Client ID Enforcement

Fix policy schema not allowing additional properties via REST API.

When using HTTP Basic Authentication Header, policy was expecting a specific value for Client ID Expression.

First Flex compatible Policy.

Separated Policy Definition from Policy Implementation. Stronger validations applied to a given policy configuration.

An error occurred when generating the response of a multipart SOAP request with invalid credentials.

Added OAS 3.0 code snippet in the policy YAML file.

Error handling responses revised for WSDL APIs to be compliant with SOAP 1.1 and 1.2.

Performance improvements are made to the header manipulation engine.

Several performance improvements made in error handling.

After the policy was applied, HTTP headers did not follow the RFC 2616 requirement of case-sensitivity:

An error occurred when handling invalid header values of the Basic Authentication policy.

When requests are made to the protected API endpoint with the Client ID Enforcement policy that does not include the client ID and/or secret, a log entry is now created with the details. However, this logging occurs only when you have specified the Debug level in the log4j settings.

Several performance improvements were introduced in this release.

An error occurs in Mule versions v4.1.1, v4.1.2, 4,1,3 and 4.1.4 when a policy is deployed to applications that have the mule-secure-configuration-property-module plugin configured. To resolve this issue, upgrade the specified plugin in the application to version 1.1.0.

Introduced support for encrypting sensitive information related to the policy. The runtime version must be correctly configured to support encryption. Encryption support was introduced in Mule Runtime v4.2.0.

Several performance improvements were introduced in this release.

An error occurs in Mule versions v4.1.1, v4.1.2, 4,1,3 and 4.1.4 when a policy is deployed to applications that have the mule-secure-configuration-property-module plugin configured. To resolve this issue, upgrade the specified plugin in the application to version 1.1.0.

Improved RAML and OAS Snippets.

Added violationCategory in the YAML configuration file for Feedback Loop.

An error occurred when attempting to set Authentication in an existing authentication object. This error is now resolved.

Reduced error-handling verbosity in templates.

An ExpressionRuntimeException error occurred when a WSDL proxy received an empty payload, or an invalid XML. This error is now resolved.