B WebLogic Server 10.3.6 Compatibility with Previous Releases

This section describes important compatibility information that you should consider before upgrading to WebLogic Server 10.3.6.

Also see "WebLogic Server Compatibility" in Information Roadmap for Oracle WebLogic Server and What's New in Oracle WebLogic Server.

Compatibility considerations are provided in the following sections:

Core Server

As of WebLogic Server 10.3.3, the WebLogic Server Runtime MBean Server is configured by default to contain platform MXBeans for the corresponding server. The Domain Runtime MBean Server contains the platform MXBeans for all of the servers in the domain.

Using the platform MBean server for the Runtime MBean Server is controlled by the PlatformMBeanServerUsed attribute in the JMX MBean. In previous releases, the default value for the PlatformMBeanServerUsed attribute was false so the platform MBean server was not used unless explicitly enabled. In WebLogic Server 10.3.6, the default value for the PlatformMBeanServerUsed attribute is true for domains that are at version 10.3.3.0 or higher. For more information, see "Using the Platform MBean Server" in Developing Custom Management Utilities With JMX for Oracle WebLogic Server.

WebLogic Persistent Store

As of WebLogic Server 10.3.3, WebLogic File Store behavior and tuning for default file stores and custom file stores have changed. File stores may be used by JTA, JMS, and WS applications, among others, but the changes should be transparent to most users.

For more information, see "Guidelines for Configuring a Synchronous Write Policy" in Configuring Server Environments for Oracle WebLogic Server.

Evaluation Database

As of WebLogic Server 10.3.3, the evaluation database available from the WebLogic Server installation program has been changed from PointBase to Apache Derby. If you select the Evaluation Database option on the Choose Products and Components screen, the Derby database is installed in the WL_HOME\common\derby directory. If you select a Typical installation, Derby is installed by default.

Server Examples

The WebLogic Server Medrec and Medrec-Spring server examples have been modified to use the evaluation Derby database that is included with WebLogic Server (see the next section). They have also been modified to use Oracle TopLink as the Java Persistence Architecture (JPA) persistence provider, where such a provider is used.

Continued Use of PointBase Requires License

If you have a domain based on PointBase and you want to continue using PointBase after upgrading the domain to WebLogic Server 10.3.3 or later, you must obtain a PointBase license from http://www.pointbase.com. (Note that the upgrade installer for WebLogic Server preserves the PointBase installation directory; the full installer does not.) As an alternative using to PointBase, you can migrate the domain database to Derby.

For more information, see Upgrading a Domain that Uses an Evaluation Database.

JMX 1.2 Implementation

As of WebLogic Server 9.0, WebLogic Server uses the Java Management Extensions (JMX) 1.2 implementation that is included in JDK 5.0. Before 9.0, WebLogic Server used its own JMX implementation based on the JMX 1.0 specification.

The JMX 1.2 reference implementation introduces serialization incompatibilities. Despite these incompatibilities in the reference implementation, JMX clients created for WebLogic Server 8.1 can be used with 9.2 and later releases as follows:

  • If your JMX client accesses only WebLogic Server MBeans and uses only weblogic.management.MBeanHome, it can be run in a WebLogic Server 9.2 or later instance without being upgraded.

  • A JMX client in which WebLogic Server 8.1 classes are used can interact with JMX agents in WebLogic Server 9.2 or later if all of the following are true:

    • The client accesses only WebLogic Server MBeans.

    • The client uses only weblogic.management.MBeanHome; it does not use the JDK MBeanServer interface.

    • The WebLogic Server classes are from 8.1 SP4 with any appropriate patches applied.

  • If the standard JMX MBeanServer interface is used in your JMX client, either to interact with WebLogic Server MBeans or to create and access custom MBeans, you must include the following JDK startup option for the WebLogic Server 9.2 or later instance: -Djmx.serial.form=1.0.

    This startup option causes the JVM to use JMX 1.0 class descriptions when it is serializing objects. The option is required when JMX 1.0 clients communicate with JMX 1.2 agents using the standard JDK classes.

  • If your JMX client interacts with security provider MBeans, see Security MBeans.

Oracle recommends that you update your JMX clients to be compliant with WebLogic Server 10.3.6. Before 9.0, WebLogic Server supported a typed API layer over its JMX layer. It was possible for your JMX application classes to import type-safe interfaces for WebLogic Server MBeans, retrieve a reference to the MBeans through the weblogic.management.MBeanHome interface, and invoke the MBean methods directly.

Deprecated Features

For information about functionality that has been deprecated in WebLogic Server, see "Deprecated Functionality (WebLogic Server 11g Release 1)" in What's New in Oracle WebLogic Server.

If any of your classes import the type-safe interfaces (available under weblogic.management), Oracle recommends that you update them to use the standard JMX programming model. For more information, see "Understanding WebLogic Server MBeans" in Developing Custom Management Utilities With JMX for Oracle WebLogic Server.

Runtime MBean Registration

For domains that are at version 10.3.3.0 or later, WebLogic Server registers its run-time MBeans in the JVM's platform MBean server. To change the default and use a separate MBean Server, set the PlatformMBeanServerUsed attribute in the JMX MBean to be false using either the Administration Console or WLST. For more information, see "Using the Platform MBean Server" in Developing Custom Management Utilities With JMX for Oracle WebLogic Server.

Diagnostics

As of WebLogic Server 10.3.3, the WebLogic Server Diagnostic Framework (WLDF) includes the following features:

Oracle JRockit Flight Recorder Integration

WebLogic Server provides specific integration points with Oracle JRockit Flight Recorder. WebLogic Server events are propagated to the Flight Recorder for inclusion in a common data set for run-time or post-incident analysis. The flight recording data is also included in WLDF diagnostic image captures, enabling you to capture flight recording snapshots based on WLDF watch rules. This full set of functionality enables you to capture and analyze run-time system information for both the JVM and the Fusion Middleware components running on it, in a single view.

In version 10.3.3, the WebLogic Diagnostic Framework introduced the WLDF diagnostic volume setting, which controls the amount of data that is automatically produced by WebLogic Server at run time and captured in the JRockit Flight Recorder file. By default, the WLDF diagnostic volume is set to Off in version 10.3.3. However, as of version 10.3.4, the default setting is changed to Low.

For information about WLDF integration features with JRockit Flight Recorder, see "Using WLDF with Oracle JRockit Flight Recorder" in Configuring and Using the Diagnostics Framework for Oracle WebLogic Server.

Change to DisplayArgumentsAction Behavior

The behavior of the DisplayArgumentsAction, which is used with custom diagnostic monitors, has been modified in WebLogic Server 10.3.3 to prevent sensitive data in your application from being inadvertently transmitted when an instrumentation event captures input arguments to, or return values from, a joinpoint.

If you must override this behavior change, WLDF adds a new operator, the percent sign (%), which can be specified in pointcut expressions to designate the value of a non-static class instantiation, parameter, or return specification as not containing or exposing sensitive information.

For more information, see "Defining Pointcuts for Custom Monitors" in Configuring and Using the Diagnostics Framework for Oracle WebLogic Server.

Monitoring Dashboard and Request Performance Pages

As of WebLogic Server 10.3.3, the WLDF Console Extension has been removed from the WebLogic Server Administration Console and replaced by the following:

  • Monitoring Dashboard—Provides views and tools for graphically presenting diagnostic data about servers and applications running on them. The underlying functionality for generating, retrieving, and persisting diagnostic data is provided by the WebLogic Diagnostic Framework. The Monitoring Dashboard provides additional tools for presenting that data in a wide range of built-in and custom views. For more information, see "Using the Monitoring Dashboard" in Configuring and Using the Diagnostics Framework for Oracle WebLogic Server.

  • Diagnostics Request Performance page—Displays information about the real-time and historical views of method performance that has been captured by WLDF instrumentation capabilities. For more information, see "Creating Request Performance Data" in Configuring and Using the Diagnostics Framework for Oracle WebLogic Server.

Dynamic Configuration Management

Configuration attributes are classified as dynamic or non-dynamic.

  • Changes to dynamic configuration attributes are available as soon as they are activated, without restarting the affected server or system resource. These changes are made available to the server and run-time hierarchies when they are activated.

  • Changes to non-dynamic configuration attributes are not immediately available. When a non-dynamic configuration attribute is changed, the server or system resource must be restarted to make the change effective.

WebLogic Server 9.0 introduced a change management process to provide a secure, predictable means for applying configuration changes in a domain. A batch change mechanism changes the way dynamic changes are applied when they are mixed with non-dynamic changes. Specifically, when a configured server or system resource is affected by a change to a non-dynamic attribute, no other changes (even dynamic changes) take effect, in current or future batches, until after the server or system resource is restarted. In this case, Oracle recommends that you restart the entity as soon as possible after the batch change is completed to ensure the system is in a consistent state and to allow future changes to be accepted.

You should test your configuration scripts to determine whether a non-dynamic change has been applied, and if so, restart the server. To determine whether a change is non-dynamic and requires a server restart:

  • Before you activate a change, you can:

  • After you activate a change, you can:

    • Review the server log to identify whether the change is categorized as non-dynamic.

    • Check the value of the RestartRequired or PendingRestartSystemResources attribute that is associated with the changed object, if applicable.

To determine which security attributes are dynamic or non-dynamic, see "Security Configuration MBeans" in Securing Oracle WebLogic Server.

For more information, see "Managing Configuration Changes" in Understanding Domain Configuration for Oracle WebLogic Server.

Changes to Schema Namespaces and Locations

Namespace URIs and schema locations that contained www.bea.com have been changed as of WebLogic Server 10.3.3 to refer to xmlns.oracle.com. In addition, the WebLogic Server version numbers (920, 90) have been removed.

See the Oracle WebLogic Server Schema home at http://www.oracle.com/technology/weblogic/index.html. Also see "XML Deployment Descriptors" in Developing Applications for Oracle WebLogic Server.

Modular Configuration and Deployment of JDBC Resources

As of WebLogic Server 9.0, the number of JDBC resource types was reduced to simplify JDBC configuration and to reduce the likelihood of configuration errors. Now, instead of configuring a JDBC connection pool and then configuring a data source or transactional data source to point to the connection pool and bind to the JNDI tree, you can configure a data source that encompasses a connection pool. For more information about simplified JDBC resource configuration introduced in WebLogic Server 9.0, see "Simplified JDBC Resource Configuration" in Configuring and Managing JDBC for Oracle WebLogic Server, available at http://download.oracle.com/docs/cd/E13222_01/wls/docs90/jdbc_admin/jdbc_intro.html#simple_res_config.

The WebLogic Upgrade Wizard automatically converts JDBC data sources, connection pools, MultiPools, and data source factories to their new counterparts in WebLogic Server 10.3.6, as described in the following sections:

  • JDBC Data Sources and Connection Pools

  • MultiPools

  • Data Source Factories

    Note:

    Each upgraded JDBC module contains an internal properties section. WebLogic Server uses internal properties to manage the data sources for backward compatibility. Also, some legacy attributes are preserved as properties in the Properties attribute of the JDBC data source file. Do not manually edit any internal properties.

For information about JDBC features, methods, interfaces, and MBeans that were deprecated as of WebLogic Server 9.0, see "Deprecated Functionality (WebLogic Server 11g Release 1)" in What's New in Oracle WebLogic Server.

JDBC Data Sources and Connection Pools

The Upgrade Wizard converts legacy JDBC data source/connection pool pairs to two data source system resource modules, one for the data source and one for the connection pool:

  • The data source that replaces the existing data source or transactional data source defines the data source parameters and refers to the second data source for its connection pool and related attributes.

  • The data source that replaces the connection pool contains the JDBC driver parameters, the connection pool parameters, and the XA parameters.

    Note:

    Only data sources that are converted as part of a domain upgrade can refer to another data source for its connection pool. In all other cases, each data source contains its own pool of database connections.

During an upgrade, the Upgrade Wizard sets the GlobalTransactionsProtocol parameter for a data source based on the type of data source being converted (transactional or non-transactional) and the type of driver used in the related connection pool, as noted in Table B-1.

Table B-1 Parameter Settings for Global Transaction Protocol Parameter Setting

Legacy Data Source Type Driver Type Emulate Two-Phase Commit GlobalTransactionProtocol

Tx Data Source

XA

N/A

TwoPhaseCommit

Tx Data Source

Non-XA

False

OnePhaseCommit (by default; not explicitly set)

Tx Data Source

Non-XA

True

EmulateTwoPhaseCommitFoot 1 

Data Source

Non-XA

N/A

None


Footnote 1 Depending on your environment, you may want to consider using the LoggingLastResource (LLR) transaction protocol in place of the EmulateTwoPhaseCommit protocol for transaction processing because of its performance benefits. For more information see "Understanding the Logging Last Resource Transaction Option" in Configuring and Managing JDBC for Oracle WebLogic Server.

MultiPools

The Upgrade Wizard converts a MultiPool to a multi-data source, which is another instance of a data source object that provides load balancing or failover between data sources.

Data Source Factories

For information, see "Deprecated Functionality (WebLogic Server 11g Release 1)" in What's New in Oracle WebLogic Server.

JDBC Feature Changes

The following sections describe changes to JDBC support:

For details about new JDBC features, see "JDBC" in What's New in Oracle WebLogic Server.

JDBC 4.0 Support

As of 10.3, WebLogic Server is compliant with the JDBC 4.0 specification, with the following enhancements and exceptions:

  • SQLXML is fully supported on the server side. On the RMI client side, SQLXML is partially supported. You cannot use the getSource and setResult APIs on the client side.

  • WebLogic Server JDBC supports standard Wrapper Pattern functionality and extends the functionality on the server side. The JDBC standard requires support for the Wrapper operation on the interface. WebLogic Server supports the Wrapper operation on both the interface and on the concrete class on the server side.

  • WebLogic Server enhances statement pool management as follows.

    • For the Statement interface:

      • Call isPoolable() always returns false

      • Call setPoolable() does not change the poolable state.

    • For the PreparedStatement and CallableStatement interfaces:

      • Call isPoolable() returns the current poolable state, the default value is true

      • Call setPoolable() modifies the poolable state.

    • For the PreparedStatement or CallableStatement interface, the following occurs when you call the close() method:

      • If the current poolable state is false, PreparedStatement or CallableStatement is closed.

      • If the current poolable state is true, PreparedStatement or CallableStatement reverts to the statement cache.

  • Updated third-party JDBC drivers:

    • Oracle Thin driver updated from 10g to 11g

    • PointBase database server and driver updated from 5.1 to 5.7

Deprecated JDBC Drivers

For information about JDBC drivers that have been deprecated in WebLogic Server, see "Deprecated Functionality (WebLogic Server 11g Release 1)" in What's New in Oracle WebLogic Server.

WebLogic-Branded Data Direct Drivers

Oracle provides WebLogic-branded versions of DataDirect drivers for DB2, Informix, MS SQL Server, and Sybase. For information about changes to these drivers, including to support JDBC 4.0, see "Updated WebLogic Type 4 JDBC Drivers" in the WebLogic Server 10.3 Release Notes.

Oracle RAC Support

As of 10.3, WebLogic Server includes support for Oracle Database 11g and Oracle Real Application Clusters (RAC) 11g. Support for connecting data sources and multi data sources to services running on Oracle RAC nodes was added in release 10.3.4. For more information, see "Using WebLogic Server with Oracle RAC" in Configuring and Managing JDBC for Oracle WebLogic Server.

As of release 10.3.4, WebLogic Server also provides a new data source type, a Grid Link Data Source, to provide enhanced support for Oracle RAC. For more information, see "Using Grid Link Data Sources" in Configuring and Managing JDBC for Oracle WebLogic Server

Reorganization of JDBC Resources and Data Source Factories in the Administration Console

As of WebLogic Server 10.3.4, the presentation of JDBC resources and Data Source Factories in the Domain Tree in the WebLogic Server Administration Console have changed as follows:

  • Generic Data Sources, Grid Link Data Sources, and Multi Data Sources are all located under the Services > Data Sources branch.

  • Data Source Factories (deprecated) are still supported in this release but do not appear in the domain tree unless you have upgraded an existing domain that contains Data Source Factories. If your upgraded domain contains Data Source Factories, they are located under the Services > Data Source Factories branch.

Socket Direct Protocol

This release supports Socket Direct Protocol (SDP), a high-performing socket implementation. If your environment supports SDP, see "Enable Socket Direct Protocol for a network channel" in the Oracle WebLogic Server Administration Console Help.

Connection-based System Properties

This release supports setting driver properties using the value of system properties. The value of each property is derived at run time from the named system property. You can configure connection-based system properties using the Administration Console by editing the System Properties attribute of your data source configuration.

Keep Connection After Local Transaction

This release provides a new attribute on the JDBCXAParamsBean, KeepLogicalConnOpenOnRelease, which enables WebLogic Server to keep a physical database connection associated with a logical connection when committing or rolling back a local transaction. See KeepLogicalConnOpenOnRelease in the Oracle WebLogic Server MBean Reference.

getVendorConnectionSafe

This release provides the getVendorConnectionSafe method on the weblogic.jdbc.extensions.WLConnection interface to access a physical connection. Similar to the getVendorConnection method, this mechanism returns the underlying physical connection (the vendor connection) from a pooled database connection (a logical connection). However, when the connection is closed, it is returned to the pool, independent of the setting of the JDBCConnectionPoolParamsBean.RemoveInfectedConnections attribute. For some applications, the getVendorConnectionSafe method may enhance performance by eliminating the excessive creation of connections. For more information, see "Getting a Physical Connection from a Data Source" in Programming JDBC for Oracle WebLogic Server.

JDBC Debugging Enhancements

Two diagnostic monitors were added in WebLogic Server 9.0 that can be configured in a WLDF module at the server level to provide additional visibility when JDBC connections are reserved and released:

  • JDBC_After_Reserve_Connection_Internal

  • JDBC_After_Release_Connection_Internal

For more information, see "Diagnostic Monitor Library" in Configuring and Using the Diagnostics Framework for Oracle WebLogic Server.

Miscellaneous New Features

The following features were added in WebLogic Server 10.3.3:

  • Bulk Load — improves and expands upon current methods for inserting mass amounts of data into a database as quickly as possible.

  • Freeze/unfreeze the statement pool — allows you to "freeze" the state of the statement pool. When frozen, important statements in the statement pool remain in the pool and are not replaced until the connection is closed or the application "unfreezes" the state of the statement pool.

For more information about new JDBC features, see What's New in Oracle WebLogic Server.

JMS

Note the following changes to JMS:

Modular Configuration and Deployment of JMS Resources

As of WebLogic Server 9.0, JMS configurations are stored as modules, defined by XML documents that conform to the new weblogic-jmsmd.xsd schema. With modular deployment of JMS resources, you can promote your application and the JMS configuration from one environment to another. For example, you can promote your application and the required JMS configuration from a testing environment to a production environment, without opening an EAR file and without extensive manual JMS reconfiguration.

For more information, see:

The WebLogic Upgrade Wizard automatically converts pre-9.0 JMS resources to a JMS Interop module file named interop-jms.xml, which is copied to the domain's config\jms directory. For more information, see "JMS Interop Modules" in Configuring and Managing JMS for Oracle WebLogic Server.

Please note the following JMS configuration changes:

  • When generating new JMS resources, you must define all attributes in the JMS module (that is, not using the pre-9.0 configuration file).

  • The Allow Persistent Downgrade option enables you to specify whether JMS clients receive an exception when they send persistent messages to a destination targeted to a JMS server that does not have a persistent store configured. This option is provided for backward compatibility with previous releases.

    By default, the option is set to false, specifying that clients receive an exception when they send persistent messages to a JMS server for which no store is configured. When the option is set to true, persistent messages are downgraded to non-persistent, but, the send operations are allowed to continue. This parameter is effective only when the Store Enabled parameter is disabled (that is, when it is set to false).

    For more information, see "AllowsPersistentDowngrade" in "JMSServerBean" in Oracle WebLogic Server MBean Reference.

  • A Temporary Template is created, by default, for JMS Servers. In previous releases, no default template was provided. You can also configure a temporary template, using the JMS server's Temporary Template attribute.

    You can control whether the JMS Server can host a temporary destination by setting the Hosts Temporary Destinations attribute. In previous releases, a JMS Server was enabled to host temporary destinations if and only if the TemporaryTemplate attribute was set.

  • JMS templates specified for distributed destinations are no longer supported as of WebLogic Server 9.0, and they are ignored. As of WebLogic Server 9.0, this functionality is replaced by uniform distributed destinations. For more information, see "Creating Uniform Distributed Destinations" in Configuring and Managing JMS for Oracle WebLogic Server.

  • The AllowCloseInOnMessage attribute for JMS Connection Factories is enabled by default. For more information, see "ClientParamsBean" in Oracle WebLogic Server MBean Reference.

  • Usage of the getExpirationLoggingPolicy attribute in the DeliveryFailureParamsBean should be updated in your applications to use the Message Life Cycle Logging feature described in "Message Life Cycle Logging" in Configuring and Managing JMS for Oracle WebLogic Server. It should also be noted that the getExpirationLoggingPolicy attribute now removes any leading and trailing white space that may have been embedded in an application. For information about other functionality that has been deprecated in WebLogic Server, see "Deprecated Functionality (WebLogic Server 11g Release 1)" in What's New in Oracle WebLogic Server.

JMS Message ID Format

As of WebLogic Server 9.0, the format of the JMS message ID has changed. Oracle continues to support the pre-9.0 format for existing consumers, producers, and servers. For example, existing JMS consumers may continue to view messages in the pre-9.0 format, even when received from a new JMS producer and JMS server.

Improved Message Paging

As of WebLogic Server 9.0, the message paging feature for freeing up JVM heap space during peak message load situations is always enabled on JMS servers. Additionally administrators are not required to create a dedicated message paging store because paged out messages can be stored in a directory on your file system. However, for the best performance you should specify that messages be paged to a directory other than the one used by the JMS server's persistent store.

See "Paging Out Messages To Free Up Memory" in Performance and Tuning for Oracle WebLogic Server.

Messaging

As of WebLogic Server 10.3.3, the following messaging features have changed:

Changes to weblogic.jms.extension API

The following internal methods of the weblogic.jms.extensions.WLMessage interface have been removed from the Oracle WebLogic Server API Reference:

public void setSAFSequenceName(String safSequenceName);
public String getSAFSequenceName();
public void setSAFSeqNumber(long seqNumber);
public long getSAFSeqNumber();

Your applications should not use these internal methods. Internal methods may change or be removed in a future release without notice.

Persistent Store Updates

As of release 10.3.3, WebLogic File Store behavior and tuning have changed for default file stores and custom file stores. For more information, see WebLogic Persistent Store.

Plug-Ins

The version 1.1 plug-ins provided with WebLogic Server as of release 10.3.3 contain the following new features:

  • Apache Plug-In support for Oracle HTTP Server

  • Standard encryption strength support for simplified naming

  • Use of Oracle SSL Toolkit

  • Use of Oracle Security Framework

  • Support for IPv6

  • Support for two-way SSL

For information about these features, see Using Web Server 1.1 Plug-Ins with Oracle WebLogic Server.

Thread Management

Oracle recommends using Work Manager concepts to manage threads because execute queues are no longer the default method used as of WebLogic Server 9.0. You define the rules and constraints for your application by defining a Work Manager and applying it either globally to a WebLogic domain or specifically to an application component. For more information, see "Using Work Managers to Optimize Scheduled Work" in Configuring Server Environments for Oracle WebLogic Server.

In WebLogic Server 8.1, processing was performed in multiple execute queues. If you had been using execute queues to improve performance in 8.1, you may continue to use them after you upgrade your application domains. Oracle provides a use81-style-execute-queues flag that enables you to disable the self-tuning execute pool and provide backward compatibility for upgraded applications to continue to use user-defined execute queues. For information about enabling the backward compatibility flag, and configuring and monitoring execute queues, see "How to Enable the WebLogic 8.1 Thread Pool Model" in WebLogic Server Performance and Tuning for Oracle WebLogic Server.

JTA

The following sections describe JTA feature changes:

Resource Registration Name

As of WebLogic Server 10.3.1, the behavior of the resource registration name for XA data source configurations has changed. In previous releases, the JTA registration name was simply the name of the data source. Now, the registration name is a combination of data source name and domain.

For more information, see "Registering an XAResource to Participate in Transactions" in Programming JTA for Oracle WebLogic Server.

JTA Transaction Log Migration

All JTA domain configuration options are persisted from the legacy configuration file. The only changes are at the server level. As of WebLogic Server 9.0, the Transaction Manager uses the default WebLogic persistent store to store transaction log records. During the upgrade, the Upgrade Wizard copies transaction log records to the default store. The transaction log file prefix from the existing server configuration is used only to locate the transaction log (.tlog) files during an upgrade; it is not preserved after the upgrade.

If the entire domain resides on a single computer, the Upgrade Wizard handles the upgrade (and copies transaction log records to the default store) for all Managed Servers during the initial domain upgrade. If Managed Servers reside on separate machines, you must upgrade each Managed Server individually, as described in Upgrade Your Application Environment.

Please note the following:

If you have put your transaction log files in network storage in preparation for Transaction Recovery Service migration, the log file location is not preserved after the upgrade. In this release, the WebLogic Server Transaction Manager uses the WebLogic default persistent store to store transaction log files. You can achieve the same result by moving the location of the WebLogic default persistent store to a network location. Note that you must manually copy the DAT file from the default location of the current default store to the new location of the default store.

If transactions span multiple domains, you must configure your domain to enable inter-domain transactions. For more information, see "Configuring Domains for Inter-Domain Transactions" in Programming JTA for Oracle WebLogic Server.

Enterprise Java Beans (EJBs)

In this release, you can leverage the features of Oracle TopLink with your EJB 3.0 applications. Oracle TopLink is an advanced, object-persistence and object-transformation framework that provides development tools and run-time capabilities that reduce development and maintenance efforts, and increase enterprise application functionality. For more information, see Oracle Fusion Middleware Developer's Guide for Oracle TopLink.

In addition, when you use Oracle TopLink as the persistence provider in this release of WebLogic Server, you can install a patch that provides support for Java Persistence Architecture (JPA) 2.0. JPA 2.0 includes improvements and enhancements to domain modeling, object/relational mapping, EntityManager and Query interfaces, and the Java Persistence Query Language (JPQL), and more. For more information, see "Using JPA 2.0 with TopLink in WebLogic Server" in Programming WebLogic Enterprise JavaBeans, Version 3.0 for Oracle WebLogic Server.

Middleware Home Directory

As of WebLogic Server 10.3.1, the notion of the BEA Home directory is replaced by the Middleware Home. The default path of this directory is <drive:>Oracle/Middleware. This change has the following impact on WebLogic Server:

  • A new environment variable is introduced in several WebLogic scripts in 10.3.1 to represent the Middleware Home directory: MW_HOME. The directory to which this variable is set generally is the same as BEA_HOME, which is also still used in WebLogic Server scripts.

  • By default, the WebLogic Server installation program selects <drive:>Oracle/Middleware as the root product installation directory. However, if a directory containing an existing WebLogic Server installation is detected, that directory is selected instead by default.

  • The WebLogic Server 10.3.1 documentation now uses the term Middleware Home, instead of BEA Home. However, this revision is functionally only a change in terminology and does not imply that any WebLogic software, custom domains, or applications must be moved, or that any existing environment variables that represent those locations must be changed.

This change does not affect any existing WebLogic Server installations, custom domains, applications, or scripts on your computer. You may continue to use the BEA_HOME environment variable as before.

Security

The following sections identify changes to security.

SSL Support Changes

As of WebLogic Server 10.3.3, the Certicom SSL implementation in Weblogic Server is replaced with an SSL implementation based on Java Secure Socket Extension (JSSE). JSSE is the Java standard framework for SSL and TLS and includes both blocking-IO and non-blocking-IO APIs, and a reference implementation including several commonly-trusted CAs.

Note also the following:

  • The Certicom SSL implementation will eventually be removed from WebLogic Server. However, this release of WebLogic Server continues to support the Certicom SSLPlus Java version 4.0 SSL implementation, as well as RSA Cert-J version 2.1.1 and Crypto-J version 3.5.

  • The SSLMBean has been modified in this release to support additional SSL configuration capabilities, including the ability to enable or disable the JSSE adapter.

For a list of the differences in the way the JSSE SSL implementation handles the WebLogic system properties, see "System Property Differences Between the JSSE and Certicom SSL Implementations" in Securing Oracle WebLogic Server.

For more information about SSL support in WebLogic Server, see "Secure Sockets Layer (SSL)" in Understanding Security for Oracle WebLogic Server.

Performance Enhancements for Security Policy Deployment

As of release 10.3.3, WebLogic Server includes a deployment performance enhancement for Deployable Authorization providers and Role Mapping providers that are thread safe. Weblogic Server by default supports thread-safe parallel modification to security policy and roles during application and module deployment. For this reason, deployable Authorization and Role Mapping providers configured in the security realm should support parallel calls. The WebLogic deployable XACML Authorization and Role Mapping providers meet this requirement.

However, if your custom deployable Authorization or Role Mapping providers do not support parallel calls, you must disable the parallel security policy and role modification and instead enforce a synchronization mechanism that results in each application and module being placed in a queue and deployed sequentially. You can turn on this synchronization enforcement mechanism from the Administration Console or by using the DeployableProviderSynchronizationEnabled and DeployableProviderSynchronizationTimeout attributes of the RealmMBean.

See "Enabling Synchronization in Security Policy and Role Modification at Deployment" in Securing Oracle WebLogic Server for additional information.

Deprecated Authentication Providers

For information about Authentication providers that have been deprecated in WebLogic Server, see "Deprecated Functionality (WebLogic Server 11g Release 1)" in What's New in Oracle WebLogic Server. Use one or more of the other supported Authentication providers instead.

XACML Security Providers

As of 9.1, WebLogic Server includes two new security providers, the XACML Authorization provider and the XACML Role Mapping provider. Previous releases of WebLogic Server used an authorization provider and a role mapping provider based on a proprietary security policy language. These XACML security providers support the eXtensible Access Control Markup Language (XACML) 2.0 standard from OASIS. These providers can import, export, persist, and execute policy expressed using all standard XACML 2.0 functions, attributes, and schema elements.

WebLogic domains created using WebLogic Server 9.1 and later include the XACML providers by default. The new XACML providers are fully compatible with policies and roles created using the WebLogic Authorization provider (DefaultAuthorizer) and WebLogic Role Mapping provider (DefaultRoleMapper). Existing WebLogic domains that you upgrade to 10.3.6 continue to use the authorization and role mapping providers currently specified, such as third-party partner providers or the original WebLogic Authorization and Role Mapping providers. If you want, you can migrate existing domains from using WebLogic Server proprietary providers to the XACML providers, including performing bulk imports of existing policies. For more information, see "Security" in Information Roadmap for Oracle WebLogic Server .

SAML V2 Providers

For SAML 1.1 support, new versions of the SAML Credential Mapping provider and SAML Identity Assertion provider were added in WebLogic Server 9.2. The SAML Credential Mapping V1 provider and SAML Identity Assertion V1 provider are still available in WebLogic Server, but you should use the V2 versions of the SAML Credential Mapping and SAML Identity Assertion providers instead.

Although the version number of the providers has been incremented to V2, the new SAML security providers implement the SAML 1.1 standard, as did the V1 providers.

Note:

For web single sign-on, the SAML 1.1 providers described in this section are not compatible with a WebLogic Server instance that has been configured with SAML 2.0 services.

SAML 2.0 Providers

For SAML 2.0 support, the SAML 2.0 Credential Mapping provider and SAML 2.0 Identity Assertion provider were added in WebLogic Server 10.3. These new providers can be used, respectively, to generate and consume SAML 2.0 assertions in the following use cases:

  • SAML 2.0 Web Single Sign-On Profile

  • WS-Security SAML Token Profile version 1.1

For SAML 2.0 Web Single Sign-On, the assertions generated by the SAML 2.0 Credential Mapping provider may be consumed only by the SAML 2.0 Identity Assertion provider. They are not compatible with SAML 1.1 assertions.

SAML Token Profile 1.1 is supported by WebLogic Server Web Services as of Release 10.3. This feature includes support for SAML 2.0 and SAML 1.1 assertions, and is backward compatible with SAML Token Profile 1.0 SAML tokens are configured for a Web Service through use of the appropriate WS-SecurityPolicy assertions.

Note:

SAML Token Profile 1.1 is supported only through WS-SecurityPolicy. The earlier "WebLogic Server 9.2 Security Policy" supports SAML Token Profile 1.0/SAML 1.1 only.

Oracle Internet Directory and Oracle Virtual Directory Authentication Providers

Two new LDAP authentication providers were added to WebLogic Server 10.3.2 — the Oracle Internet Directory Authentication Provider and the Oracle Virtual Directory Authentication Provider. These authentication providers can store users and groups in, and read users and groups from, the Oracle Internet Directory and Oracle Virtual Directory LDAP servers, respectively.

For information about configuring and using these new security providers, see "Configuring LDAP Authentication Providers" in Securing Oracle WebLogic Server.

RDBMS Security Store

WebLogic Server 10.3 added the option of using an external RDBMS as a data store that is used by the following security providers:

  • XACML Authorization provider

  • XACML Role Mapping provider

  • The following providers for SAML 1.1:

    • SAML Identity Assertion provider V2

    • SAML Credential Mapping provider V2

  • The following providers for SAML 2.0:

    • SAML 2.0 Identity Assertion provider

    • SAML 2.0 Credential Mapping provider

  • WebLogic Credential Mapping provider

  • PKI Credential Mapping provider

  • Certificate Registry

This data store, called the RDBMS security store, is strongly recommended for the use of SAML 2.0 services in two or more WebLogic Server instances in that domain, such as in a cluster. When the RDBMS security store is configured in a domain, an instance of any of the preceding security providers that has been created in the security realm automatically uses only the RDBMS security store as a data store, and not the embedded LDAP server. WebLogic security providers configured in the domain that are not among those in the preceding list continue to use their respective default stores; for example, the WebLogic Authentication provider continues to use the embedded LDAP server.

In order to use the RDBMS security store, the preferred approach is first to create a domain in which the external RDBMS server is configured. Before you boot the domain, create the tables in the data store that are required by the RDBMS security store. The WebLogic Server installation directory contains a set of SQL scripts that create these tables for each supported database.

If you have an existing domain in which you want to use the RDBMS security store, you should create the new domain, then migrate your security realm to it. Oracle does not recommend "retrofitting" the RDBMS security store to an existing domain. For more information, see "Managing the RDBMS Security Store" in Securing Oracle WebLogic Server.

Password Validation Provider

The Password Validation provider was added in WebLogic Server 10.3. This provider can be configured with one of the following authentication providers to enforce a set of configurable password composition rules:

  • WebLogic Authentication provider

  • SQL Authenticator provider

  • LDAP Authentication provider

  • Active Directory Authentication provider

  • iPlanet Authentication provider

  • Novell Authentication provider

  • Open LDAP Authentication provider

When a password is created or modified using an authentication provider that has been configured with the Password Validation provider, the password is automatically validated against a set of composition rules. The password composition rules are configurable and can govern the minimum length of passwords, minimum number of alphabetic or numeric characters that are required, the number of non-alphanumeric characters that are required, and more.

As of WebLogic Server 10.3.2, the Password Validation provider can be configured in the WebLogic Server Administration Console.

Security MBeans

Table B-2 lists the changes to security MBeans as of WebLogic Server 9.0.

Table B-2 Changes to Security MBeans as of WebLogic Server 9.0

Type of Security MBean Description

All security MBeans

In WebLogic Server 8.1, when you updated a security MBean attribute, the values were available to the security configuration and management hierarchy immediately, and to the security run-time hierarchy following a server reboot.

As of WebLogic Server 9.0, whether a security MBean attribute change is effective and available to the configuration, management, and run-time hierarchies immediately or upon server reboot is controlled by setting that attribute as dynamic or non-dynamic. For more information, see Dynamic Configuration Management.

RealmMBean, UserLockoutManagerMBean, and all security provider MBeans

  • In place of the wls_getDisplay method, you should use the new getName method instead. In addition, the following security methods have been removed:

    wls_getAttributeTag
    wls_getConstructorTag
    wls_getMBeanTag
    wls_getNotificationTag
    wls_getOperationTag
    
  • The weblogic.Admin tools and pre-9.2 JMX security APIs can no longer be used to configure security MBeans. These utilities and APIs can still be used, however, to view and invoke methods on the security MBeans.

For security provider MBeans (only):

  • When adding or removing a security provider, you must reboot the server before any changes take effect.

  • When modifying an existing security provider, if you modify any non-dynamic attributes, the server must be rebooted before any (that is, non-dynamic or dynamic) changes take effect. For more information, see Dynamic Configuration Management.

All custom security provider MBeans

  • By default, all custom security provider MBeans attributes are non-dynamic. For more information, see Dynamic Configuration Management.

  • You can set an MBean attribute to be dynamic by setting Dynamic="true" for the attribute within the MDF file. For example:

    <MBeanAttribute
    Name        = "Foo"
    Type        = "java.lang.String"
    Dynamic = "true"
    Description = "Specifies that this attribute is a dummy."
    />
    

Password Encryption

To prevent unauthorized access to sensitive data such as passwords, some attributes in configuration MBeans are encrypted. The attributes persist their values in the domain configuration files as an encrypted string. For further security, the in-memory value is stored in the form of an encrypted byte array to help reduce the risk of the password being snooped from memory.

In pre-9.0 releases, you could edit the config.xml file to specify an encrypted attribute, such as a password, in clear-text or encrypted format. In this case, when booted, the WebLogic Server encrypts the information the next time it writes to the file.

As of WebLogic Server 9.0, when operating in production mode, the password of an encrypted attribute must be encrypted in the configuration files. In development mode, the password of an encrypted attribute can be either encrypted or clear-text.

You can use the weblogic.security.Encrypt command-line utility to encrypt the passwords, as follows:

java weblogic.security.Encrypt

You are prompted to enter a password, and the command returns the encrypted version. Then, copy the encrypted password returned into the appropriate file.

This utility is not just used for passwords in the configuration files. It can also be used to encrypt passwords in descriptor files (for example, a JDBC or JMS descriptor) and in deployment plans. For more information, see "encrypt" in Command Reference for Oracle WebLogic Server.

Security for HTTP Requests

By default, when an instance of WebLogic Server responds to an HTTP request, its HTTP response header does not include the WebLogic Server name and version number. This behavior is different from releases before WebLogic Server 9.0.

To have the name and version number included in the HTTP response header when responding to an HTTP request, enable the Send Server Header attribute for the WebLogic Server instance in the Administration Console. The attribute is located on the Server > ServerName > Protocols > HTTP tab under the Advanced Options section. Note that enabling this feature may creates a security risk if a possible attacker knows about a vulnerability in the specified version of WebLogic Server.

For more information about ensuring security, see "Securing the WebLogic Security Service" in "Ensuring the Security of Your Production Environment" in Securing a Production Environment for Oracle WebLogic Server.

Secure Access to MBeanHome

In pre-9.0 releases of WebLogic Server, anonymous access to MBeanHome was enabled by default. With the security enhancements delivered as of WebLogic Server 9.0, anonymous access to MBeanHome is no longer allowed.

Although doing so is not recommended, you can re-enable anonymous access by specifying the following flag when starting the server:

-Dweblogic.management.anonymousAdminLookupEnabled

Message-Level Security in Web Services

As of WebLogic Server 9.0, message-level security in Web Services is enhanced to use the standards-based Web Services Policy Framework (WS-Policy). WS-Policy provides a flexible and extensible grammar for expressing the capabilities, requirements, and general characteristics of entities in an XML Web Services-based system. For more information about WS-Policy, see "Using WS-SecurityPolicy 1.2 Policy Files" in Security and Administrator's Guide for Web Services.

In 8.1, the implementation was based on an OASIS implementation of the Web Services Security (WSS) standard. This implementation is supported for backward compatibility. For more information about this implementation, see http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss. For information about functionality that is deprecated in WebLogic Server, see "Deprecated Functionality (WebLogic Server 11g Release 1)" in What's New in Oracle WebLogic Server.

RSA Cryptographic Services Upgrade

As of version 10.3.4, WebLogic Server supports the RSA cryptographic services in JDK 6. For information about SSL support in WebLogic Server, see "Secure Sockets Layer (SSL)" in Understanding Security for Oracle WebLogic Server.

Validation of Security Certificates

As of release 10.3.4, WebLogic Server adds the ability to examine details contained in an end user request to determine whether authentication should succeed or fail. The details may include the end user's certificate, Subject, and IP address. For more information about this feature, see "Checking the Validity of End User Certificates" in Securing Oracle WebLogic Server.

SAML Single Sign-On Attribute Support

WebLogic Server 10.3.6 enhances the SAML 1.1 and 2.0 Credential Mapping provider and Identity Assertion provider mechanisms to support the use of a custom attribute mapper that can obtain additional attributes (other than group information) to be written into SAML assertions, and to then map attributes from incoming SAML assertions. For more information, including details about the SAML attribute APIs that have been added for this enhancement and examples, see "Configuring SAML Single Sign-On Attribute Support" in Programming Security for Oracle WebLogic Server.

WebLogic Service Component Architecture (WebLogic SCA)

As of WebLogic Server 10.3.3, WebLogic SCA supports the following new features:

  • Enhanced data binding support in Web Service bindings:

    • SOAP attachments in TopLink/EclipseLink JAXB bindings. Both SOAP Message Transmission Optimization Mechanism (MTOM) and SOAP Messages with Attachments (SwA) are supported.

    • Java Collection Objects in TopLink/EclipseLink JAXB bindings.

  • Dispatch policies for EJB service bindings

For more information about WebLogic SCA, see Developing WebLogic SCA Applications for Oracle WebLogic Server.

Web Services

WebLogic Server 8.1 Web Services can be run in version 9.0 and later, although the 8.1 Web Services run-time engine has been deprecated as of 9.0.

No Web service upgrade is required going from 9.2 to 10.0, or from 10.0 to either 10.3 or 10.3.x.

Oracle strongly recommends that you upgrade all of your 8.1 Web services to 10.3.6.

For information about upgrading your existing 8.1 Web Services to 10.3.6, see "Upgrading WebLogic Web Services From Previous Releases to 10g Release 3" in Getting Started With JAX-RPC Web Services for Oracle WebLogic Server.

New Web Services Features

The following new features have been added in WebLogic Server as of release 10.3.3:

  • Support for Web services atomic transactions — WebLogic Web services enable interoperability with other external transaction processing systems, such as WebSphere, JBoss, Microsoft .NET.

  • Enhanced support for Web services in a clustered environment

  • Enhanced monitoring of Web services and clients

  • Attachment of Oracle WSM policies to WebLogic Web services using Fusion Middleware Control

  • EclipseLink DBWS support for declarative Web service solution for accessing relational databases

  • Method-Level policy attachment behavior change — Before WebLogic Server 10.3.3, if a policy was attached, through the Administration Console, to a method of one Web service, the policy was also attached to all methods of the same name for all Web services in that module. As of WebLogic Server 10.3.3, the policy is attached only to the method of the appropriate Web service.

  • policy: prefix now removed from OWSM policy names

  • Web services WSDL tab now removed — Before WebLogic Server 10.3.3, you could view the WSDL for the current Web service by selecting the Configuration > WSDL tab. The WSDL tab has been removed as of WebLogic Server 10.3.3.

  • New development tools — Oracle JDeveloper and Oracle Enterprise Pack for Eclipse (OEPE)

  • Integration with Oracle Enterprise Manager Fusion Middleware Control

  • Support for Oracle WebLogic Services Manager (WSM) security policies

  • Support for WS-SecureConversation 1.3 on JAX-WS and MTOM with WS-Security on JAX-WS

For more information, see "Web Services" in What's New in Oracle WebLogic Server.

Web Applications, JSPs, and Servlets

The following sections provide important compatibility information for Web applications, JSPs, and Servlets in WebLogic Server 10.3.6:

ActiveCache

As of WebLogic Server 10.3.3, applications deployed on WebLogic Server can easily use Coherence data caches, and seamlessly incorporate Coherence*Web for session management and TopLink Grid as an object-to-relational persistence framework. Collectively, these features are called ActiveCache.

ActiveCache provides replicated and distributed data management and caching services that you can use to reliably make an application's objects and data available to all servers in a Coherence cluster.

For more information, see Using ActiveCache.

Class Caching

As of release 10.3.3, WebLogic Server allows you to enable class caching. The advantages of using class caching are:

  • Reduces server startup time.

  • The package level index reduces search time for all classes and resources.

Class caching is supported in development mode when starting the server using a startWebLogic script. Class caching is disabled by default and is not supported in production mode. The decrease in startup time varies among different JRE vendors. For more information, see "Configuring Class Caching" in Developing Applications for Oracle WebLogic Server.

Deprecated and Obsolete Web Application Features

For a list of Web application features that are deprecated or are not supported as of WebLogic Server 10.3.6, see "Deprecated Functionality (WebLogic Server 11g Release 1)" in What's New in Oracle WebLogic Server.

BASIC Authentication with Unsecured Resources

For WebLogic Server versions 9.2 and later, client requests that use HTTP BASIC authentication must pass WebLogic Server authentication, even if access control is not enabled on the target resource.

The setting of the Security Configuration MBean flag "enforce-valid-basic-auth-credentials" determines this behavior. (The DomainMBean can return the new Security Configuration MBean for the domain.) It specifies whether the system should allow requests with invalid HTTP BASIC authentication credentials to access unsecured resources.

Note:

The Security Configuration MBean provides domain-wide security configuration information. The enforce-valid-basic-auth-credentials flag effects the entire domain.

The enforce-valid-basic-auth-credentials flag is true by default, and WebLogic Server authentication is performed. If authentication fails, the request is rejected. WebLogic Server must therefore have knowledge of the user and password.

See "Understanding BASIC Authentication with Unsecured Resources" in Programming Security for Oracle WebLogic Server for complete information.

Backward Compatibility Flags

For WebLogic Server 10.0 and later, backward compatibility for WebLogic Server 9.2 or earlier is supported by using the backward-compatible element within the jsp-descriptor element, as described in this section and in "jsp-descriptor" in Developing Web Applications, Servlets, and JSPs for Oracle WebLogic Server.

JSP 2.1 Support and Compatibility With JSP 2.0 Web Applications

JSP 2.1 is supported as of WebLogic Server 10.0. Depending on the version of the Web application (version 2.4 or 2.5) and the setting of the backward-compatible element, Weblogic Server 10.0 and later also supports JSP 2.0.

See "Backward Compatibility Flags" in Developing Web Applications, Servlets, and JSPs for Oracle WebLogic Server for important information about the buffer suffix setting and implicit servlet 2.5 package imports.

Support for JSP 2.0

JSP 2.0 was supported as of WebLogic Server 9.0, and continues to be supported as described in Backward Compatibility Flags. Please note the following changes to the JSP behavior as required in support of JSP 2.0:

  • If a JSP does not participate in a session (or if the session in which a JSP participates is invalid), an IllegalStateException is thrown when the following command is executed:

    PageContext.getAttribute(name, PageContext.SESSION_SCOPE)
    

    If you are not concerned about this type of error, you can catch and ignore it.

  • JspWriterImpl now replaces \n with System.getProperty("line.separator") for each printline function. This replacement causes problems with JSPs that:

    • Contain multiple page directives that appear on new lines. For example:

      <%@ page import="com.foo.bar.*" %>
      <%@ page import="com.foo.xyz.*" %>
      ...
      
    • Generate output in XML format.

    • Generate an XML declaration following the page directives.

    • Are served by Windows systems. In this case, \r\n is output for each page directive.

    • Are viewed using Internet Explorer.

      When viewed in Internet Explorer, each page directive outputs an empty \r\n and the XML declaration (<?xml version="1.0" encoding="iso-8859-1"?>) appears after every new line. Internet Explorer displays an error message indicating that it cannot locate the declaration and that the page cannot be viewed, even though it can be compiled.

    To work around any issues caused by changes to JspWriterImpl, you can perform one or both of the following tasks:

    • Define the XML declaration at the top of the page.

    • Group the page directives into a single declaration, for example:

      <%@ page import="com.foo.bar.*, com.foo.baz.*"
      contentType="text/html" pageEncoding="UTF-8" errorPage="Error.jsp" %> 
      
  • The JSP <param name> tag no longer allows run-time expression values. For example:

    <jsp:param name="<%= AdminActions.RETURN_LINK %>" value="<%= returnlink %>" />
    

    You can continue to support this feature by disabling the Do not set backward compatibility flags upgrade option during the domain upgrade, as described in "Select Upgrade Options" in Table 5-1, or enabling the backwardCompatible flag in the weblogic.xml file, as follows:

    <jsp-descriptor>
    <jsp-param> 
    <param-name>backwardCompatible</param-name>
    <param-value>true</param-value> 
    </jsp-param> 
    </jsp-descriptor> 
    

Servlet Path Mapping

As of version 2.3 of the Java Servlet Specification, the following syntax is used to define mappings:

  • A servlet path string that contains only the / (slash) character indicates the default servlet of the application. The servlet path resolves to the request URI minus the context path; in this case, the path resolves to null.

  • A String that begins with an * (asterisk) specifies an extension mapping.

These changes introduce a change in behavior with the following HttpServletRequest methods:

  • getPathInfo

  • getServletPath

To better illustrate the change in behavior, consider the request /abc/def.html that resolves to ServletA:

  • If / maps to ServletA, then servletPath="abc/def.html" and pathInfo=null.

  • If /* maps to ServletA, then servletPath="" and pathInfo="abc/def.html".

To ensure that the path info returned is non-null, replace all occurrences of the / (slash) servlet mapping string with /*.

The Java Servlet Specification can be downloaded from the following location:

http://www.oracle.com/technetwork/java/javaee/servlet/index.html

XML Implementation

Please note the following changes to XML support as of WebLogic Server 9.0:

  • The default XML parser is the XML parser shipped with the Sun Java 2 JDK. The previous default XML parser, the Apache Xerces parser (weblogic.apache.xerces.*), is deprecated as of 9.0.

    You can modify the XML parser that is used by default using the Administration Console. For information about configuring the XML parser, see "Difference In Default Parsers Between Versions 8.1 and 9.0 of WebLogic Server" in Programming XML for Oracle WebLogic Server.

  • As of 9.0, WebLogic Server supports Streaming API for XML (StAX), a standard specification from the Java Community Process that provides an easy and intuitive means of parsing and generating XML documents. StAX gives you more control over XML parsing than the WebLogic XML Streaming API, which is deprecated as of 9.0. For information about using StAX, see "Using the Streaming API for XML (StAX)" in Programming XML for Oracle WebLogic Server.

  • You can no longer parse XML documents from within a servlet using the setAttribute and getAttribute methods without some preliminary setup. Specifically, as of 9.0, you must configure a WebLogic Server servlet filter called weblogic.servlet.XMLParsingHelper (deployed, by default, on all WebLogic Server instances) as part of your Web application. For more information, see "Parsing XML Documents in a Servlet" in Programming XML for Oracle WebLogic Server.

XMLBeans and XQuery Implementation

As of 9.0, the XMLBean implementation in WebLogic Server has been moved from an internal library (com.bea.xml) to the Apache open source project (org.apache.xmlbeans).

If you used XMLBeans in your WebLogic Server 8.1 applications, you must perform the following steps:

  1. Update the package name used by XMLBeans from com.bea.xml to org.apache.xmlbeans.

  2. Recompile your XMLBean schemas to update the schema metadata (.xsb) files and generated code.

As of 9.0, the XMLQuery (XQuery) implementation conforms to the following specifications:

In WebLogic Server 8.1, the XQuery implementation conformed to XQuery 1.0 and XPath 2.0 Functions and Operators—W3C Working Draft 16 August 2002, available from the W3C Web site at http://www.w3.org/TR/2002/WD-xquery-operators-20020816/. The 2002 XQuery implementation is deprecated as of 9.0.

In most cases, simple XQuery and XPath operations in pre-9.0 code behaves the same in 10.0. To ensure that the XQuery and XPath operations produce the expected results, you can review or update the existing XMLObject.selectPath() and XMLObject.execQuery() method calls using one of the following methods:

  • To guarantee 8.1-style behavior, update the existing method calls to include a new parameter that specifies that the 2002 XQuery engine is to be used instead of the new 2004 XQuery engine. For example:

    import org.apache.xmlbeans.impl.store.Path; 
    XmlObject xo = ? 
    xo.selectPath(".//c", (new XmlOptions()).put(Path._forceXqr12002ForXpathXQuery));
    

    Note:

    The 2002 XQuery engine is deprecated as of WebLogic Server 9.0, and is available for backward compatibility. It is only used if you specify this parameter. Otherwise, the 2004 XQuery engine is used, by default.
  • To guarantee conformance with the 2004 XQuery engine, review your pre-9.0 scripts to identify any changes that may be required with the syntax or semantics of the XQuery strings that are passed to the method calls and update methods accordingly.

As of 9.0, the behavior of XMLCursor.moveXML() has changed. In 8.1, a cursor that was inside a moved fragment remained on the original document. As of 9.0, cursors move with fragments.

WebLogic Administration and Configuration Scripts

Due to changes with the MBean hierarchy, Oracle does not guarantee that pre-9.2 configuration and administration scripts (such as WLST, wlconfig, weblogic.Admin, Ant, and so on) run in 10.3.6. Oracle recommends that you update your scripts to take advantage of the new features provided in WebLogic Server in version 9.2 and later. For more information about new features and changes in the MBean hierarchy, see the documents listed in Table B-3:

Table B-3 New Features in WebLogic Server by Release

For the following release . . . . . . see the following for a description of new features

9.2

"What's New in WebLogic Server 9.2" at:

http://download.oracle.com/docs/cd/E13222_01/wls/docs92/notes/new.html

10.0

"What's New in WebLogic Server 10.0" at:

http://download.oracle.com/docs/cd/E13222_01/wls/docs100/notes/new.html

10.3

"What's New in WebLogic Server" for version 10.3 at:

http://download.oracle.com/docs/cd/E12840_01/wls/docs103/notes/new.html

10.3.1

What's New in Oracle WebLogic Server for 11g Release 1 (10.3.1) at:

http://download.oracle.com/docs/cd/E12839_01/web.1111/e13852/toc.htm

10.3.2

What's New in Oracle WebLogic Server for 11g Release 1 (10.3.2) at:

http://download.oracle.com/docs/cd/E15523_01/web.1111/e13852/toc.htm

10.3.3

What's New in Oracle WebLogic Server for 11g Release 1 (10.3.3) at:

http://download.oracle.com/docs/cd/E14571_01/web.1111/e13852/toc.htm

10.3.4

What's New in Oracle WebLogic Server for 11g Release 1 (10.3.4) at:

http://download.oracle.com/docs/cd/E17904_01/web.1111/e13852/toc.htm

10.3.5

What's New in Oracle WebLogic Server for 11g Release 1 (10.3.5) at:

http://download.oracle.com/docs/cd/E21764_01/web.1111/e13852/toc.htm

10.3.6

What's New in Oracle WebLogic Server for 11g Release 1 (10.3.6)


For additional information about upgrading your application infrastructure and the scripting tools that have been deprecated, see Step 1: Upgrade Your Application Infrastructure.

Deployment Descriptor Validation and Conversion

This section describes changes in the use of deployment descriptors in a WebLogic Server environment, as of release 9.0:

  • Deployment descriptor validation is more strict as of the 9.0 release of the EJBGen and ejbc tools. For example, an error is returned if a cmr-field is defined in @ejbgen:relation, but there are no methods tagged with @ejbgen:cmr-field in the Bean class.

    Note:

    Oracle recommends you should use appc instead of ejbc. For more information, see "appc Reference" in Programming WebLogic Enterprise JavaBeans for Oracle WebLogic Server.
  • In pre-9.0 versions of WebLogic Server, applications that define multiple modules, as illustrated in the following excerpt from a configuration file, are deployed successfully regardless of whether a META-INF\application.xml deployment descriptor is defined as part of the application:

    <Application Deployed="true" Name="SessionBeanLifeCycleBean"
    Path="C:\bea\weblogic70\tools\deployment\ejb" TwoPhase="false">
                <EJBComponent Name="CMFinderTestBean" Targets="myserver" URI="CMFinderTestBean.jar"/>
                <EJBComponent Name="SessionBeanLifeCycleBean" Targets="myserver" 
    URI="SessionBeanLifeCycleBean.jar"/>
    </Application>
    

    As of 9.0, the META-INF\application.xml deployment descriptor is required if a deployed application defines multiple modules. If this type of deployment descriptor is not provided, the upgrade fails with an error similar to the following:

    [J2EE Deployment SPI:260089]Unable to determine type of application at path 'C:\bea\weblogic70\tools\deployment\ejb' and upgrade will not succeed.
    

    When upgrading a domain, make sure that the deployed applications adhere to the proper Java EE application format. For example, if required by the application, make sure that the applications define the META-INF\application.xml or META-INF\weblogic-application.xml deployment descriptors.

    For more information about the deployment descriptors, see "Enterprise Application Deployment Descriptor Elements" in Developing Applications for Oracle WebLogic Server.

  • So that your applications can take advantage of the features in the current Java EE specification and release of WebLogic Server, Oracle recommends that you upgrade deployment descriptors when you upgrade applications to a new release of WebLogic Server. For more information, see "Upgrading Deployment Descriptors From Previous Releases of J2EE and WebLogic Server" in Developing Applications for Oracle WebLogic Server.

Deprecated Startup and Shutdown Classes

As of 9.0, application-scoped startup and shutdown classes were deprecated in WebLogic Server, in favor of applications that respond to application lifecycle events. Oracle recommends that you update your application environment to use the lifecycle events in place of application-scoped and domain-level startup and shutdown classes. For more information, see "Programming Application Life Cycle Events" in Developing Applications for Oracle WebLogic Server.

Administration Console

The following sections describe changes to the Administration Console:

Console Configuration Features

WebLogic Server 10.3 introduced new options that were added for configuring Console behavior, including the ability to do the following:

  • Lock a domain configuration so you can make changes to the configuration while preventing other accounts from making changes during your edit session

  • Specify whether to deploy internal applications such as the Administration Console, UDDI, and the UDDI Explorer on demand (upon first access) instead of during server startup

  • Locate any WebLogic Server Configuration MBean that contains the string specified in its name, using a new search feature added to the banner toolbar region

  • Use additional capabilities for automatically migrating failed servers and services from one server to another

  • Deploy and control Service Component Architecture (SCA) deployments

  • Inspect Spring applications

For more information, see "What's New in WebLogic Server" in the WebLogic Server 10.3 Release Notes.

Administration Console Extension Architecture

In WebLogic Server version 9.0, the Administration Console was built on the WebLogic Portal Framework, which makes it more open and more readily extensible. The architecture necessitated new procedures for extending the Administration Console. WebLogic Server console extensions built for releases of WebLogic Server before 9.0 do not function with the new console infrastructure.

The following features were added in WebLogic Server 10.3.2:

  • A sample Look and Feel is provided, which you can modify to create a custom Look and Feel for the WebLogic Server Administration Console.

  • Online help can be created and associated with console extensions.

For more information about extending the WebLogic Server Administration Console, see Extending the Administration Console for Oracle WebLogic Server.

Important Console-Extension Information for Version 9.2

Version 9.2 of WebLogic Server introduced the following changes to console extensions:

  • Before this release, Administration Console extensions could import a set of third-party JSP tag libraries by specifying a path name to the tag library file. For example,

    <%@ taglib uri="/WEB-INF/beehive-netui-tags-template.tld" prefix="beehive-template" %> 
    

    As of 10.0, Administration Console extensions that use these third-party JSP tag libraries from the WebLogic Server installation must use pre-defined, absolute URIs to specify the tag libraries. For example:

    <%@ taglib uri="http://beehive.apache.org/netui/tags-template-1.0" prefix="beehive-template" %> 
    

    The Administration Console's web.xml file maps these URIs to tag libraries within the WebLogic Server installation. This mapping facility enables Oracle to reorganize its installation directory without requiring you to change your JSPs.

    Any Administration Console extensions that use the old path name syntax to import Apache Struts, Apache Beehive, or the JSTL tag libraries must update all path names to the new URIs.

    The URI for the WebLogic Server Console Extension tag library (console-html.tld) remains unchanged: /WEB-INF/console-html.tld.

    For more information, see "JSP Templates and Tag Libraries" in Extending the Administration Console for Oracle WebLogic Server.

  • By convention, portal include files (.pinc) files are now called portal book files (.book).

WebLogic Portal Skeleton URI References Should be Fully Qualified

WebLogic Portal requires that any explicit Skeleton URI references be fully qualified relative to the webapp. However, the documentation and some console extension examples have sometimes used relative references to these skeletons. Consider the following incorrect example:

<netuix:singleLevelMenu markupType="Menu" markupName="singleLevelMenu" skeletonUri="singlelevelmenu_children2.jsp"/>

This example should have been correctly specified as:

<netuix:singleLevelMenu markupType="Menu" markupName="singleLevelMenu" skeletonUri="/framework/skeletons/default/singlelevelmenu_children2.jsp"/>

For this release, relative skeleton URI references continue to work. However, any console extensions that you have written should be updated to use fully qualified skeleton URIs, because these relative references may no longer function correctly in a future release.

Resource Adapters

Table B-4 lists the configuration settings for resource adapters that are deprecated or no longer supported. For more information about new features and changes, see "What's New in WebLogic Server".

Table B-4 Deprecated or Unsupported Resource Adapter Configuration Settings

This element ... As of WebLogic Server 9.0 ...

Link-Ref Mechanism

This element has been deprecated and replaced by the new Java EE libraries feature. For more information about Java EE libraries, see "Creating Shared J2EE Libraries and Optional Packages" in Developing Applications for Oracle WebLogic Server.

The Link-Ref mechanism is still supported in this release for resource adapters developed under the J2CA 1.0 Specification. For more information about using the Link-Ref mechanism with 1.0 resource adapters, see "(Deprecated) Configuring the Link-Ref Mechanism" in "Configuring the weblogic-ra.xml File" in Programming Resource Adapters for Oracle WebLogic Server.

<shrink-period-minutes>

This element has been deprecated and replaced by <shrink-frequency-seconds>, which you can use to specify the shrink period in increments of seconds, instead of minutes.

The <shrink-frequency-seconds> element overrides the <shrink-period-minutes> element if both are set.

<connection-maxidle-time>

This element has been deprecated and is replaced by <inactive-connection-timeout-seconds>, which you can use to specify the connection timeout in increments of seconds.

The <inactive-connection-timeout-seconds> element overrides the <connection-maxidle-time> element if both are set.

<security-principal-map>

This element is no longer supported; the security principal map is configured using the Administration Console.

You should remove the <security-principal-map> definition from the weblogic-ra.xml file. Otherwise, deployment of the resource adapter fails.

<connection-cleanup-frequency>

This element is no longer supported and is ignored during deployment.

<connection-duration-time>

This element is no longer supported and is ignored during deployment.


WLEC

WLEC was deprecated in WebLogic Server 8.1. WLEC users should move applications to the WebLogic Tuxedo Connector, as described in Tuxedo Connector Migration Guide for WLEC to Oracle WebLogic Server.

SNMP MIB Refresh Interval and Server Status Check Interval No Longer Used

The "SNMPAgentMBean" MBean "MibDataRefreshInterval" and "ServerStatusCheckIntervalFactor" attributes were deprecated in WebLogic Server 10.0 and are ignored.

Backward Compatibility Flags

The configuration flags in Table B-5 are available to support backward compatibility when you upgrade a domain. By default, these flags are set to support backward compatibility, unless you disable them by selecting the Do not set backward compatibility flags option during an upgrade, as described in Upgrading a Domain in Graphical Mode.

Table B-5 Backward Compatibility Flags

Category Backward Compatibility Flag For more information, see ...

Security

  • EnforceStrictURLPattern—Specifies whether the server should enforce strict adherence of URL patterns to the Servlet 2.4 specification. During an upgrade, this flag is set to false for backward compatibility.

  • WebAppFilesCaseInsensitive—Specifies whether the URL-pattern matching behavior is case-insensitive for security constraints, servlets, filters, virtual hosts, and so on, in the Webapp container and external security policies. During an upgrade, this flag is set to os, which sets URL-pattern matching as case-sensitive on all platforms except Windows, for compatibility with pre-9.0 releases. As of WebLogic Server 9.0, URL-pattern matching is strictly enforced across operating systems

"SecurityConfigurationMBean"

Web Application

  • backward-compatible—Specifies which JSP version is supported. Depending on the version of the Web application (version 2.4 or 2.5) and the setting of the backward-compatible element, Weblogic Server 10.3.6 supports JSP 2.1 or JSP 2.0.

    backward-compatible is located within the "jsp-descriptor" element, as described in Developing Web Applications, Servlets, and JSPs for Oracle WebLogic Server.

  • AllowAllRoles—Specifies that a wildcard (*) character can be used to set the role name to enable all users/roles in the realm to have access to the resource collection. As of WebLogic Server 9.0, if you specify the wildcard (*) character as the role name, all users/roles in the Web application have access to the resource collection.

  • FilterDispatchedRequestsEnabled—Specifies whether to apply filters to dispatched requests. As of WebLogic Server 9.0, the new Dispatcher element makes this behavior explicit.

  • JSPCompilerBackwardsCompatible—Specifies whether to allow JSPs that do not comply with the JSP 2.0 specification.

  • ReloginEnabled—Specifies whether to allow users multiple attempts to log in to a Web page if the original credentials were not supported. As of WebLogic Server 9.0, the FORM/BASIC authentication behavior has been modified to return the 403 (FORBIDDEN) Web page.

  • RtexprvalueJspParamName—Specifies whether to allow run-time expression values for the JSP <param name> tag. As of WebLogic Server 9.0, the JSP Compiler no longer allows run-time expression values.

"WebAppContainerMBean"


Deprecated and Removed APIs

Information about deprecated functionality for WebLogic Server can be found on My Oracle Support at https://support.oracle.com/. Enter the following document ID in the Search Knowledge Base field:

888028.1