Red Hat has released version 18 of their WildFly application server featuring support for Jakarta EE 8 and MicroProfile 3.0. Other features include alignment with the Jakarta EE APIs, support for JDK 13, and enhancements to security, clustering and EE subsystems, especially in the areas of EJB and RESTEasy.
WildFly is an open-source, lightweight, managed application runtime for Java applications. An earlier release of WildFly, version 17.0.1, was initially certified as Jarkata EE 8-compatible shortly after the debut of the JakartaOne virtual conference and the formal release of Jakarta EE 8. This latest release is also certified as Jakarta EE 8-compatible. TCK certifications for both the full platform and the web platform are available to the Java community for review. WildFly 18 is also certified as a compatible implementation of Java EE 8. Formerly known as JBoss Application Server (JBoss AS), WildFly is the upstream project for JBoss Enterprise Application Platform (JBoss EAP).
Support for MicroProfile 3.0 is currently limited to the latest versions of the Config, Health Check, Metrics, Open Tracing and REST Client APIs. Along with Jakarta EE certification, Red Hat has also strived to align with the Jakarta community by supporting various Java EE and Jakarta EE APIs.
JDK 13
Red Hat aims to "have our releases run well for most use cases on the most recent GA JDK version available", meaning that WildFly 18 supports JDK 13. However, there is a caveat, as Brian Stansbury, principal software engineer at Red Hat, explains:
By run well, I mean the main WildFly testsuite runs with no more than a few failures in areas not expected to be commonly used. We want developers who are trying to evaluate what the latest JVM means for their applications to be able to look to WildFly as a useful development platform.
Red Hat recommends to use the latest LTS release, JDK 11, as they more thoroughly test on these releases. JDK 8 will be supported through WildFly 21.
Security Enhancements
Security implemented in WildFly includes their own project, Elytron, a single unified security framework used for configuring management access to the server and for applications deployed to the server. This project, named after a hard, protective casing over the wings of flying insects such as beetles, covers authentication, authorization, SSL/TLS and secure credential storage. Elytron replaced the combined use of PicketBox and JAAS for client-side and server-side security.
Security enhancements to Elytron in WildFly 18 includes enhanced audit logging, aggregation of security realms for loading attributes into a single identity, adding a principal-transformer in aggregate-realm
, and support for masked passwords in the client XML file.
Wildfly 19
Looking ahead to WildFly 19, Red Hat plans to include additional security enhancements such as web services and RESTEasy integration with Elytron.
Red Hat has also committed to support MicroProfile 3.2 and implement the remaining home-grown MicroProfile APIs, namely JWT Authentication, Fault Tolerance and Open API with the release of WildFly 19.
Getting Started
Red Hat's Quick Starts repository provides small working examples that demonstrate how to use WildFly with Jakarta EE 8. Minimum requirements include WildFly 16, JDK 8, and Maven 3.3.1.
A more in-depth tutorial on how to build a WildFly application using MySQL and Spring Boot running on an Azure VM may be found on InfoQ.