Upgraded security in the new release

WildFly 18 adds security enhancements & runs on JDK 13

Sarah Schlothauer
© Shutterstock /

Welcome WildFly 18! The latest release is here and available for download. It includes several new security upgrades, including SSL certificate revocation using OCSP and support for audit logging with RFC5424/RFC3164. WildFly also now runs with JDK 13. See all the latest changes made to this fast, lightweight managed application runtime.

WildFly, the Java EE8 application server, reaches a new milestone.

Version 18 Final is here, live, and ready for download!

WildFly 18 features

According to Brian Stansberry at Red Hat, this release, in particular, is a big effort relative to the time window. So let’s say a big thank you to everyone who worked on this release and brought it to light. 👏

View the full release notes by Brian Stansberry, lead of the WildFly application server project.

Some of the release features include:

JDK 13 support

While it is not perfect yet, WildFly 18 runs with JDK 13. According to the release notes, it runs the main testsuite with minimal failures in “areas not expected to be commonly used”.

WildFly 18 is heavily tested on Java 8 and will support Java 8 well into WildFly 21 and likely even beyond. It encourages its users to use the most recent long-term support version of Java.

Both the Jakarta EE 8 Full Platform and Web Profile are compatible with the latest version as well.

Clustering upgrades

SEE ALSO: 8 key Kotlin features that give it an edge over Java

  • Ranked routing: JSESSIONID in clustered web apps can now be annotated with multiple routes, ranked by preference order. Routes configured with ranked routing will contain: the primary owner, the backup owners, and the local node if not already present.
  • Remote cache metrics: Infinispan subsystem exposes management metrics for remote HotRod caches.

Enhanced security

This release also amps up security in several different areas.

According to the release notes and proposals on GitHub these security upgrades include:

For more information about the latest security enhancements, read the JBossDeveloper blog by Farah Juma.

Furthermore, read about all the resolved issues on Jira.

Grab the latest version

SEE ALSO: What kind of Java developer are you? Take our Java Quiz to find out!

Grab the download here. Prerequisites include JDK 8 or newer and Maven 3.3.1 or newer.

Check out the repo on GitHub. Maybe you can help contribute towards the next release?

Sarah Schlothauer

Sarah Schlothauer

All Posts by Sarah Schlothauer

Sarah Schlothauer is the editor for She received her Bachelor's degree from Monmouth University, West Long Branch, New Jersey. She currently lives in Frankfurt, Germany with her husband and cat where she enjoys reading, writing, and medieval reenactment. She is also the editor for Conditio Humana, an online magazine about ethics, AI, and technology.

Inline Feedbacks
View all comments