Featured image for Red Hat JBoss Enterprise Application Platform.

Red Hat JBoss Enterprise Application Platform (JBoss EAP) 7.4 is now in general availability (GA). JBoss EAP is an open source, Jakarta Enterprise Edition (Jakarta EE) 8-compliant application server that enables organizations to deploy and manage enterprise Java applications across hybrid IT environments, including bare-metal, virtualized, private, and public clouds. This release provides enhancements to operations on Red Hat OpenShift as well as several new improvements in security, management, and developer productivity.

This article covers what's new in the JBoss EAP 7.4 GA. With this release, Red Hat continues its commitment to Jakarta EE support and enabling developers to extend existing application investments as they transition to emerging architectures and programming paradigms that require a lightweight, highly modular, cloud-native platform.

Self-signed certificates and runtime data

This release features the ability to automatically generate self-signed certificates, which makes it easier for developers to verify the security capabilities of their applications before moving to production.

JBoss EAP 7.4 also publishes runtime metrics for managed executor services for developers using managed threads that want to observe the state of the service and threads it is managing. Developers using Jakarta Enterprise Beans (stateful session beans, stateless session beans, and singleton beans) can now access runtime data about their beans using the JBoss CLI. These beans can also be dynamically discovered over HTTP as part of this release. They can optionally use globally-defined compression on both clients (using the default.compression property) and servers (using the default-compression attribute in the server configuration).

Elytron enhancements and TLS support

Security is perhaps the most important consideration for any organization. The Elytron subsystem, introduced in JBoss EAP 7.1, has been enhanced in this release with support for auto-updating of credentials, reducing the number of steps to add new credentials to existing stores. In addition, administrators can now use regular expressions to translate security role names (avoiding the creation and maintenance of custom translators).

JBoss EAP 7.4 also now supports Transport Layer Security (TLS) 1.3. It is disabled by default in this release, but easily enabled via the cipher-suite-names attribute. For websites that use cookies, the Undertow subsystem now supports the use of SameSite cookie handling via the samesite-cookie handler declaration.

Finally, administrators can now use Git repositories to store and manage their server configuration, properties files, and deployments.

These are just a few of the many new security features of JBoss EAP 7.4. For more details, consult the documentation.

Management capabilities

JBoss EAP solves many developers' hardest challenges, in large part due to its very flexible configuration and management capabilities. In this new release, administrators can now use global directories to distribute shared libraries, saving many steps when deploying new libraries across multiple applications. To control configuration drift, administrators can now declare the configuration directory as read-only to prevent unintended updates, which is especially useful in immutable container deployments.

Finally, the management console (and the JBoss command-line interface) gains the ability to add new role decoders to the Elytron subsystem. Using this decoder, remote clients making calls to JBoss EAP can be mapped to Elytron roles based on the source address or regular expression and subsequently used during authorization decisions.

ActiveMQ Artemis messaging capabilities

Developers using the Apache ActiveMQ Artemis messaging capabilities included in JBoss EAP 7.4 can now pause message topics (in addition to queues). This allows messages to be received into the queue or topic but held for delivery until the topic or queue is resumed, which is useful for testing failure scenarios or other maintenance tasks. JBoss EAP 7.4 also features a configurable list of hosts to periodically ping to detect broker network isolation, improving the resiliency of messaging applications.

Support for Red Hat OpenShift and Galleon feature packs

JBoss EAP 7.4 container images are available via the Red Hat Ecosystem Catalog, which can be used to create and deploy JBoss EAP 7.4 applications on Red Hat OpenShift. With this new release, the Source-to-Image (S2I) builder images now support custom Galleon feature pack configurations to specify the location of custom content and which feature packs to use when building custom images. A new Galleon layer, web-passivation, is included to automatically include a local cache (based on Infinispan) for data session handling.

Additionally, Red Hat OpenShift users can use the JBoss EAP Operator to deploy and manage JBoss EAP applications using operator semantics.

MicroProfile 4.0 support with JBoss EAP expansion pack

With the JBoss Enterprise Application Platform expansion pack (EAP XP) 3.0 release, developers can use Eclipse MicroProfile APIs to build and deploy microservices-based applications. This new JBoss EAP XP release brings support for the MicroProfile 4.0 specification, including bulk configuration property support, the ability to define cross-invocation life cycles for circuit breakers and bulkheads, and support for adding tags to individual metrics, which enhances the observability of JBoss EAP XP applications. JBoss EAP XP 3 also lets you specify runtime configuration via the --cli-script argument when launching applications, which runs a custom script at startup.

The new release also includes a developer preview of MicroProfile Reactive Messaging, allowing developers to integrate with Red Hat AMQ Streams and work as a message relayer to consume, process, and produce messages. Note that the MicroProfile APIs that were included in earlier versions of JBoss EAP 7 have been moved to EAP XP. To use these MicroProfile APIs, developers should use JBoss EAP XP (and be aware of its different support life cycle). The JBoss EAP XP 3 release is forthcoming.

Migration tooling updates

As with any new JBoss EAP release, the popular Migration Toolkit for Applications (based on the Windup project) gets new updates in its upcoming 5.2 release, including new rules for JBoss EAP 7.3 to 7.4 and JBoss EAP XP 2 to XP 3, a new IntelliJ IDEA extension, and assistance for Thorntail users looking to migrate to JBoss EAP XP.

Supported platforms

As always, the list of supported platforms continues to evolve. In this new 7.4 release, several platforms and features have been deprecated in favor of better alternatives. For the full list of new, changed, or deprecated platforms and features, please refer to the release notes.

JBoss EAP on Microsoft Azure

Microsoft and Red Hat recently announced the availability of Red Hat JBoss Enterprise Application Platform as a native offering in Microsoft Azure, both for traditional VM-based deployments and a managed offering through Azure App Service. Both of these offerings currently offer JBoss EAP 7.3, and work is underway to update these to use the new 7.4 release.

Red Hat Runtimes

JBoss EAP is included in Red Hat Runtimes, a Red Hat Application Services product that includes a set of cloud-native runtimes and capabilities such as the Red Hat build of Quarkus, Red Hat support of Spring Boot, Red Hat build of Node.js, Red Hat's single sign-on technology, Red Hat AMQ broker, and Red Hat Data Grid. These are all integrated and optimized for Red Hat OpenShift, offering a coherent hybrid cloud application platform on which they can optimize their existing Java applications while innovating with enterprise Java and non-Java microservices, DevOps, CI/CD, and advanced deployment techniques. Check out the JBoss EAP support life cycle for details on support levels and dates.

JBoss EAP resources

You can find the JBoss Enterprise Application Platform 7.4 documentation, including release notes, the Getting Started Guide, and several other guides on docs.redhat.com.

Last updated: September 19, 2023