Apache CXF 3.2.9 Release Notes

1. Overview

The 3.2.x versios of Apache CXF is a significant new version of CXF
that provides several new features and enhancements.  

New features include: 
* JAX-RS 2.1 (JSR370) support including the implementation of Reactive Client 
  and Server Sent Events API
* Enhanced Swagger2 support including new java2swagger Maven plugin
* WS-Transfer specification support
* Enhanced Tracing support with Brave
* Support for Spring Boot 2.x
* JAX-WS - support for per-operation schema validation configuration
* WSS4J Signatures can support MTOM attachments
* Preliminary support for running on Java 9  (no module support yet)
* New http-undertow transport

3.2.9 fixes over 21 JIRA issues reported by users and the community since 3.2.8.


Important notes:
CXF 3.2.x no longer supports Java 7.   You must upgrade to Java 8 or later.

Users are encouraged to review the migration guide at:
http://cxf.apache.org/docs/32-migration-guide.html
for further information and requirements for upgrading from earlier
versions of CXF.


2. Installation Prerequisites 

Before installing Apache CXF, make sure the following products,
with the specified versions, are installed on your system:

    * Java 8 Development Kit
    * Apache Maven 3.x to build the samples


3.  Integrating CXF Into Your Application

If you use Maven to build your application, you need merely add
appropriate dependencies. See the pom.xml files in the samples.

If you don't use Maven, you'll need to add one or more jars to your
classpath. The file lib/WHICH_JARS should help you decide which 
jars you need.

4. Building the Samples

Building the samples included in the binary distribution is easy. Change to
the samples directory and follow the build instructions in the README.txt file 
included with each sample.

5. Reporting Problems

If you have any problems or want to send feedback of any kind, please e-mail the
CXF dev list, dev@cxf.apache.org.  You can also file issues in JIRA at:

http://issues.apache.org/jira/browse/CXF

6. Migration notes:

See the migration guide at:
http://cxf.apache.org/docs/32-migration-guide.html
for caveats when upgrading.


7. Specific issues, features, and improvements fixed in this version

Bugs:
[CXF-7885] - SOAP Action ignored by CXF JMS webservice method invoker
[CXF-7956] - add NPE guard for jetty and undertow threads configuration in blueprint
[CXF-7957] - Swagger2Feature Doesn't Work With Swagger Versions Above 1.5.17
[CXF-7960] - Exception when SOAP service URI contains whitespace
[CXF-7969] - NullPointerException in CXF JavaToWS
[CXF-7973] - Add NPE guard for jetty and undertow threads configuration in blueprint (to prevent NPE during karaf-quickstart/../Keycloak-cxf quickstarts)
[CXF-7977] - http-undertow|http-jetty transport: Port 8282 is configured with wrong protocol "https" with blueprint configuration
[CXF-7980] - RestClientExtension leaks
[CXF-7981] - mutual SSL configuration for http-undertow transport not handle want and required for clientAuthentication correctly
[CXF-7983] - JweClientResponseFilter fails to decrypt response, when it has status 204 No Content
[CXF-7984] - UsernameTokenInterceptor doesn't respect contextual property "allowNamespaceQualifiedPasswordTypes"
[CXF-7990] - CXF goes in Infinite loop when service endpoint throws SOAPFaultException
[CXF-8009] - CXF should not use ClassUtils for cglib checks
[CXF-8022] - Thread hangs using Reactor Flux when Exeption is Thrown
[CXF-8028] - Performance problem with very big request
[CXF-8031] - CVE-2019-0231 - Vulnerability in Apache MINA
[CXF-8035] - Checking on null values in HTTP Header for protected JWS header

Improvements:
[CXF-7982] - Extract common OpenAPI / Swagger scaffolding into dedicated module (to prevent/eliminate duplication)
[CXF-7987] - SSE buffer size should be configurable
[CXF-7989] - org.apache.cxf.jaxrs.JAXRSInvoker#checkFutureResponse should probably handle CompletionException
[CXF-8023] - Refactor systest/jaxrs/reactor/* test cases to use StepVerifier




























