JBoss EAP 8 Top 10 New Features

Red Hat JBoss Enterprise Application Platform (EAP) 8.0 is now available. The new major release introduces several new features and enhancements to enhance your application development and deployment experience. In this tutorial, we will explore these new features and learn how to leverage them effectively.

JBoss EAP 8 includes several new features and applies to new standards in terms of API (Jakarta EE) and Java Version. You can find a detailed outlook of all core changes in the product documentation. In this guide we will review the top changes and upgrades that you should consider when upgrading to the new major version of the application server.

Talking about migration, in order to upgrade a configuration from JBoss EAP 7 to JBoss EAP 8 you can just run the jboss-server-migration script available in the bin folder of the application server.

./jboss-server-migration.sh --source EAP_PREVIOUS_HOME --target EAP_NEW_HOME

1) Jakarta EE 10 Support

Firstly, JBoss EAP 8 provides support for Jakarta EE 10 . In terms of packaging, this means that you have The packages used for all EE APIs have changed from javax to jakarta.

In terms of provisioning, JBoss EAP 8 implements the Jakarta EE 10 Core Profile, Web Profile and Full Platform standards. More in detail, the Core Profile is a small, lightweight profile that provides Jakarta EE specifications suitable for smaller runtimes, such as microservices and cloud services. This profile is available as a Galleon provisioning layer, ee-core-profile-server.

You can build a distribution using Galleon and ee-core-profile-server or you can use some example Core Profile configurations which are available in:

  • docs/examples/standalone-ee-core.xml file: This is a standalone configuration for the Core Profile which does not provides HA
  • docs/examples/standalone-ee-core-ha.xml file: This is a standalone HA configuration with the Core Profile

2) JDK 8 End Of Life

Another major update is in the JDK area since Java 8 has been removed from Red Hat JBoss Enterprise Application Platform 8.0. You need to upgrade to JDK 11 or JDK 17 which is now a minimal requirement for all modern frameworks.

In order to migrate safely to Java 17, you have several options:

  • Use Red Hat Migration Toolkit for Applications: The RHMTA provides a complete analysis and reporting of all possible incidents you can face during the upgrade to a newer version of Java.
  • Use OpenRewrite Plugin: You can include the org.openrewrite.recipe:rewrite-migrate-java Plugin in your Maven project to perform the migration. Read this article to learn more: Migrating from Java 8 to Java 17 with OpenRewrite

3) Red Hat Insights Java client

JBoss EAP 8.0 version includes the Red Hat Insights Java client. You can find the insights Java modules in the com/redhat/insights module Path:

└── insights
    └── main
        ├── jboss-insights-8.0.0.GA-redhat-00011.jar
        ├── module.xml
        ├── runtimes-java-api-1.0.9.redhat-00001.jar
        └── runtimes-java-core-runtime-1.0.9.redhat-00001.jar

This module contains the Java code for communicating with Red Hat Insights. Please note that the Red Hat Insights Java client is enabled for JBoss EAP 8 distributions running on a RHEL system which is configured with Red Hat Insights.

Finally, since the RH Insight Client will have an impact in terms of CPU/Network, you can disable the Red Hat Insights client by setting the environment variable RHT_INSIGHTS_JAVA_OPT_OUT to true.


4) Securing applications and management console with OIDC

With the JBoss EAP 8.0, you can secure applications and the EAP management Console with OpenID Connect (OIDC). As a matter of fact, JBoss EAP 8.0 provides native support for OpenID Connect (OIDC) with the elytron-oidc-client subsystem.
Additionally, you can configure role-based access control (RBAC) for management console when securing it with OIDC by navigating to Access Control and clicking Enable RBAC.

Besides, JBoss EAP now provides native support for OpenID Connect (OIDC) with the elytron-oidc-client subsystem. Therefore, Red Hat build of Keycloak Client Adapter is not any more available for this release. The elytron-oidc-client subsystem acts as the Relying Party (RP) in the authentication and supports bearer-only authentication. Besides, it also provides multi-tenancy support.

If you want to check how to secure applications with OIDC with the upstream version of JBoss EAP, then check this article: Secure WildFly applications with OpenID Connect

5) JAAS realm in the elytron subsystem

JBoss EAP 8.0 no longer includes, the legacy ( Picketbox) security subsystem. To continue using your custom login modules with the elytron subsystem, use the new Java Authentication and Authorization Service (JAAS) security realm, jaas-realm.

jboss eap 8 what is new

Some common scenarios for using a JAAS Realm include the following ones:

  • You are migrating to the elytron subsystem from legacy security and already have a custom login module implementation.
  • You are migrating from other application servers to JBoss EAP using a JAAS login module implementation.

To learn more about configuring jaas-realm in this article: How to configure an Elytron JAAS Security Realm

6) Better Session Affinity Control

With JBoss EAP 8.0, in the distributable-web subsystem, you now have more control over the affinity, or load balancer “stickiness”, of a distributed web session.

<subsystem xmlns="urn:jboss:domain:distributable-web:4.0" default-session-management="default" default-single-sign-on-management="default">
   <infinispan-session-management name="default" cache-container="web" granularity="SESSION">
   <infinispan-single-sign-on-management name="default" cache-container="web" cache="sso"/>
   <infinispan-routing cache-container="web" cache="routing"/>

You can opt for the following Session Affinity Strategies:

  • local: Web requests will have an affinity for the member that last handled a given session
  • none: Web requests will not have an affinity for any cluster member
  • primary-owner: Web requests will have an affinity for the primary owner of a given session
  • ranked: Web requests will have an affinity for the first available member in a list containing primary and backup owners, and the member that last handled a given session

You can switch to a different Session Affinity using the CLI. For example:


Alternatively, you can also switch to a different Session Affinity Strategy using the Management Console:

JBoss eap 8 what is new

Learn more about HTTP Session Handling in a Cluster in the following article WildFly Configuring HTTP Session in a cluster

7) Configuring global directories in EE subsystem

With the JBoss EAP 8.0, you can now configure a Global Directory in the ee subsystem. You can use a global directory to add content to a deployment class path without listing the contents of the artifacts directory.

A Global Directory is very simple to add to your configuration. For example, you can add it from the Admin Console by selecting the ee subsystem | Global Modules | Add :

Learn more about Global directories and modules here: Configuring global modules and directories in WildFly

8) Configuring web session replication using a ProtoStream

You can now configure web session replication using a ProtoStream instead of JBoss Marshalling in JBoss EAP 8.0.

 <cache-container name="web" default-cache="passivation" marshaller="PROTOSTREAM" modules="org.wildfly.clustering.web.infinispan">
	<local-cache name="passivation">
	    <expiration interval="0"/>
	    <file-store passivation="true"/>
	<local-cache name="sso">
	    <expiration interval="0"/>

ProtoStream, is a Java API for marshalling Google Protocol buffers (Protobuf). It offers several benefits:

  • Security: ProtoStream prevents arbitrary code execution and only uses declared constructors for unmarshalling, enhancing security.
  • Efficiency: Unique identifiers replace class descriptors, nested messages have individual buffers, null/default fields are omitted, and native varint32/64 support improves efficiency.
  • Speed: ProtoStream skips reflection and uses declared accessors/constructors for faster marshalling and unmarshalling.
  • Flexibility: Evolving message schemas maintain serialization compatibility, easing rolling upgrades.

9) Environment variable for resolving model expressions

JBoss EAP 8 now checks environment variables when resolving management model expressions. In previous versions of JBoss EAP, the JBoss EAP server only checked for Java system properties in the management expression. Now, the server checks for relevant environment variables and system properties. If you use both, JBoss EAP will use the Java system property, rather than the environment variable, to resolve the management model expression.

For example, consider the following element in the Model:

        <property name="foo" value="${my-property:bar}"/>

Before JBoss EAP 8, you could override the default value (“bar”) for the property “foo” in the following way:

./standalone.sh -Dmy-property=hello

Now you can opt for Environment Variable Resolution by setting, for example:

export MY_PROPERTY=Hello

10) Simplified provisioning of EAP on OpenShift

The recent release of Red Hat JBoss Enterprise Application Platform (EAP) 8 Beta brought changes to provisioning and configuration processes on Red Hat OpenShift. Utilizing the JBoss EAP Maven plugin streamlines these tasks, offering easier and more flexible configuration options.
The JBoss EAP Maven plugin introduces significant improvements, leveraging the wildfly-ee-galleon-pack and eap-cloud-galleon-pack feature-packs for server configuration customization. It also supports CLI script commands integration and allows the addition of extra files such as keystore files.

Let’s compare the EAP 7.x approach with the new approach ( EAP 8.x):

  • Old (JBoss EAP 7.x): OpenShift builder image provisioned the server, configuration involved runtime variables, snippets, and CLI scripts.
  • New (JBoss EAP 8): JBoss EAP Maven plugin provisions and deploys during Maven execution, configuration resides in pom.xml.

To add OpenShift Support, you should follow these steps:

  • Include the JBoss EAP Maven plugin in your pom.xml.
  • Create an “openshift” profile with a “package” goal.
  • Configure the plugin with feature-packs and layers.
  • Set filename to ROOT.war for root context deployment.

More in detail, you should include the following feature packs in your Maven configuration:

  • wildfly-ee-galleon-pack: This is the Galleon feature pack providing full platform Jakarta EE functionality
  • eap-cloud-galleon-pack: This feature-pack provisions a set of additional features allowing you to configure EAP 8 to run on the cloud.

Then, you should complete your configuration by adding the cloud-server layer . This is an extension of jaxrs-server to address common cloud requirements.

For example, here is a sample openshift Profile which contains all the settings discussed so far:


You can then build and package your application with the following command:

mvn package -Popenshift

As a result, the EAP Maven plugin will provision an EAP distribution using just the layer cloud-server that we need for OpenShift. You can start the local EAP with the application available in the Root Web context with:



This article was a walk though the top 10 new features of JBoss Enterprise Application platform version 8. It is however not exhaustive therefore I encourage you to check the EAP documentation to verify all the changes and deprecation notes in the new server release.