Blog

November 26-30, 2007 - - OS Summit Asia 2007, Hong Kong

Monday Nov 26 14:30 Securing Java EE Applications in Apache Geronimo by Vamsavardhana Reddy.
Monday Nov 26 10:00 Java EE 5 App Development on Geronimo simplified using Eclipse & WTP by Shiva Kumar.

Check OS Summit Asia 2007 for calendar updates.

November 6-8, 2007 - - EclipseWorld 2007, Reston, VA

Thursday, Nov. 8, 08:30 am 503 Introduction to Developing, Debugging and Profiling Java EE Applications by Tim McConnell
Thursday, Nov. 8, 10:00 am 603 Advanced Developing, Debugging and Profiling Java EE Applications by Tim McConnell

Visit EclipseWorld 2007 for more information

In November, two big events. Two opportunities to learn more about security and tooling available in Geronimo.

• ApacheCon US 2007, Atlanta
• OS Summit Asia 2007, Hong Kong

Check the Events page for details.

November 12-16, 2007 - - ApacheCon US 2007, Atlanta

Tuesday, Nov 13 14:30 Securing Java EE Applications in Apache Geronimo by Vamsavardhana Reddy.
Tuesday, Nov 13 10:00 Java EE 5.0 App Development on Geronimo simplified using Eclipse by Shiva Kumar.

Check ApacheCon Atlanta 2007 for calendar updates.

November 26-30, 2007 - - OS Summit Asia 2007, Hong Kong

Monday Nov 26 14:30 Securing Java EE Applications in Apache Geronimo by Vamsavardhana Reddy.
Monday Nov 26 10:00 Java EE 5 App Development on Geronimo simplified using Eclipse & WTP by Shiva Kumar.

Check OS Summit Asia 2007 for calendar updates.

2007-09-06
We have discovered a security vulnerability in Geronimo, where the management EJB (MEJB) allows unchallenged access to Geronimo internals.
As a temporary workaround you can modify the config.xml to disable MEJB.

To disable MEJB make the following modifications to the configuration file at <geronimo_home>/var/config.xml.

....
<module name="org.apache.geronimo.configs/openejb/2.0.1/car">
    <gbean name="EJBNetworkService">
    ...
    </gbean>
    <gbean load="false" name="ejb/mgmt/MEJB"/>
</module>
...

We will be releasing a new version soon to control access to MEJB in a more secure way. This issue will be tracked in JIRA GERONIMO-3456.

2007-08-20
This release represents the latest open source Java Enterprise Edition 5.0 application server from the Apache Geronimo project, and continues the evolution of the Apache Geronimo server by adding new features and capabilities to a fully compliant and certified Java Enterprise Edition 5.0 container suitable for everything from a development environment to enterprise-level deployments.

The newly released Apache Geronimo 2.0.1 breaks new ground as the first open source Application Server to provide two certified JAX-WS Web Services implementations: Apache Axis2 and Apache CXF. This capability further highlights the flexibility of Apache Geronimo which also provides two certified web container implementations: Apache Tomcat and Jetty.

Geronimo 2.0.1 also introduces new features such as simplified development, improved diagnostics and flexible assemblies. Simplified deployment is achieved through the use of standards based programming model enhancements found in Java Enterprise Edition 5.0. This includes support for the Enterprise JavaBeans (EJB3) specification as implemented by the Apache OpenEJB and Apache OpenJPA projects. Here is a list of some of these programming enhancements:

• Streamlined development options provided with Java Enterprise Edition 5.0
• EJB 3.0 persistence (Java Persistence Architecture)
• A programming model that uses annotations to express developer defaults in the source code

Improved diagnostic capabilities include enhanced logging, class loader viewer as well as JMX browser which are all available from the web based console. Change logging levels on the fly as well as view existing logs with a set of filters. Looking for a class and wondering where it came from? The class loader viewer let's you find them. Want to see or change the attributes for MBeans in the server? The JMX browser allows you to navigate the MBeans in the server in a simple tree format without having to hook up external consoles or third party products. In addition, the Certification Authority portlet provides a user friendly interface to setup a Certification Authority, your own Public-Key Infrastructure, and use server/client Digital Certificates for securing your applications.

Flexible assemblies are realized through the project's continued promotion of the "Little G" 2.0.1 —a lightweight container offering for projects that don't need the full feature set of Java Enterprise Edition 5.0. Perfect for web-service and SOA deployments, "Little G" brings the modularity, manageability and extensibility of Apache Geronimo to a lightweight assembly that is small in footprint but full of capability.

This flexible, user-friendly, and easy-to-configure application server is built from best-of-breed open source components and is fully licensed under the Apache Software License, offering multiple benefits to organizations and their development teams. They can use Apache Geronimo as-is or, if they so choose, create their own custom offerings without the restrictions imposed by other open source licenses. Flexibility and choice, you have both with Apache Geronimo.

Visit the Downloads page for details on downloading Apache Geronimo v2.0.1

2007-08-13
A security bug was detected earlier today in the deployment module of Apache Geronimo 2.0. The command line deployer tool allowed deployment, both local and remote, without specifying user and password. The source of this problem has been identified and the fix is currently being tested, refer to JIRA-3404 for further details.

Apache Geronimo v2.0 was just in the process of being released however, given the sensitivity of this bug, the release has been brought to a halt. We are currently discussing on the mailing list alternatives to continue with the release process. Here is the link to the thread holding this discussion Geronimo 2.0 Release suspended due to security issue found before release

2007-06-04
The Apache Geronimo project is pleased to announce that we have passed all tests in the Sun Compatibility Test Suite for Java Enterprise Edition 5.0. This is a significant milestone for the project. The 2.0-M6 release is currently in the packaging stage but early binaries can be found here. Join the Apache Geronimo Community in celebrating this significant event.

The official 2.0 release of Apache Geronimo is anticipated at the end of June / early July. Stay tuned!

2007-04-29
This new milestone release of Apache Geronimo represents yet another snapshot of our progress towards a Java Enterprise Edition 5.0 Server runtime.

This is a milestone release so it is not recommended for high load deployments. The Apache Geronimo team would very much like user feedback so we can meet your needs as we continue the Drive to Five. See the Downloads page for download information.

2007-03-04
This new milestone release of Apache Geronimo represents yet another snapshot of our progress towards a Java Enterprise Edition 5.0 Server runtime.

This is a milestone release so it is not recommended for high load deployments. The Apache Geronimo team would very much like user feedback so we can meet your needs as we continue the Drive to Five. See the Downloads page for download information.

2007-01-30
This new milestone release of Apache Geronimo represents another snapshot of our progress towards a Java Enterprise Edition 5.0 Server runtime.

This is a milestone release so it is not recommended for high load deployments. The Apache Geronimo team would very much like user feedback so we can meet your needs as we continue the Drive to Five. See the Downloads page for download information.

More, faster, easier with Java EE 5 and Apache Geronimo v2 by Jacek Laskowski

Software Development GigaCon 2007

Apache Geronimo v2 - a Java EE 5 application server by Jacek Laskowski

Studencki Festiwal Informatyczny

ApacheCon Atlanta 2007

ApacheCon Amsterdam 2007

It is finally happening!!!
We are getting rid of the old build method using xdocs, Anakia and ant scripts and replacing it with Confluence.