Red Hat Training

A Red Hat training course is available for Red Hat Fuse

Release Notes

Red Hat Fuse 7.2

What's new in Red Hat Fuse

Fuse Documentation Team


These notes provide an overview of the changes between Red Hat Fuse releases.

Chapter 1. Fuse 7.2 Product Overview

1.1. Fuse distributions

Fuse 7.2 is provided in the form of three different distributions, as follows:

Fuse standalone

The classic distribution of Fuse, supported on multiple operating systems. This distribution is supported for the following container types:

  • Apache Karaf
  • JBoss Enterprise Application Platform (EAP)
  • Spring Boot
Fuse on OpenShift

The distribution of Fuse for running integration applications on OpenShift (supported on the Red Hat Enterprise Linux operating system). In this case, the supported container types are provided in the form of docker-formatted container images:

  • Java image (for Spring Boot)
  • Apache Karaf image
  • JBoss EAP image
Fuse Online
The distribution of Fuse that is provided pre-installed on the OpenShift Online Professional tier (and also available for installing on an on-premises OpenShift cluster). In this case, application development is facilitated by a browser based UI, and the workflow is simplified to make it accessible to non-expert integrators.

1.2. New features

Fuse 7.2 includes several major component upgrades and a large selection of new features. For details, consult the new features sections for each of the Fuse distributions:

1.3. Supported Configurations

For information about supported configurations, standards, and components in version 7.2, see the following Customer Portal articles:

Chapter 2. Fuse Online

Fuse Online provides a web browser interface that lets a business expert integrate two or more different applications or services without writing code. It also provides features that allow the addition of code if it is needed for complex use cases.

Fuse Online runs an integration on OpenShift as a Spring Boot application that uses Apache Camel.

2.1. About Fuse Online distributions

Fuse Online is Red Hat’s web-based integration platform. Syndesis is the open source project for Fuse Online. Fuse Online runs in these OpenShift environments:

Host Environment


OpenShift Online
OpenShift Dedicated

Red Hat installs and provisions Fuse Online on Red Hat infrastructure.

OpenShift Container Platform

Customer installs and manages.

2.2. Changes and new features in 7.2

The changes and new features in Fuse Online 7.2 are:

  • New connector for Google Calendar.
  • The following connectors are now supported. They were Technology Preview features in the previous release:

    • Log connects to the integration’s log where you can direct messages that are in addition to automatic logging.
    • SAP Concur connects to the expense management tool to perform a large variety of operations.
    • Telegram connects to the cloud-based messaging app to receive and send messages.
    • Timer triggers execution of an integration at an interval that you specify or based on a Unix cron expression.
  • You can now add a template step to process data between connections.

    In an integration, a template step takes data from a source and inserts it into the format that is defined in a template that you upload to Fuse Online. The benefit of a template step is that it provides data output in a consistent format that you specify.

    In this release, Fuse Online supports only Mustache templates.

  • Data mapper updates:

    • You can now preview data mapping results for the currently selected mapping. To turn on mapping preview, in the data mapper, click the editor settings icon in the upper right and select Show Mapping Preview.
    • Transformations for handling collections have been added.

2.3. Upgrading existing integrations that are running on OpenShift Online

When Fuse 7.2 is released, the Fuse Online infrastructure on OpenShift Online is automatically upgraded. During the infrastructure upgrade, any existing integrations that are running on OpenShift Online continue to run both during and after the upgrade. However, the existing integrations continue to run with the older versions of Fuse libraries and dependencies.

After you receive an email message that lets you know that the Fuse Online infrastructure has been upgraded to the new release, upgrade your existing integrations by republishing them (not just restarting them). Do this as soon as you can. If any of your integrations connect to Gmail, see the information in Important notes, below, before you upgrade those integrations.

To republish your integrations, in your Fuse Online environment, in the left navigation panel, click Integrations. Then do the following for each integration:

  1. To the right of the integration entry, click three vertical dots and select Edit.
  2. When Fuse Online displays the integration for editing, in the upper right, click Publish.

Publishing forces a rebuild that uses the latest Fuse Online dependencies.


The Fuse Online user interface shows a warning, if any element of an integration has a newer dependency that needs to be updated.

2.4. Important notes

Important notes for the Fuse 7.2 release of the Fuse Online distribution:

  • In the previous release, published integrations that connected to Gmail stopped executing because their Gmail API access token expired. This no longer happens in Fuse Online 7.2 but to take advantage of this improvement, you must obtain and use new credentials as follows:

    1. In the Google developers console, create a new set of OAuth credentials. For help, see Register as a Gmail client.
    2. Copy the new Google client ID and new Google client secret to the Gmail entry in the Fuse Online Settings page, and click Save and click Ok.
    3. In the left navigation panel, click Connections.
    4. For each of your Gmail connections:

      1. In the upper right of the Gmail connection card, click three vertical dots and select View.
      2. Click Reconnect and respond to the prompt in Google.
    5. Republish each integration as described in the upgrade information that is just before this section.
  • A Fuse Online account is limited to a specific number of integrations that can be running at one time. For details, see the pricing plan. If you are using a Fuse Online evaluation account, then only one integration at a time can be running.
  • An OpenAPI schema that you upload to Fuse Online might not define input/output types. When Fuse Online creates a custom API client from an OpenAPI schema that does not specify input/output types then it is not possible to create an integration that maps integration data to fields that the API client can process or from fields that the API client processed. If an integration requires data mapping to or from a custom API, then when you upload the OpenAPI schema, click Review/Edit to open Apicurio Studio, which is an API design tool, and add input/output type specifications.

2.5. Obtaining technical support

To obtain technical support, in Fuse Online, in the upper right, click InfoIcon and then click Support to display the Fuse Online support page. Use this page to download diagnostic information for all integrations or for one or more integrations that you choose. The page provides instructions for opening a support ticket and providing the diagnostic information that you downloaded.

2.6. Technology Preview features

This release includes the Technology Preview features that are listed below.


Technology Preview features are not supported with Red Hat production service level agreements (SLAs), might not be functionally complete, and Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process. For more information, see Red Hat Technology Preview features support scope.

  • API Provider integrations

    To trigger execution of an integration on demand, start the integration with a REST API service that you provide and that Fuse Online makes available. Fuse Online creates an execution path, referred to as an integration flow, for each REST API operation. You can add connections and steps to each integration flow. Each REST API client call triggers execution of one integration flow.

  • Connectors for:

    • FHIR - connects to a Fast Healthcare Interoperability Resources (FHIR) server.
    • IRC - connects to text-based Internet Relay Chat to receive and send messages.
  • For a REST API client that uses OAuth, when you create an API client connector, you can change the default OAuth2 behavior of connections that you create from that connector. Fuse Online vendor extensions to the OpenAPI specification support the following:

    • Providing client credentials as parameters.
    • Obtaining a new access token based on HTTP response status codes.

Chapter 3. Fuse on OpenShift

Fuse on OpenShift is the new name for Fuse Integration Services, which enables you to deploy Fuse applications on OpenShift Container Platform.

3.1. Supported version of OpenShift

For details of the supported version (or versions) of OpenShift Container Platform to use with Fuse on OpenShift, see the Supported Configurations page.

3.2. Supported images

Fuse on OpenShift provides the following Docker-formatted images:

  • fuse7/fuse-java-openshift — Spring Boot
  • fuse7/fuse-karaf-openshift — Apache Karaf
  • fuse7/fuse-eap-openshift — Red Hat JBoss Enterprise Application Platform
  • fuse7/fuse-console — Hawtio console
  • fuse7/fuse-apicurito — Apicurito REST API editor
  • fuse7/fuse-apicurito-generator — Apicurito REST application generator

3.3. New features in Fuse 7.2

The main new features of Fuse on OpenShift in version 7.2 are:

Define APIs using the Apicurito API designer
Fuse 7.2 on OpenShift now ships with a lightweight version of the Apicurio Studio API designer, enabling you to create API definitions in OpenAPI (Swagger) format.
New API project generator with Apicurito generator
Apicurito provides the option to generate starting point code for an API implementation, based on a given API definition. The starting point code includes a skeleton implementation of the specified API and all of the configuration necessary to build and deploy the Fuse application to OpenShift.
Integration with 3scale service discovery
A project generated by Apicurito also includes the metadata required to enable service discovery in the Red Hat 3scale API Management administrative console.
Updated Fuse Console (Hawtio) on OpenShift

The Fuse Console on OpenShift has been updated with the following features. The Fuse Console:

  • Has an app launcher widget in the navigation bar, to ease switching between consoles.
  • Has a context switcher widget in the navigation bar of the JVM console, to ease switching between containers.
  • Groups pods by deployment or deployment configuration in the list view.
  • Displays Camel route counts in the Pods view.
  • Displays the user ID and username in the navigation bar menu.
  • OpenShift resources are displayed with clickable links that open the corresponding resources in the OpenShift Web console.
Prometheus fully supported on OCP 3.11
Prometheus is out of technology preview and is now fully supported for Fuse 7.2 on OpenShift Container Platform (OCP) 3.11.

3.4. Important notes

Important notes for the Fuse 7.2 release of the Fuse on OpenShift distribution:

Fuse on OpenShift images are now distributed through a secure registry
From Fuse 7.2.0, Fuse on OpenShift images are distributed through the secure Red Hat registry, In order to install the images for Fuse 7.2 on OpenShift, you need to configure your credentials in OCP to gain access to the secure registry. For instructions on how to configure the credentials, see Get Started for Administrators in the "Fuse on OpenShift Guide" guide.
Builds can get stuck on some early micro versions of OCP 3.10
If you are using Fuse on OpenShift with OCP 3.10, we recommend that you install OCP 3.10.34 or later to avoid encountering this known issue, ENTESB-9420. For this reason, it is also recommended that you do not use Fuse 7.2 with Red Hat Container Development Kit (CDK) 3.5, which is based on an affected OCP 3.10 version. Use CDK 3.8 instead.
Redeploying an application using the Fabric8 Maven plugin

When deploying a Fuse on OpenShift application to OpenShift Container Platform using the Fabric8 Maven plugin, you cannot redeploy the application using just the command mvn fabric8:deploy. Use the following sequence of commands instead:

mvn fabric8:undeploy
mvn fabric8:deploy

Chapter 4. Fuse Standalone

4.1. Supported containers

Fuse standalone 7.2 is supported on the following runtime containers:

  • Spring Boot (standalone)
  • Apache Karaf
  • Red Hat JBoss Enterprise Application Platform (JBoss EAP)

4.2. Technology Preview features

The following features of Fuse standalone are Technology Preview only and are not supported in Fuse 7.2:

Saga EIP
The Saga Enterprise Integration Pattern (EIP) is a technology preview feature and features only the In-Memory Saga service (which is not suitable for a production environments). The LRA Saga service is not supported. For more details, see section Saga EIP of the "Apache Camel Development Guide".

4.3. BOM files for Fuse 7.2

To configure your Maven projects to use the supported Fuse 7.2 artifacts, use the BOM versions documented in this section.

4.3.1. Old-style BOM

To upgrade your Fuse standalone applications to use the 7.2 dependencies, edit the Maven pom.xml and change the versions of the BOMs and Maven plugins listed in the following table:

Table 4.1. Maven BOM and plugin versions for 7.2 using the old-style BOM

Container TypeMaven BOM or Plugin Artifact groupId/artifactIdVersion for Fuse 7.2

Spring Boot







Apache Karaf










4.3.2. New-style BOM

To upgrade your Fuse standalone applications to use the 7.2 dependencies, edit the Maven pom.xml and change the versions of the BOMs and Maven plugins listed in the following table:

Table 4.2. Maven BOM and plugin versions for 7.2 using the new-style BOM

Container TypeMaven BOM or Plugin Artifact groupId/artifactIdVersion for Fuse 7.2

Spring Boot







Apache Karaf








For more details about using the new-style BOM, see Migrate Maven Projects in "Migration Guide".

4.4. Important notes

Important notes for the Fuse 7.2 release of the Fuse standalone distribution:

Generating an authentication token for camel-linkedin

LinkedIn has started responding to login forms using a CAPTCHA, which makes it impossible to use the username/password login approach for a standalone headless Fuse process. As an alternative the component was enhanced so that a LinkedIn access token can be generated and configured in an accessToken component property. Also an expiryTime property allows configuring the token expiry time in milliseconds since the Unix Epoch, which defaults to 60 days if not provided. The component tries to login again if the token expires, but the username/password approach is likely to result in a CAPTCHA response and a failed login. Hence the component is unable to automatically refresh tokens on its own.

The token can be generated using a web browser and a utility such as curl and following the OAuth login process for LinkedIn as documented at As the document describes, user needs to login using a browser to generate an authorization code, which in turn is used to generate an access token to be configured in the LinkedIn component. The generated token is valid for 60 days, so the process has to be repeated periodically to manually update the token and the Fuse application needs to be restarted with the refreshed token.

camel-kafka component has been updated to use Kafka 2.0.0 client
For better compatibility with AMQ Streams (Red Hat’s distribution of Apache Kafka), the camel-kafka component has been upgraded to use the the Kafka 2.0.0 client library.
Using XA transactions on AMQ connections
When using an XA connection to an AMQ broker, you should set the connection parameter jms.xaAckMode=1 on the broker URL explicitly for the XAConnectionFactory. Spring Boot actuator health checks may not work in this configuration and they should be disabled by setting in the file.

Chapter 5. Deprecated and Removed Features

If you need any assistance or have any questions about the upcoming changes in Fuse 7, contact

5.1. Deprecated

The following features are deprecated in Fuse 7.2 and may be removed in a future release:

HP-UX OS is deprecated
The HP-UX operating system is deprecated in Fuse 7.2 and support for this operating system could be removed in a future release of Fuse. In particular, note that the JBoss EAP 7.2 container has already dropped support for HP-UX and, consequently, any future version of Fuse on JBoss EAP that runs on JBoss EAP 7.2 will not be supported on HP-UX.
Camel MQTT component is deprecated
The Camel MQTT component is deprecated in Fuse 7.0 and will be removed in a future release of Fuse. You can use the Camel Paho component instead, which supports the MQTT messaging protocol using the popular Eclipse Paho library.
Camel LevelDB component is deprecated on all operating systems except for Linux
Since Fuse 6.3, the Camel LevelDB (camel-leveldb) component is deprecated on all operating systems except for Red Hat Enterprise Linux. In future, the Camel LevelDB component will be supported only on Red Hat Enterprise Linux.
BatchMessage class from the Camel SJMS component is deprecated
The BatchMessage class from the Camel SJMS component is deprecated in Fuse 7 (deprecated in Apache Camel since version 2.17) and may be removed from a future version of Apache Camel and Fuse.

5.2. Removed in Fuse 7.2

The following features were removed in Fuse 7.2:

Camel XMLRPC component has been removed in 7.2
The Camel XMLRPC component has been removed in Fuse 7.2.
Camel Netty component has been removed in 7.2
The Camel Netty component has been removed in Fuse 7.2. It is recommended that you use the Camel Netty4 component instead.

5.3. Removed in Fuse 7.0

The following features were removed in Fuse 7.0:

Support for Red Hat JBoss Operations Network (JON) has been removed in 7.0
Since Fuse 7.0, Fuse on Karaf no longer supports JON and no longer provides JON plugins for integrating with the JON runtime.
Embedded ActiveMQ broker has been removed in 7.0
Since Fuse 7.0, Fuse on Karaf no longer provides an embedded ActiveMQ Broker. Customers should connect to a supported remote broker directly. For more information on our supported brokers, refer to the "Supported Messaging Providers" section of the Red Hat Fuse Supported Configurations page.
Fuse integration pack has been removed in 7.0
Support for running rules and processes is provided by components shipped with Red Hat JBoss BPM Suite and Red Hat JBoss BRMS.
Karaf console commands for child container administration have been removed in 7.0

Since Fuse 7.0, the Karaf console commands for child container administration are not supported. That is, the console commands prefixed by instance: (Karaf 4.x syntax) and the console commands prefixed by admin: (Karaf 2.x syntax) are not supported.


In the Fuse 7.0 GA release, the instance: commands are not blacklisted. This is a known issue.

SwitchYard has been removed in 7.0
Since Fuse 7.0, SwitchYard has been removed, and you should use Apache Camel directly instead. For more detailed information, see the knowledge base article, SwitchYard Support Plan After Releasing Fuse 7.
Support for Fabric8 1.x has been removed in 7.0

Since Fuse 7.0, Fabric8 v1 has been replaced by Fuse on OpenShift (previously, Fuse Integration Services), which includes components of Fabric8 v2 technology. Fuse on OpenShift provides a set of tools and Docker-formatted images that enable development, deployment, and management of integration microservices within OpenShift.

Although Fuse on OpenShift has a different architecture, it fulfills the same provisioning, automation, central configuration and management requirements that Fabric8 v1 provides. For more information, see Fuse on OpenShift Guide.

Camel components for Google App Engine have been removed in 7.0
The Camel components for Google App Engine (camel-gae) have been removed in Fuse 7.0.
Camel jBPM component has been removed in 7.0
The Camel jBPM component (camel-jbpm) has been removed in Fuse 7.0.
Tanuki based wrapper for installing Fuse as a service has been removed in 7.0
The Tanuki based wrapper scripts — generated using the wrapper:install Karaf console command — for installing Fuse as a service have been removed in Fuse 7.0. To install the Apache Karaf container as a service, it is recommended that you use the new karaf-service-*.sh scripts from the bin/contrib directory instead.
Smooks has been removed in 7.0
Since Fuse 7.0, the Smooks component for SwitchYard has been removed.
BPEL has been removed in 7.0
BPEL (based on the Riftsaw project) has been removed from Fuse 7.0. If you are currently using BPEL, it is recommended that you consider migrating to the Red Hat JBoss BPM Suite.
Design Time Governance has been removed in 7.0
The Design Time Governance component has been removed in 7.0.
Runtime Governance has been removed in 7.0
Since Fuse 7.0, the Runtime Governance (RTGov) component has been removed.
S-RAMP has been removed in 7.0
The SOA Repository Artifact Model and Protocol (S-RAMP) component has been removed in Fuse 7.0.
bin/patch script has been removed in 7.0
The bin/patch script (bin\patch.bat on Windows O/S) has been removed in a Fuse 7.0.
Spring Dynamic Modules (Spring-DM) is not supported in 7.0
Spring-DM (which integrates Spring XML with the OSGi service layer in Apache Karaf) is not supported in Fuse 7.0 and you should use the Blueprint framework instead. Using Blueprint XML does not prevent you from using the Java libraries from the Spring framework: the latest version of Spring is compatible with Blueprint.
Apache OpenJPA is not supported in 7.0
The Apache OpenJPA implementation of the Java Persistence API (JPA) is not supported in Fuse7.0. It is recommended that you use the Hibernate implementation instead.

5.4. Replaced in Fuse 7.0

The following features were replaced in Fuse 7.0:

Geronimo transaction manager has been replaced in 7.0
In Fuse 7.0, the Geronimo transaction manager in the Karaf container has been replaced by Narayana.
Jetty container has been replaced in 7.0
In Fuse 7.0, the Jetty container has been replaced by Undertow. Initially, this change applies only to internal use of the Jetty container (for example, in the Karaf container). Other Jetty components might be removed in a future release.

Chapter 6. Unsupported Features in Fuse 7.2

The following features are unsupported in Red Hat Fuse 7.2.

Apache Karaf EclipseLink feature is unsupported
The Apache Karaf EclipseLink feature is not supported in Fuse, because this feature depends on JPA 2.2, while the Karaf container for Fuse 7.2 is aligned with JPA 2.1.
Apache Aries Blueprint Web module is unsupported
The Apache Aries Blueprint Web module is not supported in Fuse. The presence of an example featuring Blueprint Web in the community edition of Apache Camel (provided as a separate download) does not imply that this feature is supported in Fuse.
The PHP scripting language is not supported in Apache Camel on Apache Karaf
The PHP scripting language is not supported in Camel applications on the Apache Karaf container, because there is no OSGi bundle available for PHP. The PHP scripting language is deprecated in Camel applications on the JBoss EAP container and on the Spring Boot container.
The Python scripting language is not supported in Apache Camel on Apache Karaf
The Python scripting language is not supported in Camel applications on the Apache Karaf container, because there is no OSGi bundle available for Python. The Python scripting language is deprecated in Camel applications on the JBoss EAP container and on the Spring Boot container.

Chapter 7. Known Issues

The following subsections describe the known issues in version 7.2.

7.1. CVE Security Vulnerabilities

As a middleware integration platform, Fuse can potentially be integrated with a large number of third-party components. It is not always possible to exclude the possibility that some third-party dependencies of Fuse could have security vulnerabilities. This section documents known security vulnerabilities affecting third-party dependencies of Fuse 7.2.

ENTESB-12489 CVE-2019-9827 - Fuse Console standalone on Amazon Web Services
Due to security concerns, you should not deploy a standalone Fuse application to Amazon Web Services (AWS). This restriction applies to all supported standalone environments (Spring Boot 1.x and 2.x, Karaf, and Red Hat JBoss Enterprise Application Platform). If you want to deploy the Fuse Console standalone on AWS, it is highly recommended that you upgrade to Fuse 7.7 or later and disable the Fuse Console’s proxy servlet by setting the hawtio.disableProxy system property to true.
CVE-2017-12629 Solr/Lucene -security bypass to access sensitive data - CVE-2017-12629

Apache Solr is a popular open source search platform that uses the Apache Lucene search engine. If your application uses a combination of Apache Solr with Apache Lucene (for example, when using the Camel Solr component), it could be affected by this security vulnerability. Please consult the linked security advisory for more details of this vulnerability and the mitigation steps to take.


The Fuse runtime does not use Apache Solr or Apache Lucene directly. The security risk only arises, if you are using Apache Solr and Apache Lucene together in the context of an integration application (for example, when using the Camel Solr component).

Multiple CVEs Multiple CVEs related to jackson-databind security vulnerability

Applications that that use the FasterXML jackson-databind library to instantiate Java objects by deserializing JSON content are potentially vulnerable to a remote code execution attack. The vulnerability is not automatic, however, and it can be avoided if you take the appropriate mitigation steps.

At a minimum, the following prerequisites must all be satisfied before an attack becomes possible:

  1. You have enabled polymorphic type handling for deserialization of JSON content in jackson-databind. There are two alternative ways of enabling polymorphic type handling in Jackson JSON:

    1. Using a combination of the @JsonTypeInfo and @JsonSubTypes annotations.
    2. By calling the ObjectMapper.enableDefaultTyping() method. This option is particularly dangerous, as it effectively enables polymorphic typing globally.
  2. There are one or more gadget classes in your Java classpath, which have not yet been blacklisted by the current version of jackson-databind. A gadget class is defined as any class that performs a sensitive (potentially exploitable) operation as a side effect of executing a constructor or a setter method (which are the methods that can be called during a deserialization). The gadget blacklist maintained by the Jackson JSON library is the last line of defence against the remote code execution vulnerability.

It is the existence of a large number of gadget classes which explains why there are many individual CVEs related to the jackson-databind vulnerability. There are different CVEs related to different kinds of gadget class.

If you do need to use the jackson-databind library in your application, the most important measure you can take to mitigate the risk is this: avoid polymorphic type handling in Jackson JSON and on no account should you call the ObjectMapper.enableDefaultTyping() method.

7.2. Fuse Online

The Fuse Online distribution has the following known issues:

667 'null' when using "ItemAt" transformation from List<> → Number
When mapping from a List to a Double type field using the ItemAt transformation, an exception gets thrown by the data mapper.
1558 "Save as draft" and "Publish" buttons
Both the Save as draft button and the Publish button remain active, even after a user has clicked on one of the buttons and started stepping through the procedure.
698 DB Connector: SQL parser doesn’t recognize parameters for LIKE
In SQL statements containing the LIKE keyword (for example, DELETE FROM TODO WHERE task LIKE ‘:#param’), the LIKE keyword cannot be used with datamapper parameters, such as :#param.

7.3. Fuse on OpenShift

This section lists issues that affect the deployment of Fuse applications on OpenShift. For details of issues affecting specific containers, see also the sections for Spring Boot, Fuse on Apache Karaf, and Fuse on JBoss EAP. The Fuse on OpenShift distribution has the following known issues:

ENTESB-9420 karaf-camel-rest-sql: Build creation stuck on "Receiving source from STDIN as archive"
When attempting to build and deploy Fuse applications on some early micro versions of OpenShift Container Platform (OCP) 3.10, it is possible that the build will hang with this error. If you encounter this problem, we recommend that you upgrade to OCP 3.10.34 (or later), where this problem is fixed.
ENTESB-9514 CDK (minishift) + quickstart with binary build doesn’t work
Red Hat Container Development Kit (CDK) 3.5 uses a version of OpenShift that has some incompatibilities with Fuse 7.2 on OpenShift (in particular, build and deployment of Fuse on OpenShift quickstarts does not work). We recommend that you use CDK 3.8 instead.

7.4. Fuse on Spring Boot

Fuse on Spring Boot has the following known issues:

ENTESB-9208 XA transaction doesn’t work with MSSQL database
In the Fuse 7.2.0 GA release, when using Narayana as transaction manager, XA transactions do not work with the MSSQL database. This will be fixed in an upcoming release of Fuse.

7.5. Fuse on Apache Karaf

Fuse on Apache Karaf has the following known issues:

ENTESB-9750 Swagger doesn’t work in karaf-camel-rest-sql
In the Fuse 7.2.0 GA release, the karaf-camel-rest-sql quickstart throws an error when you try to access the Swagger API definition by appending /api-doc to the endpoint URL. This will be fixed in an upcoming release of Fuse.
ENTESB-8140 Start level of hot deploy bundles is 80 by default

In the Fuse 7.0 GA release, in the Apache Karaf container the start level of hot deployed bundles is 80 by default. This can cause problems for the hot deployed bundles, because there are many system bundles and features that have the same start level. To work around this problem and ensure that hot deployed bundles start reliably, edit the etc/org.apache.felix.fileinstall-deploy.cfg file and change the felix.fileinstall.start.level setting as follows:

felix.fileinstall.start.level = 90
ENTESB-7664 Installing framework-security feature kills karaf

The framework-security OSGi feature must be installed using the --no-auto-refresh option, otherwise this feature will shut down the Apache Karaf container. For example:

feature:install -v --no-auto-refresh framework-security

7.6. Apache Camel

Apache Camel has the following known issues:

ENTESB-7469 Camel Docker component cannot use Unix socket connections on EAP
In Fuse 7.0, the camel-docker component can connect to Docker only through its REST API, not through UNIX sockets.
ENTESB-5231 PHP script language does not work
The PHP scripting language is not supported in Camel applications on the Apache Karaf container, because there is no OSGi bundle available for PHP.
ENTESB-5232 Python language does not work
The Python scripting language is not supported in Camel applications on the Apache Karaf container, because there is no OSGi bundle available for Python.
ENTESB-2443 Google Mail API - Sending of messages and drafts is not synchronous
When you send a message or draft, the response contains a Message object with an ID. It may not be possible to immediately get this message via another call to the API. You may have to wait and retry the call.
ENTESB-2332 Google Drive API JSON response for changes returns bad count of items for the first page
Google Drive API JSON reponse for changes returns bad count of items for the first page. Setting maxResults for a list operation may not return all the results in the first page. You may have to go through several pages to get the complete list (that is by setting pageToken on new requests).

Chapter 8. Issues Resolved in Fuse 7.2

The following sections list the issues that have been resolved in Fuse 7.2:

8.1. Enhancements in Fuse 7.2

The following table lists the enhancements in Fuse 7.2.

Table 8.1. Fuse 7.2 Enhancements



Update prometheus to newer productised version for fuse-karaf/fuse-java openshift images


Add config map to Fuse console templates


Do not logout user when resetting preferences in Fuse console


Modify SAP type converters to throw exceptions.


JMX Support For camel-http4 To Expose Statistics Of Connection Manager


HAWTIO:HELP: JMX should redirect to some overview about JMX not to hawtio itself


Align camel-kafka’s kafka-clients with AMQ Streams kafka-client


Enhance standalone-xa quickstart


Hawtio - editing the name and deleting for Configuration properties is missing


Remove camel-mqtt and add camel-paho


Start level of hot deploy bundles is 80 by default


Apply 'Content Security Policy' HTTP header to Hawtio


Add Apicurito to the Dev/Productization build pipelines


Make Fuse on Openshift Quickstarts use the new Fuse BOMs.


Unify camel MBean names

8.2. Feature requests in Fuse 7.2

The following table lists the features requests in Fuse 7.2.

Table 8.2. Fuse 7.2 Feature Requests



Update Fuse image streams and application templates for OpenShift images to start using Terms Based Red Hat registry


Add K8s service annotations at deploy time


Add app launcher to Fuse console navigation bar


Webhook description text


Group pods by replicas in the Fuse console list view


Add pod switcher to Fuse console navigation bar


Display logged in user information in Fuse console


Create a Camel-Slack consumer to be used in Syndesis


Service MetaData can be updated


Derive Default Service MetaData to describe Rest DSL project

8.3. Bugs resolved in Fuse 7.2

The following table lists the resolved bugs in Fuse 7.2.

Table 8.3. Fuse 7.2 Resolved Bugs



CVE-2018-8018 camel-ignite: ignite: Improper deserialization allows for code execution via GridClientJdkMarshaller endpoint [fuse-7.0.0]


CVE-2018-8039 cxf-core: apache-cxf: TLS hostname verification does not work correctly with* [fuse-7.0.0]


"CVE-2018-1288 kafka: Users can perform Broker actions via crafted fetch requests


CVE-2018-1336 tomcat: A bug in the UTF-8 decoder can lead to DoS [fuse-7.0.0]


CVE-2018-1257 spring: spring-framework: ReDoS Attack with spring-messaging [fuse-7.0.0]


CVE-2018-12537 vertx: Improper neutralization of CRLF sequences allows remote attackers to inject arbitrary HTTP response headers [fuse-7.0.0]


CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins [fuse-7.0.0]


CVE-2018-1259 spring-data-commons: XXE with Spring Data’s XMLBeam integration [fuse-7.0.0]


CVE-2016-5003 camel: xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag [fuse-6]


CVE-2016-5002 camel: xmlrpc: XML external entity vulnerability SSRF via a crafted DTD [fuse-6]


Fuse Online pull oauth-proxy from Docker Hub


Fuse 7.2 CR2 on EAP doesn’t contain productized quickstarts


Project created via fuse-apicurito-generator cannot be deployed to OpenShift


fabric8 BOM has different build of narayna springboot starter


spring-boot-camel-xa-template does not use productised artefacts


Backport CAMEL-12867


Repackage the maven-bundle-plugin in redhat-fuse


Graceful shutdown doesn’t work with spring boot camel cxf app


karaf-cxf-rest - missing cxf plugin version


Hawtio Spring Boot - Authentication does not work


camel-jms-tx-spring - Camel Context XML contains an error


Unresolved TODOs in files


camel-linkedin - redundant '//' in the Camel Context XML


Hawtio HTTP security enhancements aren’t applied to Spring Boot applications


Charset option in camel File component is not working correctly


Include upstream Jira CAMEL-12882 in Fuse 7.1 camel versions


NoSuchMethodError When Configuring camel-zipkin in Spring XML DSL with Managed Dependencies


FMP is using wrong image stream


The componentProperty or endpointProperty methods of the restConfiguration not working with jetty


"camel-ftp is internally connecting to the target FTP server more than the value set at ""maximumReconnectAttempts"""


Backport CAMEL-12846


"With EAP 7.1 + patch 7.1.4


Leaking ServerActivity after a CXF app is undeployed


Leaking DeploymentManagerImpl after a CXF app is undeployed


Backport CAMEL-12436


Quartz2 - Bundle c3p0 cannot find MySQL drivers on its classpath


Unable to install hibernate because of NumberFormatException


Exposing camel-servlet as OSGI service


CVE-2018-12440 camel: netty-tcnative-boringssl-static: memory-cache side-channel attack on DSA signatures [fuse-7.0.0]


Fuse on EAP doesn’t start when Java Security Manager is enabled


CVE-2018-8018 camel-ignite: ignite: Improper deserialization allows for code execution via GridClientJdkMarshaller endpoint [fuse-6.3.0]


[Hawtio] Select disappears after the option is reselected with CTRL button pressed in Route Chart in Camel


hawtio-swagger in console shows 500 Response code


Missing me.snowdrop:narayana-spring-boot-starter in BOM


[Hawtio] Broken link in Help page


HAWTIO:OSGi:FRAMEWORK Viewer can see save button.


Unable to install fhir features


Unable to connect to fuse 7.1 using client.bat script


NPE after using CTRL+C followed by shut down of fuse


Unify jetty version with karaf feature and fuse-karaf-bom


Karaf client returns code 0 even though an error occurs


org.jboss.redhat-fuse/cxf-wadl2java-plugin does not work


UnmarshalException while executing lookupAgents in jolokia:type=Discovery


camel-linkedin: java.lang.SecurityException: Invalid CSRF code!


Compilation error caused by changes to Kafka broker


When to execute `./bin/client 'log:tail'`the end of log is not displayed


Readme for persistence quickstarts contains wrong versions


camel-jms quickstart Readme is missing pax-jms-config feature


"Hawtio:osgi:features: When I install or uninstall application-without-isolation/1.0.0


[Hawtio] Wrong work of checkboxes in Browse tab of Endpoint in Camel


Version mismatch in eap-installer 7.1.1.CR1


Unable to locate resource [./cxfws-cdi-xml.xml] for import! using camel-cdi


Unable to deploy Fuse 7.1 sample project to OpenShift


camel-hl7 example throws error when consuming file on Windows


"eap-camel-[amq|jpa] quickstart - Warning Missing SSO_URL"


spring-boot-camel-xa template points to wrong git tag


Wrong fuse version in fabric8-quickstarts


Camel-CXF: Karaf feature is not working


OPTIONS Http request on REST resource returns incorrect content of Allow header


"Salesforce on-create


Hawtio: Red Hat Fuse logo disappeared


Fuse Console default connection details


Hawtio: Bad links in Help page


Hawtio: opened bundle details in a new tab/window does not show data


s2i-fuse71-eap-camel-cxf-jaxws : HTTP method POST is not supported by this URL


camel-core WARN No CamelContext defined yet so cannot inject into bean


Post method doesn’t work on restlet component on Karaf


CVE-2018-1284 hive: Mishandled input in allows users to access arbitrary files via crafted XML [fis-2.0]


An autocreated CXF Bus not shut down in CxfSpringEndpoint


Backport CAMEL-12728 to Fuse 7.x


CTRL+L clearing the entered line on Karaf CLI


Karaf’s jms command does not work with JMS 1.1 connection factory e.g. AMQ-6 client


Unable to setup credentials on SJMSBatchComponent in camel-sjms


[Hawtio] Camel tree disappears after page refresh in specific route


eap-camel-cxf-jaxrs - NoSuchMethodError: SystemPropertyAction.getInteger


camel-hdfs2: problems with Fuse 7


Keycloak quickstarts do not work with RH-SSO 7.2.4


Keycloak quickstarts throw NullPointerException when accessing service first time


camel-elasticsearch: accessing remote elasticsearch does not work


Hawtio: Duplicating of context after suspend/start context from Karaf console


[Hawtio] Strange behavior of Chart in Endpoints in Camel


Unable to register security - ClassNotFoundException: BouncyCastleProvider


Wrong SERVICE_NAME in karaf-cxf-rest quickstart


WildFly server reload leads to multiple CamelContextRegistry instances in CamelContextTrackerRegistry


karaf-camel-rest-sql - provided mysql deployment doesn’t work


Encode/Encrypt password provided as option in CXFJMS Configuration address when logging into console


SPRINGBOOT:HAWTIO: too many redirects in remote connection


camel-cxf-jaxws-cdi-secure does not work with IBM java


Hawtio redirect issue


Hawtio: impossible to add the property name consisting of more than one word in Configuration


Hawtio: some OSGi Feature dependencies link to broken page


Hawtio: OSGi Configuration details page shows no data after reloading


Hawtio console new connection defaults


HAWTIO:HELP: JMX link redirects you to hawtio.


Hawtio: OSGi Bundles page shows no data after reloading


Hawtio: continuous loop of POST requests in a login page


EAP:FUSE:HAWTIO:CONNECT Cannot add connect


fuse-karaf tests with hard coded version numbers

Legal Notice

Copyright © 2020 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.