Release Notes

Adobe CRX, Version 2.3

The release cycle for this release of Adobe CRX started on March 15, 2011, went through 25 iterations of development, quality assurance and bug fixing, and ended on March 22, 2012. The total number of customer related issues including enhancements and new features fixed in this release is 150 compared to the CRX 2.2.0 code base, and many more in the open source modules used by CRX (Apache Jackrabbit/Sling/Felix). This release is based on a new archirtecture, Granite, which makes OSGi the runtime for all the product modules, including the content repository.

CRX 2.3 is Generally Available since March 30, 2012.

CRX 2.3 is released as a standalone product, as well as the content and application platform embedded in CQ 5.5.0 release (GA on February 25, 2012). Both CQ 5.5 and CRX 2.3 standalone release include the same core repository, OSGi and Sling application framework.

Adobe CRX is an application platform for content management systems and content-centric applications. Built upon a new Granite architecture, the platform provides a solid foundation for deploying content management solutions and underpins all Adobe CQ products, including CQ WEM, CQ DAM, CQ Social Communities, and Campaign Management.

CRX is based on an OSGi-compliant service platform for managing execution and lifecycle management of dynamic libraries. An embedded content repository fully compliant with the Java Content Repository API (JCR) standard makes your high value content easily accessible for any application. CRX also provides an application development and delivery platform, based on the Apache Sling RESTful web application framework.

CRX is a packaged version of the open-source Apache Jackrabbit, Sling, and Felix projects, enriched with unique enterprise features for high availability, superior performance, reliability, scalability, security, and desktop integration. Easy to install and configure, CRX manages both structured and unstructured content and enables content-centric business applications to take advantage of the repository’s content services and the flexible and extensible content storage. Using this standard compliant content repository protects your investment in content and applications and makes your content infrastructure future-proof and sustainable.

CRX 2.3 is the content and application platform powering all the CQ 5.5 products.

CRX 2.3 is a minor release that supports the latest version 2.0 of the Java Content Repository standard, JCR 2.0 (released under JSR-283 specification request in September 2009). It provides major add-ons, key customer fixes, high-priority customer enhancements and general bug fixes oriented toward product stabilization. It also includes all the feature pack and hot fix releases from the previous CRX 2.2 release.

CRX as an enterprise content repository and web development platform provides enterprises and developers tools for developing and hosting composite content applications (formerly known as Content Enabled Vertical Applications, or CEVAs). It has the following benefits:

• Provides key software infrastructure
• Unlocks critical information locked in “air tight” departmental silos
• Delivers a solution based on widely accepted industry standards
• Allows for agile development and enterprise deployment of composite content applications
  

Main CRX Features include:

• Fully Compliant JCR Implementation, supporting the JCR 2 Standard
• Based on a new "Granite" internal architecture for simplified deployment, operations, and upgrades
• Designed for Enterprise Production
• Scalability
• Support for Cloud Deployments
• Easy to Install and Manage
• Native Support For Any Content: Unstructured and Structured
• Powerful Search and Indexing Based on Apache Lucene Engine
• Virtual Repository Support
• Providing a series of JCR Connector products
• Content Accessible By Any Application or Desktop
• Enterprise-Class Security and Single Sign-On
• JMX-based monitoring and management
• CRX Includes a Part of CQ5 Platform Application Development Platform
  • RESTful Rapid Application Development Framework based on Apache Sling
  • OSGi Service Platform based on Apache Felix
    
  • IDEs and Development Tools Supporting Different Development Processes and Environments

This release of CRX provides the following key enhancements.

This release of CRX has been refactored around a new internal architecture, called Granite. It makes the OSGi framework the runtime deployment environment for all of the CRX modules, including the content repository. It provides the following enhancements over the previous CRX architecture, based on separate web applications for the content repository and the rest of the system:

• The whole CRX product is now run inside the bundled OSGi container
• Simplified deployment into application servers with a single WAR file
• CRX repository is now an OSGi service, simplifying deployment, extending and upgrading of the repository modules
• Monitoring and remote management of CRX is now possible via the standard JMX protocol
• Unified Package Manager for CRX and all CQ application available in CRX
• Management UIs (like clustering or backup) based on the JMX services and implemented in jQuery Mobile
• CQ Replication module has been moved to Granite (CRX) and is now available to all the applications running on CRX

Improving scalability and resilience of the system has been a major focus on this release. CRX active clustering underwent a series of enhancements as a part of this initiative. We worked with selected partners and customers on ensuring that the clustered system is more robust and can automatically recover from more and more types of infrastructure and system-level problems.

Some of the more important enhancements in this area are:

• Enhanced resilience of the cluster - it's ability to automatically recover from various infrastructure and system problems
• General improvements in clustering stability and reliability
• Fixed clustering instabilities for various start/stop sequences
• Optimized memory consumption of full-text indexing of binaries
• Added option of out-of-process indexing of binaries
• Improved robustness under load

The main focus of these enhancements has been the Shared Nothing mode of Active Clustering, which is the recommended way of deploying clustered instances since CRX 2.2 / CQ 5.4.

Another main focus area of this release was on improving the operational efficiency and enteprise readiness of the repository. The following aspects were improved in this release:

• Incremental backup performance improved
• Improved TarPM optimization
• Search improvements
• Tightened security
• Improved hierarchy cache initialization efficiency

Some improvements focused on developer productivity has been made in this release. The most important of them are listed below:

• Additional mode for the "vlt" tool - automatic syncing between the repository and the local filesystem
• CRXDE Lite and CRX Package Manager are localized in English, German, French and Japanese
• CRXDE Lite has an ACL editor
• Configuration changes made in Felix Console are written into the repository (instead of the file system)

There are many smaller enhancements and stability bugfixes present in this release. Some more interesting ones are listed here:

• Updated CRX welcome screen
• Improved PDF text extraction
• IPv6 compliance

For a comprehensive list of enhancements please see Changes.

Please see Recent Updates page for a comprehensive list of latest CRX and CQ5 documentation updates. The page also provides an RSS feed, so you can subscribe to it to get the updates automatically to your desktop RSS client.

For customers, the delivery of licensed software is handled over the Adobe Licensing Website (LWS). Please visit licensing.adobe.com after you received the LWS upgrade coupon for Adobe CRX 2.3 via email.

For partners, the delivery of licensed software is handled over the Adobe Partner Connection Portal. Please visit Adobe Partner Connection Portal.

At a later point in time after the release, we will also provide the following ways of obtaining CRX 2.3:

• Customers and parters will be able to download their copy of CRX from Day support portal, daycare.day.com.
  
• CRX developers and those who would like to evaluate CRX technology and product will be able to download a trial of CRX 2.3 and request a license key at CRX download page. The license will be delivered via email.
  

See Download and Start Working to get started with CRX quickly.

To upgrade your repository to the newest version, follow these instructions:

• Upgrading CRX installations to the newest repository version

Thank you for for using our products.

This section presents important pieces of information about the release.

The default port for CRX has been unified with CQ and is now 4502. The default URL for CRX instance is thus http://localhost:4502/.

The following list presents the most important changes in the default configuration of CRX repository instances between the last version CRX 2.2 and CRX 2.3.

• The default UserManager class changed in CRX 2.3 from com.day.crx.core.CRXUserManagerImpl to org.apache.jackrabbit.core.security.user.UserPerWorkspaceUserManager. The additional functionality provided by CRXUserManagerImpl is now provided as AuthorizableAction classes. In particular this includes the NTLMAuthorizableAction, which provides functionality required to support NTLM authentication.
• Support for NTLM authentication is disabled in the CRX 2.3 default repository configuration. See commented AuthorizableAction in UserManager element and disableNTLMAuth parameter in LoginModule element.
• The UserManager in CRX 2.3 is configured with a AccessControlAction, which allows to setup permissions upon creation of a new authorizable; namely the privileges the new authorizable should be granted on it's own 'home directory' being represented by the new node associated with that new authorizable. See also Jackrabbit 2.4 JavaDoc for the class AccessControlAction.
• Several modules have been removed from the default CRX 2.3 repository configuration.
  • LicenseModule: this functionality is now part of Granite.
  • ReplicationManager: this module has been removed from CRX and is no longer available. CRX 2.3 now ships with the replication functionality from CQ.
  • VirtualRepositoryModule: this module is disabled in the default CRX 2.3 repository configuration.
  • AutoInstaller: this module is disabled in the default CRX 2.3 repository configuration.
    

• com.day.crx.core.CRXUserManagerImpl in the repository configuration is deprecated and should be replaced with org.apache.jackrabbit.core.security.user.UserPerWorkspaceUserManager. The NTLM authentication support functionality provided by CRXUserManagerImpl is available as NTLMAuthorizableAction. See also the default repository configuration for CRX 2.3.
• Some IOManager implementations related to WebDAV configuration have been deprecated because it is now possible to better parametrize default implementations. See also Jackrabbit issue JCR-3045.
  • com.day.crx.io.CRXDefaultIOManager
  • com.day.crx.io.CRXDefaultPropertyManager
  • com.day.crx.io.CrxIOManager
  • com.day.crx.io.CrxPropertyManager

The location of the default search indexing configuration changed in CQ 5.5. Previously the default indexing configuration was located in the exploded CRX web application archive (crx-quickstart/server/runtime/0/_crx/WEB-INF/classes/indexing_config.xml). Now the default configuration is embedded in the repository bundle deployed in the OSGi container. Please use the default CQ 5.5 configuration provided in the KB as a starting point when you need to customize the configuration.

Day CRX directly includes Apache Jackrabbit as a set of external libraries. Please see the section on product changes in 3rd-party modules to learn more about exact versions used in CRX 2.3.

This section presents compatibiltiy of CRX 2.3 with other products.

CRX 2.3 is released as a part of CQ 5.5, and thus explicitly supported.

These versions of CQ5 have to be upgraded to CQ 5.5. Repository upgrade to CRX 2.3 is not supported due to the change in architecture.

See Repository Upgrade documentation.

Upgrade: CRX 2.0 is only available embedded in CQ 5.3. As such, it can only be upgraded to CRX 2.3 with a CQ upgrade to 5.5.

Upgrade: See Upgrading to CRX 2.3 for upgrade instructions. As CRX 2.3 is a major release, it is generally recommended to upgrade your repository to the latest CRX 1.x version first (CRX 1.4.2.PS1), and then upgrade it to CRX 2.3.

Remote connection / virtual repository mount. RMI in CRX 2 does not support connecting between mixed versions of the JCR API. You can use WebDAV / DAVEx Remoting instead to mount workspaces from CRX 1.x repositories into CRX 2.x primary workspaces.

This recommendation is particularly relevant to connector integration between CRX 2.x (and CQ 5 version based on CRX 2, namely CQ 5.3 and higher) and Day JCR Connectors, which require CRX 1.x as a framework. For such an use case the following setup for Virtual Repository mount is recommended:

• WebDAV remoting server in CRX 1.x connector instance upgraded to the latest version 1.6 from Jackrabbit
• Token authentication in CRX 2.x instance must be turned off for virtual repository mapping to work

Upgrading WebDAV remoting server in CRX 1.3.x. The WebDAV remoting support in CRX 1.3.x does not have all the features expected (by default) by the WebDAV remoting client in CRX 2.x. The easiest way to set up a WebDAV remoting connection from CRX 2.x to CRX 1.3.x is to use the latest Jackrabbit 1.6.x jars to upgrade the WebDAV support in the CRX 1.3.x instance.

Here's how to do this:

Download the following jars (for example from within the jackrabbit-webapp war that's available on the Jackrabbit download page) and place them in the server/runtime/0/_crx/WEB-INF/lib/ directory:

• jackrabbit-api-1.6.x.jar
  
• jackrabbit-jcr-commons-1.6.x.jar
  
• jackrabbit-jcr-server-1.6.x.jar
  
• jackrabbit-webapp-1.6.x.jar
  
• jackrabbit-webdav-1.6.x.jar
• commons-fileupload-1.2.1.jar
  

In server/runtime/0/_crx/WEB-INF/web.xml, replace the existing JCRWebdavServer servlet configuration with the following:

Also in server/runtime/0/_crx/WEB-INF/web.xml, add the following servlet configuration:

Restart the CRX 1.3.x instance.

You can then create a virtual repository connection to the updated CRX 1.3.x instance using configuration like this:

/etc/virtual-repositories/virtual-crx/mnt/crx132
  - address=crx.default@http://<host>:<port>/crx/server

for example:

/etc/virtual-repositories/virtual-crx/mnt/crx132/
    - address=crx.default@http://localhost:7788/crx/server
    + .params
        - enabled=true    
        -org.apache.jackrabbit.spi2dav.uri=http://localhost:7788/crx/server
 
Restart the crx 2.3 instance. The content from the mounted CRX 1.3.x instance should be visible.

Compatible. Install the connector content package from PackageShare in version at least 2.0.1, which can be installed into CRX 2.x repositories (the initially released version 2.0.0 of the SharePoint connector / initial content package works with CRX 1.4.2 repositories).

Note: the virtual repository module is disabled by default in CQ 5.5, and needs to be enabled to leverage connector-based integration.

Compatible. Install the connector content package from PackageShare in version at least 2.0.1, which can be installed into CRX 2.x repositories (the initially released version 2.0.0 of the SharePoint connector / initial content package works with CRX 1.4.2 repositories).

Other JCR connectors are based on CRX 1.x framework, and are compatible with CRX 2.3 through remote virtual repository mounting.

You can mount the connector JCR mapping of a 3rd party repository (EMC Documentum, OpenText Livelink, etc) into CRX 2.3 repository by following these steps:

• Install connector into the supported version of CRX (usually, CRX 1.3.2) according to connector documentation
  
• Upgrade WebDAV remoting server in the connector instance to the latest version from Jackrabbit 1.3.
  
• In CRX 2.3 instance
  
  • Turn off the token authentication in CRX login module configuration. This is required for virtual repository mapping to work.
  • Configure virtual repository mount point to your connector instance via WebDAV remoting.

For the last two steps follow the instructions in Compatibility with CRX 1.x above.

To connect to Documentum connector v 2.0 (based on CRX 1.3.2) via WebDAV remoting, the following setting should be added to the connector workspace.xml file

• dm_type should be added to the deniedObjects list
  

For integrating CQ5 sysems with Microsoft FAST ESP search engine, the recommended approach is to use the CQ FAST Connector module built on top of CQ5 replication agent architecture. It is available as FeaturePack, please contact Custom Engineering department for more information.

The FAST to JCR Adapter add-on product, operating directly on the JCR level, has been discontinued due to limited demand. It is no longer available from Adobe.

Day plugins for Eclipse have been updated to work with CRX 2.x repositories. Please see www.day.com/eclipse for more information and instructions.

CRX Feature for Eclipse. This set of plugins provide Eclipse users with the ability to browse and edit repository content, JCR tree, from within Eclipse IDE. We appreciate that there has been customer interest in this feature, and we have updated it to work with CRX 2.x repositories.

Day Servlet Engine Feature for Eclipse (deprecated). This feature is no longer compatible with the new Granite architecture.

The drop-in, source-code compatibility with Apache Jackrabbit has been maintained by CRX since version CRX 1.4. CRX 2.3 is compatible with Apache Jackrabbit 2.4.

The following subsections list product enhancements and bugfixes in this release, per product module or external component.

No new version has been released since CRXDE 1.0.1.

• 34529 - Performance improvement of CRXDE Lite console tab
• 34494 - Make CRXDELite compatible with IE9
• 38401 - Ensure SaveAll button works for all property types (fixed CRX.2.2.0.48 regression)
• 35696 - Fix JS error when opening the ACL tab
• 35376 - Copy & paste properties between nodes possible now
• 28305 - Migrate content explorer access control functionality to CRXDE Lite
• 28307 - Migrate CRX Explorer node type administration to CRXDE Lite

• 34227 - CRXDELite: support annotations with enums in Build Bundle

• 33940 - Improved cluster resilience under heavy load
• 34118 - Fixed an out-of-sync situation for controlled stop/start of the master node in cluster
• 37685 - Fixed reindexing for repositories with invalid date properties present
• 33968 - Improve resilience of clustered data store
• 34133 - Improve resilience of clustered data store
• 39642 - Fixed authentication token cleanup in cluster
• 34104 - Ensure cluster join via UI observers cluster & journal configuration parameters
• 34661 - Ensure master node can be shutdown when slave is under heavy load
• 37988 - Ensure that TarPM does not start automatically when slave becomes a master
• 34051 - Restart no longer required for the slave node after cluster join
• 36470 - Adjust log levels for information logged when stopping master node
• 34099 - Cluster more robust in case of network outage between nodes
• 36256 - Ensure Tar PM optimization can be disabled completely
• 20153 - Added JMX MBean for information about clustering status
• 39047 - Repository reviesion number exposed through JMX
• 38346 - Added ability to rollback CRX instance or cluster to a given transaction (TarPM+TarJournal only)

CRX 2.3 embeds Servlet Engine CQSE version 4.1.24.

• 28523 - Added ServletRequest.getLocale() implementation
• 34477 - Ensure empty enumeration instead of null is returned in getHeaders when header is not found
• 34531 - Improved performance of CQSE by optimizing synchronization of SimpleDateFormat
• 34845 - Ensure HttpSession is recreated after invalidate() called
• 35100 - Improved handling of parallel POST requests
• 35777 - Improved handling of many concurrent requestst
• 32112 - Added support for HttpOnly mode for session cookies and configured by default
• 35781 - Creating a new session ID now invalidates the session
• 36300 - Fixed ServletRequest.GetCharacterEncoding for requests with multiple parameters in Content-Type header
• 37648 - Fixed dependency for SSL JVM libraries on AIX/IBM J9
• 37668 - Make CQSE compliant with Granite architecture to run as OSGi bundle providing Apache Felix HTTP service
• 36044 - Ensure session is destroyed after it is invalidated
• 38028 - Added support for org.apache.felix.host property

FileVault version delivered with CRX 2.3 is 2.4.18.

• 35237 - Ensure xml resource can be committed under _jcr_content
• 35803 - Improve handling of nodetypes.cnd to get installed only if they changed
• 34479 - Upgraded vlt dependent jline library to make vlt work on Windows 64-bit
• 22969 - Ensure that packages modify jcr:lastModified timestamp to force JSP recompilation
• 31640 - Improve handling of full-coverage aggregates
• 35371 - Ensure that XML resources can be added under _jcr_content
• 35295 - Fixed vlt export to a folder on Windows systems
• 34972 - Ensure "vlt rcp -u" can replace String/multi-valued String properties
• 39825 - Fix vlt ci handling of jspx files (to ensure they are checked in as text/plain)
• 33952 - Ensure that property type is updated on package install
• 33709 - Extended vlt -rcp with a throttling option (-t --throttle)
• 33507 - Made inclusion of CND file configurable in properties.xml
• 34455 - Improved handling of same-name siblings order in import/export
• 31442 - Limit the number of INFO messages for package import
• 35564 - Handle non-numeric versions for packages
• 36309 - Implemented vlt auto-sync mode between directory and repository
• 37734 - Ensure a package without properties.xml can be installed
• 37939 - Handle import of users/groups in merge mode also when the paths differ
• 34801 - Dropped support for JCR 1.0 repositories
• 38078 - Made Package Manager compatible with Granite architecture by creating an OSGi service
• 38560 - Ensure that Maven-generated packages (which don't have properties.xml) can be installed
• 39088 - Exposed list of content packages and their status
• 39155 - Ensure packages bigger than 2GB can be installed
• 40599 - Improved package installation to handle concurrent repository modification better
• 35388 - InstallHooks: added property to call the class from outside the package

Granite is the new archtiecture for CRX introduced with CRX 2.3, and as such the changes are not generally reported here for this release. However, as implementing Granite encompased rewrapping existing CRX modules into OSGi services, some of the changes in this area are reported below.

• 34802 - Everyone read access denied by default (high security default installation)
• 28175 - Http Client Proxy: make list and order of HTTP authentication schemes configurable
• 37881 - Enhanced performance in case of extensive usage of sling:vanityPath
• 37788 - Ensure redirect after Form Authentication is right
• 38141 - Package Manager: ensure packages with trailing space in filter root path can be installed
• 36107 - Made hotfix pack installation resilitent in deployments with symbolic-linked repository directory
• 36949 - Enhanced deployment filesystem layout for Granite architecture
• 38955 - Add Granite-specific start/stop scripts
• 37251 - CQ Replication now moved to Granite platform
• 34180 - Replication: Fixed deactivation of assets having non-ascii characters
• 35600 - Replication: changed a misleading warning on server startup to DEBUG - "Queue ... not found"
• 40137 - Ensure replication temporary data is cleaned up when the corresponding replication queue is cleared
• 37257 - Add jQuery Mobile UI for management of replication

• 34247 - Allow WEAKREFERENCE properties in Node Type administration GUI
• 35832 - Ensure index_config.jsp is Java 5 compliant
• 37714 - Ported the reminder of CRX Explorer (legacy) to Granite / Sling
• 36592* - Migrate CRX diagnostic and administration to JMX and provide access via web console plugins

• 36258 - Added configurable location of crx-quickstart via system property for more flexible appserver deployments

No changes to be reported for CRX 2.3.

• 34778 - Improved resilience of the out-of-process search indexing
• 34360 - Default proxy config in web.xml can cause UnknownHostExcepion
• 33580 - Ensure that crx-console-launcher is retained after installing CRX HotFix Packs
• 35114 - Optimize subsequent runs of online backup to a folder
• 34278 - CRX now requires Servlet API in at least version 2.4
• 34992 - CRX CLI console: Add command to add a childnode entry
• 34918 - Ensure that the auto-Install module honors package dependencies
• 13569 - Package CRX modules into OSGi budnles for the Granite architecture
• 37688 - Added JMX MBean for Cluster Join operation
• 37691 - Added JMX MBean for Tar PM optimization and index merge operation
• 37692 - Implement Granite replacement for Check Repository screen
• 37774 - Detect disk full condition when executing online backup

• 38463 - Feature to configure repository location via OSGi (additionally to system property and bootsrap property)
• 34675 - Ensure that Datasource get correct binding when a newer version of package is installed
• 35349 - CRX Default port changed to 4502 from 7402
• 36523 - Use the new Granite architecture for CRX

• 32761 - Optimize memory usage while indexing MS Office documents
• 34761 - Impoved repository reindexing stability in case of out of memory problems
• 35393 - Fix in indexing of properties for nodes with binary properties
• 38101 - Fixed synchronization problem in versioning for clustered installations
• 39351 - Made Datastore garbage collection resilient against missing data tar files
• 32755 - Optimize memory usage while indexing PDF documents
• 34456 - Fixed a problem when copying nodes via WebDAV
• 34668 - Fixed FileNotFoundException after TarPM optimization
• 33955 - Fixed a deadlock under heavy load in DefaultISMLocking configuration
• 35084 - Fixed handling of paths including dots
• 35409 - Fix session timeout in online backup
• 35895 - Fix exceptions when using DescendantSelfAxisQuery in session with limited access
• 35721 - Make copying many assets to /var/dam more robust
• 36572 - Fixed ArrayIndexOutOfBoundsException in ConcurrentCache
• 35993 - Make concurrent user profile creation more robust
• 37742 - Fix for NegativeArraySizeException when using indexInMemory=true
• 38092 - Improved full test extraction under high load
• 32657 - Allow for out-of-process text extraction for problematic .yuv video files to avoid out of memory
• 33885 - Upgraded to Lucene 3.0.3
• 34792 - Introduced access checks for backupDownload.jsp
• 34797 - Fixed session timeout for Datastore consistency check
• 35008 - Fixed user search in CQ 5.3 upgraded to CRX 2.2
• 35172 - Online Backup: exclude cq.pid
• 36497 - Fixed problems with datastore garbage collection completion when invalid date in repository
• 33005 - Ensure that indexing_configuration.xml is handled properly in repository upgrade for CQ
• 35558 - Improved indexing performance via more efficient removeFields operation
• 35813 - Support embedded index aggregates
• 37320 - Fixed version creation when activating certain CQ pages
• 38690 - Fixed rebuilding of parent node indexing aggregation after moving node
• 33026 - Add support for sequential node IDs in TarPM (turned off by default)
• 33038 - Implemented Out-of-process text extraction for better protection agains JVM/memory/CPU problems
• 33662 - Ensure Data Store garbage collection has a long-running session to be able to complete
• 34286 - Consistency check enforced before datastore garbage collection
• 33488 - Improved performance of CRX startup for large repositories via optimizing hierarchy cache initialization
• 36538 - Improve disk performance assessment on CRX startup
• 38260 - Fixed exceptions in low disk space monitor
• 39601 - Blocking repository writes exposed via JMX for backup, etc purposes

No changes to be reported for CRX 2.3.

• 34364 - Fix for a StackOverflowError when LDAP has circular group definitions
• 35296 - Ensure connection closed for LDAP authentication under all conditions
• 34757 - Ensure token authentication parameters are loaded from JAAS configuration
• 34886 - Improved performance for users who are members of many groups
• 35838 - Fixed performance regression in LDAPLoginModule
• 35997 - Improved performance of LDAP group synchronization
• 36468 - Ensure all attributes of LDAP entry are synced to repository
• 37218 - Always allow requests whose host name matches the referrer
• 36840 - Setting new password requires old password
• 40219 - Permissions on user profile not set when user is created via LDAP
• 36164 - Fixed LDAP background synchronization problems on WebSphere
• 24122 - LDAP: changed user CN in Directory Server might cause CRX login to fail
• 36917 - Improved user login performance with LDAP integration configured
• 34363 - Allow for storing encrypted password in LDAP config file
• 34681 - Ensure userFilter is applied during login process with LDAP configured
• 37777 - Adjust log levels for UserManager module to report differences in CQ author/publish setup properly
• 31617 - Remove authentication token upon user logout

• 36513 - WebDAV: allow specifying extra parameters for IOHandlers & PropertyHandlers (see JCR-3045)

This section outlines changes done in CRX 2.3 since the last release, CRX 2.2 in the most important third-party modules.

JCR Remoting. JCR remoting based on extended WebDAV protocol, Apache Jackrabbit SPI architecture, and DAVEx extensions, is the recommended JCR remoting protocol for CRX 2. As of CRX 2.0 it covers most JCR 1.x methods, and some JCR 2.0 features. The coverage of the JCR 2.0 APIs will be improved in the upcoming releases.

The following JSR 170 feature is currently not implemented:

• Impersonation (JCR-2538)

The following JSR 283 features are currently not implemented:

• AccessControl Management
• LifeCycle Management (JCR-2228)
• Retention Management (JCR-2114)
• Shareable Nodes (JCR-2099)
• Versioning: Activities & Configuration (JCR-2104)
• Versioning: Simple (JCR-2112)
• Workspace Management (create/delete)
  

These are the known limitations of the current SPI/DAVEx remoting implementation:

• Reregistration of namespaces is not reflected to existing session (re-login required).
• Wrong Item.isSave() evaluation under certain circumstances (JCR-2560)
• Same-name Property and Node will cause NPE (JCR-1616)
• XML Import: ConstraintViolationEx. instead of SAXException/InvalidSerializedDataEx.
• Missing possibility to validate added lock tokens
• Change Polling fills jcr.log with WARN entries (JCR-2566)
• Query: Validation of statement (JCR-2533)
• Query: Bind value and retrieve bind variable names (JCR-2533)

The same concerns RMI coverage for JCR 2.x. See Apache Jackrabbit issue JCRRMI-26 for tracking progress of this.

CRXDE Light. We recommend to use the new, standard-compliant browsers to work with CRXDE. Users might experience problems or performance degradation when using older browsers, specifically Microsoft IE 6.

CRXDE. The time that CRXDE needs to connect to a repository depends on the repository size. For  CQ5 deployments, especially with much content under /libs, /etc, and /apps folders it can take some time after OK is clicked on the Repository Login dialog.

Virtual Repository Mount. Virtual repository mount not possible with token-based authentication. The workaround is to disable the token based authentication in the Login Module.

This need to be adjusted accordingly if CRX is run with JAAS configuration. Similarly if CRX is run with a combination of LDAPLoginModule and CRXLoginModule the disableTokenAuth flag must be set for the LDAPLoginModule as well unless the user-sync isn't set to NONE.

Here's an example of how the token-based authentication can be disabled in repository.xml:

The list of known issues for this release with workaround information where available is presented below.

• 15170 - CIFS does not work with Microsoft Windows Vista
  • Microsoft Windows Vista and newer versions are currently not supported clients for the CIFS integration of CRX
• 17647 - Search: Indexing of some PDF 1.3 files fails
  • This happens because of a bug in 3rd party PDFbox library used to parse PDF files (bug ref. #1786901 - IOException when parsing 1.3 PDF).
• 27265 - Installing large packages on CRX instances running on Java 5 may fail
  • Workaround: switch to Java 6 or use a higher save threshold setting in Install /
    Advanced Settings.
• 28023 - Check out of content with custom, not-yet-registered node types fails
  • Workaround: Custom node type(s) need to be installed manually prior to
    check out.
• 28487 - WebDav remote connection from CRX 2.x to CRX 1.3.2 not possible
  • Workaround: the WebDAV remoting support in CRX 1.3.x does not have all
    the features expected (by default) by the WebDAV remoting
    client in CRX 2.x. The easiest way to set up a WebDAV
    remoting connection from CRX 2.x to CRX 1.3.x is to use
    the latest Jackrabbit 1.6.x jars to upgrade the WebDAV
    support in the CRX 1.3.x instance.
• 28617 - Mounting documentum connector workspace over WebDAV fails
  • Workaround: add "dm_type" to the "deniedObjects" list
• 28835 - Virtual Repository mount not possible with token-based authentication
  • Workaround: disable token based authentication in Login Module in your configuration
    
• 33027 - Modification on locked node may succeed in cluster
  • Workaround: ensure that modification is guarded with lock/unlock
• 39963 - Provide JMX MBeans & new UI for LDAP sync and LDAP user purge
  • These functionalities are scheduled for the next update of CRX
• 42009 - RMI support for Granite architecture
  • Workaround: use JCR remoting instead

Public Sites

• Adobe CQ Product page
• Adobe CRX Product page
• dev.day.com Developer Community
  
• CQ Documentation
• CRX Documentation
  

Restricted Sites

These sites are only available to customers. If you are a customer and need access, please contact your Adobe account manager.

• Customer Support at daycare.day.com
• Product Downloads at licensing.adobe.com