apache Web Server. For more information, see Installing the Apache-WebLogic plug-in .
WebLogic Server Tools and Wizards
Console
The following issues have been addressed in this release:
The following issue has been addressed in this release:
The following issue has been addressed in this release:
Extensible Markup Language (XML)
The document Using XML with WebLogic Serverhas been added and describes how XML interfaces with the other WebLogic Server services. New XML code examples are also included in your distribution.
Properties Changes
New and changed properties
Cannot start server because weblogic.class.path is enabled and the Weblogic classes are not in the weblogic.class.path.
You should either alter weblogic.class.path to include the WebLogic classes or set -Dweblogic.system.disableWeblogicClassPath=true in the command line to allow classes to load from the Java classpath.
Note: Starting WebLogic Server with the static classloader disables EJB hot deployment.
The following issues have been addressed in this release:
weblogic.system.startupClass.fail=class1,class2,...
The following drivers have been deprecated in this release:
The following issue has been addressed in this release:
/d:weblogic.system.disableWeblogicClassPath=true
The following new features supporting Sun Microsystems' Java 2, Enterprise Edition have been added:
WebLogic Server now supports the EJB 1.1 specification. Existing EJBs based on the EJB 1.0 specification must be upgraded to run with WebLogic Server 5.1. See Upgrading EJBs to WebLogic Server Version 5.1for instructions.
WebLogic Server 5.1 introduces two XML files for defining EJB deployment properties. If you edit or create these files outside of the WebLogic Server utilities (DDConverter, DeployerTool), make sure that the files comply with their associated Document Type Definitions (DTDs). The DTDs for WebLogic Server deployment files are at these locations:
Note: Most browsers do not display the contents of files having the .dtd extension. To view the DTD file contents in your browser, save the links as text files and view them with a text editor.
For complete information on the new EJB implementation, see BEA WebLogic Server Enterprise JavaBeans.
The following issues have been addressed in this release:
Java Database Connectivity Changes (JDBC 2.0) jdbcKona JDBC drivers renamed
The following JDBC drivers have new names:
Old Name |
New Name |
---|---|
jdbcKona/Oracle |
BEA WebLogic jDriver for Oracle |
jdbcKona/MSSQLServer4 |
BEA WebLogic jDriver for Microsoft SQL Server |
jdbcKona/Informix4 |
BEA WebLogic jDriver for Informix |
DataSource
A DataSource object provides a way to obtain a JDBC connection from a connection pool using a JNDI lookup. For details, see Using a DataSource object to get a JDBC connection
JDBC/RMI and Clustered JDBC
A new JDBC/RMI driver has been added to WebLogic Server. This is a three-tier driver that operates with WebLogic Server using a DataSource object. When this driver is used in a cluster of WebLogic Servers, it can be configured to provide Clustered JDBC. Clustered JDBC provides failover and load balancing for JDBC connections. For more information, see Using WebLogic JDBC/RMI and WebLogic Clustered JDBC
JTS driver
The following issues have been resolved in this release:
Issue 6232. Problems were fixed with JTS synchronization during timeout handling and rollback problems with JTS/JDBC on multiple servers. Stricter illegal-state checking was also introduced.
Issue 7999. The JTS driver now creates an explicit T3Client to pass to the t3 driver. This ensures correct propagation of security information through JTS/JDBC driver. It also improves performance by caching T3Clients internally.
jdbcKona/Oracle
The jdbcKona/Oracle driver has been updated to incorporate some of the features available in Oracle 8, such as Blobs and Clobs, and also for new features available in the JDBC 2.0 specification. Using JDBC 2.0 requires that you run your driver with a JDK 1.2.x JVM.
jDriver for Oracle available for the HP-UX 11 platform.
WebLogic jDriver for Oracle (formerly called jdbcKona/Oracle) is now available for the HP-UX 11 platform for Oracle client versions 8.0.4 and 8.1.5. For more information, see Installing WebLogic jDriver for Oracle
For information on using new Oracle 8 and JDBC 2.0 features, see the Developer Guides Using WebLogic jDriver for Oracle.
Java Message Service
Support for Fully Qualified Table Names
A new property, weblogic.jms.tableNamePrefix, allows you to specify a prefix to add to the database table names when WebLogic Server accesses the JMS tables in a DBMS. This is useful for DBMSs that require fully qualified names when accessing tables. This property can also be used to host multiple sets of JMS tables within the same DBMS. For additional information, see Using WebLogic JMS .
JMS Issues Resolved in this Release
The following issues have been addressed in this release:
Java Naming and Directory Interface Changes (JNDI 1.2)
WebLogic Server now supports the JNDI 1.2 specification.
Java Server Pages Changes (JSP 1.1)
WebLogic Server supports the JSP 1.1 specification.
The following issues have been addressed in this release:
<!-- whether to compile all JSP's on startup -->
<context-param>
<param-name>wl-jsp-precompile</param-name> <param-value>true</param-value>
</context-param>
Additionally, all of the initParams to the JSPServlet (compileCommand, encoding, keepgenerated, etc.) can be specified via similar context params that all start with wl-jsp-*. These are illustrated in examples that have a web.xml file.
Remote Method Invocation Changes Remote Method Invocation (RMI) over IIOP
WebLogic RMI over IIOP extends the RMI programming model by providing the ability for clients to access RMI remote objects using the Internet Inter-ORB Protocol (IIOP). This exposes RMI remote objects to a new class of client, the Common Object Request Broker Architecture (CORBA) client. CORBA clients can be written in a variety of languages including C++, SmallTalk, and Java. For additional information, see Using WebLogic RMI over IIOP .
Note: RMI over IIOP is currently offered only with version 1.3 JDKs.
Additional classpath requirements have been added for running the WebLogic RMI and EJB compilers with the -idl option. For additional information, see the Generate the IDL file section of Using RMI over IIOP
RMI Issues Resolved in this Release
The following issues have been addressed in this release:
This release introduces support for the HTTP Servlet 2.2 specification, including the deployment of multiple Web Applications and multiple servlet contexts. All features of the Servlet 2.2 specification are supported, with the following exceptions:
Servlet Issues Resolved in this release
The following issues have been addressed in this release:
For information on using new Oracle 8 and JDBC 2.0 features, see Using WebLogic jDriver for Oracle.
jDriver for Oracle available for the HP-UX 11 platform.
WebLogic jDriver for Oracle (formerly called jdbcKona/Oracle) is now available for the HP-UX 11 platform for Oracle client versions 8.0.4 and 8.1.5. For more information, see Installing WebLogic jDriver for Oracle
The procedure for using Oracle Blobs and Clobs requires that you cast the Blob or Clob object to weblogic.jdbc20.common.OracleClob or weblogic.jdbc20.common.OracleBlob.
The following issue has been addressed in this release:
jConnect Driver for Sybase now bundled with WebLogic Server
Many improvements have been made to WebLogic Server 5.1 security. Here is a summary of the important new security features.
WebLogic Security Realms and New CachingRealm
The WebLogic Server security realm architecture has been redesigned to make pluggable realms easier to develop, deploy, and manage. A new CachingRealm delegates to an alternative realm that extends AbstractListableRealm or AbstractManageableRealm. If the custom realm does not find a result for a lookup, CachingRealm falls back to the weblogic.properties file. CachingRealm also provides configurable caching to improve the realm's performance.
The NTRealmand LDAPRealm (for Netscape Directory Server and Microsoft Site Server) have been revised to extend the new AbstractListableRealm. LDAPRealm no longer uses EJBs for its caching, so it is now possible to use LDAPRealm with WebLogic Express.
A new UnixRealm (supported on Solaris, HP-UX 11.0, and Linux for this release) provides UNIX authentication for WebLogic Server clients. Authorization uses ACLs in the weblogic.properties file. UnixRealm depends upon a small setroot binary, wlauth, to process authentication requests from WebLogic Server. The wlauth program uses PAM (Pluggable Authentication Modules) on operating systems that have it, or the standard password authentication libraries on other platforms.
The RDBMSRealm example has been thoroughly revised. It is now a fully-supported alternative realm for WebLogic Server, as well as a model for developing custom realms. As part of the revision, the rdbmsrealm.CachingRealm class and the defaultrealm example are gone, replaced by CachingRealm. An option to encrypt passwords in the database has been added. The utils.Schema utility is now used to initialize the realm's tables in the database in place of code in RDBMSRealm from previous releases.
A DelegatingRealm example shows how you can delegate authentication and authorization requests to multiple security realms. You configure DelegatingRealm to delegate specific realm methods to one or more realm classes, which are tried in the sequence you specify. You could use this feature to allow WebLogic Server access to multiple external realms, or use it to implement a failover for your primary security realm.
The SnoopProof realm example has been removed for security reasons. We recommend that you do not migrate forward any applications that you may have built using this example.
The weblogic.security.acl.Security class has a new doAsPrivileged()method that can be used to temporarily switch to a different WebLogic user and run some server-side code. doAsPrivileged() is called with a UserInfo containing the login information of the new User and a class that implements either the weblogic.security.acl.PrivilegedAction interface or the weblogic.security.acl.PrivilegedExceptionAction interface. Both of interfaces define a run() method that returns an Object. Use PrivilegedAction only for code that does not throw any checked exceptions; otherwise, use PriviledgedExceptionAction.
When you call doAsPrivileged(), WebLogic Server attempts to authenticate the UserInfo. If the realm returns an authenticated User, the new User is pushed onto the thread and the run() method is called. When run() returns, the new User is popped from the thread, restoring the original User. If the UserInfo cannot be authenticated, a SecurityException is thrown.
A new Auditing interface has been added. Implement this interface to receive and process notifications of security events such as authentication requests, failed or successful authorization attempts, and receipt of invalid certificates. Your class can filter the events and send messages wherever you choose. The LogAuditProvider example writes audit messages in the WebLogic Properties file.
A new weblogic.security.net.ConnectionFilter interface has been added to allow you to accept or reject WebLogic Server client connections based on the client's origin and protocol. After a client connects, and before any work is performed on behalf of the client, WebLogic Server passes the client's IP number and port, protocol (HTTP, HTTPS, T3, T3S, IIOP), and WebLogic Server port number to your ConnectionFilter implementation. By examining this information, you can choose to allow the connection to continue or throw a FilterException to terminate the connection. The SimpleConnectionFilter example shows how to use this interface. It reads a "rules" configuration file and constructs an efficient rules engine to filter connection requests.
Access Control Lists
A new weblogic.security.urlAclFile lets you create a policy file that guards access on files with much finer control than is possible with the weblogic.properties file. In the policy file, you grant or deny users and groups permissions on files and directories, using a policy file syntax patterned after the Java Authentication and Authorization Service (JAAS). WebLogic Server tests the permissions specified in the policy file before granting access to a resource.
See Controlling access on URLs for details.
WebLogic SSL
Note: The SSL 56-bit license is included in this release. In order to get a 128-bit SSL license, please contact sales@bea.com.
New weblogic.security.clientRootCA properties have been added so that you can specify up to four certificate authorities to use for two-way authentication. The last three properties are new in this release:
weblogic.security.clientRootCA=CACert1
weblogic.security.clientRootCA2=CACert2
weblogic.security.clientRootCA3=CACert3
weblogic.security.clientRootCA4=CACert4
To authenticate successfully, a client must present a certificate signed by one of the specified certificate authorities.
A new weblogic.security.ciphersuites property allows you to specify the ciphersuites that may be offered on SSL connections. WebLogic Server and the client negotiate the ciphersuite to use when establishing a connection, selecting the most secure suite available to both.
The Acl example has a new client program, AltClient.java, which demonstrates how to get a secure SSL connection with JNDI using two-way authentication.
A new CertAuthenticator interface has been added. By implementing this interface and setting the weblogic.security.realm.certAuthenticator property in the weblogic.properties file, you can map the client certificate presented during two-way SSL authentication to a WebLogic Server user. The new SimpleCertAuthenticator example demonstrations how to implement this interface. It maps the name from the email address in the Certificate to a WebLogic Server user.
Simple Network Management Protocol Support
WebLogic Server now provides an SNMP link to SNMP-compliant management systems. Integrating WebLogic Server with SNMP allows you to effectively manage all of your large-scale applications using the SNMP-compliant network management tool of your choice. Since most management platforms support SNMP today, the WebLogic Server SNMP Agent can be integrated into virtually every management framework. Examples of such systems include:
SNMP manageability of WebLogic Server provides the following benefits:
The WebLogic Server agent will enable you to remotely monitor the status of your server or server cluster. It will report statistics including the availability of your server, the number of connections, and the average queue length.
For more information on WebLogic Server SNMP, see:
Third Party Products-Related Changes
For more information see Using WebLogic Server with third party software
Visual Age
For information on using Visual Age with WebLogic Server, see Using the Integration Kit for Visual Age.
VisualCafe/Webgain Studio
For information on using VisualCafe with WebLogic Server, see Using VisualCafé Enterprise Suite with WebLogic.
Third Party-Related Issues Resolved in this Release
If you are using any third party containers or vendor products with the WebLogic Server, or any EJB-related tools (ejbc, DDCreator, ComplianceChecker, or EJB DeployerTool), you will need to specify the property weblogic.home when you start the Weblogic Server or the WebLogic tool, as shown in this example for Windows NT:
$java ... -Dweblogic.home=c:\weblogic... weblogic.Server
where weblogic.home is the root directory of your WebLogic installation. This is usually the same directory specified by the property weblogic.system.home, which sets the directory where WebLogic Server finds the global weblogic.properties file. If you locate your weblogic.properties files outside of the WebLogic installation, you need to redefine the weblogic.home property so that products from third party vendors can find the WebLogic installation.
The following issue has been addressed in this release:
Jolt has been updated to support WebLogic Server 5.1.
For this release we have updated the Jolt documents and added direct links to the Jolt User's Guide.
With BEA Jolt for WebLogic, you can enable BEA Tuxedo services for the Web, using WebLogic Server as the front end HTTP and application server. Jolt is a Java-based client API that manages requests to BEA Tuxedo services via a Jolt Service Listener (JSL) running on the Tuxedo server. The Jolt API is embedded within the WebLogic API, and is accessible from a servlet or any other WebLogic application.
Because Jolt for WebLogic is an extension to the Jolt Java class library, the Jolt Java client class library can be used in HTTP servlets running in WebLogic Server. Jolt for WebLogic also uses Java HTTP servlets to provide an interface between HTML browser clients and BEA Tuxedo services.
Key features of the Jolt for WebLogic architecture include:
The new documentation also includes sections on how to use the examples provided with your distribution of WebLogic Server.
WebLogic Enterprise Connectivity Changes
WebLogic Enterprise Connectivity is supported in this release. There are no new features.
Example Changes
For late-breaking examples and additional help with creating your applications, see our new Additional Examples page.
The following issues have been addressed in this release:
[Error] :3:-1: Attribute "numShares" is not declared for element
The following examples have been added in this release:
The tour has been fixed for this release. It is available from the Windows Start Menu.
Documentation Changes
New Documentation Features
The following Installation documentation has been updated for this release:
The following JDBC documentation has been updated for this release:
WebLogic JDBC OptionsAn overview of WebLogic JDBC drivers and related information. These documents include links to information on using the WebLogic jDrivers, 3rd party information, and more.
Sybase's jConnect driver is now bundled with WebLogic Server.
How to use Oracle's thin JDBC driver with WebLogic Server
A new index to the WebLogic Server Security Guides has been included with this release .
Another new document to help with locking down a WebLogic Server deployment has been added. See Securing a WebLogic Server Deployment .
Wireless Application Protocol
Documentation has been added for the new WAP feature of WebLogic Server, Using Wireless Application Protocol (WAP) with WebLogic Server .
Other documents have been updated as needed.
|
Copyright © 2000 BEA Systems, Inc. All rights reserved.
|