The February 2026 release of the Payara Platform is centered on a major initiative to streamline the platform. This involves removing legacy technologies from Payara Platform Community (7.2026.2) and deprecating them in Payara Platform Enterprise (6.35.0). This approach is designed to pave the way for the upcoming Payara Platform Enterprise version 7, which will support Jakarta EE 11, and to provide enterprise customers with a clear path for migration.
You can find the release notes for the latest versions of Payara Platform here:
Payara Platform Community 7.2026.2 removes several legacy features that have outlived their usefulness. Payara Platform Enterprise follows with deprecations, giving enterprise users time to plan migrations.
Lifecycle Modules Support Removed
Lifecycle Modules support has been removed from Payara Platform Community. This legacy feature allowed deployment of lifecycle modules, but modern applications use better mechanisms for startup/shutdown hooks. The removal includes the admin console UI, application handlers, help documentation and all related infrastructure.
DCOM (Distributed Component Object Model) support has been removed. DCOM is a Windows-centric protocol from a bygone era. Modern deployments use SSH, Kubernetes or cloud-native orchestration. This comprehensive removal eliminates DcomConfigurator, admin console integration, reference manual documentation and the jinterop dependency.
The Payara Transformer dependency and JakartaNamespaceDeploymentTransformer have been removed. The deployment transformer was originally created to handle Jakarta EE namespace migration (javax to jakarta). With Jakarta EE 11 maturing and most applications now using native jakarta namespaces, this bridging technology is no longer needed.
Load Balancer Settings Removed
Load Balancer configuration settings have been removed. The legacy load balancer admin module, statistics collectors and related admin console pages have been removed. Modern deployments use external load balancers (NGINX, HAProxy, cloud provider LBs) or Kubernetes service mesh.
WebLogic Deployment Descriptors Removed
WebLogic deployment descriptor support has been removed. Support for proprietary WebLogic deployment descriptors (weblogic.xml, weblogic-application.xml, etc.) is no longer available. Applications migrating from Oracle WebLogic must convert to standard Jakarta EE deployment descriptors.
ClassGraph Dependency Removed
The redundant ClassGraph dependency has been removed. This classpath scanning library was identified as unnecessary after internal refactoring.
System Logging Configuration
System Logging now has more configuration options across all platform versions. Administrators now have finer control over logging behavior.
JAX-RS DELETE Requests with Payload
JAX-RS DELETE requests with a request body are now enabled. While the HTTP specification is ambiguous about DELETE request payloads, this change improves compatibility with APIs that expect this behavior.
L1/2 cache clearing in Payara Platform Community has been optimized. The cache now clears only related entity types and instances following mutating Jakarta Data requests, improving performance and reducing unnecessary cache invalidation.
Java 25 Docker Image
A Java 25 Docker Image for Payara Platform Community 7 has been introduced, supporting the latest JDK release. For teams using cloud-native architectures, the combination of Payara Platform Community 7 and JDK 25 offers a strong foundation. This stack provides a runtime optimized for container orchestration, uses the performance enhancements of the latest JVM technology and supports modern Jakarta EE 11 APIs.
CRaC Time Logs
CRaC (Coordinated Restore at Checkpoint) time logs have been added to Payara Platform Enterprise 6, improving observability for checkpoint/restore operations.
HTTP 403 for Protected JAX-RS Resources
An issue in Payara Platform Community has been fixed where correctly authenticated and authorized calls to protected JAX-RS resources incorrectly returned HTTP 403 Forbidden responses.
OpenAPI Extension Compatibility
The Payara Platform’s OpenAPI extension has been fixed to be compatible with the OpenAPI specification across all platform versions.
Enterprise Admin Console
The missing “Enable Asadmin Recorder” button in the Payara Platform Enterprise Admin Console has been restored.
Server Rollback Fix
Server rollback failure from Payara Enterprise 6.34.0 to 6.33.0 caused by a license change has been fixed.
ELFlash NullPointerException
An ELFlash NullPointerException in Payara Platform Enterprise 5 has been fixed.
Payara Platform Enterprise 4.1.2.191.54 includes critical security fixes:
- Fix CVE-2020-27511 by upgrading prototype
- Fix Admin Account Takeover vulnerability via malicious URL payload
- Fix duplicate Phone Home IDs
- Add ‘nofollow’ to the Index.html page
Key component upgrades across this release:
- Mojarra 4.1.6, Weld 6.0.4.Final, Jackson 2.21.0, Tyrus 2.2.2, Kotlin 2.3.10
- Mojarra 4.0.14, Weld 5.1.7.Final, Jackson 2.21.0, Kotlin 2.3.0, Faces Compat 3.0.5
- Jackson 2.21.0, ASM 9.9.1
All editions include updated Docker images with the latest JDK patch releases (21.0.10, 17.0.18, 11.0.30, 8u482 where applicable).
What The Latest Release Means for You
The removed features are now gone. If you relied on:
- Lifecycle Modules: Migrate to @Startup beans, ServletContextListeners, or application lifecycle callbacks
- DCOM: Switch to SSH-based deployment or REST management APIs
- Deployment Transformer: Ensure your applications use jakarta namespaces natively
- Load Balancer Admin: Use external load balancer configuration
- WebLogic Deployment Descriptors: Convert to standard Jakarta EE deployment descriptors
The deprecated features remain functional but will be removed in future releases. Plan your migration now:
- Evaluate dependencies on Lifecycle Modules and DCOM
- Begin transitioning away from legacy features at your own pace
Get the Latest Releases
- Payara Platform Enterprise: Available through the Payara Platform Enterprise download portal within your Nexus account.
The Payara Platform is constantly advancing. We are creating a more streamlined, manageable runtime, free of outdated components, to better support contemporary cloud-native deployments. Happy deployments!
7 minutes
