Apache CXF Changelog

What's new in Apache CXF 3.1.10

Feb 14, 2017

Bug:
[CXF-5436] - Poorly crafted response caused NullPointerException when processing incoming message
[CXF-6962] - Basic auth uses UTF-8 for the encoded password when it should use ISO-8859-1
[CXF-7166] - NullPointerException at org.apache.cxf.common.jaxb.JAXBUtils.createJAXBContextProxy with IBM-JDK 8
[CXF-7174] - NullPointerException when Content-Type is not specified in the http request
[CXF-7179] - Unable to set ServerConnector in JettyHTTPServerEngine using jetty 9
[CXF-7183] - CXF Blueprint namespace don't work well with blueprint-core 1.7.x
[CXF-7185] - Xml validation with Mtom enabled is not working with french locale
[CXF-7189] - org.apache.cxf.jaxrs.ext.multipart.Attachment.getObject do not rethrow exception
[CXF-7204] - CXF 3.1.9 does not support Spring 3.2, enforces Spring 4.1
[CXF-7205] - In JmsPullPoint create session for producer and consumer separately and synchronized the session but not the whole method to avoid deadlock
[CXF-7207] - JCacheOAuthDataProvider can leak jcache component(s)
[CXF-7210] - StringIndexOutOfBoundsException during construction of failover request
[CXF-7213] - FIQL Parser: Crashes when parsing a collection (java.util.Set) inside an object
[CXF-7220] - WS-Security StaX processing fails on whitespace after the SOAP Body opening tag
[CXF-7221] - NullPointerException when using org.apache.cxf.logging.enable and logging interceptors
[CXF-7228] - ProviderInfo rarely supports proxies
[CXF-7230] - Unable to disable access to default wadl genearated by cxf
[CXF-7231] - Java HttpUrlConnection Reflection Fix to support custom verbs does not work with HTTPS
Improvement:
[CXF-7190] - org.apache.cxf.jaxrs.ext.MessageContextImpl.createAttachments lost inner exception
[CXF-7201] - Incorrect JSON return in openId connect UserInfo when no signature or encryption
[CXF-7222] - Improve extensibility of JAX-RS ExceptionMappers
[CXF-7233] - Create workaround for JDK HostnameVerifier issue
[CXF-7234] - JavaDocProvider should not require a ref to the JavaDoc lib

New in Apache CXF 3.1.7 (Sep 24, 2016)

Bug:
[CXF-6463] - AbstractHTTPDestination.cacheInput() throws NullPointerException if HttpServletRequest returns null for getInputStream()
[CXF-6510] - LoggingOutInterceptor: formatLoggingMessage method is not used in every case
[CXF-6646] - CXF 3.x WSRM message may not be retrieved from database
[CXF-6729] - Version 1 NewCookie is not compliant with RFC 2109
[CXF-6841] - Fix documentation cxf-rt-rs-http-sc => cxf-rt-rs-http-sci
[CXF-6842] - Unwrap exception nested with WebApplicationException
[CXF-6845] - Some methods in MessageUtils prone to NPE
[CXF-6850] - javax.ws.rs.core.Request implementation doesn't match Accept-Encoding: * for any encoding value
[CXF-6851] - JAXRS 2 Feature not supported on server side?
[CXF-6854] - Application subclass can't be injected into an application lass field
[CXF-6855] - ElementClass annotation is ignored on JAX-RS service interface when generating the WADL
[CXF-6862] - Quoted path field in Cookies appears to be ignored by Chrome and Firefox
[CXF-6863] - WS-RM 3.x does not work with attachments upon a network error
[CXF-6867] - Envelope and Body element prefixes changed when processing messages without headers
[CXF-6868] - empty Authorization header result in server error
[CXF-6872] - Remove redundant blueprint.xml in http-hc
[CXF-6878] - Protect against other exception during consuming left-over data
[CXF-6883] - Crypto caching issues in the WS-Security code
[CXF-6884] - Don't include Signature/EncryptedKey Elements if there are no references to be signed/encrypted
[CXF-6886] - CXF 3.x WSRM attachments are not retransmitted
[CXF-6887] - http-hc: NPE and incorrept assumption that there is only one bus
[CXF-6890] - "afirmative" is mispelled in debug output
[CXF-6891] - IOUtils.isEmpty() doesn't reinclude byte in stream.
[CXF-6900] - invalid signature in case of soap fault
[CXF-6901] - UriBuilder may lose resolved query templates
[CXF-6906] - UriBuilder ignores a query component if URI contains templates
[CXF-6908] - Prefix "SOAP-ENV" for element "SOAP-ENV:Fault" is not bound
[CXF-6914] - JweJsonWriterInterceptor adds double quotes for non String unencoded payloads
[CXF-6915] - Jws Compact does not support unencoded non-detached payloads
[CXF-6923] - org.omg.CORBA.TIMEOUT is not handled with Jacorb implementation
[CXF-6926] - StaticSTSProperties does not allow initialization of crypto from Properties object
[CXF-6927] - check if msv is available in Stax2ValidationUtils to avoid the NCDFE when use IBM JDK
[CXF-6933] - WadlGenerator doesn't honor multiple Descriptions for same DocTarget
[CXF-6939] - can't install cxf-http-async feature
[CXF-6943] - Dead lock on Async Response when timeout is set
[CXF-6945] - cxf-wadl2java-plugin wadlRoot configuration parameter typo
[CXF-6948] - WebClient may cause JMX CounterRepository OOM if a request URI varies a lot
[CXF-6957] - JAX-RS: ExceptionMapper not called for Fault
[CXF-6959] - Error loading Aegis Databinding in OSGi
[CXF-6961] - Lots of invalid checkstyle errors reported in eclipse neon
[CXF-6966] - Using CXF in JDK endorsed dir as JAX-WS impl crashes
[CXF-6967] - Content Disposition filename should be case-insensitive
[CXF-6970] - HTTP response headers are always set with HttpServletResponse.addHeader
[CXF-6972] - JweJsonProducer does not support per-recipient headers
[CXF-6979] - NPE in AbstractHTTPDestination.invoke when service is invoked very early
Improvement:
[CXF-5193] - Support fixed data type
[CXF-6834] - add support for CXF inside Spring Boot
[CXF-6837] - Add cache for MessageBodyReader/Writer
[CXF-6861] - Introduce a typed JAXBElement provider
[CXF-6871] - Adjust default User-Agent header format to better comply with HTTP specification
[CXF-6875] - Update Apache Mina from 2.0.9 to 2.0.13
[CXF-6877] - Have @SchemaValidation working on service endpoint implementation class method
[CXF-6903] - add a NameDigestPasswordCallbackHandler for JAASLoginInterceptor
[CXF-6910] - don't need setSocketTimeout when create ahc RequestConfig
[CXF-6912] - introduce CONNECTION_MAX_IDLE property for AHC
[CXF-6918] - Print the XMLInputFactory implementation class when throwing "Cannot create a secure XMLInputFactory"
[CXF-6922] - Make JaxRsConfig not interfere with SpringBoot auto configuration process
[CXF-6925] - Make per-realm crypto configuration as flexible as the static one
[CXF-6935] - Better error message than java.lang.NullPointerException - org.apache.cxf.common.util.Compiler.useJava6Compiler(Compiler.java:187) when running on a JRE instead of JDK
[CXF-6936] - Make log-category for ext logging feature configurable
[CXF-6947] - Make it possible to use custom LDAP filters when retrieving group information
[CXF-6949] - Add support to the ReceivedTokenCalbackHandler to return a transformed token
[CXF-6951] - Support using the initiator token's public key for response encryption by recipient
[CXF-6953] - Update service list formatters for REST endpoints to optionally link to Swagger
[CXF-6960] - Provide an option for Swagger2Feature to detect and serve SwaggerUI resources
New Feature:
[CXF-5091] - Leverage Spring's @Configuration mechanism to simplify the creation and configuration of client proxies for integration testing
[CXF-6869] - Consider adding Spring Boot starter
[CXF-6879] - JAX-RS Feature and SpringComponentScanServer
[CXF-6909] - Create an JCache based OAuthDataProvider
[CXF-6973] - Allow to configure http conduits and destinations using features
Task:
[CXF-6760] - extract swagger2 feature in its own module
[CXF-6853] - Support encoded value in @ApplicationPath
[CXF-6858] - Upgrade Xalan bundle to 2.7.2_3
[CXF-6895] - Create DOM4JProvider test reading an XML sequence with BOM
[CXF-6938] - Setting the providers on a bus causes a leak if this bus is used by per-request clients
[CXF-6971] - Update Jettison version to 1.3.8
Test:
[CXF-6202] - Create JWS JoseCookBook tests

New in Apache CXF 3.1.2 (Aug 5, 2015)

Bug:
[CXF-6307] - Wrong select the message body reader
[CXF-6429] - Provider matching when nested generic type
[CXF-6444] - CrossOriginResourceSharingFilter.java should not set Origin=* when Credentials=true
[CXF-6446] - WADL JavaDocProvider misses operation markers for the docs built with Java 8
[CXF-6448] - CXF 3.1.1's feature cxf-transports-websocket-server may not install
[CXF-6450] - Bad handling of JAX-RS generic interfaces
[CXF-6451] - Set-Cookie Header incorrectly parsed
[CXF-6464] - The derived key versions of sign/encrypt in SymmetricBindingHandler don't support attachments
[CXF-6466] - Closing JAX-RS clients from finalize affects clients sharing the same conduit
[CXF-6467] - Jaxrs client handles array type property in a form object as a single element
[CXF-6468] - Secure Conversation Renew is missing Instance creation
[CXF-6469] - schemaLocation in xsd import is not rewritten correctly in Java 8
[CXF-6472] - Cannot create ContextResolver for class extending HttpServletRequest, HttpServletResponse, etc.
[CXF-6473] - Double signatures while using AsymmetricBindingHandler
[CXF-6474] - UriTemplate should not always ignore an empty/null group value
[CXF-6479] - Denial of Service: Regular Expression in StringUtils
[CXF-6480] - InjectionUtils createThreadLocalServletApiContext better error message for invalid @Context classes
[CXF-6481] - Jetty HTTPJ session manager Blueprint configuration is not effective
[CXF-6484] - Regression in Content-id format
[CXF-6489] - Cannot set ClientSecretVerifier in AbstractTokenService
[CXF-6491] - wadl2java produces incorrect Consumes annotation for multiple representations on POST methods
[CXF-6495] - Inconsistent RMAsserion may be built for 3.0.x
[CXF-6496] - NPE in SamlAssertionWrapper.assertionToString()
[CXF-6502] - JAXRSInInterceptor throw java.lang.IndexOutOfBoundsException if content-type header is empty
[CXF-6506] - Client-side message context value HTTP_REQUEST_HEADERS is not shared between SOAP handlers
[CXF-6507] - WSRM 3.0 may store corrupted message
Improvement:
[CXF-5926] - Extend SSL KeyManagers with password callback handler
[CXF-6411] - Improve NoOsgi Blueprint Integration
[CXF-6447] - JAXRS proxies should be able to resolve path parameters from the request body bean
[CXF-6470] - Make SimplePrinciple Serializable
[CXF-6476] - Introduce Swagger v1.5 feature (v2.0 specification)
[CXF-6478] - Introduce the option to disable using query parameters to populate the form maps
[CXF-6482] - Old javax.servlet.http version in oauth2 bundle
[CXF-6483] - Sort ConfigurerImpl Matchers by a number of literal characters
[CXF-6498] - Update JAX-RS 2.0 ClientImpl to support CXF features
[CXF-6499] - WADL Generator should optionally ignore path params for the same path method evaluation
[CXF-6508] - JAASLoginInterceptor should allow named Principals
New Feature:
[CXF-5607] - Support for CXF OAuth2 endpoints participating in OpenId-Connect flows
[CXF-6477] - Add "publish" attribute to jaxrs blueprint bean
Task:
[CXF-6165] - Create OIDC OAuth2 demo
[CXF-6449] - Upgrade Atmosphere to 2.3.2
[CXF-6490] - Create OIDC Authentication Only demo

New in Apache CXF 3.1.1 (Jun 23, 2015)

Bug:
[CXF-6388] - NPE has been swallowed in org.apache.cxf.jaxrs.impl.AsyncResponseImpl
[CXF-6389] - set initialSuspend=true incorrectly when resume the asyncresponse
[CXF-6390] - JAXRS Async Client does not always wrap the client side exceptions into ProcessingException
[CXF-6392] - Schema imports are not handled correctly in generated WSDL and XSD files
[CXF-6393] - JAXRS Async Client unwraps a parameterized type given to InvocationCallback
[CXF-6395] - Call setTimeout() in a second request cause illegalStateException from web container.
[CXF-6398] - AlgorithmSuitePolicyValidator rejects enveloped-signature Transform
[CXF-6402] - JettyHTTPServerEngine cannot set a provided Jetty Server
[CXF-6403] - Potential memory leak in PolicyBasedWSS4JInInterceptor and AbstractWSS4JStaxInterceptor
[CXF-6408] - HTTP Conduit throws NPE exception for "invalid" 401 HTTP response
[CXF-6409] - CXF web service cannot process MTOM/XOP-optimized content within a CipherValue element
[CXF-6412] - MessageBodyReader and MessageBodyWritter should follow different sorting rule
[CXF-6415] - WS-RM client persistent tests are failing
[CXF-6416] - Cannot resolve the name 'tns:model' to a(n) 'type definition' component error
[CXF-6428] - JAX-WS of XCF 3.1.0 does not work with Spring 4.1 on Tomcat (UnsupportedOperationException)
[CXF-6430] - SwA: Wrong Content-Type of root part
[CXF-6431] - Attachment serialization does not conform to the relevant specs
[CXF-6433] - SOAPAction value may not be extracted correctly for SOAP 1.2 with Attachments
[CXF-6442] - Possible uses contraint violation because of different servlet API versions
[CXF-6467] - Jaxrs client handles array type property in a form object as a single element
Improvement:
[CXF-6196] - Investigate how CXFBlueprintServlet can work with blueprint-no-osgi and blueprint.web
[CXF-6394] - Add an option to add the namespace map of the container element in the message
[CXF-6399] - Add attributes transform handling in transform feature
[CXF-6400] - Make ws-security.callback-handler optional for generating a WS-Security signature
[CXF-6401] - Change the order that the set of security results are searched to create a security context
[CXF-6404] - HTTPConduit performance improvements
[CXF-6407] - Use default JVM cipher suites if no filters are specified
[CXF-6414] - Add a way of including TLS protocols in the Jetty server
[CXF-6419] - Update JMSEndpoint properties using EndpointInfo
[CXF-6420] - Maven cxf-java2ws-plugin copies to the maven repository only the last wsdl of multiple services/executions - overwrites the others
[CXF-6421] - Slim Exchange map down
[CXF-6438] - Optimize ExtensionInvocationHandler
[CXF-6440] - New metrics component doesn't record metrics for Rest resources
Task:
[CXF-6391] - Create JAX-WS and JAX-RS Spring Boot demo
[CXF-6397] - Upgrade atmosphere to 2.3.0

New in Apache CXF 3.1.0 (May 6, 2015)

Bug:
[CXF-5672] - Update to Jetty 9
[CXF-5795] - Reading the entity from a Response with 202 - Accepted causes NullPointerException
[CXF-5844] - Annotations inherited from interface not merged with annotations from implementing method
[CXF-5846] - ClassCastException in org.apache.cxf.jaxrs.provider.BinaryDataProvider & SourceProvider
[CXF-5878] - Disabling policy engine causes NPE
[CXF-5897] - Relax setter method name restriction for @context injection
[CXF-5899] - JAX-RS 2.0 Configuration injection is not supported if DynamicFeature is not registered
[CXF-5900] - websocket destination in osgi fails to start after being stopped
[CXF-5904] - wadl2java -inheritResourceParams don't generate parent parameter
[CXF-5906] - Claim Manager only parses first claim value
[CXF-5910] - Filters registered by DynamicFeatures match on overloaded resource methods.
[CXF-5913] - logStacktrace Property Not Implemented in MapEventLogger
[CXF-5916] - WADL contains wrong parameter name for parameter beans
[CXF-5917] - SAMLP Response Validator does not decrypt if EncryptedKey is the assertion element child
[CXF-5920] - JAX-RS Link implementation (LinkBuilder) looses context path
[CXF-5935] - [wadl2java] Multipart method doesn't generate @Multipart params
[CXF-5943] - Throw error in exceptionmapper
[CXF-5946] - ensure unregister cxf http transport Servlet OSGi service before we re-register it
[CXF-5949] - LogBrowser not working
[CXF-5952] - wadl2java: process representation params
[CXF-5953] - wadl2java: generate full class name for representation parameter
[CXF-5958] - incorrect OSGi header in cxf-core bundle
[CXF-5961] - wadl2java: 'required = false' don't generated for @Multipart argument
[CXF-5964] - JAX-RS Contexts are injected into Application class too late
[CXF-5966] - NPE in MessageContextImpl when setting ResponseBuilder entity in an ExceptionMapper
[CXF-5969] - CXF does not pass a generic type to ParamConverterProvider
[CXF-5972] - Fix all karaf features definitions
[CXF-5974] - WADLGenerator sets representation media type to application/octet-stream by default
[CXF-5976] - incompatible with javax.xml.bind.JAXBElement error when using List as resource method param
[CXF-5978] - Incomplete dependencies in archetype cxf-jaxrs-service
[CXF-5983] - Security processing failed (actions mismatch) occurs due to ENCR action appearing twice
[CXF-5985] - wadl2java maven plugin: executions don't use plugin-level configuration
[CXF-5988] - Provide support for a pluggable parameter conversion mechanism for JAX-RS client side proxies
[CXF-5989] - Query Params not showing up in WADL when declared using @BeanParam
[CXF-5995] - ClientProxyImpl problem with handling @BeanParams with null headers/cookies.
[CXF-5999] - Moving JiBX related systests into its own module.
[CXF-6000] - Wrong default algorithm is used for TrustManagerFactory instantiation
[CXF-6003] - jaxrs:server "basePackages" attribute doesn't initialize REST services properly
[CXF-6005] - ResourceInfo cannot be injected in OSGi environment
[CXF-6007] - WebClient does not resend request in Digest authentication for HTTP methods GET, HEAD, DELETE, OPTIONS (with no body).
[CXF-6012] - Setting Content-Type in client WriterInterceptor with JAX-RS MediaType causes class cast exceptions in HttpConduit
[CXF-6015] - Path parameters containing semicolon are truncated due to missing encoding
[CXF-6020] - UrilInfo.getAbsolutePath() missing path separator between servlet url and relative url
[CXF-6021] - WebClient has Accept defaulted to application/xml
[CXF-6027] - oauth2 client redirect uris are never valid
[CXF-6037] - in JAX-RS search there is no support for java.sql.Time in fiql
[CXF-6038] - Repeatedly invoking setHandlerChain() can cause a build up of handler interceptors on the chain
[CXF-6045] - Setting an entity from ClientRequestFilter has no effect if no entity is already set
[CXF-6057] - WADL to Java code generator does not support the documented "encoding" flag
[CXF-6060] - Calling readEntity() on Response created by Response.build() causes NullPointerException
[CXF-6066] - JAX-RS 2.0 Client implementation is OOM prone due to its strongly referencing WebTargets
[CXF-6067] - ProviderFactory fails to analyze generic types correctly with some class hierachies
[CXF-6072] - jaxrs securityContext.getUserPrincipal is broken if login is done during the request
[CXF-6076] - MediaType parameter not parsed correctly
[CXF-6078] - AnnotationUtils.getAnnotatedMethod for abstract classes not inherit from interface
[CXF-6089] - XmlAccessorOrder.ALPHABETICAL, Exception.getMessage() duplicate WSDL elements generated
[CXF-6101] - Accept Header not Respected with Response from Custom MessageReader
[CXF-6103] - Nillable field, in a json payload, was sent as "@nil":"true" instead of an empty string
[CXF-6104] - Support case insensitive mime types
[CXF-6105] - CXF 3.x does not use the older WS-SecurityPolicy 1.1 namespace
[CXF-6106] - ClientResponseFilterInterceptor wraps client response exchange message into ClientRequestContextImpl - as a result code can't access client request context
[CXF-6109] - Incorrect TrustException constructor in AbstractSTSClient
[CXF-6112] - org.apache.cxf.jaxrs.impl.ResourceContextImpl#getResource should support a custom ResourceProvider
[CXF-6113] - allow a kind of chain in org.apache.cxf.common.util.ClassHelper
[CXF-6115] - Transferable.transferTo can cause infinite loop or stack overflow
[CXF-6118] - Schema Validation refinements
[CXF-6122] - JAX-RS proxy client with @QueryParam is not encoding the parameter value
[CXF-6127] - Check thrown Exception's cause for SOAPFaultException
[CXF-6137] - WADL generation does not correctly support query parameters
[CXF-6139] - WADLGenerator may produce a schema invalid resource id
[CXF-6147] - Part of demo wsdl_first_soap12 doesnt work
[CXF-6149] - ContainerRequestContextImpl hasEntity() always returns true for non-GET requests. Similar for ClientResponseContextImpl
[CXF-6151] - Apache-cxf wsdlvalidator returns error in mime:part
[CXF-6152] - WSDLValidator may throw ClassCastException under verbose mode
[CXF-6153] - OAuthRequestFilter throws NullPointerException when "Authorization" header is missing
[CXF-6155] - Exceptions thrown from ParamConverter generate 500 response
[CXF-6166] - Parsing Bug in org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter
[CXF-6176] - org.apache.cxf.jaxrs.bus.providers property is not taken in account in cxf bus
[CXF-6184] - HTTPConduit "transport.retransmit.url" property may have side-effects in case of non-redirect retransmits
[CXF-6187] - JMS sample fails "connectionFactory may not be null"
[CXF-6189] - Improve memory usage of UrlUtils
[CXF-6192] - Cxf Clustering Blueprint handler doesn't create the distribute feature rightly
[CXF-6194] - [multipart] Server handle Collection argument as single element
[CXF-6195] - JMS soap listeners are single-threaded in CXF 3.0.x
[CXF-6204] - JAX-RS Set-Cookie parser uses case-sensitive keys
[CXF-6211] - JAX-RS client runtime ignores Content-Type set directly from MessageBodyWriter
[CXF-6229] - EndpointReferenceUtils.getSchema does NOT cache negative schema parsing
[CXF-6234] - Invalid ?wsdl response with relative imports/includes when using jaxws-catalog.xml
[CXF-6241] - WS-RM doesn't work with WS-Security configured with @EndpointProperties
[CXF-6248] - NPE at OAuthRequestFilter when no Authorization header found
[CXF-6250] - WebSocket conduit fails to process String based responses and throws NPE
[CXF-6252] - JAXRS Async Client hangs in case of Connection errors
[CXF-6256] - Unexpected response code
[CXF-6257] - Creating and Endpoint using JAX-WS API, getting the binding and then publishing causes a NullPointerException
[CXF-6260] - JAXRS Async Client can not handle InvocationCallback TypeVariable
[CXF-6272] - SCT Renew in Secure Conversation
[CXF-6274] - NullPointerException in DestinationSequence because of RMCaptureInInterceptor not in interceptor chain
[CXF-6276] - Some non-primitive properties lost during generating WADL
[CXF-6284] - JAX-RS servlet run-time leaks additional strong references
[CXF-6285] - NPE in SwaggerFeature.calculateDefaultResourcePackage
[CXF-6295] - String cannot be cast to org.apache.ws.security.validate.Validator
[CXF-6297] - JAX-RS BeanValidation feature fails with NPE in JAXRSBeanValidationOutInterceptor on sub-resource call
[CXF-6300] - cipherSuite configuration does not work with HTTPJ servers
[CXF-6302] - JAXRS endpoints with URL encoded addresses can not be located
[CXF-6304] - AuthorizationCodeGrantHandler sets the approved scopes as the requested ones
[CXF-6306] - AuthorizationCodeGrantService does not record a single pre-registered redirect uri in a session if current request has no redirect uri set
[CXF-6309] - Client processing exception has its cause set to the original exception wrapped in Fault
[CXF-6313] - SamlHeaderOutInterceptor does not set headers on the message if it had none
[CXF-6314] - WebSocket transport should not require dependency to jetty
[CXF-6317] - Authorization not possible with multiple service beans
[CXF-6319] - Regression: failing namespace resolution after CXF-5891
[CXF-6320] - Zero-length entity should throw 400 on pre-packaged provider
[CXF-6321] - Make sure global JAX-RS filters are applied once per request even if made to sub-resource
[CXF-6322] - AbstractSearchConditionParser not working with UUID fields
[CXF-6327] - Invalid Policy exception for EndorsingSupportingTokens with more than one token assertions
[CXF-6328] - Username of UsernameToken is null when it is provided as in a CDATA section
[CXF-6331] - Wrap exceptions in JAXRSBeanValidationInvoker into Fault so that these exceptions are exposed to ExceptionMapper-s
[CXF-6332] - Wadl Genertion: @Description cannot be bound to field
[CXF-6336] - Client ParamConverterProvider may be lost if Client runs in the server scope
[CXF-6338] - Reversed logic in AbstractJwtHandler#validateSignature
[CXF-6340] - Return value of AsyncResponseImpl.cancel() not follow JAXRS 2.0 javadoc
[CXF-6343] - EncryptedHeader not properly processed or generated
[CXF-6352] - ContainerResponseContext.getLinks() loses links if they have no 'rel' parameter
[CXF-6356] - NPE when calling ServiceUnavailableException.getRetryTime()
[CXF-6359] - NullPointerException when certAlias specified but no keyManagers are configured
[CXF-6361] - HttpCondiut is not detecting the redirect loop properly
[CXF-6366] - JAX-RS Client runtime does not encode forward slashes in Matrix parameters
[CXF-6367] - JAX-RS Client runtime does not check BeanParam bean fields
[CXF-6368] - Unexpected response code
[CXF-6369] - org.apache.cxf.jaxrs.impl.ConfigurationImpl does not comply with SPEC
[CXF-6370] - wrong usages for System.arraycopy in org.apache.cxf.jaxrs.impl.AsyncResponseImpl
[CXF-6371] - WADL Generator does not always correctly deal with generic types
[CXF-6373] - CompletionCallback can not get the Throwable if error occurs in other interceptor (no serviceinvokerInterceptor)
[CXF-6374] - If no OPTIONS defined , OPTIONS request will fail with 404
[CXF-6375] - Providers.getMessageBodyReader throws NPE
[CXF-6377] - Wrong media type of response
[CXF-6378] - LinkBuilderImpl does not resolve relative links against baseUri
[CXF-6379] - Separate HTTP headers for multiple header values not possible - bug in CXF-3714 fix
Improvement:
[CXF-3344] - Runtime Exceptions should not be wrapped. Exceptions should not be logged and rethrown in AbstractFaultChainInitiatorObserver
[CXF-4242] - Add exception name to faultstring/detail/stackTrace
[CXF-5828] - Update OAuth2Context utility to provide an easy access to the request token
[CXF-5854] - Add property "refreshTemplates" to XSLTJaxbProvider
[CXF-5891] - ReadHeadersInterceptor performances improvement
[CXF-5902] - Provide utility support for Jwe composite AesCbcHmac content encryption algorithm
[CXF-5908] - Making Claims clonable
[CXF-5914] - Extend AbstractPolicyProvider.getEffectivePolicy() with optional message parameter
[CXF-5918] - ResoureUtils#createJaxbContext hides JaxB validation errors
[CXF-5922] - Secure CXF WSDL with standard HTTP Authentication
[CXF-5925] - JEXL Support for STS Claim Mappings
[CXF-5927] - Claim Mapping Utils
[CXF-5929] - WADL to Java code generator should support mappings to parameterized types
[CXF-5932] - Monitor contention at org.apache.cxf.jaxrs.utils.JAXRSUtils.processParameters(OperationResourceInfo, MultivaluedMap, Message)
[CXF-5934] - Make WadlGenerator more easily extensible
[CXF-5937] - CXF Servlets should optionally react to X-Forwarded headers
[CXF-5944] - Get Jwe and Jws code to the stage where it can be documented
[CXF-5948] - wadl2java -inheritResourceParams: put parent param first
[CXF-5954] - Jwe and Jws JAX-RS filters should be able to use JWK stores
[CXF-5956] - wadl2java: support 'repeating' attribute for response param
[CXF-5959] - support to specify instance.id of ManagedBus
[CXF-5960] - Provide a default encrypting OAuth2 provider
[CXF-5962] - Make LogBrowser sample also run in OSGi
[CXF-5979] - Allow some headers to be returned in WebSocket's streaming responses
[CXF-5984] - Provide a simple way start a decoupled servlet endpoint
[CXF-5986] - wadl2java maven plugin: add support for filename wildcards
[CXF-5990] - Integration custom parser
[CXF-6006] - StreamingOutput in JAXRS client proxies
[CXF-6009] - Monitor contention at org.apache.cxf.transport.http.Headers
[CXF-6011] - Extend CXF OSGi itests with basic jaxrs test
[CXF-6019] - WSDLGetUtils: original exception isn't logged by exceptions in WSDL parser
[CXF-6043] - Multi User BaseDN Support for LdapClaimsHandler
[CXF-6054] - Add a property to allow using unsigned saml tokens as principals
[CXF-6064] - Improve WADL Generator Extensibility for ID generation
[CXF-6079] - static-resource-list cache control
[CXF-6081] - Make it easier to control the way AccessTokenService checks the passwords
[CXF-6084] - Critical Header for JWS
[CXF-6098] - Use RSA-SHA256 by default when issuing tokens in the STS
[CXF-6107] - Supporting (Un)marshaller aware XML Readers and Writers in jaxb data binding
[CXF-6110] - AbstractSTSClient MEX: download XML schema from Location
[CXF-6120] - Optionally disable the creation of the JMS Security Context for incoming messages
[CXF-6124] - Switch http transport to use HttpService for OSGi
[CXF-6126] - Search serviceBeans by given annotation
[CXF-6133] - Introduce Jwe and Jws exception classes to make it easier to provide dedicated JAX-RS exception mappers
[CXF-6135] - CXF should be installable in karaf 4 minimal
[CXF-6141] - KeyType information in STS Audit Log
[CXF-6142] - OAuth2 AccessTokenValidator needs to accept more parameters
[CXF-6150] - Override XSLTJaxbProvider xsl path at runtime
[CXF-6154] - CXFServlet and JAX-RS RequestDispatcherProvider should be able to use RequestDispatch.include
[CXF-6157] - Support storing of OAuth2 redirection state in a session token
[CXF-6164] - OAuthClientUtils Consumer class needs to be moved to a standalone class
[CXF-6168] - Avoid ServletController synchronizing on the destination by default
[CXF-6191] - Avoid Spring usage by configuration in ClassHelper
[CXF-6199] - Allow scalability for slow services on jms
[CXF-6200] - CXF JAX-RS Model extension should be usable without custom service classes
[CXF-6206] - JAASLoginInterceptor: Return proper unauthorized response when JAAS login with basic auth fails
[CXF-6208] - Support registering JAX-RS providers as Classes in all cases
[CXF-6220] - JWA algorithm representation code needs to be cleaned up
[CXF-6223] - Support message property for encryption certificate
[CXF-6227] - JAX-WS client performance improvements
[CXF-6232] - Refactor CXF's Atmosphere based WebSocket transport for more flexible and extensible handling
[CXF-6238] - Java2WADL : Generating response status attribute
[CXF-6244] - ContentDisposition should support UTF-8 filenames
[CXF-6255] - WSS4JInInterceptor: "Security header, but it's a fault"
[CXF-6261] - Upgrade CXF trunk to use OpenSAML 3.0.x
[CXF-6268] - Make cxf-codegen-plugin toolchains aware during maven build
[CXF-6269] - Logging interceptors should allow to switch logging on/off for individual rest resources
[CXF-6277] - Enhance the X509TokenValidator to also validate X509Data DOM Elements
[CXF-6282] - Add ability to have proxies implement AutoCloseable
[CXF-6283] - Support binary attributes in the LDAPClaimsHandler
[CXF-6286] - Make request logging more Modular
[CXF-6305] - Add an option to include or exclude specific response headers in WebSocket's transport
[CXF-6308] - Make WebSocket transport's embedded jetty mode to use atmosphere if available
[CXF-6329] - Allow multiple atmosphere interceptors to be configured for the websocket transport
[CXF-6333] - Support Inclusive C14N via security policy
[CXF-6334] - Add the ability to plug in custom security policy validators for various assertions
[CXF-6335] - Explicitly set HTTPConduit on client inbound message
[CXF-6337] - Support the redirection directly via the injected JAX-RS ServletContext context
[CXF-6341] - Add atmosphere when installing feature cxf-transports-websocket-server
[CXF-6344] - Support system file location for JexlClaimMapper scripts
[CXF-6345] - Support Logging in JexlClaimMapper scripts
[CXF-6353] - provide a not typed way to configure cxf jaxrs clients
[CXF-6363] - Introduce JwsHeaders
[CXF-6372] - Generating distinct claim values for multi-value LDAP attributes
[CXF-6381] - Upgrade to pax exam 4.5.0 and allow to test with karaf 4
New Feature:
[CXF-5883] - Support rewriting of wsdl for https load balancer which talks to http endpoint
[CXF-5905] - Allow setting additional Security Provider at Exchange level
[CXF-5996] - respect client cache headers
[CXF-6028] - Improved metrics
[CXF-6053] - Support JWS JSON Serialization
[CXF-6132] - Provide JAX-RS ServletContainerInitializer
[CXF-6215] - Introduce JAX-RS DefaultMethod extension
[CXF-6242] - Ability to configure the format of the marshalling / unmarshalling exceptions that are thrown by JAXB when schema validation is enabled.
[CXF-6264] - Provide Swagger to CXF UserResource converter
Task:
[CXF-4913] - Add 'validate' option to WADL to Java generator
[CXF-5886] - Provide a default Ehcache based OAuth2 provider
[CXF-5941] - Update JAX-RS version to 2.0.1
[CXF-5993] - Update to Jettison 1.3.6
[CXF-6052] - Upgrade the Karaf version to support JDK8
[CXF-6069] - upgrade jaxb version to 2.2.11
[CXF-6121] - Update to Jettison 1.3.7
[CXF-6253] - Upgrade async-http-client to 1.9.8
[CXF-6278] - Introduce MessageDigestInputStream utility class
[CXF-6279] - Introduce X509 Certificate Path validation utility code
[CXF-6280] - Consider providing a DirectAccessToken JAXRS service
Test:
[CXF-6129] - CXF STS basic systests failure
[CXF-6318] - Execute JAXRS WebSocket systests with and without atmosphere
[CXF-6346] - Unit test failures with JDK8
Wish:
[CXF-6068] - Make org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor compatible with WebSphere 7

New in Apache CXF 3.0.4 (Feb 17, 2015)

Bug:
[CXF-5279] - STSClient may not be caching tokens long enough when renewal after expiry is allowed
[CXF-6096] - http components transport is missing a dependency on commons-logging
[CXF-6111] - JavascriptGetInterceptor.isRecognizedQuery is always false
[CXF-6127] - Check thrown Exception's cause for SOAPFaultException
[CXF-6137] - WADL generation does not correctly support query parameters
[CXF-6138] - JAXB unmarshaller Properties can't be configured
[CXF-6139] - WADLGenerator may produce a schema invalid resource id
[CXF-6143] - SSL/TLS hostname verification does not strictly follow HTTPS RFC2818
[CXF-6145] - WS-RM demo server throws exception
[CXF-6146] - Demo wsdl_first_xmlbeans fails to build
[CXF-6147] - Part of demo wsdl_first_soap12 doesnt work
[CXF-6149] - ContainerRequestContextImpl hasEntity() always returns true for non-GET requests. Similar for ClientResponseContextImpl
[CXF-6151] - Apache-cxf wsdlvalidator returns error in mime:part
[CXF-6152] - WSDLValidator may throw ClassCastException under verbose mode
[CXF-6153] - OAuthRequestFilter throws NullPointerException when "Authorization" header is missing
[CXF-6155] - Exceptions thrown from ParamConverter generate 500 response
[CXF-6160] - AsyncResponse infinite loops
[CXF-6163] - WSDL Javascript generator for xsd:any elements is not correct when any is optional
[CXF-6166] - Parsing Bug in org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter
[CXF-6170] - Demo jax_rs/spring_security throws exception
[CXF-6176] - org.apache.cxf.jaxrs.bus.providers property is not taken in account in cxf bus
[CXF-6178] - Missing io.netty.util.Version
[CXF-6184] - HTTPConduit "transport.retransmit.url" property may have side-effects in case of non-redirect retransmits
[CXF-6187] - JMS sample fails "connectionFactory may not be null"
[CXF-6188] - Authorization loop using "CurrentWindowsCredentials"
[CXF-6189] - Improve memory usage of UrlUtils
[CXF-6192] - Cxf Clustering Blueprint handler doesn't create the distribute feature rightly
[CXF-6194] - [multipart] Server handle Collection argument as single element
[CXF-6195] - JMS soap listeners are single-threaded in CXF 3.0.x
[CXF-6204] - JAX-RS Set-Cookie parser uses case-sensitive keys
[CXF-6207] - While Parsing wsdl url getting NAMESPACE_ERR
[CXF-6209] - Bug in processing Signed/Encrypted Elements policies with multiple XPaths
[CXF-6210] - XPath evaluation failure on the client side causes all subsequent evaluations to fail
[CXF-6211] - JAX-RS client runtime ignores Content-Type set directly from MessageBodyWriter
[CXF-6214] - [WebClient] wrong Accept received via proxy
[CXF-6217] - JmsPullPoint does not protect against external entities
[CXF-6222] - Password can end up in log file
[CXF-6228] - Using XSLTFeature with large messages creates unremovable temporary files
[CXF-6229] - EndpointReferenceUtils.getSchema does NOT cache negative schema parsing
[CXF-6233] - STS client only sends AppliesTo on first RST call
[CXF-6234] - Invalid ?wsdl response with relative imports/includes when using jaxws-catalog.xml
[CXF-6235] - wsdl2java behaves differently from cxf-codegen-plugin
[CXF-6241] - WS-RM doesn't work with WS-Security configured with @EndpointProperties
[CXF-6245] - Loading non-existent class org.apache.cxf.xmlbeans.XmlBeansWrapperHelper in WrapperClassOutInterceptor is causing performance issues
[CXF-6246] - missing osgi import of javax.jws
[CXF-6248] - NPE at OAuthRequestFilter when no Authorization header found
[CXF-6250] - WebSocket conduit fails to process String based responses and throws NPE
[CXF-6252] - JAXRS Async Client hangs in case of Connection errors
Improvement:
[CXF-5674] - CXF Support in "Audience Restriction" of SAML 2 (SOAP)
[CXF-5854] - Add property "refreshTemplates" to XSLTJaxbProvider
[CXF-6046] - Enhance SwaggerFeature to support JAX-RS annotations
[CXF-6079] - static-resource-list cache control
[CXF-6126] - Search serviceBeans by given annotation
[CXF-6142] - OAuth2 AccessTokenValidator needs to accept more parameters
[CXF-6148] - Adding support for xsd:choice in Javascript generator
[CXF-6150] - Override XSLTJaxbProvider xsl path at runtime
[CXF-6154] - CXFServlet and JAX-RS RequestDispatcherProvider should be able to use RequestDispatch.include
[CXF-6162] - Adding support for xsd:group ref in Javascript generator
[CXF-6167] - Add an ability to specify SOAP error parser for Javascript client
[CXF-6168] - Avoid ServletController synchronizing on the destination by default
[CXF-6173] - Unable to configure CXF StAX properties on a per-endpoint/client basis if a JAX-WS handler is configured
[CXF-6191] - Avoid Spring usage by configuration in ClassHelper
[CXF-6199] - Allow scalability for slow services on jms
[CXF-6200] - CXF JAX-RS Model extension should be usable without custom service classes
[CXF-6206] - JAASLoginInterceptor: Return proper unauthorized response when JAAS login with basic auth fails
[CXF-6208] - Support registering JAX-RS providers as Classes in all cases
[CXF-6223] - Support message property for encryption certificate
[CXF-6227] - JAX-WS client performance improvements
[CXF-6238] - Java2WADL : Generating response status attribute
[CXF-6244] - ContentDisposition should support UTF-8 filenames
[CXF-6251] - Allow org.apache.cxf.logging.enabled to have a value of "pretty" for pretty printing
New Feature:
[CXF-6132] - Provide JAX-RS ServletContainerInitializer
[CXF-6215] - Introduce JAX-RS DefaultMethod extension
[CXF-6242] - Ability to configure the format of the marshalling / unmarshalling exceptions that are thrown by JAXB when schema validation is enabled.
Task:
[CXF-6069] - upgrade jaxb version to 2.2.11
Test:
[CXF-6129] - CXF STS basic systests failure

New in Apache CXF 3.0.3 (Dec 10, 2014)

Bug:
[CXF-6030] - javax.xml.ws.soap.SOAPFaultException: Fault string, and possibly fault code, not set for cxf.
[CXF-6034] - Wrong schemaLocation if jax-ws-catalog is used
[CXF-6038] - Repeatedly invoking setHandlerChain() can cause a build up of handler interceptors on the chain
[CXF-6041] - Corba Binding is throwing a ObjectNotActive Corba exception being thrown back to application code on endpoint/bus shutdown
[CXF-6045] - Setting an entity from ClientRequestFilter has no effect if no entity is already set
[CXF-6057] - WADL to Java code generator does not support the documented "encoding" flag
[CXF-6058] - NPE in cxf-rt-transports-http org.apache.cxf.transport.http.Headers line 280
[CXF-6059] - wsdl:fault wsdl2java fails with IllegalArgumentException
[CXF-6060] - Calling readEntity() on Response created by Response.build() causes NullPointerException
[CXF-6061] - The publish attribute on jaxws:endpoint doesn't support placeholder in spring configuration
[CXF-6062] - Interceptors added in Spring Bus configuration are ignored
[CXF-6066] - JAX-RS 2.0 Client implementation is OOM prone due to its strongly referencing WebTargets
[CXF-6067] - ProviderFactory fails to analyze generic types correctly with some class hierachies
[CXF-6071] - CXF's WSDL2Java tool can generate impl classes that jdk compiler will refuse to compile
[CXF-6072] - jaxrs securityContext.getUserPrincipal is broken if login is done during the request
[CXF-6073] - cxf-wsn installation in Karaf fails
[CXF-6075] - NPE may occur at websocket destination under high load
[CXF-6076] - MediaType parameter not parsed correctly
[CXF-6077] - In OSGi, the wsdl extensor loaders may not be able to generate their special ExtensibilityELements
[CXF-6078] - AnnotationUtils.getAnnotatedMethod for abstract classes not inherit from interface
[CXF-6080] - Headers.logProtocolHeaders raise NPE on null header value
[CXF-6089] - XmlAccessorOrder.ALPHABETICAL, Exception.getMessage() duplicate WSDL elements generated
[CXF-6090] - java.lang.NullPointerException when running wsdl2java
[CXF-6091] - Server is not properly stopped with MultipleEndpointObserver
[CXF-6092] - When there is bad connection/timeout, ClientImpl throws NullPointerException
[CXF-6094] - wsdl2java - Default key managers cannot be initialized
[CXF-6101] - Accept Header not Respected with Response from Custom MessageReader
[CXF-6103] - Nillable field, in a json payload, was sent as "@nil":"true" instead of an empty string
[CXF-6104] - Support case insensitive mime types
[CXF-6105] - CXF 3.x does not use the older WS-SecurityPolicy 1.1 namespace
[CXF-6106] - ClientResponseFilterInterceptor wraps client response exchange message into ClientRequestContextImpl - as a result code can't access client request context
[CXF-6109] - Incorrect TrustException constructor in AbstractSTSClient
[CXF-6112] - org.apache.cxf.jaxrs.impl.ResourceContextImpl#getResource should support a custom ResourceProvider
[CXF-6113] - allow a kind of chain in org.apache.cxf.common.util.ClassHelper
[CXF-6115] - Transferable.transferTo can cause infinite loop or stack overflow
[CXF-6118] - Schema Validation refinements
[CXF-6122] - JAX-RS proxy client with @QueryParam is not encoding the parameter value
[CXF-6145] - WS-RM demo server throws exception
[CXF-6146] - Demo wsdl_first_xmlbeans fails to build
[CXF-6147] - Part of demo wsdl_first_soap12 doesnt work
Improvement:
[CXF-4242] - Add exception name to faultstring/detail/stackTrace
[CXF-6042] - Support certificate constraints in JAX-RS XML Signature
[CXF-6047] - Extend the STSTokenValidator to be able to call the issue binding
[CXF-6048] - Support roles in the AuthPolicyValidatingInterceptor
[CXF-6051] - Support sp13:Nonce + sp13:Created in the UsernameTokenInterceptor
[CXF-6054] - Add a property to allow using unsigned saml tokens as principals
[CXF-6064] - Improve WADL Generator Extensibility for ID generation
[CXF-6081] - Make it easier to control the way AccessTokenService checks the passwords
[CXF-6084] - Critical Header for JWS
[CXF-6086] - Disable SSLv3 by default for clients (+ servers based on Jetty)
[CXF-6087] - Add a way to exclude (multiple) SSL/TLS protocols in the HTTPJ namespace
[CXF-6107] - Supporting (Un)marshaller aware XML Readers and Writers in jaxb data binding
[CXF-6110] - AbstractSTSClient MEX: download XML schema from Location
[CXF-6120] - Optionally disable the creation of the JMS Security Context for incoming messages
New Feature:
[CXF-5996] - respect client cache headers
[CXF-6053] - Support JWS JSON Serialization
Task:
[CXF-6052] - Upgrade the Karaf version to support JDK8
[CXF-6121] - Update to Jettison 1.3.7
Test:
[CXF-6070] - NPE while calling a webservice using a clientproxy
Wish:
[CXF-6068] - Make org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor compatible with WebSphere 7

New in Apache CXF 3.0.2 (Oct 22, 2014)

Bug:
[CXF-5744] - @XmlTransient behavior change in WSDL fault content
[CXF-5795] - Reading the entity from a Response with 202 - Accepted causes NullPointerException
[CXF-5844] - Annotations inherited from interface not merged with annotations from implementing method
[CXF-5846] - ClassCastException in org.apache.cxf.jaxrs.provider.BinaryDataProvider & SourceProvider
[CXF-5878] - Disabling policy engine causes NPE
[CXF-5881] - wadl2java failed on nexus wadl
[CXF-5884] - org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider is incompatible with JAX-RS 2.0
[CXF-5888] - Unwrapped operation detection not looking for attributes of extended types
[CXF-5889] - No root resource matching request when using atmosphere websocket
[CXF-5893] - Websocket transport sporadically fails with corrupted data
[CXF-5897] - Relax setter method name restriction for @context injection
[CXF-5898] - Feature wss4j should be updated after saaj-impl version change
[CXF-5899] - JAX-RS 2.0 Configuration injection is not supported if DynamicFeature is not registered
[CXF-5900] - websocket destination in osgi fails to start after being stopped
[CXF-5904] - wadl2java -inheritResourceParams don't generate parent parameter
[CXF-5906] - Claim Manager only parses first claim value
[CXF-5910] - Filters registered by DynamicFeatures match on overloaded resource methods.
[CXF-5911] - SoapFault's lang property is not set in case of SOAP 1.1 faults
[CXF-5913] - logStacktrace Property Not Implemented in MapEventLogger
[CXF-5916] - WADL contains wrong parameter name for parameter beans
[CXF-5917] - SAMLP Response Validator does not decrypt if EncryptedKey is the assertion element child
[CXF-5920] - JAX-RS Link implementation (LinkBuilder) looses context path
[CXF-5935] - [wadl2java] Multipart method doesn't generate @Multipart params
[CXF-5938] - LuceneQueryVisitor is not reusable / not thread-safe
[CXF-5943] - Throw error in exceptionmapper
[CXF-5946] - ensure unregister cxf http transport Servlet OSGi service before we re-register it
[CXF-5949] - LogBrowser not working
[CXF-5952] - wadl2java: process representation params
[CXF-5953] - wadl2java: generate full class name for representation parameter
[CXF-5958] - incorrect OSGi header in cxf-core bundle
[CXF-5961] - wadl2java: 'required = false' don't generated for @Multipart argument
[CXF-5963] - LuceneQueryVisitor should use analyzer to create query properly
[CXF-5964] - JAX-RS Contexts are injected into Application class too late
[CXF-5966] - NPE in MessageContextImpl when setting ResponseBuilder entity in an ExceptionMapper
[CXF-5968] - Setting use.async.http.conduit property causes IllegalArgumentException
[CXF-5969] - CXF does not pass a generic type to ParamConverterProvider
[CXF-5972] - Fix all karaf features definitions
[CXF-5974] - WADLGenerator sets representation media type to application/octet-stream by default
[CXF-5976] - incompatible with javax.xml.bind.JAXBElement error when using List as resource method param
[CXF-5978] - Incomplete dependencies in archetype cxf-jaxrs-service
[CXF-5983] - Security processing failed (actions mismatch) occurs due to ENCR action appearing twice
[CXF-5985] - wadl2java maven plugin: executions don't use plugin-level configuration
[CXF-5988] - Provide support for a pluggable parameter conversion mechanism for JAX-RS client side proxies
[CXF-5989] - Query Params not showing up in WADL when declared using @BeanParam
[CXF-5992] - Cannot set org.apache.cxf.stax.maxAttributeCount
[CXF-5995] - ClientProxyImpl problem with handling @BeanParams with null headers/cookies.
[CXF-5999] - Moving JiBX related systests into its own module.
[CXF-6000] - Wrong default algorithm is used for TrustManagerFactory instantiation
[CXF-6003] - jaxrs:server "basePackages" attribute doesn't initialize REST services properly
[CXF-6007] - WebClient does not resend request in Digest authentication for HTTP methods GET, HEAD, DELETE, OPTIONS (with no body).
[CXF-6010] - NPE in MessageModeOutInterceptor.validateFaultDetail for faults with no
[CXF-6012] - Setting Content-Type in client WriterInterceptor with JAX-RS MediaType causes class cast exceptions in HttpConduit
[CXF-6015] - Path parameters containing semicolon are truncated due to missing encoding
[CXF-6020] - UrilInfo.getAbsolutePath() missing path separator between servlet url and relative url
[CXF-6021] - WebClient has Accept defaulted to application/xml
[CXF-6027] - oauth2 client redirect uris are never valid
[CXF-6032] - NullPointerException while validating cert for SAML HOK
[CXF-6037] - in JAX-RS search there is no support for java.sql.Time in fiql
Improvement:
[CXF-5652] - WebClient with SSL: javax.net.ssl.SSLHandshakeException handshake_failure
[CXF-5885] - Validate "ActAs" tokens in the STS
[CXF-5891] - ReadHeadersInterceptor performances improvement
[CXF-5892] - Ensure EncryptedKey references BST before it
[CXF-5902] - Provide utility support for Jwe composite AesCbcHmac content encryption algorithm
[CXF-5908] - Making Claims clonable
[CXF-5918] - ResoureUtils#createJaxbContext hides JaxB validation errors
[CXF-5922] - Secure CXF WSDL with standard HTTP Authentication
[CXF-5925] - JEXL Support for STS Claim Mappings
[CXF-5927] - Claim Mapping Utils
[CXF-5929] - WADL to Java code generator should support mappings to parameterized types
[CXF-5932] - Monitor contention at org.apache.cxf.jaxrs.utils.JAXRSUtils.processParameters(OperationResourceInfo, MultivaluedMap, Message)
[CXF-5934] - Make WadlGenerator more easily extensible
[CXF-5937] - CXF Servlets should optionally react to X-Forwarded headers
[CXF-5944] - Get Jwe and Jws code to the stage where it can be documented
[CXF-5948] - wadl2java -inheritResourceParams: put parent param first
[CXF-5954] - Jwe and Jws JAX-RS filters should be able to use JWK stores
[CXF-5956] - wadl2java: support 'repeating' attribute for response param
[CXF-5959] - support to specify instance.id of ManagedBus
[CXF-5960] - Provide a default encrypting OAuth2 provider
[CXF-5962] - Make LogBrowser sample also run in OSGi
[CXF-5975] - SecurityToken::isExpired: add clock skew option
[CXF-5979] - Allow some headers to be returned in WebSocket's streaming responses
[CXF-5984] - Provide a simple way start a decoupled servlet endpoint
[CXF-5986] - wadl2java maven plugin: add support for filename wildcards
[CXF-5990] - Integration custom parser
[CXF-6006] - StreamingOutput in JAXRS client proxies
[CXF-6009] - Monitor contention at org.apache.cxf.transport.http.Headers
New Feature:
[CXF-5883] - Support rewriting of wsdl for https load balancer which talks to http endpoint
[CXF-5905] - Allow setting additional Security Provider at Exchange level
[CXF-5923] - Create sample to demonstrate usage of search extension with Lucene and Tika
Task:
[CXF-4913] - Add 'validate' option to WADL to Java generator
[CXF-5886] - Provide a default Ehcache based OAuth2 provider
[CXF-5895] - asmhelper broken with asm 5
[CXF-5941] - Update JAX-RS version to 2.0.1
[CXF-5993] - Update to Jettison 1.3.6
Test:
[CXF-5882] - UDPTransportTest.testLargeRequest always failed on some machine

New in Apache CXF 3.0.1 (Jul 22, 2014)

Sub-task:
[CXF-5623] - Failed to invoke WSDLToJava - is already defined
Bug:
[CXF-3272] - WS-RM returns Fault for duplicate message received, should probably return acknowledgement instead
[CXF-5719] - NoSuchElementException in ClientFaultConverter when stack trace message contains * or #
[CXF-5735] - WS-RM does not handle AckRequested action, resulting in NPE
[CXF-5739] - FIQL: java.sql.Timestamp no taken into account
[CXF-5740] - CXF-5610 is preventing applications from using the same endpoint url for multiple hadlers
[CXF-5749] - Nullpointer on ClientProxyImpl
[CXF-5752] - Unable to find the target operation when using websocket transport without atmosphere
[CXF-5753] - Unmarshalling error is thrown with CXF 2.7.9 (and later versions) when a JAXWS handler is configured.
[CXF-5761] - InInterceptor throws exception with PrettyLogging and big message size
[CXF-5763] - ClassCast Exception in AsyncHTTPConduit$AsyncWrappedOutputStream.close() method when using async and HttpAsyncClient
[CXF-5765] - Response is invalid
[CXF-5766] - Caching nonces to disk may not work if the service QName is too long
[CXF-5778] - JMS Subscription: durableSubscriptionName is not propagated into AbstractMessageListenerContainer
[CXF-5781] - Port ou of Range: -1
[CXF-5783] - Port getter method not renamed in the generated Service class
[CXF-5785] - JAX-RS XML Schemas at CXF site need to support multiple CXF versions
[CXF-5790] - Response-Code is logged for the response sent over a decoupled endpoint
[CXF-5791] - Could not send a message. Caused by HTTP response '404: Not Found'
[CXF-5793] - wsdl2java NPE
[CXF-5794] - DynamicClientFactory createClient fails for Simple Rpc Service (java.lang.IllegalStateException: no source files )
[CXF-5795] - Reading the entity from a Response with 202 - Accepted causes NullPointerException
[CXF-5798] - WebSocket transport fails to transport a large message
[CXF-5801] - Dynamic client invoke throws UnresolvedAddressException when proxied
[CXF-5805] - Invalid SOAP Envelope names are accepted
[CXF-5806] - FIQL: Problem with mapping on ManyToMany or OnToMany associations of 2nd level
[CXF-5807] - Fix STSClient configuration when Issuer EPR has an "anonymous" address
[CXF-5808] - jax_rs content_negotiation test fails on successive calls
[CXF-5810] - Empty response is returned when both security policy and handler chain are enabled
[CXF-5811] - Client fails with UnmarshalException if WSS4JInInterceptor is used
[CXF-5817] - CXF's STSClient does not handle additional Schemas properly when parsing a WS-MEX response
[CXF-5818] - StackOverflowError caused by HttpsURLConnectionFactory
[CXF-5822] - NullPointerException in PropertiesLoaderUtils
[CXF-5823] - Base64Utility encodeChunk method works only if the offset is zero
[CXF-5825] - ToolContext.isVerbose logic not correct resulting in -verbose flag not being honored
[CXF-5834] - WS-RM's JAXB marshalling/unmarshalling is not thread-safe
[CXF-5835] - Two issues in org.apache.cxf.jaxrs.provider.DataSourceProvider
[CXF-5836] - NullPointerException in AsyncHTTPConduit if http.noProxyHosts set
[CXF-5837] - Upload size limit status 500 for files twice bigger than the limit
[CXF-5838] - @QueryParam char return incorrect default value
[CXF-5839] - ResponseTimeCounter doesn't count the schema validation fault
[CXF-5840] - ResponseTimeCounter counts the one-way fault message twice
[CXF-5841] - PolicyReferences when using annotations and no separate Java Interface
[CXF-5842] - CacheSizeExceededException attachment tempfile leak
[CXF-5845] - HTTPTransportActivator does not clean up old configuration while updating
[CXF-5851] - JAX-RS proxy throws NPE if a null multipart parameter is passed
[CXF-5853] - Mutlipart JAXB model + InputStream using JacksonJsonProvider cause NPE
[CXF-5856] - NPE in SwaggerFeature
[CXF-5857] - jms examples do not work
[CXF-5860] - JAXRS ThreadLocalProxy not visible in OSGI
[CXF-5861] - JAX-RS ResourceContext beans get their context values injected too late
[CXF-5864] - Anonymous users are denied to call unprotected methods since 2.6.3
[CXF-5865] - WebClient.close should not auto-close Response
[CXF-5869] - Temporary file caching using encryption may get corrupted data in some ciphers
[CXF-5870] - wadl2java -inheritResourceParams generate parameter twice
[CXF-5871] - Dispatch.invokeAsync does not calculate operation
[CXF-5872] - JAXB Dispatch clients try to create a JAX-WS exception and NPE
[CXF-5873] - Exception in SoapOutInterceptor causes lots of warnings in log
[CXF-5876] - AtomPojoProvider generates warnings if atom handlers have no setMessageContext method
[CXF-5877] - SCT in a (SAML1.1 + SCT) scenario failing to renew ore reissue
[CXF-5880] - Concurrent issue in ResponseTimeCounter
Improvement:
[CXF-3270] - WS-RM should send acknowledgements when messages are received out of order
[CXF-5311] - Support OAuth2 JWT token
[CXF-5321] - Search LuceneQueryVisitor needs to support Date range queries
[CXF-5746] - WebsocketConduit to use the id header so that it can correlate requests and responses
[CXF-5747] - Add a karaf feature for the websocket transport
[CXF-5748] - Improve WS-Security Kerberos configuration
[CXF-5750] - Support SpnegoContextTokens with the TransportBinding
[CXF-5751] - Support policy validation for SupportingToken SpnegoContextTokens
[CXF-5757] - WADL to Java code generator should optionally support linking arbitrary media types to the grammar
[CXF-5764] - AccessTokenService should allow the client authentication with a client id only
[CXF-5768] - Fallback to "Issue" if "Renew" fails in the STSClient
[CXF-5775] - Constraint Validation Exceptions Logging at Warn logging.LogUtils
[CXF-5780] - JMS pubsub: support different parameters for clientID and durableSubscriptionName
[CXF-5786] - isValid() in WSIBPValidator should check method signature
[CXF-5789] - Add methods to get input and output SOAP headers to SOAPBindingUtil
[CXF-5802] - Share an existing global ehcache manager for ws security replay caches
[CXF-5804] - Improvement Issue CXF 5781 and CXF 5791
[CXF-5809] - WebSocket transport supporting concurrent asynchronous calls
[CXF-5813] - add completers for cxf karaf shell commands
[CXF-5827] - Use only local name matching for inbound rpc/literal processing to support some older rpc/literal implementation
[CXF-5832] - JAX-WS Provider returning JAXBSource with attachment
[CXF-5843] - Allow define the ObjectName of ResponseTimeCounterMBean
[CXF-5847] - Add operation to enable/disable ResponseTimeCounter
[CXF-5868] - Establish Jaas login context using Subject.doAs
[CXF-5874] - Add ability to strictly enforce WSA Action values
[CXF-5879] - Distinguishing client or service in FactoryBeanListener
New Feature:
[CXF-5549] - Introduce Tika Search Visitor
[CXF-5792] - WSDLGetUtils Customization
[CXF-5849] - XSLTJaxbProvider document() resources and URIResolver
[CXF-5866] - Allow pre-processing of WSDL in WSDLManager
Task:
[CXF-5819] - Introduce HBaseQueryVisitor

New in Apache CXF 3.0.0 M2 (Feb 19, 2014)

Bug:
[CXF-4949] - FIQL - searchContext returns null SearchCondition
[CXF-5006] - Activate JMX Performance counters in OSGi using a config admin configuration
[CXF-5085] - Fixed package imports in BasicIntegrationTest
[CXF-5261] - Message.CONNECTION_TIMEOUT and Message.RECEIVE_TIMEOUT should not begin with "javax.xml.ws"
[CXF-5348] - Exception mappers implementing ExceptionMapper through an abstract class are not mapped to the declared exception
[CXF-5405] - WS-RM with anonymous endpoint throwing security policy validation exception for SequenceAck
[CXF-5415] - javax.management.RuntimeOperationsException when register performance mbean using cxf webclient with service name contains ?
[CXF-5418] - WebClient QName representation can get a query added to it
[CXF-5421] - Servlet dependency in OAuth2 pom.xml should be with scope "provided"
[CXF-5423] - Callbackhandlers and other resources aren't found if configured in blueprint config due to classloading issues
[CXF-5424] - JAX-RS Security Code can not validate signed SAML2 bearer assertions without KeyInfo
[CXF-5425] - Async HTTP Conduit may not initialize HTTP client when many threads use it
[CXF-5426] - JAX-RS 2.0 Response.readEntity fails to read primitive values
[CXF-5427] - set-jaxb-validation-event-handler=false not working when fault message is changed.
[CXF-5428] - Sevice list page default stylesheet is not effective
[CXF-5433] - JAX-RS method invocation failes in case @Mutipart(required=false) is used on primitives
[CXF-5435] - WS-RM's retransmission should call conduit.close(message) after successful retransmission
[CXF-5437] - JAXBDataBinding can not handle the exception with generic objects like ObjectWithGenerics
[CXF-5440] - NPE is thrown at http conduit's authorization setting in Blueprint
[CXF-5445] - IgnoreNamespacesWriter does not handle qualified attributes
[CXF-5447] - IllegalStateException: Already connected when sending empty POST request
[CXF-5449] - FIQL parser having a problem with a JPA entity that contains a list of other entities.
[CXF-5450] - With SAAJ In/Out forwarding, headers can cause an infinite loop and OOM
[CXF-5452] - JAX-RS Client: post method call doesn't send data.
[CXF-5453] - FIQL parser should support Beans with interfaces
[CXF-5454] - Latest Jetty doesn't like the -D jvmargs added to generated build.xml
[CXF-5455] - Generated servers only use first port impl
[CXF-5456] - Generated "Impls" should be based off the service/port, not portType
[CXF-5458] - sts.token.validator.*TokenValidator instances don't set MessageContext on RequestData
[CXF-5459] - Some imported xsd schemas are not resolved in spring when referenced from another schema
[CXF-5465] - policy.xsd used in rt-ws-policy's blueprint configuration is inconsistent
[CXF-5469] - JsonpInInterceptor casts to HttpServletRequest
[CXF-5473] - JAX-RS schema validation: interpret schema loading problems as exceptions instead warnings
[CXF-5484] - JAASAuthenticationFilter cannot separate 3rdParty java.security.Principals based on user/role
[CXF-5485] - Apache CXF kit bin directory is not set with access right
[CXF-5493] - SOAPFaultException has empty message in case of response containing CDATA in fault:faultstring (SOAP 1.1)
[CXF-5494] - WADL to Java code generator can get element names with '-' added to Java method names
[CXF-5498] - W3CDOMStreamReader does not check the DOM-Level in all Cases
[CXF-5500] - FINE logging could result in OOM
[CXF-5501] - NettyHttpServletPipelineFactory doesn't shutdown the executor for running application
[CXF-5505] - SpringBus should shutdown the bus when the application context is closed
[CXF-5506] - Make ws-addressing schema available during blueprint schema resolution
[CXF-5507] - Missing alternativeSelector handling in ws-policy feature's blueprint configuration
[CXF-5508] - Request.evaluatePreconditions(Date, EntityTag) loses a non-null ResponseBuilder
[CXF-5512] - @UseAsyncMethod annotation doesn't work for classes implementing Provider
[CXF-5516] - Decoupled endpoints are not compatible with @UseAsyncMethod annotation
[CXF-5517] - Incorrect check for VOID type
[CXF-5518] - Setting SecurityConstants.STS_TOKEN_ACT_AS as string improper handling
[CXF-5520] - Setting SecurityConstants.STS_TOKEN_ON_BEHALF_OF as string improper handling
[CXF-5523] - Allow override of DestinationRegistryImpl#getTrimmedPath method
[CXF-5524] - JAXBContextInitializer addType stopped handling recursive types (StackOverflow)
[CXF-5526] - Unresolvable transitive dependencies from Karaf
[CXF-5528] - CXF Blueprint resource classes should have a more simple definition
[CXF-5529] - Deploy error when publishing CXF WebService to Glassfish4
[CXF-5530] - Wrong error code for non existing client's
[CXF-5531] - STS can only create SAML Tokens with a NotOnOrAfter Condition specified in minutes
[CXF-5537] - Support an X.509 Token as a EndorsingEncryptedSupportingTokens
[CXF-5542] - JAX-RS providers shared between endpoints or clients with different buses lose injected TL proxies
[CXF-5547] - HTTPConduit loses response headers if 202 with no body is returned
[CXF-5550] - CXF JAX-WS frontend DispatchImpl ignores setting of MessageContext.WSDL_OPERATION
[CXF-5554] - OAuth1 params not read from POST on Content-Type: application/x-www-form-urlencoded; charset=UTF-8
[CXF-5556] - CXF JAX-RS 2.0 is not backward compatible with JAX-RS 1.1 on the exception path
[CXF-5558] - JsonpInInterceptor ignores custom callback parameters
[CXF-5559] - Async jaxrs call : Inifinite loop when connexion socket timeout /connexion refused occurs and no action can stop this loop
[CXF-5561] - AccessTokenValidatorService is not secure
[CXF-5562] - value of @QueryParam/@PathParam Annotation inside @BeanParam Classes will be ignored
Improvement:
[CXF-4199] - Support class-scanning for discovering JAX-RS providers
[CXF-4451] - Provide helpful error message if encryption keystore password missing
[CXF-4736] - Bundles cannot be deployed in non Aries Blueprint Container
[CXF-4808] - Separate core functions from Blueprint/Spring
[CXF-4965] - Support overriding the sts service address
[CXF-5015] - update OpenSAML to 2.6
[CXF-5174] - Split xkms into xkiss and xkrss parts
[CXF-5310] - Support Bean Validation API for JAX-WS non-singleton service objects
[CXF-5324] - Support schema locations pointing to folders
[CXF-5353] - WADLGenerator needs to support existing JavaDocs when possible
[CXF-5362] - Spring jaxrs scheme and bean definition parser must allow alternative property setting
[CXF-5387] - Relax SOAPAction check in SoapActionInInterceptor
[CXF-5408] - Consolidate JAX-RS interceptor Fault processing in JAXRSOutFaultInterceptor
[CXF-5409] - Make response code be included in logging for LocalTransport
[CXF-5410] - Auto-registration of HTTP destinations in Blueprint should be optional
[CXF-5417] - Support optional JAX-RS 2.0 ConnectionCallback
[CXF-5438] - Allow FiqlSearchConditionBuilder extension
[CXF-5439] - Introduce annotations for marking CXF interceptors and features to enable the auto-discovery
[CXF-5441] - Enable optional auto-discovery of WS service beans with a new jaxws:endpoint base-packages attribute
[CXF-5461] - Add ws-securitypolicy-1.2.xsd to rt-ws-policy's schema resolution
[CXF-5467] - Hazelcast Tokenstore configuration with Spring
[CXF-5468] - Upgrade osgi itests to pax exam 3.4.0 and karaf 2.3.3
[CXF-5477] - Optional support for non-Spring based auto-discovery
[CXF-5482] - XKMS: provide direct trust validator
[CXF-5488] - make basePath in SwaggerFeature configurable
[CXF-5511] - Move the EventLoopGroup to NettyHttpConduitFactory
[CXF-5513] - Provide the utility support for encrypting OAuth2 Bearer tokens
[CXF-5519] - Setting SecurityConstants.STS_TOKEN_ACT_AS as CallbackHander requires better documentation.
[CXF-5521] - Setting SecurityConstants.STS_TOKEN_ON_BEHALF_OF as CallbackHander requires better documentation.
[CXF-5533] - Store a reference to a Bootstrap SecurityToken in SecureConversation
[CXF-5540] - Add a flag to return the security cause error in a SOAP Fault
[CXF-5541] - Introduce CXFServlet bus parameter
[CXF-5543] - Make jms transport independent from spring jms
[CXF-5545] - wsdl2java sholud create java.lang.Exception matching constructors for fault with no fields
[CXF-5557] - Convert MacAccessToken to HawkAccessToken
[CXF-5568] - OSGI Bean Locator should optionally filter out non-compatible bean services
New Feature:
[CXF-3725] - JAXRS must be able to expose all spring components marked with @Path
[CXF-5023] - Implement WS-Eventing from WS-ResourceAccess spec suite
[CXF-5041] - Netty Http transport for CXF
[CXF-5091] - Leverage Spring's @Configuration mechanism to simplify the creation and configuration of client proxies for integration testing
[CXF-5430] - Support for OData query language
[CXF-5443] - STS Symmetric HOK: using server endpoint (AppliesTo) as certificate identifier to encrypt symmetric key
Task:
[CXF-5024] - Update HTTP Transport HTTPHeaders utility to correctly represent some complex headers
[CXF-5177] - Upgrade Netty version of the netty-cxf-transport to 4.x
[CXF-5463] - Upgrade to Jettison 1.3.5
[CXF-5472] - Update OAuth2 code verifier support to the latest draft

New in Apache CXF 2.7.10 (Feb 10, 2014)

New in Apache CXF 3.0.0 M1 (Dec 4, 2013)

Sub-task:
[CXF-4924] - Many docLocation for a server address
[CXF-5042] - SSL supports
[CXF-5043] - Spring configuration supports
[CXF-5044] - blueprint configuration support
[CXF-5109] - Add supports of loading the netty transport with "netty://" perfix
[CXF-5120] - support the TLSSessionInfo generation
[CXF-5127] - Add the maxChunkContentSize option
[CXF-5309] - Support Bean Validation API for JAX-RS
Bug:
[CXF-4676] - Partial WSDL support in CXF
[CXF-4752] - TransformOutInterceptor does not transform SoapFaults
[CXF-4753] - stax outTransform cannot deep-drop an element that has some attributes
[CXF-4755] - StackOverflowError when ASMHelper tries to getClassCode from a parametrized type
[CXF-4766] - WADL to Java generator does not strip custom regular expressions from method names
[CXF-4767] - JAX-RS endpoints fail to register properly with ws-discovery service
[CXF-4770] - When passing NULL @PathParam to JAXRS Client Proxy it now throws NullPointerException instead of IllegalArgumentException as in prior releases (2.7.0)
[CXF-4773] - StackOverflowError when JAXBSchemaInitializer tries to process parametrized type Enum
[CXF-4774] - Java First ws policy attachments are not being serialised correctly
[CXF-4775] - HttpHeaders.getRequestHeader splits complex header values
[CXF-4781] - MacAccessTokenValidator needs a setter for the nonceVerifier variable
[CXF-4784] - enhance CXF to follow jaxws spec 3.6.2.3 when using RI or Axis2 client
[CXF-4787] - WADL to Java generator uses the system encoding to create the files
[CXF-4789] - EndorsingSupportingTokens do not respect ProtectTokens assertion from paired binding policy
[CXF-4790] - Set lang and subcode for soapfault
[CXF-4792] - throw versionmissmatch faultcode when send soap11 message to soap12 end point
[CXF-4794] - Soap 1.1 service returns an invalid soap fault for soap 1.2 requests
[CXF-4796] - Accessing Conduit in JAX-RS ClientConfiguration causes NPE if failover is enabled
[CXF-4797] - CachedWriter may leave temp files undeleted
[CXF-4803] - NPE is thrown while enabling fine log level in TrustDecisionUtil if MessageTrustDecider from message context is used
[CXF-4805] - SOAP services try to process HTTP 'OPTIONS'
[CXF-4812] - NPE on MessageModeInInterceptor when sending empty SOAPBody
[CXF-4813] - Java First @Policy at Operation level has some issues with supporting some policy alternatives
[CXF-4816] - Allow use of @Policy on Service Implementation as alternative to Interface
[CXF-4817] - JAX-RS AsyncResponse implementation needs to call AsyncContext.complete after the request is done
[CXF-4832] - META-INF/services/org.apache.cxf.bus.factory contains extra data on a second line
[CXF-4833] - IndexOutOfBoundException when printing stacktrace for ToolException
[CXF-4838] - Server-side endpoint may throw an NPE when a request message arrives while the endpoint is being stopped but not yet stopped
[CXF-4844] - Response header Content-type not recognized for asynchronous soap/http
[CXF-4847] - Data types not correctly published in WSDL from Exception classes
[CXF-4848] - WebClient does not process GenericEntity correctly
[CXF-4852] - Pre-Match ContainerRequestFilter can not replace request stream and URI
[CXF-4859] - Incorrect msg of COULD_NOT_SET_WRAPPER_STYLE in cxf-rt-core/src/main/org/apache/cxf/service/factory/Messages.properties
[CXF-4860] - Request.Inpustream Lost
[CXF-4861] - Encoding issue jax-rs - UriBuilder
[CXF-4863] - TerminateSequenceResponse must be returned in reponse to WS-RM 1.1 TerminateSequence
[CXF-4864] - DestinationSequence doesn't pick up right number when it deliverying the message InOrder
[CXF-4872] - JSONProvider can not drop a root element if DOM Document is copied to JSON
[CXF-4873] - javax.management.RuntimeOperationsException when register performance mbean using cxf webclient with an operation's uri containing some query params
[CXF-4874] - Data types for Fields not correctly published in WSDL from Exception classes
[CXF-4875] - NPE resolving policy reference
[CXF-4876] - CXF RespectBinding feature does not support the customized binding info under operation and its sub element.
[CXF-4888] - OAuthClientUtils ignore argument on getAccessToken()
[CXF-4891] - Cannot set content-type header
[CXF-4906] - Http Headers should ignore the case for "User-Agent"
[CXF-4909] - wadl2java: NPE in SourceGenerator when generating method with "plain" style parameter
[CXF-4912] - cxf rest client always picks the first ResponseExceptionMapper for a method with different exception throws
[CXF-4914] - ResponseBuilderImpl returns null on link() and links()
[CXF-4919] - UriInfo.relativize (and HttpUtils.relativize) broken
[CXF-4920] - TransformationInInterceptor fails when XML contains same namespace with different prefixes
[CXF-4921] - LinkBuilder can't be reused
[CXF-4922] - NPE is thrown at EP creation when no service class is specified and the wsdl cannot be loaded
[CXF-4927] - HttpHeaders.getRequestHeader has to return null if no header is available
[CXF-4929] - JAX-RS 2.0 filters do not work correctly with generic entities and annotations
[CXF-4932] - Illegal method arguments generated by Wadl2Java
[CXF-4934] - JAXRSInvoker and Proxy classes (Spring Security)
[CXF-4938] - Setting RuntimeDelegate instance in CXFNonSpringJaxrsServlet is too aggresive
[CXF-4940] - CXF not (always) responding with the correct exception when working with an exception hierarchy
[CXF-4941] - WS-RM related faults do not contain the correct addressing action
[CXF-4946] - SourceGenerator needs to use URI resolve function when dealing with relative references containing parent folders
[CXF-4949] - FIQL - searchContext returns null SearchCondition
[CXF-4951] - cxf-codegen-plugin wsdlArtifact ignores classifier
[CXF-4953] - JAXRSClientFactoryBean doesn't take the bus features into consideration
[CXF-4957] - remove dependency="true" for jsr339-api specs bundle
[CXF-4964] - NPE is thrown when WS-RM's destination has no ackPolicy configured
[CXF-4967] - JSONProvider will throw NPE if DOM Document is used and dropRootElement and ignoreNamespaces properties are set
[CXF-4969] - ExceptionMapper not used for exception in resource setter
[CXF-4975] - CXFNonSpringJaxrsServlet needs to ensure an optional Application path starts from "/"
[CXF-4979] - WadlGenerator generates invalid xml for QueryParameters with a default value containing " characters
[CXF-4982] - Codegen maven plugin fails forked execution on Windows XP environment
[CXF-4983] - Response.getStatusInfo does not work if the status code can not be mapped to Status enum
[CXF-4984] - JAX-RS server has to set Content-Type to application/octet-stream if it is not available
[CXF-4985] - ResponseBuilder should set 204 status if the status has not been set and the entity is null
[CXF-4986] - jax-rs2 request filter is unable to modify request header by adding a new header
[CXF-4990] - When thrown the fault from logical handle, the namespace setting doesn't work
[CXF-4991] - Classloading issue with EH-Cache availability checks
[CXF-4992] - proxy sub-resources creating wrong request URIs with non-HTTP transports
[CXF-4993] - LdapClaimsHandler can't find attributes if user authenticated against LDAP
[CXF-4996] - Issue after upgrading to jackson-jaxrs-json-provider 2.2.0 (from 2.1.4)
[CXF-5000] - NameBindings are ignored for Reader and Writer interceptors
[CXF-5002] - Documentation "Using WS-Reliable Messaging" contains errors and could be improved
[CXF-5005] - Wrong EPR match in WSDiscoveryProvider::handleResolve
[CXF-5009] - Allow multiple subcodes in a SOAP 1.2 fault
[CXF-5012] - Possible regression in the way proxies handle HTTP errors
[CXF-5014] - HTTP Response headers are split by default
[CXF-5016] - ArithmeticException on ResponseTimeCounterMBean.getAvgResponseTime() after counter reset()
[CXF-5017] - CrossOriginResourceSharingFilter FIELD_COMMA_PATTERN mangles firefox headers
[CXF-5020] - add NPE guard when we restore original java.class.path system property
[CXF-5021] - Static resources need the "application/javascript" content type for javascript files
[CXF-5026] - JAX-RS Async client does not work if HTTP error is returned
[CXF-5027] - JAX-RS XOP marshaller does not support SWA attachments
[CXF-5030] - Exception in opensaml initialization in OSGi: NoClassDefFoundError: org/apache/xml/security/Init
[CXF-5040] - support new asm4 shade of xbean
[CXF-5045] - UndeclaredThrowableException thrown in the client side when server responses with wsa:OnlyNonAnonymousAddressSupported soap12 version fault message
[CXF-5047] - Wrong soap:address generated in WSDL
[CXF-5050] - Already connected exception when using CXF client to invoke to the server
[CXF-5059] - Refine classloader in org.apache.cxf.wsdl11.WSDLManagerImpl
[CXF-5065] - Subresource operations do not see root resource Produces or Consumes annotations
[CXF-5073] - endless recursion in creating JAX-RS client proxy
[CXF-5082] - JAX-RS frontend has non-optional dependency on blueprint
[CXF-5084] - URIBuilder optimization prevents relative paths that startWith "h" "t" "t" "p"
[CXF-5086] - JSONProvider can not read explicit collections if unmarshallAsJaxbElement property is set
[CXF-5089] - java2ws generate both ref and nillabe attributes in a schema element
[CXF-5092] - RequestTokenService signature verification bug [OAuthUtils]
[CXF-5093] - HTTPConduit prevents AsyncConduit from sending the payloads when custom HTTP methods are used
[CXF-5100] - JAXB-based providers fail when they try to set JAXB RI-specific properties on non-RI implementations
[CXF-5104] - JAX-RS not injecting contexts after resuming a suspended continuation
[CXF-5108] - parameter beans feature not working through dynamic proxy based clients for JAXRS
[CXF-5110] - Wrong processing of @XmlJavaTypeAdapter with RPC style endpoints
[CXF-5111] - JAX-RS providers typed on arrays like String[] are not selected
[CXF-5112] - OAuthUtils causes IllegalArgumentException when returning 400 instead of 401
[CXF-5114] - CXF Client issue when try to handle session for One-Way Operation call
[CXF-5115] - Primitive arrays for capturing HTTP parameters are not supported
[CXF-5116] - DelegatingInputStream created in AbstractHTTPDestination is cached into wrong Message instance
[CXF-5126] - Creation of SecurityContext from JAAS Subject causes incorrect Principal for Kerberos authentication
[CXF-5129] - Content type is always "text/xml" in case of using @Context HttpServletResponse response
[CXF-5141] - CXFServlet hides ServletConfig parameters when creating a Servlet-specific ApplicationContext
[CXF-5143] - http-conf:server blueprint configuration doesn't work
[CXF-5144] - JAX-RS Client Proxy-based API connection leak
[CXF-5146] - JAX-RS client proxies do not unwrap TypeVariables
[CXF-5161] - AbstranctGrantHandler checks against "authorization_code" instead of supplied grant type
[CXF-5164] - Wrong class name in LogUtils.getL7dLogger() of org.apache.cxf.aegis.databinding.XMLStreamDataWriter class
[CXF-5167] - HEAD operation implementation is not compliant with specification
[CXF-5175] - ?_wadl generates a ClassCastException
[CXF-5184] - javax.ws.rs.NotFoundException while using LoadDistributorFeature after failover of 1st node or with single node configured
[CXF-5185] - Memory leak if no addresses are specified for SequentialStrategy
[CXF-5186] - SOAP 1.2 fault reason xml:lang attribute not properly parsed on client side
[CXF-5191] - StaxUtils readQName does not accept leading and trailing whitespaces
[CXF-5196] - Failover feature doesn't work when client uses async invocation
[CXF-5198] - FiqlParser fails to parse an expression with camel case when SearchBean is used
[CXF-5204] - JAX-RS runtime checks TypeVariable bounds too early
[CXF-5214] - Using BeanParam in a subresource results in exception
[CXF-5218] - WS-RM's destination's fault handling should distinguish protocol related faults from other faults
[CXF-5219] - @XmlJavaTypeAdapter ignored for exception members
[CXF-5226] - OAuth public clients don't appear to work in RedirectionGrantServices
[CXF-5228] - Rest client reports interface not visible for service interface
[CXF-5230] - Message element is not generated for Exception class
[CXF-5231] - NoSuchElementException in ClientFaultConverter when stack trace message contains line breaks
[CXF-5237] - Schema validatation doesn't work in mtom enabled provider service
[CXF-5240] - Jsonp interceptors do not work with GZIPOutInterceptor
[CXF-5243] - JAX-RS 2.0 ContainerRequestContext#getEntityStream() doesn't return request payload
[CXF-5244] - It is not possible to update Content-Type inside JAX-RS 2.0 ContainerRequestFilter
[CXF-5245] - JAXRS SpringResourceFactory does not work correctly with lifecycle methods
[CXF-5246] - Conflicting schema namespaces for services with same set of schema classes
[CXF-5247] - JAXRS proxies do not work with BeanParams
[CXF-5248] - Signed SAML assertion validation error w/ SupportingTokens only policy
[CXF-5259] - XKMS client does not start in Eclipse RCP
[CXF-5260] - XKMS-client should not contain CryptoProviderFactory interface
[CXF-5262] - ReaderInterceptor and WriterInterceptor contexts should select new MBR or MBW when possible
[CXF-5265] - Netty Http transport can handler ?wsdl request rightly
[CXF-5268] - Automatic WS-Policy computation should be possible on Dispatch clients without setting operation manually
[CXF-5272] - NPE will cause the camel-cxf endpoint start error in blueprint
[CXF-5276] - TransformOutInterceptor needs to ignore messages with transform.skip property set
[CXF-5280] - wsdl2java may fail to extract the wsma:Action attribute value
[CXF-5283] - sts: NoClassDefFoundError in LoggerListener
[CXF-5284] - CXF clients do not work in Eclipse RCP: Exception says BindingProvider interface not visible
[CXF-5285] - java.lang.UnsupportedOperationException in org.apache.cxf.jaxrs.model.wadl.WadlGenerator
[CXF-5289] - WADLGenerator misses Description annotations if they are bound to interfaces
[CXF-5296] - OAuth2ClientUtils can not get access token if custom params contain semicolon or no token_type param is available
[CXF-5299] - FiqlParser fails to parse an expression with child properties when SearchBean is used
[CXF-5307] - Add DecoupledFaultHandler for request-response message when decoupled fault is supported
[CXF-5328] - JAX-RS ProviderFactory ignores MBR/MBW typed on Object for primitive arrays
[CXF-5331] - Permission and Property are missing Serializable interface
[CXF-5336] - WADLGenerator does not support XmlType, does not link JSON and misses package info for collections
[CXF-5337] - HTTPConduit blocks DELETE with body
[CXF-5341] - NPE in org.apache.cxf.jaxws.support.JaxWsEndpointImpl.checkRespectBindingFeature
[CXF-5343] - ClientRequestFilterInterceptor uses a wrong phase
[CXF-5346] - Shared filters registered through DynamicFeature are not considered
[CXF-5347] - Request routing is broken when the URL contains both jsessionid and an extension
[CXF-5359] - xkms.endpoint property change will not take effect automatically
[CXF-5361] - Attachments iterator may incorrectly handle its remove operation
[CXF-5368] - filename with ";" in file upload throws StringIndexOutOfBoundsException
[CXF-5369] - XKMS Crypto provider throws exceptions due not found certificate instead returning empty array
[CXF-5370] - Refactor STS logging to split mapping from log writing
[CXF-5371] - JAXRSInInterceptor expects JAXRSInvoker to block if Response is already available
[CXF-5372] - ServerEngineFactoryHolder should release JAXB classes when it is destroyed
[CXF-5373] - Issue resolving AsynchResponse
[CXF-5378] - CXF failover feature doesn't work in osgi
[CXF-5384] - AccessTokenGrant should extend Serializable
[CXF-5385] - CXF 2.7.7 on Websphere 8.5.0 is not able to generate WADL.
[CXF-5386] - Multipart params of type InputStream don't show in generated WADL
[CXF-5390] - AbstractSamlBase64InHandler goes into infinite loop when processing bad header value.
[CXF-5391] - Response code is not logged for SOAP responses
[CXF-5392] - Custom Marshalling Validation Event Handler
[CXF-5394] - ImplicitGrantService always redirect to broken redirect url
[CXF-5395] - ImplicitGrantService always redirect to broken redirect url
[CXF-5396] - AbstractGrant.toMap hardcode the grandType to Client_Credentials
[CXF-5404] - NPE in AtomPojoProvider when no content (or content is empty)
[CXF-5406] - ClassCastException in AtomPojoProvider when an Atom entry is returned with a media-type of application/atom+xml (no type parameter)
Improvement:
[CXF-2118] - Add an application level control on WS-RM sequence termination
[CXF-3021] - Try to remove a wsdl4J dependency from the JAXRS frontend
[CXF-4543] - Encode multi value claims as multi-value saml attribute
[CXF-4747] - Support easier configuration of Spring bus with WebClient
[CXF-4760] - Provide ability to disable chunked transfer encoding for BinaryDataProvider
[CXF-4768] - Refact SwaOutInterceptor for more compatible JAXB Impl usage
[CXF-4777] - Allow providing CXF compiler instance to be used in WSDLToJava
[CXF-4798] - Allow CachedWriter and CachedOutputStream to be configured using the same set of properties
[CXF-4799] - Parameterized Classes should be automatically added to JAXBContext
[CXF-4800] - Exception mapper on the client in case of method Response retun value
[CXF-4825] - Remove static JAX-RS API calls from within JAX-RS server and client runtimes
[CXF-4827] - Move WADL auto-generator into its own module
[CXF-4829] - Add OperationInfo based authorization interceptor
[CXF-4839] - WSDL parser error not logged
[CXF-4840] - add more optional Import-Package for cxf-rt-transports-http module
[CXF-4849] - WebClient needs to support JAX-RS 2.0 GenericType
[CXF-4854] - Load the STS war on startup
[CXF-4857] - Workaround for Socket Closed exception with some JDK 1.6.0_nn (>= 38)
[CXF-4896] - Reduce reflection usage during java-first endpoint creation
[CXF-4900] - Provide options to control the cxf bus's interaction with osgi-service based features and lifecycle listeners
[CXF-4915] - JAX-RS HttpHeaders implementations creates too many maps
[CXF-4926] - remove org.apache.activemq.activemq-core as Require-Bundle from wsn-core module
[CXF-4959] - Support hierarchical mimetypes
[CXF-4966] - KerberosClient does not need the cxf Bus but it is required in the constructor
[CXF-4968] - Add an option to limit the number of active sequences that are created at WS-RM endpoints
[CXF-4971] - JSONProvider should be able to drop a root dynamically
[CXF-4972] - Move Retryable invoke method out of WebClient interface
[CXF-4974] - CXF JAX-RS Client interface should support close() calls similarly to frontend Client
[CXF-4997] - Skip PolicyBasedWSS4JInInterceptor processing when AssertionInfoMap not available
[CXF-4998] - JAXRSClientFactory: Missing factory method for username+password and providers
[CXF-5039] - IdentityMapping support in ClaimsManager
[CXF-5049] - Support for schema compiler options in DynamicClientFactory
[CXF-5053] - JAX-RS behavior differs from JAX-WS for MessageContext.get( Message.class.getName() )
[CXF-5055] - Support Clients pre-registering scopes and OOB response in OAuth2 Authorization Flow
[CXF-5069] - Create utility caching MessageBodyWriter and MessageBodyReader
[CXF-5075] - Support for chain trust validation
[CXF-5076] - Improved handling of certificate repositories, added integration tests
[CXF-5081] - FIQL - use custome query param name instead of default _s
[CXF-5088] - Make the service file of cxf-core.jar Web Application Server friendly
[CXF-5101] - Add more options for validating the search values
[CXF-5121] - Refactor rt security for better readability
[CXF-5130] - Update WebClient to provide a link to SyncInvoker
[CXF-5139] - Support FIQL expressions containing single equals operator
[CXF-5140] - Support typed JAXRS proxies
[CXF-5148] - can't use property place holder in http:server|http:client with blueprint
[CXF-5150] - Support to load the HttpClient conduit when the address is started with "hc://"
[CXF-5151] - WSDLGetInterceptor supports GZIP encoding
[CXF-5153] - Consider updating ServletController to disable address overwrites by default
[CXF-5162] - OAuth2 AccessTokenService should validate if Client supports a given grant
[CXF-5165] - add a JAAS authenticator for ServiceListPage
[CXF-5173] - Allow to enable or disble xkrss Operations for xkms
[CXF-5179] - Add optional id field to UserSubject
[CXF-5180] - Adding RefreshToken as token type
[CXF-5187] - Use a negative value of maxRetries to indicate unbounded retries in WS-RM
[CXF-5209] - Support for OAuth2 audience parameter
[CXF-5212] - Context Injection with Spring AOP
[CXF-5239] - Support OAuth2 Transient Client Secret Extension
[CXF-5253] - Update JPA visitor to use a strict match for Strings unless they have wildcards or a user property enables a wildcard match
[CXF-5274] - WS-RM should provide application access to acknowledgments
[CXF-5281] - Netty Http Server should enable the reuseAddress option
[CXF-5290] - jaxb's databinding to support an option to not include specific namespace declarations when marshaling
[CXF-5300] - Support mapping of exceptions thrown from CXF interceptors to JAX-RS Response
[CXF-5301] - JSONProvider should add an array key for root if arrayKeys is not empty but top level array has to be produced
[CXF-5312] - cxf-rt-security does not work with joda time 2.x
[CXF-5313] - Use different log levels for sts LoggerListener
[CXF-5314] - JAX-RS client runtime needs to optionally support CXF inFaultInterceptors
[CXF-5319] - WADLGenerator should not need "ignoreMessageWriters" property disabled to produces JSON
[CXF-5323] - [cxf-rt-core] remove geronimo-javamail_1.4_spec dependency
[CXF-5342] - Letting to be absolute XSISchemaNamespace
[CXF-5375] - xjc-javadoc plugin for generating more javadocs from xsd:documentation
[CXF-5399] - JAX-RS CXF Client interface should support a query method
[CXF-5400] - SearchContext should propagate parsing exceptions by default
[CXF-5401] - Better support for validating the entities wrapped in JAX-RS Response
[CXF-5402] - Cannot report customized error back from loginHandler to ResourceOwnerGrantHandler
New Feature:
[CXF-4139] - WS-RM needs support for WS-ReliableMessagingPolicy 1.2
[CXF-4464] - Support ClaimsHandler per realm
[CXF-4756] - Introduce @FaultAction annotation to specify WSA Action for Faults
[CXF-4791] - Passing arguments to JAXB compiler from WADL2Java
[CXF-4828] - Support SAML Bearer assertions for OAuth2 client authorization
[CXF-4936] - (PATCH) Expose FastInfoset serializer tuning properties
[CXF-4994] - Support LDAP groups as claim
[CXF-5001] - Support XKMS 2.0
[CXF-5010] - Add customizable request logging capability to STS
[CXF-5080] - Introduce CXFBlueprintServlet
[CXF-5135] - Implement JAX-RS 2.0 Fluent Client API
[CXF-5308] - Support Bean Validation API
[CXF-5333] - Feature to allow you to dynamically change the trustManager on CXF
[CXF-5379] - introduce cxf swagger feature
Task:
[CXF-4696] - Move CXF JAX-RS client API implementation to its own module
[CXF-4743] - Update to javax.ws.rs m15 API
[CXF-4744] - Upgrade to Jettison 1.3.3
[CXF-4783] - Provide default OAuth2 MAC token nonce verifier
[CXF-4804] - Remove CXF JAX-RS ParameterHandler extension
[CXF-4822] - Update selection algorithm to check all root resources with the same root path
[CXF-4830] - Upgrade to JAX-RS 2.0 API m16
[CXF-4845] - Upgrade to JAX-RS 2.0 API rc1
[CXF-4865] - Upgrade to wsdl4j-1.6.3
[CXF-4871] - Add -clientjar flag to wsd2java tool
[CXF-4882] - Remove CXF JAX-RS filter extensions
[CXF-4883] - OAuth2 RedirectionBasedService needs to do only a strict comparison of redirect URI
[CXF-4884] - Remove CXF JAX-RS form extension
[CXF-4889] - Upgrade to JAX-RS 2.0 API rc2
[CXF-4923] - Upgrade to JAX-RS 2.0 API rc3
[CXF-4950] - Support 'qs' media type parameters
[CXF-4988] - JAX-RS Provider improvements
[CXF-5007] - Updates to various JAX-RS API class implementations
[CXF-5060] - Add OAuth2 TokenRevocation service endpoint
[CXF-5090] - Update Jettison version to 1.3.4
[CXF-5122] - HTTPConduit should optionally be able to restrict redirects to same host and support relative redirects
[CXF-5134] - Upgrade to ehcache 2.7.2
[CXF-5142] - Simplify running JAXWS client with security manager on
[CXF-5163] - Support marshall exception class with @XmlAccessorOrder in JAXBEncoderDecoder
[CXF-5171] - Upgrade maven plugins to support both maven 3.0 and 3.1
[CXF-5315] - JAX-RS ParamConverters need to be checked first
[CXF-5355] - Investigate if WadlGenerator can handle XmlType-only and XmlSeeAlso beans
Test:
[CXF-4761] - ensure CXF follow jaxws spec 3.6.2.3
Wish:
[CXF-5236] - Make UserSubject, Client, AccessToken, .... Serializable

New in Apache CXF 2.7.8 (Nov 28, 2013)

Bug:
[CXF-4934] - JAXRSInvoker and Proxy classes (Spring Security)
[CXF-5048] - StaticSTSProperties class requires a CXF message context to initialize using configure() method
[CXF-5215] - -Psetup.eclipse fails on Windows
[CXF-5254] - Unmarshall exception if a sequence is used in a struct.
[CXF-5258] - Return type list of a typed type, e.g. List, leads to ClassCastException
[CXF-5286] - Lengthy done-file names raise mojo exception
[CXF-5287] - NPE at org.apache.cxf.maven_plugin.ClassLoaderSwitcher.restoreClassLoader
[CXF-5289] - WADLGenerator misses Description annotations if they are bound to interfaces
[CXF-5294] - XMLFaultOutInterceptor only marshals first detail element
[CXF-5296] - OAuth2ClientUtils can not get access token if custom params contain semicolon or no token_type param is available
[CXF-5299] - FiqlParser fails to parse an expression with child properties when SearchBean is used
[CXF-5305] - STSClient does not send Renewing element in renewal RequestSecurityToken message
[CXF-5306] - Soap body in header
[CXF-5307] - Add DecoupledFaultHandler for request-response message when decoupled fault is supported
[CXF-5326] - Hardcoded reference to com.ibm.wsdl.util.xml.DOMUtils
[CXF-5328] - JAX-RS ProviderFactory ignores MBR/MBW typed on Object for primitive arrays
[CXF-5331] - Permission and Property are missing Serializable interface
[CXF-5334] - WSDL Resolution Problem with SOAP 1.2
[CXF-5335] - Incorrect handle of ws-policy 1.1 (Incorrect inclusion value: null)
[CXF-5336] - WADLGenerator does not support XmlType, does not link JSON and misses package info for collections
[CXF-5337] - HTTPConduit blocks DELETE with body
[CXF-5340] - IDLToWSDL crashes with certain idl constructs
[CXF-5341] - NPE in org.apache.cxf.jaxws.support.JaxWsEndpointImpl.checkRespectBindingFeature
[CXF-5343] - ClientRequestFilterInterceptor uses a wrong phase
[CXF-5346] - Shared filters registered through DynamicFeature are not considered
[CXF-5347] - Request routing is broken when the URL contains both jsessionid and an extension
[CXF-5354] - faultTo address is ignored when fault is thrown
[CXF-5357] - CORBA binding corrupts byte arrays
[CXF-5358] - Failure loading blueprint context in Karaf 3 SNAPSHOT
[CXF-5359] - xkms.endpoint property change will not take effect automatically
[CXF-5361] - Attachments iterator may incorrectly handle its remove operation
[CXF-5365] - 2.7.7 schema validation seems broken
[CXF-5366] - Authorization header is not set correctly in CXF HTTP digest authentication
[CXF-5367] - 2.7.7 schema validation incorrectly detects schema include recursion
[CXF-5368] - filename with ";" in file upload throws StringIndexOutOfBoundsException
[CXF-5370] - Refactor STS logging to split mapping from log writing
[CXF-5371] - JAXRSInInterceptor expects JAXRSInvoker to block if Response is already available
[CXF-5372] - ServerEngineFactoryHolder should release JAXB classes when it is destroyed
[CXF-5373] - Issue resolving AsynchResponse
[CXF-5374] - Rejected Execution from ThreadPool
[CXF-5377] - LoggingInInterceptor is not logging the URL for SOAP or REST non-HTTP requests
[CXF-5378] - CXF failover feature doesn't work in osgi
[CXF-5381] - SAAJStreamWriter transforms DigestValue of custom signature
[CXF-5383] - Trailing semi-colon in Content-Type line of header for MTOM attachments.
[CXF-5384] - AccessTokenGrant should extend Serializable
[CXF-5385] - CXF 2.7.7 on Websphere 8.5.0 is not able to generate WADL.
[CXF-5386] - Multipart params of type InputStream don't show in generated WADL
[CXF-5390] - AbstractSamlBase64InHandler goes into infinite loop when processing bad header value.
[CXF-5391] - Response code is not logged for SOAP responses
[CXF-5392] - Custom Marshalling Validation Event Handler
[CXF-5394] - ImplicitGrantService always redirect to broken redirect url
[CXF-5396] - AbstractGrant.toMap hardcode the grandType to Client_Credentials
[CXF-5397] - wsdl2java marker file name can exceed 255 chars
Improvement:
[CXF-4987] - org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor disables mtom silently
[CXF-5291] - Only activate ws-security caching if it is required
[CXF-5300] - Support mapping of exceptions thrown from CXF interceptors to JAX-RS Response
[CXF-5301] - JSONProvider should add an array key for root if arrayKeys is not empty but top level array has to be produced
[CXF-5312] - cxf-rt-security does not work with joda time 2.x
[CXF-5313] - Use different log levels for sts LoggerListener
[CXF-5314] - JAX-RS client runtime needs to optionally support CXF inFaultInterceptors
[CXF-5317] - Policy exception handler throws away useful exception stack trace
[CXF-5319] - WADLGenerator should not need "ignoreMessageWriters" property disabled to produces JSON
[CXF-5322] - misleading warning for @XmlType without 'propOrder' element
[CXF-5323] - [cxf-rt-core] remove geronimo-javamail_1.4_spec dependency
[CXF-5329] - cxf-wsn doesn't register its bus as OSGi-Service
[CXF-5332] - Support spring expression language for jaxws:client address attribute
[CXF-5342] - Letting to be absolute XSISchemaNamespace
[CXF-5400] - SearchContext should propagate parsing exceptions by default
New Feature:
[CXF-4442] - Process OneTimeUse element of SAML assertion
[CXF-5080] - Introduce CXFBlueprintServlet
[CXF-5333] - Feature to allow you to dynamically change the trustManager on CXF
[CXF-5379] - introduce cxf swagger feature
Task:
[CXF-5355] - Investigate if WadlGenerator can handle XmlType-only and XmlSeeAlso beans

New in Apache CXF 2.7.6 (Jul 25, 2013)

New in Apache CXF 2.7.5 (Jul 25, 2013)

Sub-task:
[CXF-4924] - Many docLocation for a server address
Bug:
[CXF-4870] - osgi field is always false when creating a SpringBus via SpringBusFactory in OSGI ENV
[CXF-4897] - STS: check not found certificates in DefaultSubjectProvider for symmetric key type
[CXF-4938] - Setting RuntimeDelegate instance in CXFNonSpringJaxrsServlet is too aggresive
[CXF-4940] - CXF not (always) responding with the correct exception when working with an exception hierarchy
[CXF-4941] - WS-RM related faults do not contain the correct addressing action
[CXF-4946] - SourceGenerator needs to use URI resolve function when dealing with relative references containing parent folders
[CXF-4947] - Potential problems with the JAXBContext being null
[CXF-4949] - FIQL - searchContext returns null SearchCondition
[CXF-4951] - cxf-codegen-plugin wsdlArtifact ignores classifier
[CXF-4954] - CryptoCoverageChecker prevents handling of SOAPFault-Responses
[CXF-4955] - Interoperability Issue of the Discovery Hello Message - wrong SOAP-Header-Action
[CXF-4957] - remove dependency="true" for jsr339-api specs bundle
[CXF-4960] - Race conditions in SOAP/HTTP startup
[CXF-4964] - NPE is thrown when WS-RM's destination has no ackPolicy configured
[CXF-4967] - JSONProvider will throw NPE if DOM Document is used and dropRootElement and ignoreNamespaces properties are set
[CXF-4969] - ExceptionMapper not used for exception in resource setter
[CXF-4970] - cxf servlet transport doesn't work when the endpoint deployed by using Spring within OSGi
[CXF-4975] - CXFNonSpringJaxrsServlet needs to ensure an optional Application path starts from "/"
[CXF-4979] - WadlGenerator generates invalid xml for QueryParameters with a default value containing " characters
[CXF-4982] - Codegen maven plugin fails forked execution on Windows XP environment
[CXF-4983] - Response.getStatusInfo does not work if the status code can not be mapped to Status enum
[CXF-4986] - jax-rs2 request filter is unable to modify request header by adding a new header
[CXF-4990] - When thrown the fault from logical handle, the namespace setting doesn't work
[CXF-4991] - Classloading issue with EH-Cache availability checks
[CXF-4992] - proxy sub-resources creating wrong request URIs with non-HTTP transports
[CXF-4993] - LdapClaimsHandler can't find attributes if user authenticated against LDAP
[CXF-5004] - NPE at StaxUtils.copy for empty namespaces under JDK's XMLStreamReader
[CXF-5005] - Wrong EPR match in WSDiscoveryProvider::handleResolve
[CXF-5011] - Fix NPE in WSS4JInterceptor
[CXF-5012] - Possible regression in the way proxies handle HTTP errors
[CXF-5083] - Failure in checkEndorsed() when timestamp is not signed with EndorsingSupportingTokens
Improvement:
[CXF-4747] - Support easier configuration of Spring bus with WebClient
[CXF-4825] - Remove static JAX-RS API calls from within JAX-RS server and client runtimes
[CXF-4959] - Support hierarchical mimetypes
[CXF-4961] - Configuration
[CXF-4966] - KerberosClient does not need the cxf Bus but it is required in the constructor
[CXF-4968] - Add an option to limit the number of active sequences that are created at WS-RM endpoints
[CXF-4971] - JSONProvider should be able to drop a root dynamically
[CXF-4974] - CXF JAX-RS Client interface should support close() calls similarly to frontend Client
[CXF-4978] - Only encrypt an issued token if we have a matching key
[CXF-4997] - Skip PolicyBasedWSS4JInInterceptor processing when AssertionInfoMap not available
[CXF-4998] - JAXRSClientFactory: Missing factory method for username+password and providers
New Feature:
[CXF-4936] - (PATCH) Expose FastInfoset serializer tuning properties
[CXF-4994] - Support LDAP groups as claim
Task:
[CXF-4950] - Support 'qs' media type parameters
[CXF-4988] - JAX-RS Provider improvements
Wish:
[CXF-4898] - Allow to specify types in WSDiscoveryService registration

New in Apache CXF 2.7.3 (Feb 5, 2013)

New in Apache CXF 2.3.1 (Dec 7, 2010)

New in Apache CXF 2.2.10 (Aug 26, 2010)

Bug:
[CXF-2704] - CXF JAX-RS "Content-Disposition" is lost for second multipart
[CXF-2823] - REST Client sending all lowercase post parameters
[CXF-2841] - WS-RM returns an exception to the client even when its retry mechanim successfully delivers the message after some transmission error
[CXF-2842] - wsa:action header is missing when the wsam:Action="" in wsdl input
[CXF-2843] - The default wsa:action value computation for response message is not correct.
[CXF-2844] - Typo on JAX-WS Configuration page: publishedEndpointURL should be publishedEndpointUrl
[CXF-2846] - JAXWS Provider endpoints do not work if either super classes implementing or interfaces extending Provider are used
[CXF-2847] - BigDecimalType incorrectly prints scientific notation
[CXF-2851] - Schemas passed by ServiceFactoryBean.setSchemaLocation() are not accessible in DataBinding model
[CXF-2852] - JavaToWS requires Spring
[CXF-2853] - XFire Migration Guide shows XMLBeans indicates not ported
[CXF-2856] - In some cases, use of http binding on the client results in "IllegalStateException (Already connected)"
[CXF-2857] - MTOM: JAX-RS response missing XOP attachment
[CXF-2861] - http-osgi transport doesn't set conduitInitiator correctly
[CXF-2865] - DispatchClientServerTest fails on Windows
[CXF-2867] - Skip wsa policy verification when client proxy is created with AddressingFeature(required=false)
[CXF-2868] - JAXB unmarshal error when the field of partTypeClass is javax.xml.datatype.XMLGregorianCalendar
[CXF-2869] - have JAXBElementProvider look for @XmlJavaTypeAdapter on the interfaces
[CXF-2885] - Wrong import package version for javax.servlet
[CXF-2887] - JAXRS NullPointerException given null argument
[CXF-2891] - Invalid WSDL when using (XSD) with ASM in the classpath
[CXF-2892] - AttachmentSerializer outputs "xop+xml" as body content type even XOP is not enabled
[CXF-2893] - CXF should use class' classloader for initialization of its loggers
[CXF-2896] - URIResolver should decode spaces before trying to resolve URI from filesystem
[CXF-2900] - WSDLValidator through Stax2DOM leaves input streams open which causes input files to be locked.
[CXF-2902] - Doc-lit, bare, multi part ("type" and not any) message gets rejected by DocLiteralInInterceptor
[CXF-2906] - WS-Addressing replay/message ID uniqueness enforcement does not handle clustering or restarts
[CXF-2908] - Using a Java enum type in a JAX-RS matrix parameter results in a StackOverflowError when generating the WADL
[CXF-2909] - WS-T / WS-SP sp:RequestSecurityTokenTemplate not using wst:SecondaryParameters
[CXF-2910] - Unable to use XmlSchema element as message part in WSDL
[CXF-2914] - Digest algorithm defined in WS-SecurityPolicy is not honored in WS-Security signature from client
[CXF-2915] - Client with WS-SecurityPolicy requiring an IssuedToken fails to include an issued SAML token in the WS-Security signature of the message
[CXF-2918] - URIParserUtil.getAbsoluteURL() does not return a nomalized url string
[CXF-2919] - NullPointerException at org.apache.cxf.staxutils.StaxUtils.writeNode(Node, XMLStreamWriter, boolean) when DOCTYPE is in a XML Schema
[CXF-2921] - PolicyBasedWSS4JInInterceptor not asserting TransportBinding assertion when no message layer security is added
[CXF-2936] - NullPointerException in ServerImpl combining JAX-RS and Simple Frontend
Improvement
[CXF-2664] - STSClient overloaded setPolicy causes issues with Spring based STS client configuration
[CXF-2824] - Error handling improvements for invalid Soap message content
[CXF-2833] - Source jars for osgi jars should work in Eclipse PDE mode
[CXF-2837] - Add null pointer check in SoapOutInterceptor
[CXF-2855] - WSDL2Java JAX-WS XJC customizations
[CXF-2860] - Handle the soap fault inbound message in server side
[CXF-2862] - Provide an annotation to allow customisation of the elements declared in the request & response representation in the auto-generated wadl
[CXF-2863] - When 'useHttpsURLConnectionDefaultSslSocketFactory' is true, the 'trustManagers' configuration is not truly ignored
[CXF-2884] - Client async invoke API should accept context and exchange parameters
[CXF-2886] - Add a blockPostConstruct property to JaxWsServerFactoryBean
[CXF-2905] - Support sending WS-A 1.4 ActAs in requests from STS client.
[CXF-2907] - Allow DynamicClientFactory to use any JAXB version 2.1 or greater
[CXF-2923] - Logging{In|Out}Intererceptor should check the encoding before writing the log
[CXF-2928] - Add a configuration option that allows STSClient to use the requester's X509Certificate as the SubjectConfirmation KeyInfo data within RequestSecurityToken messages
[CXF-2929] - Allow programmatic initialisation of RMManager
[CXF-2931] - Add configurable pretty printing to the CXF logging in/out interceptors
Task:
[CXF-2836] - JAXWS2.2: Generate proper wsa:action header for dispatch instance when AddressinfFeature is enabled
[CXF-2840] - JAXWS2.2: Process the EPR in WSDL
[CXF-2850] - Throw correct SOAPFaultException when the wsa addressing header is missing

Apache CXF Changelog

What's new in Apache CXF 3.1.10

New in Apache CXF 3.1.7 (Sep 24, 2016)

New in Apache CXF 3.1.2 (Aug 5, 2015)

New in Apache CXF 3.1.1 (Jun 23, 2015)

New in Apache CXF 3.1.0 (May 6, 2015)

New in Apache CXF 3.0.4 (Feb 17, 2015)

New in Apache CXF 3.0.3 (Dec 10, 2014)

New in Apache CXF 3.0.2 (Oct 22, 2014)

New in Apache CXF 3.0.1 (Jul 22, 2014)

New in Apache CXF 3.0.0 M2 (Feb 19, 2014)

New in Apache CXF 2.7.10 (Feb 10, 2014)

New in Apache CXF 3.0.0 M1 (Dec 4, 2013)

New in Apache CXF 2.7.8 (Nov 28, 2013)

New in Apache CXF 2.7.6 (Jul 25, 2013)

New in Apache CXF 2.7.5 (Jul 25, 2013)

New in Apache CXF 2.7.3 (Feb 5, 2013)

New in Apache CXF 2.3.1 (Dec 7, 2010)

New in Apache CXF 2.2.10 (Aug 26, 2010)

New in Apache CXF 2.1.3 (Jan 15, 2009)