5.6. Web Services
Table 5.6, “Web Services Issues Resolved in 6.3.0” lists the issues resolved in version 6.3.0.
| Issue | Description |
|---|---|
| COLLECTIONS-580 | [COLLECTIONS-580] Arbitrary remote code execution with InvokerTransformer |
| CXF-1194 | Schema Validation & MTOM fails |
| CXF-4109 | UriInfo getHost caches first request's host and always returns that on subsequent calls |
| CXF-4817 | JAX-RS AsyncResponse implementation needs to call AsyncContext.complete after the request is done |
| CXF-5348 | Exception mappers implementing ExceptionMapper through an abstract class are not mapped to the declared exception |
| CXF-5640 | CXF bundle is not compatible with new spring features from Karaf |
| CXF-5688 | Problem Parsing FIQL Involving Enums |
| CXF-5744 | @XmlTransient behavior change in WSDL fault content |
| CXF-5788 | JMS replyToDestination doesn't work |
| CXF-5795 | Reading the entity from a Response with 202 - Accepted causes NullPointerException |
| CXF-5844 | Annotations inherited from interface not merged with annotations from implementing method |
| CXF-5846 | ClassCastException in org.apache.cxf.jaxrs.provider.BinaryDataProvider & SourceProvider |
| CXF-5862 | NullPointerException in class CustomizationParser |
| CXF-5878 | Disabling policy engine causes NPE |
| CXF-5897 | Relax setter method name restriction for @context injection |
| CXF-5898 | Feature wss4j should be updated after saaj-impl version change |
| CXF-5899 | JAX-RS 2.0 Configuration injection is not supported if DynamicFeature is not registered |
| CXF-5900 | websocket destination in osgi fails to start after being stopped |
| CXF-5904 | wadl2java -inheritResourceParams don't generate parent parameter |
| CXF-5906 | Claim Manager only parses first claim value |
| CXF-5910 | Filters registered by DynamicFeatures match on overloaded resource methods. |
| CXF-5911 | SoapFault's lang property is not set in case of SOAP 1.1 faults |
| CXF-5913 | logStacktrace Property Not Implemented in MapEventLogger |
| CXF-5916 | WADL contains wrong parameter name for parameter beans |
| CXF-5917 | SAMLP Response Validator does not decrypt if EncryptedKey is the assertion element child |
| CXF-5920 | JAX-RS Link implementation (LinkBuilder) looses context path |
| CXF-5938 | LuceneQueryVisitor is not reusable / not thread-safe |
| CXF-5943 | Throw error in exceptionmapper |
| CXF-5946 | ensure unregister cxf http transport Servlet OSGi service before we re-register it |
| CXF-5949 | LogBrowser not working |
| CXF-5952 | wadl2java: process representation params |
| CXF-5953 | wadl2java: generate full class name for representation parameter |
| CXF-5958 | incorrect OSGi header in cxf-core bundle |
| CXF-5961 | wadl2java: 'required = false' don't generated for @Multipart argument |
| CXF-5963 | LuceneQueryVisitor should use analyzer to create query properly |
| CXF-5964 | JAX-RS Contexts are injected into Application class too late |
| CXF-5966 | NPE in MessageContextImpl when setting ResponseBuilder entity in an ExceptionMapper |
| CXF-5968 | Setting use.async.http.conduit property causes IllegalArgumentException |
| CXF-5969 | CXF does not pass a generic type to ParamConverterProvider |
| CXF-5970 | review org.apache.cxf.jaxrs.provider.ProviderFactory.Message*ReaderComparator |
| CXF-5972 | Fix all karaf features definitions |
| CXF-5974 | WADLGenerator sets representation media type to application/octet-stream by default |
| CXF-5976 | incompatible with javax.xml.bind.JAXBElement error when using List<JAXBElement<Book>> as resource method param |
| CXF-5978 | Incomplete dependencies in archetype cxf-jaxrs-service |
| CXF-5980 | JAX-RS 2.0 client: response.readEntity(new GenericType<...>{}) fails with "unexpected element" UnmarshalException |
| CXF-5988 | Provide support for a pluggable parameter conversion mechanism for JAX-RS client side proxies |
| CXF-5989 | Query Params not showing up in WADL when declared using @BeanParam |
| CXF-5992 | Cannot set org.apache.cxf.stax.maxAttributeCount |
| CXF-5995 | ClientProxyImpl problem with handling @BeanParams with null headers/cookies. |
| CXF-5999 | Moving JiBX related systests into its own module. |
| CXF-6000 | Wrong default algorithm is used for TrustManagerFactory instantiation |
| CXF-6003 | jaxrs:server "basePackages" attribute doesn't initialize REST services properly |
| CXF-6007 | WebClient does not resend request in Digest authentication for HTTP methods GET, HEAD, DELETE, OPTIONS (with no body). |
| CXF-6010 | NPE in MessageModeOutInterceptor.validateFaultDetail for faults with no <detail> |
| CXF-6015 | Path parameters containing semicolon are truncated due to missing encoding |
| CXF-6020 | UrilInfo.getAbsolutePath() missing path separator between servlet url and relative url |
| CXF-6021 | WebClient has Accept defaulted to application/xml |
| CXF-6027 | oauth2 client redirect uris are never valid |
| CXF-6030 | javax.xml.ws.soap.SOAPFaultException: Fault string, and possibly fault code, not set for cxf. |
| CXF-6032 | NullPointerException while validating cert for SAML HOK |
| CXF-6034 | Wrong schemaLocation if jax-ws-catalog is used |
| CXF-6037 | in JAX-RS search there is no support for java.sql.Time in fiql |
| CXF-6038 | Repeatedly invoking setHandlerChain() can cause a build up of handler interceptors on the chain |
| CXF-6040 | need use servicemix wrapped opensaml 2.6.1_2 |
| CXF-6041 | Corba Binding is throwing a ObjectNotActive Corba exception being thrown back to application code on endpoint/bus shutdown |
| CXF-6045 | Setting an entity from ClientRequestFilter has no effect if no entity is already set |
| CXF-6057 | WADL to Java code generator does not support the documented "encoding" flag |
| CXF-6058 | NPE in cxf-rt-transports-http org.apache.cxf.transport.http.Headers line 280 |
| CXF-6059 | wsdl:fault wsdl2java fails with IllegalArgumentException |
| CXF-6060 | Calling readEntity() on Response created by Response.build() causes NullPointerException |
| CXF-6061 | The publish attribute on jaxws:endpoint doesn't support placeholder in spring configuration |
| CXF-6062 | Interceptors added in Spring Bus configuration are ignored |
| CXF-6066 | JAX-RS 2.0 Client implementation is OOM prone due to its strongly referencing WebTargets |
| CXF-6067 | ProviderFactory fails to analyze generic types correctly with some class hierachies |
| CXF-6071 | CXF's WSDL2Java tool can generate impl classes that jdk compiler will refuse to compile |
| CXF-6072 | jaxrs securityContext.getUserPrincipal is broken if login is done during the request |
| CXF-6073 | cxf-wsn installation in Karaf fails |
| CXF-6075 | NPE may occur at websocket destination under high load |
| CXF-6076 | MediaType parameter not parsed correctly |
| CXF-6077 | In OSGi, the wsdl extensor loaders may not be able to generate their special ExtensibilityELements |
| CXF-6078 | AnnotationUtils.getAnnotatedMethod for abstract classes not inherit from interface |
| CXF-6089 | XmlAccessorOrder.ALPHABETICAL, Exception.getMessage() duplicate WSDL elements generated |
| CXF-6090 | java.lang.NullPointerException when running wsdl2java |
| CXF-6091 | Server is not properly stopped with MultipleEndpointObserver |
| CXF-6092 | When there is bad connection/timeout, ClientImpl throws NullPointerException |
| CXF-6094 | wsdl2java - Default key managers cannot be initialized |
| CXF-6096 | http components transport is missing a dependency on commons-logging |
| CXF-6101 | Accept Header not Respected with Response from Custom MessageReader |
| CXF-6103 | Nillable field, in a json payload, was sent as "@nil":"true" instead of an empty string |
| CXF-6105 | CXF 3.x does not use the older WS-SecurityPolicy 1.1 namespace |
| CXF-6106 | ClientResponseFilterInterceptor wraps client response exchange message into ClientRequestContextImpl - as a result code can't access client request context |
| CXF-6109 | Incorrect TrustException constructor in AbstractSTSClient |
| CXF-6111 | JavascriptGetInterceptor.isRecognizedQuery is always false |
| CXF-6112 | org.apache.cxf.jaxrs.impl.ResourceContextImpl#getResource should support a custom ResourceProvider |
| CXF-6115 | Transferable.transferTo can cause infinite loop or stack overflow |
| CXF-6118 | Schema Validation refinements |
| CXF-6122 | JAX-RS proxy client with @QueryParam is not encoding the parameter value |
| CXF-6127 | Check thrown Exception's cause for SOAPFaultException |
| CXF-6137 | WADL generation does not correctly support query parameters |
| CXF-6138 | JAXB unmarshaller Properties can't be configured |
| CXF-6139 | WADLGenerator may produce a schema invalid resource id |
| CXF-6143 | SSL/TLS hostname verification does not strictly follow HTTPS RFC2818 |
| CXF-6145 | WS-RM demo server throws exception |
| CXF-6146 | Demo wsdl_first_xmlbeans fails to build |
| CXF-6147 | Part of demo wsdl_first_soap12 doesnt work |
| CXF-6149 | ContainerRequestContextImpl hasEntity() always returns true for non-GET requests. Similar for ClientResponseContextImpl |
| CXF-6151 | Apache-cxf wsdlvalidator returns error in mime:part |
| CXF-6152 | WSDLValidator may throw ClassCastException under verbose mode |
| CXF-6153 | OAuthRequestFilter throws NullPointerException when "Authorization" header is missing |
| CXF-6155 | Exceptions thrown from ParamConverter generate 500 response |
| CXF-6160 | AsyncResponse infinite loops |
| CXF-6163 | WSDL Javascript generator for xsd:any elements is not correct when any is optional |
| CXF-6166 | Parsing Bug in org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter |
| CXF-6172 | WS-Discovery should work also in IPv6 only environment |
| CXF-6176 | org.apache.cxf.jaxrs.bus.providers property is not taken in account in cxf bus |
| CXF-6178 | Missing io.netty.util.Version |
| CXF-6184 | HTTPConduit "transport.retransmit.url" property may have side-effects in case of non-redirect retransmits |
| CXF-6187 | JMS sample fails "connectionFactory may not be null" |
| CXF-6188 | Authorization loop using "CurrentWindowsCredentials" |
| CXF-6189 | Improve memory usage of UrlUtils |
| CXF-6192 | Cxf Clustering Blueprint handler doesn't create the distribute feature rightly |
| CXF-6194 | [multipart] Server handle Collection argument as single element |
| CXF-6198 | No SOAPFault for HTTP error code 400 |
| CXF-6204 | JAX-RS Set-Cookie parser uses case-sensitive keys |
| CXF-6209 | Bug in processing Signed/Encrypted Elements policies with multiple XPaths |
| CXF-6210 | XPath evaluation failure on the client side causes all subsequent evaluations to fail |
| CXF-6211 | JAX-RS client runtime ignores Content-Type set directly from MessageBodyWriter |
| CXF-6217 | JmsPullPoint does not protect against external entities |
| CXF-6221 | CDI integration extension does not detect annotations on Karaf |
| CXF-6222 | Password can end up in log file |
| CXF-6228 | Using XSLTFeature with large messages creates unremovable temporary files |
| CXF-6229 | EndpointReferenceUtils.getSchema does NOT cache negative schema parsing |
| CXF-6233 | STS client only sends AppliesTo on first RST call |
| CXF-6234 | Invalid ?wsdl response with relative imports/includes when using jaxws-catalog.xml |
| CXF-6235 | wsdl2java behaves differently from cxf-codegen-plugin |
| CXF-6236 | proxyAuthSupplier not used in HTTPConduit.setHeadersByAuthorizationPolicy |
| CXF-6241 | WS-RM doesn't work with WS-Security configured with @EndpointProperties |
| CXF-6245 | Loading non-existent class org.apache.cxf.xmlbeans.XmlBeansWrapperHelper in WrapperClassOutInterceptor is causing performance issues |
| CXF-6246 | missing osgi import of javax.jws |
| CXF-6250 | WebSocket conduit fails to process String based responses and throws NPE |
| CXF-6252 | JAXRS Async Client hangs in case of Connection errors |
| CXF-6256 | Unexpected response code |
| CXF-6257 | Creating and Endpoint using JAX-WS API, getting the binding and then publishing causes a NullPointerException |
| CXF-6260 | JAXRS Async Client can not handle InvocationCallback TypeVariable |
| CXF-6272 | SCT Renew in Secure Conversation |
| CXF-6274 | NullPointerException in DestinationSequence because of RMCaptureInInterceptor not in interceptor chain |
| CXF-6284 | JAX-RS servlet run-time leaks additional strong references |
| CXF-6285 | NPE in SwaggerFeature.calculateDefaultResourcePackage |
| CXF-6294 | Cannot activate TLSv1.2 cipher suites on client on Java7 |
| CXF-6295 | String cannot be cast to org.apache.ws.security.validate.Validator |
| CXF-6297 | JAX-RS BeanValidation feature fails with NPE in JAXRSBeanValidationOutInterceptor on sub-resource call |
| CXF-6300 | cipherSuite configuration does not work with HTTPJ servers |
| CXF-6302 | JAXRS endpoints with URL encoded addresses can not be located |
| CXF-6304 | AuthorizationCodeGrantHandler sets the approved scopes as the requested ones |
| CXF-6306 | AuthorizationCodeGrantService does not record a single pre-registered redirect uri in a session if current request has no redirect uri set |
| CXF-6307 | Wrong select the message body reader |
| CXF-6309 | Client processing exception has its cause set to the original exception wrapped in Fault |
| CXF-6313 | SamlHeaderOutInterceptor does not set headers on the message if it had none |
| CXF-6314 | WebSocket transport should not require dependency to jetty |
| CXF-6315 | Optional WS-Addressing policy doesn't return required soap headers |
| CXF-6317 | Authorization not possible with multiple service beans |
| CXF-6319 | Regression: failing namespace resolution after CXF-5891 |
| CXF-6320 | Zero-length entity should throw 400 on pre-packaged provider |
| CXF-6321 | Make sure global JAX-RS filters are applied once per request even if made to sub-resource |
| CXF-6322 | AbstractSearchConditionParser not working with UUID fields |
| CXF-6327 | Invalid Policy exception for EndorsingSupportingTokens with more than one token assertions |
| CXF-6331 | Wrap exceptions in JAXRSBeanValidationInvoker into Fault so that these exceptions are exposed to ExceptionMapper-s |
| CXF-6332 | Wadl Genertion: @Description cannot be bound to field |
| CXF-6336 | Client ParamConverterProvider may be lost if Client runs in the server scope |
| CXF-6338 | Reversed logic in AbstractJwtHandler#validateSignature |
| CXF-6340 | Return value of AsyncResponseImpl.cancel() not follow JAXRS 2.0 javadoc |
| CXF-6343 | EncryptedHeader not properly processed or generated |
| CXF-6347 | CXF bundle activators not called in Eclipse/Equinox |
| CXF-6352 | ContainerResponseContext.getLinks() loses links if they have no 'rel' parameter |
| CXF-6356 | NPE when calling ServiceUnavailableException.getRetryTime() |
| CXF-6359 | NullPointerException when certAlias specified but no keyManagers are configured |
| CXF-6361 | HttpCondiut is not detecting the redirect loop properly |
| CXF-6366 | JAX-RS Client runtime does not encode forward slashes in Matrix parameters |
| CXF-6367 | JAX-RS Client runtime does not check BeanParam bean fields |
| CXF-6368 | Unexpected response code |
| CXF-6369 | org.apache.cxf.jaxrs.impl.ConfigurationImpl does not comply with SPEC |
| CXF-6370 | wrong usages for System.arraycopy in org.apache.cxf.jaxrs.impl.AsyncResponseImpl |
| CXF-6371 | WADL Generator does not always correctly deal with generic types |
| CXF-6373 | CompletionCallback can not get the Throwable if error occurs in other interceptor (no serviceinvokerInterceptor) |
| CXF-6375 | Providers.getMessageBodyReader throws NPE |
| CXF-6377 | Wrong media type of response |
| CXF-6378 | LinkBuilderImpl does not resolve relative links against baseUri |
| CXF-6379 | Separate HTTP headers for multiple header values not possible - bug in CXF-3714 fix |
| CXF-6380 | Context provider not working |
| CXF-6388 | NPE has been swallowed in org.apache.cxf.jaxrs.impl.AsyncResponseImpl |
| CXF-6389 | set initialSuspend=true incorrectly when resume the asyncresponse |
| CXF-6390 | JAXRS Async Client does not always wrap the client side exceptions into ProcessingException |
| CXF-6392 | Schema imports are not handled correctly in generated WSDL and XSD files |
| CXF-6393 | JAXRS Async Client unwraps a parameterized type given to InvocationCallback |
| CXF-6395 | Call setTimeout() in a second request cause illegalStateException from web container. |
| CXF-6398 | AlgorithmSuitePolicyValidator rejects enveloped-signature Transform |
| CXF-6402 | JettyHTTPServerEngine cannot set a provided Jetty Server |
| CXF-6403 | Potential memory leak in PolicyBasedWSS4JInInterceptor and AbstractWSS4JStaxInterceptor |
| CXF-6406 | WS-RM persistence with RMTxStore does not work with JNDI Lookup |
| CXF-6408 | HTTP Conduit throws NPE exception for "invalid" 401 HTTP response |
| CXF-6415 | WS-RM client persistent tests are failing |
| CXF-6429 | Provider matching when nested generic type |
| CXF-6431 | Attachment serialization does not conform to the relevant specs |
| CXF-6434 | SOAPAction value may not be extracted correctly for SOAP 1.2 with Attachments |
| CXF-6435 | Support base64 for attachment encoding in CXF |
| CXF-6436 | NPE in DefaultLogEventMapper when running on cameltransport |
| CXF-6442 | Possible uses contraint violation because of different servlet API versions |
| CXF-6444 | CrossOriginResourceSharingFilter.java should not set Origin=* when Credentials=true |
| CXF-6446 | WADL JavaDocProvider misses operation markers for the docs built with Java 8 |
| CXF-6450 | Bad handling of JAX-RS generic interfaces |
| CXF-6451 | Set-Cookie Header incorrectly parsed |
| CXF-6458 | CXF 3.1.0 memory leak (Tomcat) |
| CXF-6464 | The derived key versions of sign/encrypt in SymmetricBindingHandler don't support attachments |
| CXF-6466 | Closing JAX-RS clients from finalize affects clients sharing the same conduit |
| CXF-6467 | Jaxrs client handles array type property in a form object as a single element |
| CXF-6468 | Secure Conversation Renew is missing Instance creation |
| CXF-6469 | schemaLocation in xsd import is not rewritten correctly in Java 8 |
| CXF-6472 | Cannot create ContextResolver for class extending HttpServletRequest, HttpServletResponse, etc. |
| CXF-6473 | Double signatures while using AsymmetricBindingHandler |
| CXF-6474 | UriTemplate should not always ignore an empty/null group value |
| CXF-6475 | problems using CXF as a JAX-RS 2.0 client |
| CXF-6479 | Denial of Service: Regular Expression in StringUtils |
| CXF-6480 | InjectionUtils createThreadLocalServletApiContext better error message for invalid @Context classes |
| CXF-6481 | Jetty HTTPJ session manager Blueprint configuration is not effective |
| CXF-6484 | Regression in Content-id format |
| CXF-6488 | Binding style vs part type R2203 And R2204 problems in wsdl document |
| CXF-6489 | Cannot set ClientSecretVerifier in AbstractTokenService |
| CXF-6491 | wadl2java produces incorrect Consumes annotation for multiple representations on POST methods |
| CXF-6492 | AbstractHTTPDestination class incorrectly assume only one empty space after "Basic" in Authorization header value. |
| CXF-6493 | cxf-rt-transports-http-3.1.1.jar contains OSGi interface classes |
| CXF-6495 | Inconsistent RMAsserion may be built for 3.0.x |
| CXF-6502 | JAXRSInInterceptor throw java.lang.IndexOutOfBoundsException if content-type header is empty |
| CXF-6506 | Client-side message context value HTTP_REQUEST_HEADERS is not shared between SOAP handlers |
| CXF-6507 | WSRM 3.0 may store corrupted message |
| CXF-6512 | The host property is missing in Swagger2 feature's configuration properties |
| CXF-6513 | CXF Using async WebClient with load distribution failover strategy leads to memory leak |
| CXF-6515 | provider sorting not right |
| CXF-6517 | Regression in 3.1.2 attachment handling |
| CXF-6519 | WS-RM - Invalid response for CloseSequence |
| CXF-6522 | ThreadLocalInvocationHandler doesn't handle InvocationTargetException |
| CXF-6527 | WSDLRefValidator reject valid target reference URI/IRI |
| CXF-6528 | JAX-RS "lastModified" generates timestamp with non-standard format |
| CXF-6534 | Kerberos delegation not possible if Authorization given |
| CXF-6535 | Swagger2Feature's properties cannot be set when using Blueprint |
| CXF-6536 | XML pretty printing produces double line spacing if incoming XML contains linefeeds |
| CXF-6542 | Setting the signature digest algorithm on the SAMLCallback does not work for WS-Security |
| CXF-6543 | It's not possible to specify the signature + digest algorithms for self-signed SAML Assertions with JAX-RS |
| CXF-6547 | HTTPTransportActivator Does Not Propagate Servlet Init Parameters |
| CXF-6548 | LoggingOutInterceptor logs the wrong Content-Type for some scenarios |
| CXF-6550 | AsyncConduitHTTPFactory will throw NPE if passed properties are null |
| CXF-6551 | Digest authentication to intermediate HTTP proxy fails with 407 without retry |
| CXF-6552 | Multiple chained schema imports not handled correctly |
| CXF-6553 | Unable to override Content-Type on GET requests |
| CXF-6558 | DefaultEncryptingOAuthDataProvider.getAccessToken throws SecurityException on invalid accessToken format |
| CXF-6559 | AbstractOAuthDataProvider.refreshAccessToken method can't handle an invalid refresh token |
| CXF-6561 | ResourceOwnerGrantHandler: ResourceOwnerLoginHandler can't return null or throw exception |
| CXF-6570 | FormattedServiceListWriter - meta http-equiv value not quoted |
| CXF-6574 | Issue with Digest Authentication |
| CXF-6575 | WS-A Action generation defect |
| CXF-6577 | MessageContextImpl needs to get a property from a current message first |
| CXF-6579 | Inflated tokens can be corrupted if compression ratio is greater than 2:1 |
| CXF-6580 | wsdl2java - Issue with import to default namespace |
| CXF-6582 | Support newer symmetric signature algorithms with WS-SecurityPolicy |
| CXF-6583 | MessageListenerTest#testLocalTransaction fails intermittently |
| CXF-6584 | EncryptSignature is ignored |
| CXF-6585 | Possible to send invalid Soap 1.2 faults |
| CXF-6588 | NPE in providers.getMessageBodyReader |
| CXF-6590 | MAPCodec: memory leak with sync client when soapfaults returned from endpoint |
| CXF-6591 | Aegis DataSourceType.getBytes fails to close the InputStream fetched from DataSource, which prevents the underlying file to be deleted on Windows |
| CXF-6592 | Maven[cxf-java2wadl-plugin] when stylesheetReference are set,package ended with Nullpoint Error |
| CXF-6593 | Some thread-local contexts may get lost on the client side after a refresh |
| CXF-6595 | CXF Karaf feature file: set dependency = true in the jta bundle for CXF |
| CXF-6599 | CXF ProxyHelper might cause OOM like conditions |
| CXF-6600 | Sudden repeating NPE on token request by STSClient |
| CXF-6601 | Swagger2Feature can hit a NPE when running in localtransport |
| CXF-6602 | Digest algorithms are not set properly when derived keys are used |
| CXF-6606 | Encoded characters in URI are decoded multiple times during preprocess |
| CXF-6607 | Cached STS-issued tokens are not renewed on expiry in delegation scenario |
| CXF-6609 | Data Race in org/apache/cxf/transport/http/HTTPConduit.prepare |
| CXF-6614 | "Comparison method violates its general contract" in DestinationRegistryImpl.getSortedDestinations |
| CXF-6615 | the order of attributes in SubjectDN of certificate shouldn't be significant |
| CXF-6616 | need always close the CipherOutputStream when the encryption is done to get the complete content |
| CXF-6621 | Schema imports are not handled correctly in generated WSDL and XSD files when using catalog rewrites |
| CXF-6629 | ConcurrentModificationException at AbstractResourceInfo.clearProxies() |
| CXF-6630 | Cannot call setAttribute with a null name |
| CXF-6632 | Memory leak due to literal keys in WSDLDefinition map |
| CXF-6637 | @GZIP and similar CXF annotations are not recognized if set on super classes |
| CXF-6638 | AsyncHTTPConduit does not allow body payloads with "PATCH" method |
| CXF-6640 | [Locale Issue] HTTP header Issue for IOS 9 + Chinese Language user |
| CXF-6641 | JWE elliptic curve error |
| CXF-6642 | Memory Leak in ResponseImpl.readEntity() |
| CXF-6648 | Wildcard Content-Type is set for GET |
| CXF-6653 | NPE may result while generating a SequenceFault in WS-RM 1.1 |
| CXF-6655 | Error Invalid address. Endpoint address cannot be null |
| CXF-6657 | CXF Failover using JAXRS prevents header retrieval from ResponseExceptionMappers |
| CXF-6664 | NullpointerException in LinkBuilderImpl#getResolvedUri when linkheader url has a matrix parameter |
| CXF-6667 | Closing a source sequence in WS-RM may lead to inconsistent sequence status |
| CXF-6668 | [wadl2java] @Multipart annotation generated, @QueryParam expected |
| CXF-6670 | Problem with casting ParamConverter responses to primitive types |
| CXF-6671 | Ambiguous JAXRSServerFactoryBean.setApplication() breaks Spring injection |
| CXF-6673 | StaticService setEndpoints(List<String>) doesn't work correctly |
| CXF-6675 | Update commons-collections from 3.2.1 to 3.2.2 |
| CXF-6676 | Incorrect Interface Method Name Generation |
| CXF-6677 | Content-Type is empty on POST request with empty body |
| CXF-6679 | @Context HttpServletRequest request.getParameterMap() can't contain post parameters by application/x-www-form-urlencoded |
| CXF-6682 | NullpointerException in LinkBuilderImpl#getResolvedUri when only baseUri is set |
| CXF-6688 | ClientProxyImpl does not populate class-level path params if BeanParam holds the values |
| CXF-6693 | CXF fails to parse Cookie header when it contains $ character |
| CXF-6694 | SpringResourceFactory does not work with constructor-autowired beans |
| CXF-6699 | DefaultAddress not set in HTTPConduit class |
| CXF-6701 | JAXRS Proxy impl does not check field JAXRS annotations on BeanParam super classes |
| CXF-6705 | Incorrect version in Import-Package for javax.validation for CXF Core |
| CXF-6706 | Bean validation seems to not be working in OSGi |
| CXF-6709 | HttpServletRequest.getInputStream is empty |
| CXF-6711 | Aegis Databinding Deserialization Vulnerability |
| CXF-6720 | AbstractHTTPDestination#WrappedOutputStream.close() calls flush after close |
| CXF-6721 | NullPointerException for some responses containing SoapFault. |
| CXF-6729 | Version 1 NewCookie is not compliant with RFC 2109 |
| CXF-6730 | ClassCastException TransportBinding cannot be cast to AbstractSymmetricAsymmetricBinding in AbstractBindingBuilder |
| CXF-6743 | Inconsistent versions of jax-rs specs can lead to OSGi pain |
| CXF-6744 | Exceptions thrown from methods annotated with @Suspended result in no response at all |
| CXF-6748 | the qop,nc,algorithm parameter in http auth header must not be enclosed between doble quotation |
| CXF-6749 | Classloader leak on FileUtils.createTmpDir() |
| CXF-6753 | OAuth2 audience support is incomplete |
| CXF-6754 | Determin Media Type in Response |
| CXF-6759 | WADL2JAVA Tools Generated Source has Duplicate Method Name |
| CXF-6761 | JAX-RS ClientImpl does not set TLSClientParameters on HTTPConduit when only HostnameVerifier is configured |
| CXF-6763 | STS requires ClaimHandler even in ClaimMapping only scenarios |
| CXF-6764 | Should add RI JAXB Namespacemapper support |
| CXF-6768 | WS-Discovery missing schema when internet connection not present |
| CXF-6769 | Underscores in values of FIQL search expressions are incorrectly escaped |
| CXF-6770 | PrettyLoggingFilter not working well when using camel-cxf-transport |
| CXF-6772 | HttpClientPolicy browserType is reported as BrowserType header |
| CXF-6783 | ReflectionServiceFactoryBean generates invalid WSDL if anonymousWrapperTypes==true |
| CXF-6785 | AbstractHTTPDestination should handle the case when pathInfo of HttpServletRequest is null |
| CXF-6787 | not sufficient WadlGenerator presence detection |
| CXF-6793 | InvocationCallback doesn't try to get response class type |
| CXF-6795 | WS-Discovery add support for discovery on localhost |
| CXF-6799 | java.lang.ClassCastException: sun.reflect.generics.reflectiveObjects.ParameterizedTypeImpl cannot be cast to java.lang.reflect.TypeVariable |
| CXF-6805 | cxf-rt-transports-http adds Content-Type header to GET request |
| CXF-6806 | don't mark the optional "encoding" parameter as required for cxf-java2wadl-plugin |
| CXF-6809 | SAMLRequest ID must not start with a Number |
| CXF-6810 | JAX-RS Client one way requests do not work with jms-transport |
| CXF-6812 | WebTargetImpl should always check if client is closed first |
| CXF-6813 | MediaTypeHeaderProvider doesn't check the illegal media type string like "s//tt;type=text/plain" |
| CXF-6814 | ClientRequestFilter should be added with descending order of priority |
| CXF-6819 | ConfigurationImp returns wrong value for isRegistered(Object obj) |
| CXF-6820 | LinkBuilderImpl#link() doesn't throw exception for invalid input |
| CXF-6823 | Duplicate injectedProviders in ProviderFactory impacting throughput by ~30% |
| CXF-6828 | [OAuth] AbstractGrant set wrong value(scope) for audience |
| CXF-6832 | Attachment content-disposition modification-date not parsed correctly |
| CXF-6836 | Swagger2 tests need to be updated to do a more robust JSON or YAML comparison |
| CXF-6838 | AsyncResponse doesn't use 204 when body is empty |
| CXF-6842 | Unwrap exception nested with WebApplicationException |
| CXF-6845 | Some methods in MessageUtils prone to NPE |
| CXF-6849 | Form parameter names including '%' are not decoded properly |
| CXF-6850 | javax.ws.rs.core.Request implementation doesn't match Accept-Encoding: * for any encoding value |
| CXF-6867 | Envelope and Body element prefixes changed when processing messages without headers |
| CXF-6887 | http-hc: NPE and incorrept assumption that there is only one bus |
| CXF-6939 | can't install cxf-http-async feature |
| CXF-7008 | Regression: CXF-5788 - JMS replyToDestination doesn't work |
| CXF-7026 | o.a.c.transport.http.osgi.HttpServiceTrackerCust service leak |
| CXF-7034 | should close HttpServiceTracker in HTTPTransportActivator |
| ENTESB-4398 | Arbitrary remote code execution with InvokerTransformer |
| ENTESB-4933 | When cxf service is deployed to child container SwaggerFeature uses root container port instead |
| ENTESB-4942 | missing requirements for features:install cxf-jaxrs-cdi |
| ENTESB-4957 | missing package org.apache.geronimo.osgi.locator for features:install pax-*-tomcat |
| ENTESB-5008 | quiet a few test failure on cxf 3.1.x.redhat-6-3-x-patch branch with JAVA8 |
| ENTESB-5410 | please fix duplicate javax.mail in fuse |
| ENTESB-5442 | Swagger2Feature throws an exception |
| ENTESB-5460 | CXF and Camel need olingo version alignment in Fuse |
| ENTESB-5589 | NCDFE when using JAX-WS schema validation on IBM java |
| ENTESB-5647 | Need to add MRRC earlyaccess repo |
| ENTESB-5700 | [fabric:create] Error executing command: Unable to create zookeeper server configuration |
| ENTESB-5777 | can't install cxf-databinding-jibx |
| ENTESB-5907 | CXF's JMSConfiguration replyToDestination does not have any effect |
| ENTESB-5935 | intermittent ServerModel LinkageError when connecting to ssh container |
| ENTESB-5938 | After Multiple Profile Deployments Fabric Container Runs Out of PermGen Space |
| FEDIZ-156 | SAMLRequest ID must not start with a Number |
| WSS-549 | Don't write out a ReferenceList if there are no elements to encrypt |
