Contact Free trial Login

Json Web Token (JWT) Validation Policy

1.1.3

Apr 30, 2020

Minimum Mule Version

Mule 4.1.0

New Features and Enhancements

  • Error handling responses revised for WSDL APIs to be compliant with SOAP 1.1 and 1.2.

  • Performance improvements are introduced to the header manipulation engine.

  • Several performance improvements are introduced in error handling.

Fixed issues

  • After a policy was applied, HTTP headers did not follow the RFC 2616 requirement of case-sensitivity:

  • An error occurred when handling invalid header values of the Basic Authentication policy.

  • When requests are made to the protected API endpoint with the Client ID Enforcement policy that does not include the client ID and/or secret, a log entry is now created with the details. However, this logging occurs only when you have specified the Debug level in the log4j settings.

1.1.2

November 27, 2019

Minimum Mule Version

Mule 4.1.0

Fixed Issues

Escaping issues when setting DataWeave expressions for claim validation.

Known Issues

An error occurs in Mule runtime engine (Mule) versions 4.1.1, 4.1.2, 4.1.3, and 4.1.4 when a policy is deployed to applications that have the mule-secure-configuration-property-module plugin configured. To resolve this issue, upgrade the specified plugin in the application to version 1.1.0.

1.1.1

July 24, 2019

Minimum Mule Version

Mule 4.1.0

New Features and Enhancements

Several performance improvements are introduced in this release.

Fixed Issues

The JSON Web Key Set (JWKS) time-to-live (TTL) was not being changed default. This issue is now resolved.

Known Issues

  • An error occurs in Mule runtime engine (Mule) versions 4.1.1, 4.1.2, 4.1.3, and 4.1.4 when a policy is deployed to applications that have the mule-secure-configuration-property-module plugin configured. To resolve this issue, upgrade the specified plugin in the application to version 1.1.0.

  • When JWT policy is applied to a flow running in Mule 4.2.0 or 4.2.1 Mule and the flow contains an operation that runs on a CPU_INTENSIVE thread, like ee:transform, the flow stops responding under load. To resolve the issue, apply a patch to the Mule runtime engine.

1.1.0

April 26, 2019

Minimum Mule Version

Mule 4.1.0

New Features and Enhancements

  • Introduced support to encrypt sensitive information related to the policy. The Mule version must be properly configured and must support encryption. Encryption is supported starting with Mule v4.2.0.

  • Serveral performance improvements are introduced in this release.

Known Issues

An error occurs in Mule runtime engine (Mule) versions 4.1.1, 4.1.2, 4.1.3, and 4.1.4 when a policy is deployed to applications that have the mule-secure-configuration-property-module plugin configured. To resolve this issue, upgrade the specified plugin in the application to version 1.1.0.

Fixed Issues

When uploading a Public key, the correct UI description was not being displayed. This issue is now resolved.

Known Issues

  • When JWT policy is applied to a flow running in Mule 4.2.0 or 4.2.1 Mule and the flow contains an operation that runs on a CPU_INTENSIVE thread, like ee:transform, the flow stops responding under load. To resolve the issue, apply a patch to the Mule runtime engine. == 1.0.2

January 29, 2019

Minimum Mule Version

Mule 4.1.0

New Features and Enhancements

Improved performance by using CPU intensive scheduler instead of CPU Light.

Fixed Issues

When using a custom claim with DataWeave, an out-of-memory error occurred. This issue is now resolved.

Known Issues

  • When JWT policy is applied to a flow running in Mule 4.2.0 or 4.2.1 Mule and the flow contains an operation that runs on a CPU_INTENSIVE thread, like ee:transform, the flow stops responding under load. To resolve the issue, apply a patch to the Mule runtime engine.

1.0.1

January 10, 2019

Minimum Mule Version

Mule 4.1.0

New Features and Enhancements

Improved the RAML and OAS snippets.

Known Issues

  • When JWT policy is applied to a flow running in Mule 4.2.0 or 4.2.1 Mule and the flow contains an operation that runs on a CPU_INTENSIVE thread, like ee:transform, the flow stops responding under load. To resolve the issue, apply a patch to the Mule runtime engine.

1.0.0

December 21, 2018

Minimum Mule Version

4.1.0

Known Issues

  • When JWT policy is applied to a flow running in Mule 4.2.0 or 4.2.1 Mule and the flow contains an operation that runs on a CPU_INTENSIVE thread, like ee:transform, the flow stops responding under load. To resolve the issue, apply a patch to the Mule runtime engine.

Was this article helpful?

💙 Thanks for your feedback!