What’s New in the December 2021 Payara Platform Release?

Uncategorized

The December 2021 Payara Platform release is here!  Payara Platform Enterprise 5.34.0 includes 7 improvements, 1 security fix, 8 bug fixes, and 1 component upgrade. The Payara Platform Community 5.2021.10 release offers 6 improvements, 1 security fix, 7 bug fixes, and 2 component upgrades. 

You can download Payara Platform Community 5.2021.10 here and request Payara Platform Enterprise 5.34.0 here. 

Read more below to learn more about the highlights of this release.

Security Connector 2.2

The December Payara Platform Enterprise and Community Edition release provide updates to the Security Connector.

Supports Azure AD as OpenID Connect Provider

The Azure AD OpenID Connect provider doesn’t support the user endpoint and thus the provider cannot be used with the previous version of the connector. In this new version, we have made the usage of the user endpoint configurable.

You can now define that the user claims are retrived from the ID token instead of the separate additional call to the user endpoint.  The annotation to configure the integration should look like:

@AzureAuthenticationDefinition
    (clientId = "...."
   
, clientSecret = "..."
    ,
tenantId = "...."
    ,
scope={OPENID_SCOPE, EMAIL_SCOPE, PROFILE_SCOPE, OFFLINE_ACCESS_SCOPE}
    , userClaimsFromIDToken = true)

You can also define the property through the MicroProfile Configuration option as follows

payara.security.openid.claimsFromIDToken=true

Security Connectors 2.2 is embedded by default in the binaries to support Azure AD as OpenID Connect provider. 

Additional Features for OpenID Connector Provider Support

The new version of the Security Connector also allows for defining all the meta data through the configuration, so you are less dependent on the /.well-known/openid-configuration endpoint. Have a look at the additional members of the @OpenIdProviderMetadata annotation.

Because not all providers report the supported scopes correctly, Security Connector 2.2 relaxes the scope validation, you can disable the scope validation. By setting the member disableScopeValidation of the @OpenIdProviderMetadata annotation, the scopes you have defined are not validated against the supported scoped reported by the server. This might lead to an error when the server receives a scope that it doesn’t understand but allows for the fact that the provider does not report the supported scopes correctly.

You can read about all the features we support for the OpenId Connect integration on our documentation page.

Faster Logging Option

Logging is a two-step process. In the first step, the message and parameters are stored in a buffer, and in a second step on another thread, it is written out to the log file. Because of the two-step process, parameters used in the log messages may change between the time the log entry is created and when the log message is written when the parameters are mutable. The .toString() method was called to capture the value of the log parameters to ensure the log is accurate, but the .toString() method can have considerable effects on the performance overhead (on JPA entitles, for example).

In the December Payara Platform releases there is now an option to make the first step faster by not executing a .toString() on the parameters. The new logging property ‘ com.sun.enterprise.server.logging.GFFileHandler.fastLogging` skips this method for performance improvements, but beware that your logs may not be accurate if the log message uses some mutable parameters.

Performance Improvements When a Large Increase of Connection Pool Requested

The number of connections that are added to a connection pool when no more connections are available is configurable.  In previous versions of the Payara Platform, when you specified a large increase of connections, like 32, the connection pool would be blocked during the entire time of the creation step (could be several seconds).

The performance is improved in the December Payara Platform releases by blocking only the retrieval of a connection itself, so the additional connections are added without blocking the entire connection pool. This improvement is most noticeable when you define a larger number but it is not considered good practice to define such large numbers as it most likely creates many connections that are dropped because they are idle.

Release Notes

The December 2021 Payara Enterprise Release (request here) includes 7 improvements, 1 security fix, 8 bug fixes, and 1 component upgrade, while the Community Release (direct download here) offers 6 improvements, 1 security fix, 7 bug fixes, and 2 component upgrades. 

See a more detailed overview of the fixes and improvements in the Release Notes:

{{cta(‘b2e4c2b6-f33a-4ae4-9290-f1cf476f445a’)}}

Comments (0)

Post a comment

Your email address will not be published. Required fields are marked *

Payara needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, please review our Legal & Privacy Policy.

Related Posts

Blue background with coral and fish. Left text: 'MONTHLY CATCH'. Right: laptop screen with tech tabs and Payara Community logo. 3 minutes
Community

The Payara Monthly Catch -September 2025

Welcome aboard the September issue of The Monthly Catch! With summer holidays wrapping up, the Java world is back […]

4 minutes
Uncategorized

Leading the Way: Payara Platform Community 7 Beta Now Fully Jakarta EE 11 Certified

We’re excited to announce that Payara Platform Community 7 Beta application server is now fully certified as Jakarta EE 11 […]

Understanding the Security Issues of Aging Middleware 8 minutes
Security

Understanding the Security Issues of Aging Middleware

Middleware runs quietly in the background of most applications, which makes it easy to overlook its lifecycle. In effect, […]