Nav

Anypoint Enterprise Security 1.2 Release Notes 

May 14, 2013

MuleSoft is pleased to announce the release of Anypoint Enterprise Security 1.2 which introduces new functionality and improvements to our versatile security module (formerly known as Mule Enterprise Security). For this release, we have focused our efforts bug fixes and improvements.  We also continue to harden our product, making it more stable and easier to use. 

Where appropriate, we have applied a Version 1.2 only marker to identify features or functionality that are available only in the Enterprise runtime.

Install Anypoint Enterprise Security 1.2 to take advantage of the latest and greatest!

Document Revision History

May 14, 2013, v1.0 Initial Publication

Current Release Version

Enterprise Community

Anypoint Enterprise Security

1.2

n/a

New Features and Functionality

  • Delete Client – a message processor which removes clientIDs from the clientStore. 

  • Revoke Token – a message processor which revokes access or refresh tokens, invalidating the corresponding pair as well (i.e. if the message processor revokes the access token, it automatically revokes any refresh token associated with it, and vice versa). 

  • Use with Mule ESB Standalone and Maven – beyond Mule Studio, Anypoint Enterprise Security is now available for use with Mule Standalone and Maven.

Hardware and Software System Requirements

For most use cases, Anypoint Enterprise Security 1.2 does not change the hardware and software system requirements established by Mule Enterprise Security 1.1. https://www.mulesoft.com/support-login[Contact MuleSoft Support] with any questions you may have about system requirements.

Important Notes and Known Issues in this Release

This list covers some of the known issues with Anypoint Enterprise Security 1.2. Please read this list before reporting any issues you may have spotted.

SEC-146

The grant configuration on the config element and at the client level is not consistent

SEC-120

The default object stores are shared when there is more than one instance of the provider

SEC-143

Simplify AccessTokenStoreHolder

SEC-156

Resource Owner Password Credentials does not support Refresh Token grant type

SEC-157

Cannot refresh an access token after it has expired

Fixed in this Release

SEC-157

Cannot refresh an access token after it has expired

SEC-156

Resource Owner Password Credentials does not support Refresh Token grant type

SEC-155

When refreshing an access token, whether to provide a new refresh token or not should be configurable

SEC-152

Release 2.0-SNAPSHOT for Service Registry

SEC-151

Tokens do not expire when overriding stores

SEC-149

Signature and Property placeholder module are not being deployed

SEC-147

Revoke token MP should also support revoking a refresh token

SEC-145

Update schema version with new 1.2 release

SEC-144

Exclude log4.xml from jar

SEC-143

Simplify AccessTokenStoreHolder

SEC-142

Make resource owner security provider optional

SEC-141

Simplify the store holders

SEC-139

Make sure all callbacks invoke processEvent instead of process

SEC-138

Avoid license from being in the distribution

SEC-137

Provide a way to revoke a token

SEC-136

Provide a way to remove registered clients

SEC-132

OAuth2 provider module passes seconds to object store TTLs in milliseconds

SEC-131

OAuth2 validate and validateClient lose outbound message properties

SEC-130

Add an option to the Validate MP to throw an exception when the token is invalid

SEC-128

Recompile Enterprise Security components with the latest devKit

SEC-126

Refactor package of mule-module-security-crc32 to be com.mulesoft.security

SEC-125

Bearer headers are not decoded properly

SEC-115

Add a new message processor to obtain the authorized user

SEC-113

Fix CRC32 building block description text

SEC-106

The secure property placeholder is not working on Studio

Third Party Connectors and other modules

At this time, not all of the third party modules you may have been using with previous versions of Mule ESB have been upgraded to work with Mule 3.4.0. Refer to the Third-Party Software In Mule for complete details. https://www.mulesoft.com/support-login[Contact MuleSoft Support] if you have a question about a specific module.

Support Resources

  • Refer to MuleSoft’s online Documentation at docs.mulesoft.com for instructions on how to use Anypoint Enterprise Security.

  • Access MuleSoft’s Forums to pose questions and get help from Mule’s broad community of users.

  • To access MuleSoft’s expert support team, https://www.mulesoft.com/support-and-services/mule-esb-support-license-subscription[subscribe] to Mule Enterprise and log in to MuleSoft’s http://www.mulesoft.com/support-login[Customer Portal].