WildFly Project News

WildFly 26.0.1.Final is now available for download. It’s been about four weeks since the WildFly 26 release, so we’ve done a small bug fix update, WildFly 26.0.1. This includes an update to WildFly Preview. The full list of issues resolved in WildFly 26.0.1 is available here Enjoy!

In my Changes are coming to WildFly post last September, I tried to give a sense of how the transition to Jakarta EE 10 was likely to impact the next few WildFly releases. With WildFly 26 out the door and our efforts for 2022 ramping up, I want to give our community on update on how we see things playing out over the course of the year. The tl;dr; of this is WildFly will be...

An overview of the upcoming encryption and integrity support in Elytron Filesystem Security Realms.

An overview of the native support for OpenID Connect in WildFly.

An overview of some new security features in WildFly.

An example of how to use a JAAS realm in WildFly.

An overview of the upcoming Elytron client default SSL context provider.

I’m pleased to announce that the WildFly 26 Final zip is now available for download. (Note that the release may not be available yet on Maven Central; please Maven Availability below for more details.) There are number of new things in this release: WildFly Preview and MicroProfile Platform 5 Last week the MicroProfile group announced the release of the MicroProfile 5.0 platform. Thanks and congratulations to the MicroProfile community! MicroProfile 5.0 is mainly focused on...

WildFly 26 S2I Docker images The WildFly S2I (Source-to-Image) builder and runtime Docker images for WildFly 26 have been released on quay.io/wildfly. For complete documentation on how to use these images using S2I, OpenShift and Docker, refer to the WildFly S2I README. Anticipating a future set of WildFly images The quay.io/wildfly/wildfly-centos7 and quay.io/wildfly/wildfly-runtime-centos7 are now deprecated. When building or running the server, a deprecation notice is displayed in the console. We are planning to stop...

WildFly users are of course interested in the impact of the recently disclosed security vulnerabilities related to Apache Log4j. On Friday the @WildFlyAS Twitter account tweeted a tl;dr; summary of how the critical impact CVE-2021-44228 vulnerability affects WildFly. In this post I want to provide further details, information on how users who package the log4j-core artifact in their WildFly application deployments can mitigate the risk, and provide information on how the recently disclosed moderate Log4j...