e-docs > WebLogic Server > Release Notes > Resolved Problems for Service Pack 7 |
Release Notes |
Resolved Problems for Service Pack 7
Service Packs are cumulative. Service Pack 7 contains all the fixes made in earlier Service Packs released for WebLogic Server 7.0. For a description of fixes made in earlier Service Packs, see Resolved Problems for Service Packs 1 - 6.
The following sections describe problems that were resolved in WebLogic Server 7.0 Service Pack 7:
If a server was no longer available in the cluster, there was a possibility of an invalid server lookup occuring. This was because an internal hash table was not being properly updated. |
Operations, Administration, and Management
Prior to this release, events with severity level greater than or equal to the configured audit severity level were logged. Now, the default audit provider configuration has a CUSTOM severity option. If the level is set to CUSTOM and one or more severity levels are specified, only events of the specified severity levels are audited. However, if this option is not set, all events with severity level greater than or equal to the configured audit severity level are logged. The system properties that indicate the severity levels are weblogic.security.auditInformation, weblogic.security.auditWarning, weblogic.security.auditError, weblogic.security.auditSuccess, and weblogic.security.auditFailure. For example, to log just INFORMATION and FAILURE events, configure your provider for CUSTOM and set these system properties for WebLogic Server: -Dweblogic.security.auditInformation=true -Dweblogic.security.auditFailure=true |
|
Certificate verification was failing because the SubjectAlternativeName extension to the X.509 certificate was marked as critical. WebLogic Server now allows X.509 certificates with this extension marked as critical to be verified during the SSL handshake. |
|
CA certificates that had the path length constraint field omitted in their basic constraints extension were not recognized as CA certificates. As a result, certificate chains containing such certificates failed certificate validation during SSL connection. Now, such certificates are interpreted correctly as CA certificates with no path length constraint. |
|
The listGroupMembers() method's SSPI call was aborting with an exception if one of the group member's Distinguished Names was invalid. Now, the listgroupmembers() method shows the valid groups and ignores the members whose Distinguished Names cannot be validated. |
|
Some versions of Internet Explorer hang when WebLogic Server sends 0 length packets. Now, you can disable sending 0 length packets by adding the public property, -Dweblogic.security.SSL.DisableSSLEmptyRecords=true. Enabling this property can prevent Internet Explorer from hanging due to this cause. The default value of this property is false. |
|
JSAFE native library support has been added. Since WebLogic Server 7.0 SP7 ships only the jsafe.jar (version 3.4.3), please contact the support service of the vendors for other native libraries. |
|
Refer to the security advisory information available at: http://dev2dev.bea.com/pub/advisory/122 |
|
An InvalidParameterException was thrown while deploying a resource adaptor when the associated deployment descriptor contained permission statements that used wildcard characters or escaped quotes. |
|
Managed Servers no longer fail at startup when the MasterFirst flag is set to True (as part of the domain-side security configuration), and the default embedded LDAP access control lists are in use. |
|
Now, user locking, unlocking and bad password counts behave correctly if the authentication provider is user name case insensitive and caseSensitiveUserNames is set to false (the default value) or if the authentication provider is user name case sensitive and caseSensitiveUserNames is set to true. |
|
The memberURL attribute of the dynamic group now correctly retrieves the users belonging to the group. |
|
Due to the default access control lists shipped with WebLogic Server, users could not change associated passwords. |
|
Outbound SSL connection was very slow because weblogic.jar was verified for every call made to javax.crypto.Cipher. |
|
Now, WebLogic Keystore providers can be specified as per the JCA specification and can be configured by an administrator. |
Simple Network Management Protocol (SNMP)
The enterprise OID for the SNMP coldStart trap was incorrect. It has been changed to ".1.3.6.1.4.1.140.625". |