Archive from February 2016
Opening our new Payara Updates video series, Mike Croft (@croft) - Payara Support Engineer – gives an overview of the Payara Server 161 Release Notes, highlighting a couple of great community contributions to this release. Mike also mentions some of our plans for the future update videos, so tune in if you want to find out more!
One of the lesser known features and key benefits of Payara Server is that it provides huge flexibility when architecting topologies for High Availability and Scalability. Utilising the embedded Hazelcast Data Grid for web session and JCache clustering brings the potential of many different topologies for scale out.
This hot fix removes an arbitrary file read exploit that allows an attacker to read the content of any file on the server hosting the DAS. This exploit attacks the administration console with a specific string, bypassing secure administration and any required login details. Therefore, if the administration console is not publicly accessible, and Payara Server is running under a restricted user (as per best practice), then the risk is minimised.
Payara Blue is a version of Payara Server designed for use on the IBM JDK. Payara Blue gives the IBM JDK users full support for running Java EE 7 applications on Payara Server on any platform supported by the IBM JDK 7 or JDK 8. This article will describe how we use IBM PDP services to test Payara Blue on IBM platforms.