Red Hat Training

A Red Hat training course is available for Red Hat Fuse

Release Notes

Red Hat Fuse 7.2

What's new in Red Hat Fuse

Fuse Documentation Team

Abstract

These notes provide an overview of the changes between Red Hat Fuse releases.

Chapter 1. Fuse 7.2 Product Overview

1.1. Fuse distributions

Fuse 7.2 is provided in the form of three different distributions, as follows:

Fuse standalone

The classic distribution of Fuse, supported on multiple operating systems. This distribution is supported for the following container types:

  • Apache Karaf
  • JBoss Enterprise Application Platform (EAP)
  • Spring Boot
Fuse on OpenShift

The distribution of Fuse for running integration applications on OpenShift (supported on the Red Hat Enterprise Linux operating system). In this case, the supported container types are provided in the form of docker-formatted container images:

  • Java image (for Spring Boot)
  • Apache Karaf image
  • JBoss EAP image
Fuse Online
The distribution of Fuse that is provided pre-installed on the OpenShift Online Professional tier (and also available for installing on an on-premises OpenShift cluster). In this case, application development is facilitated by a browser based UI, and the workflow is simplified to make it accessible to non-expert integrators.

1.2. New features

Fuse 7.2 includes several major component upgrades and a large selection of new features. For details, consult the new features sections for each of the Fuse distributions:

1.3. Supported Configurations

For information about supported configurations, standards, and components in version 7.2, see the following Customer Portal articles:

Chapter 2. Fuse Online

Fuse Online provides a web browser interface that lets a business expert integrate two or more different applications or services without writing code. It also provides features that allow the addition of code if it is needed for complex use cases.

Fuse Online runs an integration on OpenShift as a Spring Boot application that uses Apache Camel.

2.1. About Fuse Online distributions

Fuse Online is Red Hat’s web-based integration platform. Syndesis is the open source project for Fuse Online. Fuse Online runs in these OpenShift environments:

Host Environment

Installation

OpenShift Online
OpenShift Dedicated

Red Hat installs and provisions Fuse Online on Red Hat infrastructure.

OpenShift Container Platform

Customer installs and manages.

2.2. Changes and new features in 7.2

The changes and new features in Fuse Online 7.2 are:

  • New connector for Google Calendar.
  • The following connectors are now supported. They were Technology Preview features in the previous release:

    • Log connects to the integration’s log where you can direct messages that are in addition to automatic logging.
    • SAP Concur connects to the expense management tool to perform a large variety of operations.
    • Telegram connects to the cloud-based messaging app to receive and send messages.
    • Timer triggers execution of an integration at an interval that you specify or based on a Unix cron expression.
  • You can now add a template step to process data between connections.

    In an integration, a template step takes data from a source and inserts it into the format that is defined in a template that you upload to Fuse Online. The benefit of a template step is that it provides data output in a consistent format that you specify.

    In this release, Fuse Online supports only Mustache templates.

  • Data mapper updates:

    • You can now preview data mapping results for the currently selected mapping. To turn on mapping preview, in the data mapper, click the editor settings icon in the upper right and select Show Mapping Preview.
    • Transformations for handling collections have been added.

2.3. Upgrading existing integrations that are running on OpenShift Online

When Fuse 7.2 is released, the Fuse Online infrastructure on OpenShift Online is automatically upgraded. During the infrastructure upgrade, any existing integrations that are running on OpenShift Online continue to run both during and after the upgrade. However, the existing integrations continue to run with the older versions of Fuse libraries and dependencies.

After you receive an email message that lets you know that the Fuse Online infrastructure has been upgraded to the new release, upgrade your existing integrations by republishing them (not just restarting them). Do this as soon as you can. If any of your integrations connect to Gmail, see the information in Important notes, below, before you upgrade those integrations.

To republish your integrations, in your Fuse Online environment, in the left navigation panel, click Integrations. Then do the following for each integration:

  1. To the right of the integration entry, click three vertical dots and select Edit.
  2. When Fuse Online displays the integration for editing, in the upper right, click Publish.

Publishing forces a rebuild that uses the latest Fuse Online dependencies.

Note

The Fuse Online user interface shows a warning, if any element of an integration has a newer dependency that needs to be updated.

2.4. Important notes

Important notes for the Fuse 7.2 release of the Fuse Online distribution:

  • In the previous release, published integrations that connected to Gmail stopped executing because their Gmail API access token expired. This no longer happens in Fuse Online 7.2 but to take advantage of this improvement, you must obtain and use new credentials as follows:

    1. In the Google developers console, create a new set of OAuth credentials. For help, see Register as a Gmail client.
    2. Copy the new Google client ID and new Google client secret to the Gmail entry in the Fuse Online Settings page, and click Save and click Ok.
    3. In the left navigation panel, click Connections.
    4. For each of your Gmail connections:

      1. In the upper right of the Gmail connection card, click three vertical dots and select View.
      2. Click Reconnect and respond to the prompt in Google.
    5. Republish each integration as described in the upgrade information that is just before this section.
  • A Fuse Online account is limited to a specific number of integrations that can be running at one time. For details, see the pricing plan. If you are using a Fuse Online evaluation account, then only one integration at a time can be running.
  • An OpenAPI schema that you upload to Fuse Online might not define input/output types. When Fuse Online creates a custom API client from an OpenAPI schema that does not specify input/output types then it is not possible to create an integration that maps integration data to fields that the API client can process or from fields that the API client processed. If an integration requires data mapping to or from a custom API, then when you upload the OpenAPI schema, click Review/Edit to open Apicurio Studio, which is an API design tool, and add input/output type specifications.

2.5. Obtaining technical support

To obtain technical support, in Fuse Online, in the upper right, click InfoIcon and then click Support to display the Fuse Online support page. Use this page to download diagnostic information for all integrations or for one or more integrations that you choose. The page provides instructions for opening a support ticket and providing the diagnostic information that you downloaded.

2.6. Technology Preview features

This release includes the Technology Preview features that are listed below.

Important

Technology Preview features are not supported with Red Hat production service level agreements (SLAs), might not be functionally complete, and Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process. For more information, see Red Hat Technology Preview features support scope.

  • API Provider integrations

    To trigger execution of an integration on demand, start the integration with a REST API service that you provide and that Fuse Online makes available. Fuse Online creates an execution path, referred to as an integration flow, for each REST API operation. You can add connections and steps to each integration flow. Each REST API client call triggers execution of one integration flow.

  • Connectors for:

    • FHIR - connects to a Fast Healthcare Interoperability Resources (FHIR) server.
    • IRC - connects to text-based Internet Relay Chat to receive and send messages.
  • For a REST API client that uses OAuth, when you create an API client connector, you can change the default OAuth2 behavior of connections that you create from that connector. Fuse Online vendor extensions to the OpenAPI specification support the following:

    • Providing client credentials as parameters.
    • Obtaining a new access token based on HTTP response status codes.

Chapter 3. Fuse on OpenShift

Fuse on OpenShift is the new name for Fuse Integration Services, which enables you to deploy Fuse applications on OpenShift Container Platform.

3.1. Supported version of OpenShift

For details of the supported version (or versions) of OpenShift Container Platform to use with Fuse on OpenShift, see the Supported Configurations page.

3.2. Supported images

Fuse on OpenShift provides the following Docker-formatted images:

  • fuse7/fuse-java-openshift — Spring Boot
  • fuse7/fuse-karaf-openshift — Apache Karaf
  • fuse7/fuse-eap-openshift — Red Hat JBoss Enterprise Application Platform
  • fuse7/fuse-console — Hawtio console
  • fuse7/fuse-apicurito — Apicurito REST API editor
  • fuse7/fuse-apicurito-generator — Apicurito REST application generator

3.3. New features in Fuse 7.2

The main new features of Fuse on OpenShift in version 7.2 are:

Define APIs using the Apicurito API designer
Fuse 7.2 on OpenShift now ships with a lightweight version of the Apicurio Studio API designer, enabling you to create API definitions in OpenAPI (Swagger) format.
New API project generator with Apicurito generator
Apicurito provides the option to generate starting point code for an API implementation, based on a given API definition. The starting point code includes a skeleton implementation of the specified API and all of the configuration necessary to build and deploy the Fuse application to OpenShift.
Integration with 3scale service discovery
A project generated by Apicurito also includes the metadata required to enable service discovery in the Red Hat 3scale API Management administrative console.
Updated Fuse Console (Hawtio) on OpenShift

The Fuse Console on OpenShift has been updated with the following features. The Fuse Console:

  • Has an app launcher widget in the navigation bar, to ease switching between consoles.
  • Has a context switcher widget in the navigation bar of the JVM console, to ease switching between containers.
  • Groups pods by deployment or deployment configuration in the list view.
  • Displays Camel route counts in the Pods view.
  • Displays the user ID and username in the navigation bar menu.
  • OpenShift resources are displayed with clickable links that open the corresponding resources in the OpenShift Web console.
Prometheus fully supported on OCP 3.11
Prometheus is out of technology preview and is now fully supported for Fuse 7.2 on OpenShift Container Platform (OCP) 3.11.

3.4. Important notes

Important notes for the Fuse 7.2 release of the Fuse on OpenShift distribution:

Fuse on OpenShift images are now distributed through a secure registry
From Fuse 7.2.0, Fuse on OpenShift images are distributed through the secure Red Hat registry, registry.redhat.io. In order to install the images for Fuse 7.2 on OpenShift, you need to configure your credentials in OCP to gain access to the secure registry. For instructions on how to configure the credentials, see Get Started for Administrators in the "Fuse on OpenShift Guide" guide.
Builds can get stuck on some early micro versions of OCP 3.10
If you are using Fuse on OpenShift with OCP 3.10, we recommend that you install OCP 3.10.34 or later to avoid encountering this known issue, ENTESB-9420. For this reason, it is also recommended that you do not use Fuse 7.2 with Red Hat Container Development Kit (CDK) 3.5, which is based on an affected OCP 3.10 version. Use CDK 3.8 instead.
Redeploying an application using the Fabric8 Maven plugin

When deploying a Fuse on OpenShift application to OpenShift Container Platform using the Fabric8 Maven plugin, you cannot redeploy the application using just the command mvn fabric8:deploy. Use the following sequence of commands instead:

mvn fabric8:undeploy
mvn fabric8:deploy

Chapter 4. Fuse Standalone

4.1. Supported containers

Fuse standalone 7.2 is supported on the following runtime containers:

  • Spring Boot (standalone)
  • Apache Karaf
  • Red Hat JBoss Enterprise Application Platform (JBoss EAP)

4.2. Technology Preview features

The following features of Fuse standalone are Technology Preview only and are not supported in Fuse 7.2:

Saga EIP
The Saga Enterprise Integration Pattern (EIP) is a technology preview feature and features only the In-Memory Saga service (which is not suitable for a production environments). The LRA Saga service is not supported. For more details, see section Saga EIP of the "Apache Camel Development Guide".

4.3. BOM files for Fuse 7.2

To configure your Maven projects to use the supported Fuse 7.2 artifacts, use the BOM versions documented in this section.

4.3.1. Old-style BOM

To upgrade your Fuse standalone applications to use the 7.2 dependencies, edit the Maven pom.xml and change the versions of the BOMs and Maven plugins listed in the following table:

Table 4.1. Maven BOM and plugin versions for 7.2 using the old-style BOM

Container TypeMaven BOM or Plugin Artifact groupId/artifactIdVersion for Fuse 7.2

Spring Boot

io.fabric8/fabric8-project-bom-camel-spring-boot

3.0.11.fuse-720027-redhat-00001

io.fabric8/fabric8-maven-plugin

3.5.33.fuse-720026-redhat-00001

org.springframework.boot/spring-boot-maven-plugin

1.5.16.RELEASE

Apache Karaf

org.jboss.fuse/jboss-fuse-parent

7.2.0.fuse-720035-redhat-00001

io.fabric8/fabric8-project-bom-fuse-karaf

3.0.11.fuse-720027-redhat-00001

org.apache.karaf.tooling/karaf-maven-plugin

4.2.0.fuse-720061-redhat-00001

JBoss EAP

org.wildfly.camel/wildfly-camel-bom

5.2.0.fuse-720023-redhat-00001

4.3.2. New-style BOM

To upgrade your Fuse standalone applications to use the 7.2 dependencies, edit the Maven pom.xml and change the versions of the BOMs and Maven plugins listed in the following table:

Table 4.2. Maven BOM and plugin versions for 7.2 using the new-style BOM

Container TypeMaven BOM or Plugin Artifact groupId/artifactIdVersion for Fuse 7.2

Spring Boot

org.jboss.redhat-fuse/fuse-springboot-bom

7.2.0.fuse-720020-redhat-00001

org.jboss.redhat-fuse/fabric8-maven-plugin

7.2.0.fuse-720020-redhat-00001

org.jboss.redhat-fuse/spring-boot-maven-plugin

7.2.0.fuse-720020-redhat-00001

Apache Karaf

org.jboss.redhat-fuse/fuse-karaf-bom

7.2.0.fuse-720020-redhat-00001

org.jboss.redhat-fuse/karaf-maven-plugin

7.2.0.fuse-720020-redhat-00001

JBoss EAP

org.jboss.redhat-fuse/fuse-eap-bom

7.2.0.fuse-720020-redhat-00001

For more details about using the new-style BOM, see Migrate Maven Projects in "Migration Guide".

4.4. Important notes

Important notes for the Fuse 7.2 release of the Fuse standalone distribution:

Generating an authentication token for camel-linkedin

LinkedIn has started responding to login forms using a CAPTCHA, which makes it impossible to use the username/password login approach for a standalone headless Fuse process. As an alternative the component was enhanced so that a LinkedIn access token can be generated and configured in an accessToken component property. Also an expiryTime property allows configuring the token expiry time in milliseconds since the Unix Epoch, which defaults to 60 days if not provided. The component tries to login again if the token expires, but the username/password approach is likely to result in a CAPTCHA response and a failed login. Hence the component is unable to automatically refresh tokens on its own.

The token can be generated using a web browser and a utility such as curl and following the OAuth login process for LinkedIn as documented at https://developer.linkedin.com/docs/oauth2. As the document describes, user needs to login using a browser to generate an authorization code, which in turn is used to generate an access token to be configured in the LinkedIn component. The generated token is valid for 60 days, so the process has to be repeated periodically to manually update the token and the Fuse application needs to be restarted with the refreshed token.

camel-kafka component has been updated to use Kafka 2.0.0 client
For better compatibility with AMQ Streams (Red Hat’s distribution of Apache Kafka), the camel-kafka component has been upgraded to use the the Kafka 2.0.0 client library.
Using XA transactions on AMQ connections
When using an XA connection to an AMQ broker, you should set the connection parameter jms.xaAckMode=1 on the broker URL explicitly for the XAConnectionFactory. Spring Boot actuator health checks may not work in this configuration and they should be disabled by setting management.health.jms.enabled=false in the application.properties file.

Chapter 5. Deprecated and Removed Features

If you need any assistance or have any questions about the upcoming changes in Fuse 7, contact support@redhat.com.

5.1. Deprecated

The following features are deprecated in Fuse 7.2 and may be removed in a future release:

HP-UX OS is deprecated
The HP-UX operating system is deprecated in Fuse 7.2 and support for this operating system could be removed in a future release of Fuse. In particular, note that the JBoss EAP 7.2 container has already dropped support for HP-UX and, consequently, any future version of Fuse on JBoss EAP that runs on JBoss EAP 7.2 will not be supported on HP-UX.
Camel MQTT component is deprecated
The Camel MQTT component is deprecated in Fuse 7.0 and will be removed in a future release of Fuse. You can use the Camel Paho component instead, which supports the MQTT messaging protocol using the popular Eclipse Paho library.
Camel LevelDB component is deprecated on all operating systems except for Linux
Since Fuse 6.3, the Camel LevelDB (camel-leveldb) component is deprecated on all operating systems except for Red Hat Enterprise Linux. In future, the Camel LevelDB component will be supported only on Red Hat Enterprise Linux.
BatchMessage class from the Camel SJMS component is deprecated
The BatchMessage class from the Camel SJMS component is deprecated in Fuse 7 (deprecated in Apache Camel since version 2.17) and may be removed from a future version of Apache Camel and Fuse.

5.2. Removed in Fuse 7.2

The following features were removed in Fuse 7.2:

Camel XMLRPC component has been removed in 7.2
The Camel XMLRPC component has been removed in Fuse 7.2.
Camel Netty component has been removed in 7.2
The Camel Netty component has been removed in Fuse 7.2. It is recommended that you use the Camel Netty4 component instead.

5.3. Removed in Fuse 7.0

The following features were removed in Fuse 7.0:

Support for Red Hat JBoss Operations Network (JON) has been removed in 7.0
Since Fuse 7.0, Fuse on Karaf no longer supports JON and no longer provides JON plugins for integrating with the JON runtime.
Embedded ActiveMQ broker has been removed in 7.0
Since Fuse 7.0, Fuse on Karaf no longer provides an embedded ActiveMQ Broker. Customers should connect to a supported remote broker directly. For more information on our supported brokers, refer to the "Supported Messaging Providers" section of the Red Hat Fuse Supported Configurations page.
Fuse integration pack has been removed in 7.0
Support for running rules and processes is provided by components shipped with Red Hat JBoss BPM Suite and Red Hat JBoss BRMS.
Karaf console commands for child container administration have been removed in 7.0

Since Fuse 7.0, the Karaf console commands for child container administration are not supported. That is, the console commands prefixed by instance: (Karaf 4.x syntax) and the console commands prefixed by admin: (Karaf 2.x syntax) are not supported.

Note

In the Fuse 7.0 GA release, the instance: commands are not blacklisted. This is a known issue.

SwitchYard has been removed in 7.0
Since Fuse 7.0, SwitchYard has been removed, and you should use Apache Camel directly instead. For more detailed information, see the knowledge base article, SwitchYard Support Plan After Releasing Fuse 7.
Support for Fabric8 1.x has been removed in 7.0

Since Fuse 7.0, Fabric8 v1 has been replaced by Fuse on OpenShift (previously, Fuse Integration Services), which includes components of Fabric8 v2 technology. Fuse on OpenShift provides a set of tools and Docker-formatted images that enable development, deployment, and management of integration microservices within OpenShift.

Although Fuse on OpenShift has a different architecture, it fulfills the same provisioning, automation, central configuration and management requirements that Fabric8 v1 provides. For more information, see Fuse on OpenShift Guide.

Camel components for Google App Engine have been removed in 7.0
The Camel components for Google App Engine (camel-gae) have been removed in Fuse 7.0.
Camel jBPM component has been removed in 7.0
The Camel jBPM component (camel-jbpm) has been removed in Fuse 7.0.
Tanuki based wrapper for installing Fuse as a service has been removed in 7.0
The Tanuki based wrapper scripts — generated using the wrapper:install Karaf console command — for installing Fuse as a service have been removed in Fuse 7.0. To install the Apache Karaf container as a service, it is recommended that you use the new karaf-service-*.sh scripts from the bin/contrib directory instead.
Smooks has been removed in 7.0
Since Fuse 7.0, the Smooks component for SwitchYard has been removed.
BPEL has been removed in 7.0
BPEL (based on the Riftsaw project) has been removed from Fuse 7.0. If you are currently using BPEL, it is recommended that you consider migrating to the Red Hat JBoss BPM Suite.
Design Time Governance has been removed in 7.0
The Design Time Governance component has been removed in 7.0.
Runtime Governance has been removed in 7.0
Since Fuse 7.0, the Runtime Governance (RTGov) component has been removed.
S-RAMP has been removed in 7.0
The SOA Repository Artifact Model and Protocol (S-RAMP) component has been removed in Fuse 7.0.
bin/patch script has been removed in 7.0
The bin/patch script (bin\patch.bat on Windows O/S) has been removed in a Fuse 7.0.
Spring Dynamic Modules (Spring-DM) is not supported in 7.0
Spring-DM (which integrates Spring XML with the OSGi service layer in Apache Karaf) is not supported in Fuse 7.0 and you should use the Blueprint framework instead. Using Blueprint XML does not prevent you from using the Java libraries from the Spring framework: the latest version of Spring is compatible with Blueprint.
Apache OpenJPA is not supported in 7.0
The Apache OpenJPA implementation of the Java Persistence API (JPA) is not supported in Fuse7.0. It is recommended that you use the Hibernate implementation instead.

5.4. Replaced in Fuse 7.0

The following features were replaced in Fuse 7.0:

Geronimo transaction manager has been replaced in 7.0
In Fuse 7.0, the Geronimo transaction manager in the Karaf container has been replaced by Narayana.
Jetty container has been replaced in 7.0
In Fuse 7.0, the Jetty container has been replaced by Undertow. Initially, this change applies only to internal use of the Jetty container (for example, in the Karaf container). Other Jetty components might be removed in a future release.

Chapter 6. Unsupported Features in Fuse 7.2

The following features are unsupported in Red Hat Fuse 7.2.

Apache Karaf EclipseLink feature is unsupported
The Apache Karaf EclipseLink feature is not supported in Fuse, because this feature depends on JPA 2.2, while the Karaf container for Fuse 7.2 is aligned with JPA 2.1.
Apache Aries Blueprint Web module is unsupported
The Apache Aries Blueprint Web module is not supported in Fuse. The presence of an example featuring Blueprint Web in the community edition of Apache Camel (provided as a separate download) does not imply that this feature is supported in Fuse.
The PHP scripting language is not supported in Apache Camel on Apache Karaf
The PHP scripting language is not supported in Camel applications on the Apache Karaf container, because there is no OSGi bundle available for PHP. The PHP scripting language is deprecated in Camel applications on the JBoss EAP container and on the Spring Boot container.
The Python scripting language is not supported in Apache Camel on Apache Karaf
The Python scripting language is not supported in Camel applications on the Apache Karaf container, because there is no OSGi bundle available for Python. The Python scripting language is deprecated in Camel applications on the JBoss EAP container and on the Spring Boot container.

Chapter 7. Known Issues

The following subsections describe the known issues in version 7.2.

7.1. CVE Security Vulnerabilities

As a middleware integration platform, Fuse can potentially be integrated with a large number of third-party components. It is not always possible to exclude the possibility that some third-party dependencies of Fuse could have security vulnerabilities. This section documents known security vulnerabilities affecting third-party dependencies of Fuse 7.2.

ENTESB-12489 CVE-2019-9827 - Fuse Console standalone on Amazon Web Services
Due to security concerns, you should not deploy a standalone Fuse application to Amazon Web Services (AWS). This restriction applies to all supported standalone environments (Spring Boot 1.x and 2.x, Karaf, and Red Hat JBoss Enterprise Application Platform). If you want to deploy the Fuse Console standalone on AWS, it is highly recommended that you upgrade to Fuse 7.7 or later and disable the Fuse Console’s proxy servlet by setting the hawtio.disableProxy system property to true.
CVE-2017-12629 Solr/Lucene -security bypass to access sensitive data - CVE-2017-12629

Apache Solr is a popular open source search platform that uses the Apache Lucene search engine. If your application uses a combination of Apache Solr with Apache Lucene (for example, when using the Camel Solr component), it could be affected by this security vulnerability. Please consult the linked security advisory for more details of this vulnerability and the mitigation steps to take.

Note

The Fuse runtime does not use Apache Solr or Apache Lucene directly. The security risk only arises, if you are using Apache Solr and Apache Lucene together in the context of an integration application (for example, when using the Camel Solr component).

Multiple CVEs Multiple CVEs related to jackson-databind security vulnerability

Applications that that use the FasterXML jackson-databind library to instantiate Java objects by deserializing JSON content are potentially vulnerable to a remote code execution attack. The vulnerability is not automatic, however, and it can be avoided if you take the appropriate mitigation steps.

At a minimum, the following prerequisites must all be satisfied before an attack becomes possible:

  1. You have enabled polymorphic type handling for deserialization of JSON content in jackson-databind. There are two alternative ways of enabling polymorphic type handling in Jackson JSON:

    1. Using a combination of the @JsonTypeInfo and @JsonSubTypes annotations.
    2. By calling the ObjectMapper.enableDefaultTyping() method. This option is particularly dangerous, as it effectively enables polymorphic typing globally.
  2. There are one or more gadget classes in your Java classpath, which have not yet been blacklisted by the current version of jackson-databind. A gadget class is defined as any class that performs a sensitive (potentially exploitable) operation as a side effect of executing a constructor or a setter method (which are the methods that can be called during a deserialization). The gadget blacklist maintained by the Jackson JSON library is the last line of defence against the remote code execution vulnerability.

It is the existence of a large number of gadget classes which explains why there are many individual CVEs related to the jackson-databind vulnerability. There are different CVEs related to different kinds of gadget class.

If you do need to use the jackson-databind library in your application, the most important measure you can take to mitigate the risk is this: avoid polymorphic type handling in Jackson JSON and on no account should you call the ObjectMapper.enableDefaultTyping() method.

7.2. Fuse Online

The Fuse Online distribution has the following known issues:

667 'null' when using "ItemAt" transformation from List<> → Number
When mapping from a List to a Double type field using the ItemAt transformation, an exception gets thrown by the data mapper.
1558 "Save as draft" and "Publish" buttons
Both the Save as draft button and the Publish button remain active, even after a user has clicked on one of the buttons and started stepping through the procedure.
698 DB Connector: SQL parser doesn’t recognize parameters for LIKE
In SQL statements containing the LIKE keyword (for example, DELETE FROM TODO WHERE task LIKE ‘:#param’), the LIKE keyword cannot be used with datamapper parameters, such as :#param.

7.3. Fuse on OpenShift

This section lists issues that affect the deployment of Fuse applications on OpenShift. For details of issues affecting specific containers, see also the sections for Spring Boot, Fuse on Apache Karaf, and Fuse on JBoss EAP. The Fuse on OpenShift distribution has the following known issues:

ENTESB-9420 karaf-camel-rest-sql: Build creation stuck on "Receiving source from STDIN as archive"
When attempting to build and deploy Fuse applications on some early micro versions of OpenShift Container Platform (OCP) 3.10, it is possible that the build will hang with this error. If you encounter this problem, we recommend that you upgrade to OCP 3.10.34 (or later), where this problem is fixed.
ENTESB-9514 CDK (minishift) + quickstart with binary build doesn’t work
Red Hat Container Development Kit (CDK) 3.5 uses a version of OpenShift that has some incompatibilities with Fuse 7.2 on OpenShift (in particular, build and deployment of Fuse on OpenShift quickstarts does not work). We recommend that you use CDK 3.8 instead.

7.4. Fuse on Spring Boot

Fuse on Spring Boot has the following known issues:

ENTESB-9208 XA transaction doesn’t work with MSSQL database
In the Fuse 7.2.0 GA release, when using Narayana as transaction manager, XA transactions do not work with the MSSQL database. This will be fixed in an upcoming release of Fuse.

7.5. Fuse on Apache Karaf

Fuse on Apache Karaf has the following known issues:

ENTESB-9750 Swagger doesn’t work in karaf-camel-rest-sql
In the Fuse 7.2.0 GA release, the karaf-camel-rest-sql quickstart throws an error when you try to access the Swagger API definition by appending /api-doc to the endpoint URL. This will be fixed in an upcoming release of Fuse.
ENTESB-8140 Start level of hot deploy bundles is 80 by default

In the Fuse 7.0 GA release, in the Apache Karaf container the start level of hot deployed bundles is 80 by default. This can cause problems for the hot deployed bundles, because there are many system bundles and features that have the same start level. To work around this problem and ensure that hot deployed bundles start reliably, edit the etc/org.apache.felix.fileinstall-deploy.cfg file and change the felix.fileinstall.start.level setting as follows:

felix.fileinstall.start.level = 90
ENTESB-7664 Installing framework-security feature kills karaf

The framework-security OSGi feature must be installed using the --no-auto-refresh option, otherwise this feature will shut down the Apache Karaf container. For example:

feature:install -v --no-auto-refresh framework-security

7.6. Apache Camel

Apache Camel has the following known issues:

ENTESB-7469 Camel Docker component cannot use Unix socket connections on EAP
In Fuse 7.0, the camel-docker component can connect to Docker only through its REST API, not through UNIX sockets.
ENTESB-5231 PHP script language does not work
The PHP scripting language is not supported in Camel applications on the Apache Karaf container, because there is no OSGi bundle available for PHP.
ENTESB-5232 Python language does not work
The Python scripting language is not supported in Camel applications on the Apache Karaf container, because there is no OSGi bundle available for Python.
ENTESB-2443 Google Mail API - Sending of messages and drafts is not synchronous
When you send a message or draft, the response contains a Message object with an ID. It may not be possible to immediately get this message via another call to the API. You may have to wait and retry the call.
ENTESB-2332 Google Drive API JSON response for changes returns bad count of items for the first page
Google Drive API JSON reponse for changes returns bad count of items for the first page. Setting maxResults for a list operation may not return all the results in the first page. You may have to go through several pages to get the complete list (that is by setting pageToken on new requests).

Chapter 8. Issues Resolved in Fuse 7.2

The following sections list the issues that have been resolved in Fuse 7.2:

8.1. Enhancements in Fuse 7.2

The following table lists the enhancements in Fuse 7.2.

Table 8.1. Fuse 7.2 Enhancements

IssueDescription

ENTESB-9555

Update prometheus to newer productised version for fuse-karaf/fuse-java openshift images

ENTESB-9403

Add config map to Fuse console templates

ENTESB-9338

Do not logout user when resetting preferences in Fuse console

ENTESB-9529

Modify SAP type converters to throw exceptions.

ENTESB-9499

JMX Support For camel-http4 To Expose Statistics Of Connection Manager

ENTESB-9494

HAWTIO:HELP: JMX should redirect to some overview about JMX not to hawtio itself

ENTESB-9614

Align camel-kafka’s kafka-clients with AMQ Streams kafka-client

ENTESB-9344

Enhance standalone-xa quickstart

ENTESB-9500

Hawtio - editing the name and deleting for Configuration properties is missing

ENTESB-8053

Remove camel-mqtt and add camel-paho

ENTESB-8140

Start level of hot deploy bundles is 80 by default

ENTESB-9242

Apply 'Content Security Policy' HTTP header to Hawtio

ENTESB-9395

Add Apicurito to the Dev/Productization build pipelines

ENTESB-9222

Make Fuse on Openshift Quickstarts use the new Fuse BOMs.

ENTESB-8021

Unify camel MBean names

8.2. Feature requests in Fuse 7.2

The following table lists the features requests in Fuse 7.2.

Table 8.2. Fuse 7.2 Feature Requests

IssueDescription

ENTESB-9319

Update Fuse image streams and application templates for OpenShift images to start using Terms Based Red Hat registry

ENTESB-9415

Add K8s service annotations at deploy time

ENTESB-9385

Add app launcher to Fuse console navigation bar

ENTESB-9509

Webhook description text

ENTESB-9518

Group pods by replicas in the Fuse console list view

ENTESB-9386

Add pod switcher to Fuse console navigation bar

ENTESB-9337

Display logged in user information in Fuse console

ENTESB-9339

Create a Camel-Slack consumer to be used in Syndesis

ENTESB-9414

Service MetaData can be updated

ENTESB-9413

Derive Default Service MetaData to describe Rest DSL project

8.3. Bugs resolved in Fuse 7.2

The following table lists the resolved bugs in Fuse 7.2.

Table 8.3. Fuse 7.2 Resolved Bugs

IssueDescription

ENTESB-9298

CVE-2018-8018 camel-ignite: ignite: Improper deserialization allows for code execution via GridClientJdkMarshaller endpoint [fuse-7.0.0]

ENTESB-9231

CVE-2018-8039 cxf-core: apache-cxf: TLS hostname verification does not work correctly with com.sun.net.ssl.* [fuse-7.0.0]

ENTESB-9290

"CVE-2018-1288 kafka: Users can perform Broker actions via crafted fetch requests

ENTESB-9294

CVE-2018-1336 tomcat: A bug in the UTF-8 decoder can lead to DoS [fuse-7.0.0]

ENTESB-8177

CVE-2018-1257 spring: spring-framework: ReDoS Attack with spring-messaging [fuse-7.0.0]

ENTESB-9111

CVE-2018-12537 vertx: Improper neutralization of CRLF sequences allows remote attackers to inject arbitrary HTTP response headers [fuse-7.0.0]

ENTESB-8181

CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins [fuse-7.0.0]

ENTESB-8175

CVE-2018-1259 spring-data-commons: XXE with Spring Data’s XMLBeam integration [fuse-7.0.0]

ENTESB-8030

CVE-2016-5003 camel: xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag [fuse-6]

ENTESB-8028

CVE-2016-5002 camel: xmlrpc: XML external entity vulnerability SSRF via a crafted DTD [fuse-6]

ENTESB-9746

Fuse Online pull oauth-proxy from Docker Hub

ENTESB-9839

Fuse 7.2 CR2 on EAP doesn’t contain productized quickstarts

ENTESB-9844

Project created via fuse-apicurito-generator cannot be deployed to OpenShift

ENTESB-9760

fabric8 BOM has different build of narayna springboot starter

ENTESB-9756

spring-boot-camel-xa-template does not use productised artefacts

ENTESB-9574

Backport CAMEL-12867

ENTESB-9642

Repackage the maven-bundle-plugin in redhat-fuse

ENTESB-9203

Graceful shutdown doesn’t work with spring boot camel cxf app

ENTESB-9694

karaf-cxf-rest - missing cxf plugin version

ENTESB-9502

Hawtio Spring Boot - Authentication does not work

ENTESB-9065

camel-jms-tx-spring - Camel Context XML contains an error

ENTESB-8223

Unresolved TODOs in README.md files

ENTESB-9061

camel-linkedin - redundant '//' in the Camel Context XML

ENTESB-9487

Hawtio HTTP security enhancements aren’t applied to Spring Boot applications

ENTESB-9311

Charset option in camel File component is not working correctly

ENTESB-9699

Include upstream Jira CAMEL-12882 in Fuse 7.1 camel versions

ENTESB-9320

NoSuchMethodError When Configuring camel-zipkin in Spring XML DSL with Managed Dependencies

ENTESB-9651

FMP is using wrong image stream

ENTESB-7901

The componentProperty or endpointProperty methods of the restConfiguration not working with jetty

ENTESB-9507

"camel-ftp is internally connecting to the target FTP server more than the value set at ""maximumReconnectAttempts"""

ENTESB-9552

Backport CAMEL-12846

ENTESB-9556

"With EAP 7.1 + patch 7.1.4

ENTESB-9539

Leaking ServerActivity after a CXF app is undeployed

ENTESB-9538

Leaking DeploymentManagerImpl after a CXF app is undeployed

ENTESB-9265

Backport CAMEL-12436

ENTESB-9304

Quartz2 - Bundle c3p0 cannot find MySQL drivers on its classpath

ENTESB-9738

Unable to install hibernate because of NumberFormatException

ENTESB-9510

Exposing camel-servlet as OSGI service

ENTESB-9104

CVE-2018-12440 camel: netty-tcnative-boringssl-static: memory-cache side-channel attack on DSA signatures [fuse-7.0.0]

ENTESB-9207

Fuse on EAP doesn’t start when Java Security Manager is enabled

ENTESB-9297

CVE-2018-8018 camel-ignite: ignite: Improper deserialization allows for code execution via GridClientJdkMarshaller endpoint [fuse-6.3.0]

ENTESB-9634

[Hawtio] Select disappears after the option is reselected with CTRL button pressed in Route Chart in Camel

ENTESB-9264

hawtio-swagger in console shows 500 Response code

ENTESB-9274

Missing me.snowdrop:narayana-spring-boot-starter in BOM

ENTESB-9698

[Hawtio] Broken link in Help page

ENTESB-8149

HAWTIO:OSGi:FRAMEWORK Viewer can see save button.

ENTESB-9633

Unable to install fhir features

ENTESB-9567

Unable to connect to fuse 7.1 using client.bat script

ENTESB-9631

NPE after using CTRL+C followed by shut down of fuse

ENTESB-9268

Unify jetty version with karaf feature and fuse-karaf-bom

ENTESB-9483

Karaf client returns code 0 even though an error occurs

ENTESB-9266

org.jboss.redhat-fuse/cxf-wadl2java-plugin does not work

ENTESB-7685

UnmarshalException while executing lookupAgents in jolokia:type=Discovery

ENTESB-8088

camel-linkedin: java.lang.SecurityException: Invalid CSRF code!

ENTESB-9707

Compilation error caused by changes to Kafka broker

ENTESB-9655

When to execute `./bin/client 'log:tail'`the end of log is not displayed

ENTESB-9700

Readme for persistence quickstarts contains wrong versions

ENTESB-9697

camel-jms quickstart Readme is missing pax-jms-config feature

ENTESB-9139

"Hawtio:osgi:features: When I install or uninstall application-without-isolation/1.0.0

ENTESB-9625

[Hawtio] Wrong work of checkboxes in Browse tab of Endpoint in Camel

ENTESB-9645

Version mismatch in eap-installer 7.1.1.CR1

ENTESB-7984

Unable to locate resource [./cxfws-cdi-xml.xml] for import! using camel-cdi

ENTESB-9479

Unable to deploy Fuse 7.1 sample project to OpenShift

ENTESB-7879

camel-hl7 example throws error when consuming file on Windows

ENTESB-8487

"eap-camel-[amq|jpa] quickstart - Warning Missing SSO_URL"

ENTESB-9649

spring-boot-camel-xa template points to wrong git tag

ENTESB-9646

Wrong fuse version in fabric8-quickstarts

ENTESB-9546

Camel-CXF: Karaf feature is not working

ENTESB-7999

OPTIONS Http request on REST resource returns incorrect content of Allow header

ENTESB-9452

"Salesforce on-create

ENTESB-9491

Hawtio: Red Hat Fuse logo disappeared

ENTESB-9426

Fuse Console default connection details

ENTESB-9471

Hawtio: Bad links in Help page

ENTESB-7980

Hawtio: opened bundle details in a new tab/window does not show data

ENTESB-9447

s2i-fuse71-eap-camel-cxf-jaxws : HTTP method POST is not supported by this URL

ENTESB-8262

camel-core WARN No CamelContext defined yet so cannot inject into bean

ENTESB-9525

Post method doesn’t work on restlet component on Karaf

ENTESB-8612

CVE-2018-1284 hive: Mishandled input in UDFXPathUtil.java allows users to access arbitrary files via crafted XML [fis-2.0]

ENTESB-9537

An autocreated CXF Bus not shut down in CxfSpringEndpoint

ENTESB-9309

Backport CAMEL-12728 to Fuse 7.x

ENTESB-9087

CTRL+L clearing the entered line on Karaf CLI

ENTESB-8219

Karaf’s jms command does not work with JMS 1.1 connection factory e.g. AMQ-6 client

ENTESB-8049

Unable to setup credentials on SJMSBatchComponent in camel-sjms

ENTESB-9561

[Hawtio] Camel tree disappears after page refresh in specific route

ENTESB-9566

eap-camel-cxf-jaxrs - NoSuchMethodError: SystemPropertyAction.getInteger

ENTESB-7560

camel-hdfs2: problems with Fuse 7

ENTESB-9421

Keycloak quickstarts do not work with RH-SSO 7.2.4

ENTESB-9326

Keycloak quickstarts throw NullPointerException when accessing service first time

ENTESB-7297

camel-elasticsearch: accessing remote elasticsearch does not work

ENTESB-9541

Hawtio: Duplicating of context after suspend/start context from Karaf console

ENTESB-9504

[Hawtio] Strange behavior of Chart in Endpoints in Camel

ENTESB-8568

Unable to register security - ClassNotFoundException: BouncyCastleProvider

ENTESB-9446

Wrong SERVICE_NAME in karaf-cxf-rest quickstart

ENTESB-9267

WildFly server reload leads to multiple CamelContextRegistry instances in CamelContextTrackerRegistry

ENTESB-8407

karaf-camel-rest-sql - provided mysql deployment doesn’t work

ENTESB-9315

Encode/Encrypt password provided as option in CXFJMS Configuration address when logging into console

ENTESB-9418

SPRINGBOOT:HAWTIO: too many redirects in remote connection

ENTESB-9327

camel-cxf-jaxws-cdi-secure does not work with IBM java

ENTESB-9286

Hawtio redirect issue

ENTESB-8077

Hawtio: impossible to add the property name consisting of more than one word in Configuration

ENTESB-9470

Hawtio: some OSGi Feature dependencies link to broken page

ENTESB-9388

Hawtio: OSGi Configuration details page shows no data after reloading

ENTESB-7897

Hawtio console new connection defaults

ENTESB-8142

HAWTIO:HELP: JMX link redirects you to hawtio.

ENTESB-9387

Hawtio: OSGi Bundles page shows no data after reloading

ENTESB-7990

Hawtio: continuous loop of POST requests in a login page

ENTESB-9416

EAP:FUSE:HAWTIO:CONNECT Cannot add connect

ENTESB-9092

fuse-karaf tests with hard coded version numbers

Legal Notice

Copyright © 2020 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.