This release note contains information specific to the VisiBroker Edition and VisiBroker standalone. For release note information that applies to all the Borland Enterprise Server 5.2.1 Editions, see the Borland Enterprise Server 5.2.1 Release Notes.
5.2.1 is a maintenance release of the product that addresses most of the customer reported problems and includes minor product enhancements.
Note: For information describing features and enhancements new to the 5.2 release, please see the VisiBroker 5.2 Release Notes for HP-UX and IBM AIX.
vbroker.security.server.transport.This property is used on the server side to set the server transport. Possible values are: CLEAR_ONLY, SECURE_ONLY or ALL. The default is SECURE_ONLY. This property enables the client that needs either CLEAR_ONLY or SECURE_ONLY to connect to a server. In order for this property to take effect, the secureTransport property must be set to true.
Userdbadmin is enhanced to support pre-existing schema. The following new entries are available in 5.2.1 when executing the userdbadmin tool.
| Entry | Description |
|---|---|
o dbusertable |
User table name followed by (optional) name field, password field. For example, USERTABLE,USERNAME,PASSWORD |
o dbgrouptable |
Group table name followed by (optional) user name field, user group field. For example, GROUPTABLE,USERNAME,GROUPNAME |
o dbpassworddigest |
The digest algorithm for password hashing SHA1 (default) or MD5. |
BasicLoginModule configuration.
| Attribute | Description |
|---|---|
port: |
Specifies a port for remote URLs (default : 24470). For example, port = 24400 |
digesttype: |
Specifies the message digest algorithm used for hashing a password in the table (default : MD5). This value can be any value passed to the java.security.MessageDigest.getInstance method. Examples of valid values are: MD5 and SHA. |
BasicLoginModule, the TYPE attribute is now deprecated. TYPE=BASIC will translate to digesttype=SHA.vbroker.security.support.gatekeeper.reply.ForSAS has been added. This property is used with GateKeeper and with security enabled. When set to true, the username and password will not be delegated to the backend server for authentication. By default, this property is set to false.Upgrading from BES 5.2 VisiBroker Edition/VisiBroker standalone to 5.2.1 is requires no additional work on the part of the user.
Compatibility with VisiBroker for C++ 5.2:
VisiBroker 5.2.1 maintains binary and source compatibility.
Compatibility with VisiBroker for C++ 3.x and 4.x:
For the most part, VisiBroker 5.x is not binary- or source-compatible with releases 4.x and earlier. Please regenerate your stubs and recompile your applications.
As per OMG Specification 2.5, org.omg.PortableServer.POAOperations.create_reference_with_id() does not throw a WrongPolicy
exception. VisiBroker 5.2.1 is compatible to this definition. However,
for source code back-compatibility we have created a JAR file called javabackcompat.jar, that contains the older definition to throw the WrongPolicy exception.
If you require the older definition, do the following before building and running your applications:
<install_dir>/lib/backcompat/vbjbackcompat.jar in the classpath.<install_dir>/lib/backcompat/vbjbackcompat.jar file in the <install_dir>/lib/endorsed directory.Compatibility with VisiBroker for Java 5.2
If any of the following three types:
java.util.Hashtablejava.util.HashMapjava.util.TreeMapare exchanged across the wire between 5.2 and any older versions, you must set vbroker.rmi.alternativeMarshall=false on the older VisiBroker for Java side for back compatibility.
ADAPTS OTS policy values in their IORs.
If the objects obtained from OTS52 servers have REQUIRES
OTS policy values in their IORs, any invocation on those objects must
happen within the scope of an active transaction. Also, if the objects
obtained from OTS52 servers have FORBIDS OTS policy values in their IORs, any invocation on those objects must happen outside the scope of an active transaction.
TransactionalObject.start servers/clients with:
-Dvbroker.orb.dynamicLibs=com.visigenic.services. CosTranscations.TSServiceLoader
This class is packaged in asrt.jar, xmlrt.jar.
-OTSname -Dvbroker.ots.name -OTScurrent_name -Dvbroker.ots.currentName -OTScurrent_timeout -Dvbroker.ots.currentTimeout -OTScurrent_host -Dvbroker.ots.currentHost -OTScurrent_factory -Dvbroker.ots.currentFactory -OTSexit_on_shutdown -Dvbroker.ots.exitOnShutdown -OTSdefault_timeout -Dvbroker.ots.defaultTimeout -OTSdefault_max_timeout -Dvbroker.ots.defaultMaxTimeout -OTSlog_dir -Dvbroker.ots.logDir -OTSlog_purge_transactions -Dvbroker.ots.logPurgeTransactions -OTSlog_sleep -Dvbroker.ots.logSleep -OTSlog_cache -Dvbroker.ots.logCache -OTSlog_unit -Dvbroker.ots.logUnit
^C to shutdown ITS, the log file now does not log the information that the ITS is interrupted by a user.Security is on-the-wire compatible with previous BES 5.x versions.
The following changes, which affect back-compatibility, have been made to the Security implementation:
IdentityWallet and CertificateWallet
had a set of accessors that provided access to information that was
used to construct these objects. Since this information is already
available to clients as they provide the information during
construction, these methods are superfluous and have been removed.The following are known VisiBroker issues with this release.
Note: For information on known issues with the 5.2 release, please see the VisiBroker 5.2 Release Notes for HP-UX and IBM AIX.
The Java compiler now rejects import statements that import a type from the unnamed namespace. According to the Java Language specification, you cannot have a simple name in an import statement, nor can you import from the unnamed namespace (http://java.sun.com/j2se/1.4/compatibility.html#source). This change impacts applications with IDLs that do not have their definitions in a module.
When security is enabled in a BES 5.2.1 Partition using the vbroker.security.disable
property, the naming service in that Partition is not secure. This is due to the default value (true) for the vbroker.naming.security.disable property. To enable security, set vbroker.naming.security.disable=false.
The current version of the Request Agent is not security-enabled. If the Request Agent is being used in mixed JDK environments, then the Request Agent should be started with the same JDK as that of the server.
Using OAD to start RequestAgent
To start the RequestAgent with OAD, you have to:
RequestAgent as a shared server using the following command.
Note: This assumes that VBROKER_ADM is set to point to the adm directory which contains the license files.
UNIX:
oadutil reg -i IDL:borland.com/NativeMessaging/RequestAgent:1.0 -o RA -java com.borland.vbroker.MessageBroker.MessageBroker -e vbroker.orb.admDir=$VBROKER_ADM
Propagation of client side QoS policies to RequestAgent
In the current release, client side QoS policies, for example the RebindPolicy, are not propagated to the RequestAgent.
RequestAgent interop with VisiBroker for C++ 4.5 and VisiBroker for Java 4.0/4.1/4.1.1 servers for WChar and WString Data
This issue occurs when:
RequestAgent that contains WChar or WString arguments/return values.A DATA_CONVERSION or MARSHAL exception will be raised by the client as a result of this invocation. This issue will be resolved in a future release.
It is the RMI-IIOP application server's responsibility to instantiate the ORB instance and call the run() method explicitly to have the server wait for client connections.
$curtime used to return the current time of day is not currently supported. This will be supported in the next release.TransactionObject interface from the existing client/server code and still want to compile them with new OTS52, do not use the BY_POA policy to create POAs on which such objects are to be created. Instead, you should use the BY_INSTANCE or NONE bind support policy.
If you need the BY_POA policy, you should set an explicit ADAPTS policy for the POA on which an object of TransactionsalObject type is to be created.InvocationPolicy presently does not support UNSHARED mode.CurrentHost option, you will not be able to use the IPv6 address format.ServerQoPConfig will not be applied for POAs already created. This happens when the POAs are created at post_init() of ORBInitializers or init_completed() of ServiceLoaders.pk server, you need to add the following into the ejb-borland.xml file just after the definition of the
authorization domain:
<property> <prop-name>ejb.security.realms</prop-name> <prop-value>NONE</prop-value> </property>
4806811 it will throw IOException when it parses the keystore. However this does not affect the behavior. The following is a sample of the exceptions thrown:
vbj -DORBpropStorage=client_pk.properties com.borland.appclient.Container
cart_beans_client.jar java.io.IOException:
DerInputStream.getLength(): lengthTag=109, too big.
at sun.security.util.DerInputStream.getLength(DerInputStream.java:502)
at sun.security.util.DerValue.init(DerValue.java:333)
at sun.security.util.DerValue.<init>(DerValue.java:289)
at sun.security.provider.X509Factory.parseX509orPKCS7Cert(X509Factory.java:340)
at sun.security.provider.X509Factory.engineGenerateCertificates(X509Factory.java:240)
at java.security.cert.CertificateFactory.generateCertificates(CertificateFactory.java:511)
at com.inprise.security.trust.TrustpointsWrapper.addTrustPoint(TrustpointsWrapper.java:211)
at com.inprise.security.trust.TrustpointsWrapper.refresh(TrustpointsWrapper.java:163)
at com.inprise.security.CORBAsec.SecurityCurrentImpl.complete_init(SecurityCurrentImpl.java:179)
at com.borland.security.core.Init.pre_init(Init.java:475)
at com.inprise.vbroker.orb.ORB.initialize(ORB.java:1138)
at com.inprise.vbroker.orb.ORB.set_parameters(ORB.java:1310)
at org.omg.CORBA.ORB.init(ORB.java:337)
at com.inprise.j2ee.Init.orb(Init.java:78)
at com.inprise.j2ee.jndi.CtxFactory.getInitialContext(CtxFactory.java:29)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:662)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:243)
at javax.naming.InitialContext.init(InitialContext.java:219)
at javax.naming.InitialContext.<init>(InitialContext.java:175)
at com.inprise.j2ee.utils.JndiUtils.registerEjbRefsInJndi(JndiUtils.java:328)
at com.inprise.j2ee.utils.JndiUtils.registerInJndi(JndiUtils.java:468)
at com.borland.appclient.Container.main(Container.java:136)
Important: For information on minimum hardware requirements, certified operating systems, JDKs, and compilers, please refer to the Product Platforms Page.
The VisiBroker Edition 64-bit port does not provide a C++ security component.
The VisiBroker Edition 64-bit port does not provide a VisiTransact component.
The product provides mechanisms for printing version information for
the binaries and libraries included in this release. In general, use
the executable vbver followed by the file to query version information.
For example vbver osagent.exe prints:
Information for: osagent.exe Product Name: VisiBroker for C++ (Windows NT4.0, Windows 2000) Version: 05.02.01.C1.02 Copyright: (C) 1996, 2002 Company: Borland Software Corporation Build Date: 04/11/2002 14:40:29
Similarly, vbver vbjorb.jar prints:
Information for: vbjorb.jar Product Name: VisiBroker Developer for Java Version: 05.02.01.C1.02 Copyright: (C) 1996-2002 Company: Borland Software Corp. Build Date: 04/11/2003 14:40:22
To obtain version information for the utilities (such as idl2java, irep, and idl2ir), pass the -version argument to the utility.