Migrating from 8.0 to 9.1

Be aware of


You need to request a new licence for Axon.ivy Engine 9.1.


We have simplified the licence check for public urls compared to 8.0 and do not check for ports and paths (context) anymore. When requesting a new 9.1 licence, you only need to specify the DNS names/Hostnames or IP addresses through which the Axon.ivy Engine can be accessed.

Engine default base path changed

We changed the default value of the WebServer.IvyContextName from "ivy" to "". This means the default engine URL has changed (from http://localhost:8080/ivy/) to http://localhost:8080/.

If you have a Front-end Server configured, you have to manually define the WebServer.IvyContextName with the old value ivy. Otherwise the AJP uri workers will not find a valid path.

URL changes

The paths in the URL have changed. The name of the application is now at the top.


Setting up a classic frontend server is now much easier, because you can now define routes on app level. If you have a Front-end Server configured and you block some URLs for security reasons, you need to adjust them.

Here are some examples:











Web integration tests simplified

Selenium based integration test do no longer require huge manually crafted maven build pom.xml definitions. Existing pom.xml files for test projects must be manually simplified.


We introduced an new lifecycle called iar-integration-test that basically binds all the plugin executions which are required to have a running in memory engine with your workflow app deployed.

Here’s how you make use of these simplified stack in the pom.xml of a test project:

  1. change the packaging from type iar to iar-integration-test

  2. remove manually bound executions of the goals start-test-engine and stop-test-engine

  3. consider removing bound deployment executions (goal deploy-to-engine or deploy-iar). The new plugin lifecycle automatically takes all your IAR dependencies and deploys them.

  4. remove unittest jvm argLine configurations that propagate the start engine url (test.engine.url) and test application hint (test.engine.app).

  5. verify that your web tests stick to a naming pattern which complies with the maven-failsafe-plugin includes. If not, rename the unit tests to end with IT (e.g. WebTestCustomerOnboardingIT.java)

  6. run the maven build to verify your changes.

A sample conversion can be reviewed on Github. Another way to get a valid example is to use the new Axon.ivy Test Project wizard of the Axon.ivy Designer, select IvyWebTest as testing flavour and examine the created pom.xml in the newly created test project.

Global deploy.options.yaml removed

The deploy.options.yaml in the deployment directory can no longer be used to influence deployments.


We think that it made deployments unnecessary hard to track and that administrators are better off with the deployment options packed as part of the application ZIP or specific yaml per artifact.

Static JSF pages moved to webContent/view

The location of static JSF pages in your Axon.ivy Project have been changed to webContent/view in order to improve security.


In 8.0 (pre 8.0.4) the static pages were located directly inside the webContent folder. From 9.1 (8.0.4) on these pages are no longer accessible. You need to move the static JSF pages to the new folder in your Axon.ivy Project. Please refer to the chapter Static JSF Pages for more information.

context.xml and web.xml moved to configuration folder

The context.xml and web.xml files are now in the global /configuration/ folder. If you modified them you need to apply these changes to the files in the new location.


Prior to 9.1 they were located under webapps/ivy/META-INF/context.xml and webapps/ivy/WEB-INF/web.xml.

New security system config Membership.UserMemberOfLookupAllowed

We introduced a new security system configuration property Membership.UserMemberOfLookupAllowed, with true as its default value. If your active directory or eDirectory does not allow to read the memberOf property of a user (groups of a user), you need to set this configuration property to false. With the introduction of this new property we removed the property Membership.UseUserMemberOfForUserRoleMembership.

Good to know

VisualVM Plugin in the Axon.ivy Market

The Axon.ivy Visual VM plugin to monitor your Axon.ivy Engine is now available in the Axon.ivy Market. It is not bundled with the Axon.ivy Engine in the directory [engineDir]/misc/visualvm/ anymore.

Subversion Client unplugged from Axon.ivy Designer

We removed the Subversion client Subclipse from the Axon.ivy Designer. It can still be easily installed through the Eclipse Marketplace in the Designer. Go to Help ‣ Eclipse Marketplace, search for Subclipse and install it.

Daily Jobs are only executed at configured time

Daily jobs are now executed only at the configured time, even if the Axon.ivy Engine was not running at the last execution time.


Daily jobs like sending task summary emails or synchronizing users are executed once a day. Prior to 9.1, if the Axon.ivy Engine was not running at the configured time, the daily jobs were executed on the next start of the Axon.ivy Engine. This lead sometimes to a heavy workload on start-up, making the Axon.ivy Engine unusable for other tasks.

We changed this behavior in order to make the Axon.ivy Engine responsive straight after start-up.

Special handling for Informix as external third-party database

Informix is a database management system and can be integrated with Axon.ivy like any other database system. We have removed any special handling for Informix as this is no longer necessary. If you are using Informix and have any problems, please contact us.

More changes

Changes to the Axon.ivy System Database

We have introduced a new table IWA_SecurityMember that contains entries for all users and roles. Migration to the new database schema is done automatically.


We also removed most of the foreign key references to the tables IWA_User and IWA_Role and replaced them with references to IWA_SecurityMember. Entries in table IWA_SecurityMember will not be deleted even if a corresponding user or role is deleted.

During migration all users and roles that could not be mapped to existing entries (e.g. because they were deleted from the database) but still have an entry in a Name column, will be added to the IWA_SecurityMembers table, to ensure referential integrity. All security members added this way will be in state disabled.

Note that the following database definitions have changed:

  • In view IWA_TaskQuery the naming of the activator columns has slightly changed, to match the Java API methods naming:

    • ActivatorName and ActivatorDisplayName change to OriginalActivatorName and OriginalActivatorDisplayName

    • CurrentActivatorName and CurrentDisplayName change to ActivatorName and ActivatorDisplayName

  • Column IWA_WorkflowEvent.UserId now references IWA_SecurityMember.SecurityMemberId and changes to a VARCHAR(210) value.

Using HttpAsyncClient for CXF web service calls

We switched the default connection implementation of CXF web service calls from HttpURLConnection to org.apache.http.nio.client.HttpAsyncClient.


The HttpAsyncClient has improved performance and provides better support for NTML authentication.

There are no known issues with HttpAsyncClient, but if you still want to use HttpURLConnection you can set the property use.async.http.conduit to false on the web service client configuration.