Chapter 1 Application Server Compatibility Issues

Application Server 9.1 is binary compatible with Application Server 8.2, 8.1, 8.0, and 7.x. Java applications that run on versions 8.1, 8.0, and 7.x also work on Application Server 9.1 except for the incompatibilities listed in this chapter.

The topics in this chapter discuss the incompatibilities in the following areas:

• Application Client Interoperability

• HTTP File Caching

• Default Admin Port

• domain.xml Elements

• Deprecated Attributes

• System Properties

• Implicit URL Rewriting

• Web Server Features

• Realms

• Sun Deployment Descriptor: sun-web.xml

• The encodeCookies Property

• CORBA Performance Option

• File Formats

• System Properties

• Implicit URL Rewriting

• Cluster Scripts

• Primary Key Attribute Values

• Command Line Interface: hadbm

• Command Line Interface: start-appserv and stop-appserv

• Command Line Interface: asadmin

Application Client Interoperability

Application clients use EJBs, web services, or other enterprise components that are in the application server (on the server side). The application client and the application server must use the same version and implementation of the RMI-IIOP protocol. Application Server 9.1 does not support communication between different versions of the protocol implementation. You cannot run application clients with one version of the application server runtime with a server that has a different version. Most often, this would happen if you upgraded the server but had not upgraded all the application client installations.

You can use the Java Web Start support to distribute and launch the application client. If the runtime on the server has changed since the end-user last used the application client, Java Web Start automatically retrieves the updated runtime. Java Web Start enables you to keep the clients and servers synchronized and using the same runtime.

HTTP File Caching

HTTP file caching, which was present in Application Server 8, has been discontinued in Application Server 9.1.

Default Admin Port

The default admin port in Application Server 7 was 4848. The default port in Application Server 8.x was 4849. In Application Server 9.1, the default port is 4848.

domain.xml Elements

If you have not configured message-level security providers for a server instance, Application Server 8 applies default configurations from the Domain Administration Server (DAS). Application Server 9.1 does not apply default configurations. You need to manually introduce the message-level security providers — ClientProvider and ServerProvider — for each server instance that wants to use message-level security. If you have upgraded from an older version to Application Server 9.1, the Upgrade tool does not add these missing elements in the domain.xml file.

Deprecated Attributes

The anonymous-role attribute is present in the DTD but the use of this attribute is deprecated. This attribute has been removed from the template that generates domain.xml. The forced-response-type and default-response-type attributes are deprecated. Use forced-type and default-type instead.

System Properties

The default security policy of Application Server 9.1 does not allow you to change some system properties. For example, in Application Server 8, the read/write permission of java.util.PropertyPermission property is "*", "read,write";. In Application Server 9.1 the read/write permission for java.util.PropertyPermission is "*", "read";.

Implicit URL Rewriting

Application Server 6.x supported implicit URL rewriting, in which the web connector plugin parsed the HTML stream being sent to the browser and appended session IDs to attributes such as href= and frame=. In Application Server 7,8, and Application Server 9.1, this feature is not available. You need to review your applications and use encodeURL and encodeRedirectURL on every URL that the applications present to clients (such as mobile phones) that do not support cookies.

Web Server Features

The following web-server-specific features are no longer supported in version Application Server 9.1:

• cgi-bin, shtml

• Simple Network Management Protocol (SNMP) support

• Netscape API (NSAPI) plugin APIs

• Native-content-handling features

• Web server tools (flexanlg, htpasswd)

• HTTP QoS

• Web server configuration files (*.conf, *.acl, mime.types)

• Web server-specific log rotation facility

• Watch dog process (appserv-wdog)

Realms

The upgrade tool transfers the realms and role mapping configurations, any custom realm classes, and file-based user keyfiles for each domain. The XML tag, security-service, defines the realms and role mapping configuration. This tag is defined in sun-server_1_0.dtd and sun-domain_1_0.dtd. For Application Server 8, the tag data resides in the server.xml and for in Application Server 9.1, in domain.xml.

The upgrade tool locates the class file defined for custom realms and makes it available to the Application Server 9.1 environment. The custom realm class is defined in the class name attribute of tag auth-realm. In the security-service tag, the default-realm attribute points to the realm the server is using. It must point to one of the configured auth-realm names. The default realm is file If the class name for default-realm cannot be found, the upgrade tool will log this as an error.

The package names of the security realm implementations have been renamed from com.iplanet.ias.security.auth.realm in Application Server 8 to com.sun.enterprise.security.auth.realm in Application Server 9.1. Custom realms written using the com.iplanet.* classes must be modified.

The com.sun.enterprise.security.AuthenticationStatus class has been removed.

The com.sun.enterprise.security.auth.login.PasswordLoginModule authenticate method implementation has changed as follows:

/**
    * Perform authentication decision.
    * <P> Note: AuthenticationStatus and AuthenticationStatusImpl
    * classes have been removed.
    * Method returns silently on success and returns a LoginException
    * on failure.
    *
    * @return void authenticate returns silently on 
    *               successful authentication.
    * @throws LoginException on authentication failure.
    *
    */
abstract protected void authenticate()
    throws LoginException;

Sun Deployment Descriptor: sun-web.xml

In Application Server 8, the default value for the optional attribute delegate was false. In Application Server 9.1, this attribute defaults to true. This change means that by default the Web application classloader first delegates to the parent classloader before attempting to load a class by itself.

The encodeCookies Property

URL encoding of cookies is performed, if the encodeCookies property of the sun-web-app element in the sun-web.xml file is set to true. In Application Server 8, the default value of the encodeCookies property was true. This property was not present in Application Server 8. In Application Server 9.1, the default value is false.

URL encoding of cookies is unnecessary. Setting this property to true is strongly discouraged. This property is provided only for those rare applications that depended on this behavior in Application Server 8.

CORBA Performance Option

In Application Server 8, users were able to specify the following system property to optionally turn on some Object Request Broker (ORB) performance optimization:

-Djavax.rmi.CORBA.UtilClass=com.iplanet.ias.util.orbutil.IasUtilDelegate

The ORB performance optimization is turned on, by default, in Application Server 9.1. If you are using the preceding system property reference, you must remove it to avoid interfering with the default optimization.

File Formats

In Application Server 9.1, domain.xml is the main server configuration file. In Application Server 7, the main server configuration file was server.xml. The DTD file of domain.xml is found in lib/dtds/sun-domain_1_1.dtd. The upgrade tool included in Application Server 9.1 can be used to move from server.xmlin Application Server 8 to domain.xml in Application Server 9.1.

The lib/dtds/sun-domain_1_1.dtd file for Application Server 9.1 is fully backward compatible with the corresponding file for Application Server 8, sun-domain_1_0.dtd.

In general, the configuration file formats are not backward compatible. The following configuration files are not supported:

• *.conf

• *.acl

• mime.types

• server.xml (replaced by domain.xml)

Cluster Scripts

The clsetup and cladmin scripts in Application Server 8 are not supported in Application Server 9.1. In Application Server 9.1, the asadmin configure-ha-cluster command replaces the clsetup script, and asadmin commands that operate on clusters replace the commands supported by the cladmin script. For more information about the asadmin commands, see the Sun Java System Application Server 9.1 Reference Manual.

Primary Key Attribute Values

In Application Server 8, it was possible to change any field (in the Admin Console) or attribute (in the Command Line Interface (CLI)). In Application Server 9.1, a field or attribute that is the primary key of an item cannot be changed. However, an item can be deleted and then recreated with a new primary key value. In most cases, the primary key is a name, ID, reference, or JNDI name. The following table lists the primary keys that cannot be changed.

---

Note –

In the domain.xml file, a field or attribute is called an attribute, and an item is called an element. For more information about domain.xml, see the Sun Java System Application Server 9.1 Administration Reference.

---

Table 1–1 Primary Key Attributes

Item	Primary Key Field or Attribute
admin-object-resource	jndi-name
alert-subscription	name
appclient-module	name
application-ref	ref
audit-module	name
auth-realm	name
cluster-ref	ref
cluster	name
config	name
connector-connection-pool	name
connector-module	name
connector-resource	jndi-name
custom-resource	jndi-name
ejb-module	name
external-jndi-resource	jndi-name
http-listener	id
iiop-listener	id
j2ee-application	name
jacc-provider	name
jdbc-connection-pool	name
jdbc-resource	jndi-name
jms-host	name
jmx-connector	name
lb-config	name
lifecycle-module	name
mail-resource	jndi-name
message-security-config	auth-layer
node-agent	name
profiler	name
element-property	name
provider-config	provider-id
resource-adapter-config	resource-adapter-name
resource-ref	ref
security-map	name
server	name
server-ref	ref
system-property	name
thread-pool	thread-pool-id
virtual-server	id
web-module	name
persistence-manager-factory-resource	jndi-name

Command Line Interface: hadbm

The following table lists options for the command line utility hadbm that are no longer supported. For more information about the hadbm commands, see the Sun Java System Application Server 9.1 Reference Manual.

Table 1–2 Unsupported hadbm Options

Option	Unsupported in Subcommands
--inetdsetup	Not supported for the addnodes subcommand.
--inetd	Not supported for the create subcommand.
--inetdsetupdir	Not supported for the create subcommand.
--configpath	Not supported for the create subcommand.
--set managementProtocol	Not supported for the create subcommand.
--set DataDeviceSize --set TotalDatadeviceSizePerNode	Not supported for the create or set subcommand.

Command Line Interface: start-appserv and stop-appserv

The start-appserv and stop-appserv commands are deprecated. Use of these commands results in a warning. Use asadmin start-domain and asadmin stop-domain instead.

In Application Server 9.1, the Log Messages to Standard Error field has been removed from the Admin Console. The log-to-console attribute in the domain.xml file is deprecated and ignored. The asadmin set command has no effect on the log-to-console attribute. Use the ---verbose option of the asadmin start-domain command to print messages to the window in which you executed the asadmin start-domain command. This option works only if you execute the asadmin start-domain command on the machine that has the domain you are starting.

Command Line Interface: asadmin

The following sections describe changes to the command line utility asadmin:

• asadmin Subcommands

• Error Codes for Start and Stop Subcommands

• Deprecated and Unsupported Options

• Dotted Names

• Tokens in Attribute Values

• Nulls in Attribute Values

For more information about the asadmin commands, see the Sun Java System Application Server 9.1 Reference Manual.

asadmin Subcommands

Subcommands are backward compatible except as noted below.

The reconfigsubcommand is deprecated and ignored.

The following subcommands are not supported in Application Server 9.1:

• show-instance-status (use list-instances)

• restart-instance (use stop-instance followed by start-instance)

• configure-session-persistence (renamed to configure-ha-persistence)

• create-session-store (renamed to create-ha-store)

• clear-session-store (renamed to clear-ha-store)

The following subcommands are no longer supported in Application Server 9.1. The software license key and web core were removed, and Application Server 9.1 no longer supports controlled functions from web server features.

• install-license

• display-license

• create-http-qos

• delete-http-qos

• create-mime

• delete-mime

• list-mime

• create-authdb

• delete-authdb

• list-authdbs

• create-acl

• delete-acl

• list-acls

Error Codes for Start and Stop Subcommands

For Application Server 8, the error codes for the start and stop subcommands of the asadmin command were based on the desired end state. For example, for asadmin start-domain, if the domain was already running, the exit code was 0 (success). If domain startup failed, the exit code was 1 (error).

For Application Server 9.1, the exit codes are based on whether the commands execute as expected. For example, the asadmin start-domain command returns exit code 1 if the domain is already running or if domain startup fails. Similarly, asadmin stop-domain returns exit code 1 if the domain is already not running or cannot be stopped.

Deprecated and Unsupported Options

Options in the following table are deprecated or no longer supported.

Table 1–3 Deprecated and Unsupported asadmin Options

Option	Deprecated or Unsupported in Subcommands
--acceptlang	Deprecated for the create-virtual-server subcommand.
--acls	Deprecated for the create-virtual-server subcommand.
--adminpassword	Deprecated for all relevant subcommands. Use --passwordfile instead.
--blockingenabled	Deprecated for the create-http-listener subcommand.
--configfile	Deprecated for the create-virtual-server subcommand.
--defaultobj	Deprecated for the create-virtual-server subcommand.
--domain	Deprecated for the stop-domain subcommand.
--family	Deprecated for the create-http-listener subcommand.
--instance	Deprecated for all remote subcommands. Use --target instead.
--mime	Deprecated for the create-virtual-server subcommand.
--optionsfile	No longer supported for any commands.
--password	Deprecated for all remote subcommands. Use --passwordfile instead.
--path	Deprecated for the create-domain subcommand. Use --domaindir instead.
--resourcetype	Deprecated for all relevant subcommands. Use --restype instead.
--storeurl	No longer supported for any commands.
--target	Deprecated for all jdbc-connection-pool, connector-connection-pool, connector-security-map, and resource-adapter-config subcommands.
--type	Deprecated for all relevant subcommands.

Dotted Names

The following use of dotted names in asadmin get and set subcommands are not backward compatible:

• The default server name is server instead of server1.

• server_instance.resource becomes domain.resources.resource.

• server_instance.app-module becomes domain.applications.app-module.

• Attributes names format is different. For example,poolResizeQuantity is now pool-resize-quantity.

• Some aliases supported in Application Server 8 are not supported in Application Server 9.1 .

In Application Server 9.1, the --passwordfile option of the asadmin command does not read the password.conf file, and the upgrade tool does not upgrade this file. For information about creating a password file in Application Server 9.1, see the Sun Java System Application Server 9.1 Administration Guide.

This table displays a one-to-one mapping of the incompatibilities in dotted names between Application Server 8 and 9.1. The compatible dotted names are not listed in this table.

Table 1–4 Incompatible Dotted Names Between Versions

Application Server 7 Dotted Names	Application Server 9.1 Dotted Names
server_instance.http-listener.listener_idserver_instance.http-service.http-listener.listener_id	server_instance.http-service.http-listener.listener_idconfig_name.http-service.http-listener.listener_id
server_instance.orbserver_instance.iiop-service	server_instance.iiop-serviceconfig_name.iiop-service
server_instance.orblistenerserver_instance.iiop-listener	server_instance.iiop-service.iiop-listener.listener_idconfig_name.iiop-service.iiop-listener.listener_id
server_instance.jdbc-resource.jndi_name	server_instance.resources.jdbc-resource.jndi_namedomain.resources.jdbc-resource.jndi_name
server_instance.jdbc-connection-pool.pool_id	server_instance.resources.jdbc-connection-pool.pool_iddomain.resources.jdbc-connection-pool.pool_id
server_instance.external-jndi-resource.jndi_nameserver_instance.jndi-resource.jndi_name	server_instance.resources.external-jndi-resource.jndi_namedomain.resources.external.jndi-resource.jndi_name
server_instance.custom-resource.jndi_name	server_instance.resources.custom-resource.jndi_namedomain.resources.custom-resource.jndi_name
server_instance.web-container.logLevel (see note below)	server_instance.log-service.module-log-levels.web-containerconfig_name.log-service.module-log-levels.web-container
server_instance.web-container.monitoringEnabled (see note below)	server_instance.monitoring-service.module-monitoring-levels.web-containerconfig_name.monitoring-service.module-monitoring-levels.web-container
server_instance.j2ee-application.application_nameserver_instance.application.application_name	server_instance.applications.j2ee-application.application_namedomain.applications.j2ee-application.application_name
server_instance.ejb-module.ejb-module_name	server_instance.applications.ejb-module.ejb-module_namedomain.applications.ejb-module.ejb-module_name
server_instance.web-module.web-module_name	server_instance.applications.web-module.web-module_namedomain.applications.web-module.web-module_name
server_instance.connector-module.connector_module_name	server_instance.applications.connector-module.connector_module_namedomain.applications.connector-module.connector_module_name
server_instance.lifecycle-module.lifecycle_module_name	server_instance.applications.lifecycle-module.lifecycle_module_namedomain.application.lifecycle-module.lifecycle_module_name
server_instance.virtual-server-class	N/A*
server_instance.virtual-server.virtual-server_id	server_instance.http-service.virtual-server.virtual-server_idconfig_name.http-service.virtual-server.virtual-server_id
server_instance.mime.mime_id	N/A*
server_instance.acl.acl_id	N/A*
server_instance.virtual-server.virtual-server_id.auth-db.auth-db_id	N/A*
server_instance.authrealm.realm_idserver_instance.security-service.authrealm.realm_id	server_instance.security-service.auth-realm.realm_idconfig_name.security-service-auth-realm.realm_id
server_instance.persistence-manager-factory-resource.jndi_nameserver_instance.resources.persistence-manager-factory-resource.jndi_name	server_instance.resources.persistence-manager-factory-resource.jndi_namedomain.resources.persistence-manager-factory-resource.jndi_name
server_instance.http-service.acl.acl_id	N/A*
server_instance.mail-resource.jndi_name	server_instance.resources.mail-resource.jndi_namedomain.resources.mail-resource.jndi_name
server_instance.profiler	server_instance.java-config.profilerconfig_name.java-config.profiler

* — These attribute names in Application Server 7 do not correspond directly with Application Server 8.2 dotted names.

Tokens in Attribute Values

The asadmin get command shows raw values in Application Server 9.1 instead of resolved values as in Application Server 8. These raw values may be tokens. For example, execute the following command:

asadmin get domain.log-root

The preceding command displays the following value:

${com.sun.aas.instanceRoot}/logs

Nulls in Attribute Values

In Application Server 8, attributes with no values contained null. This caused problems in attributes that specified paths. In Application Server 9.1, attributes with no values contain empty strings, as they did in Application Server 8.