Java Management Service introduces new Advanced Features for customers and makes Basic Discovery available to everyone

December 8, 2022 | 5 minute read
Sanju Nair
Principal Product Manager, Java Platform Group
Text Size 100%:

With the latest release of Java Management Service (JMS) Oracle introduces several new advanced features to help administrators gain additional insights into Java workloads. JMS administrators can now use Java Management Service - Fleet Management to:

  • Analyze the usage of application servers
  • Identify potential vulnerabilities associated with the Java libraries used by applications
  • Assess the impact of Oracle JRE and JDK Cryptographic Roadmap changes on their applications
  • Use Java Flight Recorder to gather application insights
  • Download and install Oracle Java versions
  • Remove Oracle Java versions

on Desktops, Servers, or Cloud deployments covered by an Oracle Java SE Subscription or when running on an Oracle Cloud Infrastructure service that permits access to the underlying operating system.

As announced during the JavaOne 2022 Keynote, the Basic Java Management Service Discovery Features that identify Java Runtimes and Oracle JDK usage is now available to everyone, even users that do not have a Java SE Subscription or are running in Oracle Cloud Infrastructure.

New Advanced Features

In addition to Java Runtime Lifecycle Management Operations, JMS has introduced more advanced features - Advanced Usage Tracking, Crypto event analysis, and JDK Flight Recording. These new advanced features are currently supported on Linux platforms.

Advanced usage tracking

Basic usage tracking which relies on Java usage tracker and file scanning capabilities helps JMS administrators to identify Oracle JDK usage and report OpenJDK distributions. Advanced usage tracking will help in identifying usage of Java severs and Java libraries.

Scan for Java servers

JMS administrators can use the "Scan for Java servers" operation in Java Management Service - Fleet Management, to detect and report usage of application and HTTP servers like Oracle Weblogic, Apache Tomcat, and JBoss. In addition to the versioning info, JMS administrators can also see the applications deployed on these servers and the Managed Servers to which the servers are deployed.

Java servers detected by JMS in the fleet
Java Application Servers
Details of Java server detected by JMS
​ Applications running in each Java Application Server

Scan for Java libraries

The "Scan for Java libraries" creates a list of Java libraries used by Java applications (both standalone and those deployed in Java servers) in the fleet. JMS will also compare the libraries and versions found against the National Vulnerability Database to help administrator identify applications that should be updated to use newer versions or updated to different libraries.

The scans for advanced usage tracking must be initiated by the JMS administrator and is not performed by default by the JMS agents.

Java libraries detected by JMS in the fleet
Java libraries detected by JMS in the fleet

Crypto event analysis

Oracle's plans for changes to the security algorithms and associated policies/settings in the Oracle Java Runtime Environment (JRE) and Java SE Development Kit (JDK) are published periodically at Oracle JRE and JDK Cryptographic Roadmap. To make good use of that information however, administrators would need to know if any of their Java applications are using the algorithms, key lengths, or default values that will be changed. Some of that information can be hard to know, especially when applications rely on configurations on the servers they connect to.

Using Crypto Event Analysis, administrators will get detailed information on what cryptographic algorithms from the Java Security Libraries are being used. JMS will compare the algorithms being used with the planned changes and highlight applications that might be impacted by future changes or by certificates that are about to expire.  When applicable, JMS will provide  recommendations to avoid disruptions.

Results of Crypto event analysis run on a managed instance in the fleet
Results of Crypto event analysis run on a managed instance in the fleet

Please be aware that JMS can only identify cryptographic usage within the JDK libraries. JMS can identify usage of most third-party cryptographic providers but cannot provide details of which algorithms or certificates are being used when relying on third-party cryptographic providers.

JDK Flight Recording

Administrators can initiate Java Flight Recording on applications reported by JMS using the Run JDK Flight Recorder (JFR) operation in Java Management Service - Fleet Management. JDK Flight Recorder collects diagnostic and profiling data about a running Java application. JMS will initiate the recording and upload the resulting JFR file to the customer’s tenancy, enabling administrators to do their own analysis of the recordings.

Initiating Java Flight Recording for an application
Initiating Java Flight Recording for an application

Basic Java discovery available for all!

We are excited to announce that Basic Java discovery of JMS is now available to all Java users, whether they have a Java SE Subscription, are running on OCI, or not. Basic Discovery allows you to:

  • View the versions and vendor information of all Java runtimes in your systems
  • Identify which Oracle Java installations are up to date, and which ones should be updated or upgraded
  • View which applications run on each Oracle Java runtime

To take advantage of JMS Basic Discovery administrators will need to create an OCI Account, go to Java Management Service, and create one or more fleets (to group the managed instances).  Once you have created your fleet(s), you install the Java Management Service agent on each system you would like to monitor. The JMS agent will scan your systems to find all Java installations and configure usage logging on all Oracle Runtimes to start collecting information on what Java Applications are using them. All information collected by JMS is stored in your user tenancy. Although there is no charge for using JMS you will be responsible for storage costs for the information collected by the agent (starting $0.01 per MB per month, see Object Storage Pricing). For many users the free tier allowance will provide enough storage for JMS basic discovery services.

Additional information

Sanju Nair

Principal Product Manager, Java Platform Group

Sanju Nair is a Product Manager in the Java Platform Group at Oracle. He has worked in the IT industry for 10 years starting as a Java developer in Wipro Technologies and Oracle before moving into Product Management roles at NTT-Netmagic and Oracle. Sanju currently manages Java Management Service, JDK Mission Control and Java Advanced Management Console at Oracle.

Previous Post

Java Card 3.1: Security Services

Nicolas Ponsini | 5 min read

Next Post

Java Card 3.1: Cryptographic Extensions

Nicolas Ponsini | 6 min read