As most of
you are already aware that Oracle has announced its fourth patch set release
for Oracle WebLogic Server 12c R2 numbered 12.2.1.4 as part of its overall
OFM 12.2.1.4 release. I have already posted a blog with a list of products that
were released in this version, click here
to check the same. In this blog I will try to cover the new and deprecated
features of this newbie in the family.
I will be
limiting this blog only to Weblogic and I will blog another one for SOA and its
components.
Oracle
Weblogic server 12.2.1.4 is the fourth one of the 12c R2 family. This is
the patch set release for 12.2.1.X, delivered for incorporating bug fixes
identified in its prior release (12.2.1.3). Looks like Oracle intentionally limited
new features between Oracle WebLogic Server 12.2.1.3 and 12.2.1.4 to make the
adoption easy for the existing 12.2.1.X customers or may be planning big for its
next release 14.1.1.
Yes, you read
it right there is no 13, {IS ORACLE SCARED TOO!!} I don’t think so, as they
have already released Java 13, OEM13… Oracle let us know 😉. Next release would be 14.
Oracle
announced its beta program for WebLogic Server and Coherence with the version
numbering 14.1.1
on September 17, 2019. With this Oracle has brought the same old confusion with
version numbering concept with different version numbers for database and
Middleware products ☹. We were aligned with Middleware12c, but with announcement of the
release 14 we are back to the same old confusion of version numbering. Oracle
database releases are now following the version numbering with the years, e.g.
Oracle Database 18c (2018), Oracle Database 19c (2019). I still don’t understand
why they numbered it 14 for its next release. Oracle please help us in understanding
this version numbering for Fusion middleware and please align with same version
numbering concept you are following for Databases.
Ohhh, this
is going in different direction let’s jump back to Oracle Weblogic server
12.2.1.4.
It is
important for the customers to note that Oracle Weblogic server 12.2.1.4 is defined
as a final maintenance release in a release series of 12.2.X and to continue
with Long Term Support (LTS) formerly know as Terminal release. Which means error
correction support will continue for 12.2.1.4 through the Premier and Extended
Support dates documented in the Lifetime Support Policy and importantly customers who are
adopting 12.2.1.4 can have this version as their Production platform for many
years (hopefully).
Below are
the some of the features that were added in Oracle WebLogic Server version
12.2.1.4.0
JMS
|
This
is one service where I found some serious improvements were brought in.
Per-JVM Load Balancing:
We
can now enable Per-JVM load balancing instead of Per-Member message
load balancing.
Per-Member
load balancing considers all active members of the distributed destination as
candidates when considering affinity or other heuristics. It
helps in evenly distributing messages among all members, but if there is any fail-over
of a member or migrate, it can lead to some JVMs getting more messages than
others.
Per-JVM
Load balancing considers only one member of the distributed destination on
each WebLogic Server JVM regardless of the number of members hosted by each
JVM. This not only helps in evenly distributing messages among all WebLogic
servers in a cluster but also retains failed-over members to recover and
process the unprocessed messages of this failed over members.
Failover Limit:
We
can now specify a limit for the number of cluster-targeted JMS instances that
can fail over to a JVM.
This
will help in preventing too many JMS instances failing over to a single JVM.
The
default value -1 means no fail over limit
Value
0 prevents any failovers of the JMS instances so only one instance 1 instance
will run per server.
Value
1 allows one failover instance on each server, so no more than two instances
will run per server. This number can be increased as needed.
|
||||
Configuration
Overriding
|
Configuration
Overriding is also called situational configuration used
to customize a Weblogic domain configuration without modifying the domain’s
actual configuration files. This feature will be very helpful in
situations where you have servers running in MSI mode and want to do
configurational changes without starting our Admin Server. Configuration
Overriding bypasses the Admin Server as the primary means of
distributing configuration information to Managed Servers.
In
previous releases, there was limitation where it was required to provide an expiration
time and for that reason it was named as Temporary Configuration Overriding.
This limitation is now removed.
|
||||
Security
|
AES 256–bit encryption:
From this version (12.2.1.4) Weblogic server uses AES 256–bit
encryption to protect sensitive configuration and runtime values. Only
new domains created in this release 12.2.1.4 use AES 256–bit encryption,
domain upgraded to 12.2.1.4 from previous releases will not be able to use AES
256–bit encryption and will run on AES 128–bit encryption.
SAML encryption and signing:
From WebLogic 12.2.1.4.0, “Only accept signed assertions”
setting is selected by default. It was not required in previous releases,
which could be used to bypass authentication and gain access as an arbitrary
user.
The following new encryption attributes have been added to the ‘SingleSignOnServicesMBean’.
JEP 290 Enhancements:
In WebLogic 12.2.1.4.0, a system property ‘weblogic.oif.serialFilterLogging’
has been added that you can use to log the current blacklist
classes and packages. The scope of the
default filter is also now set to ‘global’.
|
Now let’s have a look on the
deprecated functionalities
- Multitenant domain partitions, resource groups, resource group templates, virtual targets, and Resource Consumption Management are deprecated in this release (12.2.1.4.0) and will be removed in the next release.
- Simple Network Management Protocol (SNMP) v1 and v2 are now deprecated and the default version is SNMPv3.
- Active-Active XA Transaction Recovery (automated cross-site XA transaction recovery) is deprecated in WebLogic Server 12.2.1.4.0 and will be removed in the next release.
- ValidateCertChain Java utility is now deprecated for the below file-based option.
·
java
utils.ValidateCertChain -file pemcertificatefilename
·
java
utils.ValidateCertChain -pem pemcertificatefilename
·
java
utils.ValidateCertChain -pkcs12file pkcs12filename password
Oracle recommends
using the -pkcs12store or the -jks keystore options instead.
·
java
utils.ValidateCertChain -pkcs12store pkcs12storefilename
·
java
utils.ValidateCertChain -jks alias storefilename [storePass]
References:
