Web Service Consumer Connector Release Notes - Mule 4

2.0.0

July 16, 2025

What’s New

Web Service Consumer Connector (and its dependencies) are now compilable and compatible only with Java 17.
To align with modern development practices and ensure continued compatibility with secure and supported libraries, Web Service Consumer Connector is upgraded from Spring 5.x to Spring 6.x.

For more information about how to upgrade the connector to version 2.0, refer to Upgrading and Migrating Web Service Consumer Connector to Version 2.0.

Compatibility

Application/Service	Version
Mule	4.9.0 and later
OpenJDK	17

Application/Service

Version

Mule

4.9.0 and later

OpenJDK

17

1.11.3

June 30, 2025

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution ID

Issue Resolution	ID
The `mule-sdk-api` library is upgraded to version 0.8.7 because earlier versions do not include a `<license>` tag in the POM file.	W-18223316

The mule-sdk-api library is upgraded to version 0.8.7 because earlier versions do not include a <license> tag in the POM file.

W-18223316

1.11.2

May 7, 2025

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution	ID
Web Service Consumer Connector now improves logs and removes unnecessary warnings.	W-13593144
Web Service Consumer Connector now contains patched Apache CXF to fix security vulnerabilities.	W-18412824

Issue Resolution

ID

Web Service Consumer Connector now improves logs and removes unnecessary warnings.

W-13593144

Web Service Consumer Connector now contains patched Apache CXF to fix security vulnerabilities.

W-18412824

1.11.1

March 27, 2025

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution	ID
Web Service Consumer Connector now contains patched Spring 5.x to fix security vulnerabilities.	W-17918465

Issue Resolution

ID

Web Service Consumer Connector now contains patched Spring 5.x to fix security vulnerabilities.

W-17918465

1.11.0

February 26, 2025

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution	ID
This release includes general security fixes.	W-17440028

Issue Resolution

ID

This release includes general security fixes.

W-17440028

1.10.3

September 23, 2024

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution	ID
Web Service Consumer Connector no longer returns a null error message when a dispatcher exception occurs.	W-16446386

Issue Resolution

ID

Web Service Consumer Connector no longer returns a null error message when a dispatcher exception occurs.

W-16446386

1.10.2

August 23, 2024

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution ID

Issue Resolution	ID
Web Service Consumer Connector now uses `mule-soap-engine` version 1.9.3 to fix a security vulnerability in the `cxf-core` dependency.	W-16518539

Web Service Consumer Connector now uses mule-soap-engine version 1.9.3 to fix a security vulnerability in the cxf-core dependency.

W-16518539

1.10.1

August 12, 2024

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution ID

Issue Resolution	ID
Web Service Consumer Connector now uses `mule-soap-engine` version 1.9.2 to avoid throwing the `No Content-Type boundled in the message` error. For more information, refer to No Content-Type Boundled in the Message.	W-13628673

Web Service Consumer Connector now uses mule-soap-engine version 1.9.2 to avoid throwing the No Content-Type boundled in the message error. For more information, refer to No Content-Type Boundled in the Message.

W-13628673

1.10.0

June 12, 2024

What’s New

In the connector configuration, use the new Security headers order field to select the order (empty, TimestampAtEnd, or TimestampAtStart) of outgoing WS-Security tags.

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

1.9.0

May 3, 2024

What’s New

This connector is now FIPS 140-2 compliant.

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

1.8.8

May 3, 2024

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution	ID
The following dependencies are upgraded for maintenance: The spring-expression dependency is upgraded to version 5.3.34. The mule-sdk-api dependency is upgraded to version 0.8.2.	W-15438142

Issue Resolution

ID

The following dependencies are upgraded for maintenance:

The spring-expression dependency is upgraded to version 5.3.34.
The mule-sdk-api dependency is upgraded to version 0.8.2.

W-15438142

1.8.7

April 10, 2024

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution	ID
Web Service Consumer Connector now uses mule-soap-engine version 1.9.1 to address a reported security vulnerability.	W-14979268

Issue Resolution

ID

Web Service Consumer Connector now uses mule-soap-engine version 1.9.1 to address a reported security vulnerability.

W-14979268

1.8.6

March 13, 2024

What’s New

This connector is now compatible with Java 17.

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

1.8.5

January 31, 2024

Compatibility

Application/Service

Version

Mule

4.1.1 and later

OpenJDK

8 and 11

Fixed Issues

Issue Resolution	ID
Web Service Consumer Connector now uses mule-soap-engine version 1.8.6 to address a reported security vulnerability.	W-14606069

Issue Resolution

ID

Web Service Consumer Connector now uses mule-soap-engine version 1.8.6 to address a reported security vulnerability.

W-14606069

1.8.4

November 28, 2023

Compatibility

Application/Service

Version

Mule

4.1.1 and later

Java

1.8

OpenJDK

8 and 11

Fixed Issues

Issue Resolution	ID
The connector now uses org.apache.santuario:xmlsec:jar:2.3.4 library to address reported security vulnerabilities.	W-14414918

Issue Resolution

ID

The connector now uses org.apache.santuario:xmlsec:jar:2.3.4 library to address reported security vulnerabilities.

W-14414918

1.8.3

August 30, 2023

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue Resolution	ID
Internal dependencies that fix vulnerability issues are updated.	W-13971847

Issue Resolution

ID

Internal dependencies that fix vulnerability issues are updated.

W-13971847

1.8.2

April 24, 2023

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue Resolution	ID
The spring expression library is upgraded to version 5.3.27.	W-13064379

Issue Resolution

ID

The spring expression library is upgraded to version 5.3.27.

W-13064379

1.8.1

March 7, 2023

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue Resolution ID

Issue Resolution	ID
Web Service Consumer connector has a new system property `mule.soap.maxAttributeSize`. The XML parser library has a limit that specifies maximum allowed length (in characters) of attribute values. This limit protects against possible Denial-of-Service (DoS) attacks. The default limit value is 524288 characters and it is a reasonable default value for normal usage. You can change it to a higher value if input documents can legitimately exceed the default limit, or to a lower value if specific attacks are observed or the system has a lower resource allocation. The maximum value allowed is 2147483647 (Integer.MAX_VALUE in Java). If you set 0 or if you don’t set the property, the connector takes the default value.	W-12429671

Web Service Consumer connector has a new system property mule.soap.maxAttributeSize.

The XML parser library has a limit that specifies maximum allowed length (in characters) of attribute values. This limit protects against possible Denial-of-Service (DoS) attacks.

The default limit value is 524288 characters and it is a reasonable default value for normal usage. You can change it to a higher value if input documents can legitimately exceed the default limit, or to a lower value if specific attacks are observed or the system has a lower resource allocation. The maximum value allowed is 2147483647 (Integer.MAX_VALUE in Java). If you set 0 or if you don’t set the property, the connector takes the default value.

W-12429671

1.8.0 (Deprecated)

February 2, 2023

This version is deprecated. All of the features and fixed issues for this version are in version 1.8.1.

1.7.2

January 10, 2023

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue Resolution	ID
Internal dependencies that fix vulnerability issues are updated.	W-12276489

Issue Resolution

ID

Internal dependencies that fix vulnerability issues are updated.

W-12276489

1.7.1

November 3, 2022

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue	ID
Internal dependencies that fix vulnerability issues are updated.	W-11983186

Issue

ID

Internal dependencies that fix vulnerability issues are updated.

W-11983186

1.7.0

October 3, 2022

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue ID

Issue	ID
Web Service Consumer Connector now adds additionalTransportData when throwing exceptions in a failure scenario.	W-11210481
Web Service Consumer Connector now throws the `WSC:EMPTY_RESPONSE` message instead of `WSC:BAD_RESPONSE` when mandatory fields are missing from the response (Illegal Empty Response).	W-11058572
Updated internal WSDL parser of the connector.	W-11618208

Web Service Consumer Connector now adds additionalTransportData when throwing exceptions in a failure scenario.

W-11210481

Web Service Consumer Connector now throws the WSC:EMPTY_RESPONSE message instead of WSC:BAD_RESPONSE when mandatory fields are missing from the response (Illegal Empty Response).

W-11058572

Updated internal WSDL parser of the connector.

W-11618208

1.6.14

August 9, 2022

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue	ID
SOAP request compression now works correctly with Web Service Consumer Connector.	W-11399540

Issue

ID

SOAP request compression now works correctly with Web Service Consumer Connector.

W-11399540

1.6.13

June 28, 2022

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue	ID
Updated internal dependencies.	W-11357865

Issue

ID

Updated internal dependencies.

W-11357865

1.6.12

June 16, 2022

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue	ID
Updated internal dependencies.	W-11227883

Issue

ID

Updated internal dependencies.

W-11227883

1.6.11

May 12, 2022

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue ID

Issue	ID
Web Service Consumer Connector no longer throws the message `No Content-Type boundled in the message` in CloudHub when the web service response contains the Content-type header.	W-10818756

Web Service Consumer Connector no longer throws the message No Content-Type boundled in the message in CloudHub when the web service response contains the Content-type header.

W-10818756

1.6.10

April 19, 2022

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue	ID
Internal dependencies updated.	W-10940986

Issue

ID

Internal dependencies updated.

W-10940986

1.6.9

February 04, 2022

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue	ID
The connector is now able to decode file attachments using base64 encoding.	WSCC-131

Issue

ID

The connector is now able to decode file attachments using base64 encoding.

WSCC-131

1.6.8

January 14, 2022

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue ID

The connector no longer sets the indentation in the XML header by default, which prevents breaking the digital signature when the header contains a signed SAML assertion.

WSCC-125

Added new property mule.soap.enable.namespaces, which prevents resolving two headers with different namespaces as a duplicated header.

WSCC-124

1.6.7

December 3, 2021

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue

ID

Response message did not contain the proper response data error due to an invalid SOAP response with an empty body.

WSCC-122

Error logged when there are spaces after a response tag.

WSCC-121

1.6.6

August 23, 2021

Compatibility

Application/Service	Version
Mule	4.1.1 and later

Fixed Issues

Issue

ID

A parsing error occurred in the WSDL attachment response enrichment when there was more than one root element in the body of the SOAP response message.

WSCC-120

1.6.5

July 29, 2021

Fixed Issues

Fixed Web Service Consumer Connector dependencies to run properly on JDK 11. (WSCC-119)

1.6.4

March 23, 2021

Fixed Issues

Now the MTOM flag affects only outgoing messages because some servers do not manage incoming multi-part messages. Web Service Consumer input messages are treated the same regardless of whether those messages are MTOM or not.

1.6.3

January 26, 2021

Fixed Issues

Fixed an issue in which mtom input attachment remains inaccessible in responses.

1.6.2

December 29, 2020

Fixed Issues

Fixed an issue in which large incoming attachments were splitting and not rejoining. (WSCC-104)

1.6.1

July 27, 2020

Features

Added new option to append XML Prolog into the envelope’s body XML content (WSCC-72)

Fixed Issues

Fixed an issue where messages were mistakenly transformed to UTF, regardless of whether they were raw binary content or text, and caused attachments that were not sent encoded in base64 to be corrupt in the process. (WSCC-76)

1.6.0 (Deprecated)

This version is deprecated. All of the features and fixed issues for this version are in version 1.6.1.

1.5.8

March 30, 2020

Fixed Issues

Fixed issue that caused the connector to retry, get, and parse an invalid WSDL. (MULE-18024)
Fixed an issue that may cause the connector initialization to fail randomly. (MULE-18175)

1.5.7

March 9, 2020

Fixed Issues

The issue that caused the connector to fail to parse the WSDL when encountering an operation that didn’t have an input message is fixed. (MULE-18038)

1.5.6

March 4, 2020

Fixed Issues

Fixed issue that caused the connector to fail when using MTOM with a signed request. (MULE-17957)

1.5.5

March 2, 2020

Features

Removes guava dependency and start using java classes instead. (MULE-18126)

1.5.4

January 15, 2020

Fixed Issues

Fixed issue that caused consumption of unnecesary amounts of memory. (MULE-17937)
Fixed issue that caused the connector to fail to find attachments that were not mandatory. (MULE-17928)

1.5.3

December 17, 2019

Fixed Issues

Added caching to resources. (MULE-17742)

1.5.2

November 19, 2019

Fixed Issues

Replace CID:<ATTACHMENT_NAME> with the corresponding XML element when creating a SOAP request. (MULE-17675)

1.5.1

September 17, 2019

Fixed Issues

Fixed issue that caused streams to close before the SOAP responses were consumed. (MULE-17222)

1.5.0

September 2, 2019

Features

Added the ability to configure Web Services Security attributes Actor and Must understand. (MULE-17319)

1.4.1

August 13, 2019

Fixed Issues

Error when processing a SOAP response encoded with an encoding different that the one used by Mule. (MULE-17272)
The HTTP content-type header was not included on an HTTP request that is made to consume an operation. (MULE-17283)
WSDL was not parsed when an operation was missing bindings for input or output. (MULE-17302)

1.4.0

July 16, 2019

Features

Added the ability to configure verification of a web service security timestamp on responses. (MULE-17106)

Fixed Issues

None

1.3.4

July 12, 2019

Fixed Issues

Fixed issue that caused the HTTP transport configuration to not be honored at design time. (MULE-16977)

1.3.3

June 18, 2019

Fixed Issues

Fixed issue that caused performance degradation when using an expression in a configuration. (MULE-16970)

1.3.2

May 3, 2019

Fixed Issues

Fixed issue that caused metadata not being collected when the location of the WSDL was a relative path. (MULE-16876)
Fixed issue that caused the signature and the timestamp to be incorrectly swapped when signing the timestamp. (MULE-16834)
Fixed issue that caused the operation not being loaded on Studio. (MULE-16931)

1.3.1

April 4, 2019

Fixed Issues

Fixed issue that caused the WSDL parsing to fail when an import with HTTPS was included in the WSDL. (MULE-16623)
Fixed issue that caused the connector to fail finding attachments when an element has a namespace. (MULE-16592)
Fixed issue that caused the connector to be unable to decrypt responses using the Key Transport Algorithm RSA 1.5. (MULE-16605)
Fixed issue that caused the connector to be unable to generate the signature value, CXF library version upgraded. (MULE-16637)

1.3.0

February 11, 2019

Features

Able to configure encryption algorithms. (MULE-16099, MULE-16099)
Able to configure signature algorithm. (MULE-16100, MULE-11299)
Able to configure which parts of the request should be signed or encrypted. (MULE-16094)
New web service consumer connector icon. (MULE-16376)

Fixed Issues

Expose HTTP status code. (MULE-16333)
Fixed issue that caused NPE when a SOAP attachment didn’t include a MIME type. (MULE-16441)
Fixed issue that cause the execution of MUnit test to hang if a HTTP:CONNECTIVITY error is thrown. (MULE-16221)

1.2.4

January 29, 2019

Fixed Issues

Update net.sf.Saxon to 9.9.1-1. (MULE-16393)

1.2.3

January 25, 2019

Fixed Issues

Fixed issue that caused XML Schema choice Element not being handled. (MULE-16235)

1.2.2

December 20, 2018

Fixed Issues

Fixed issue when parsing a WSDL that imports another WSDL. (MULE-16231)
Fixed issue that caused NPE when configuring invalid headers to the consume operation. (MULE-16177)

1.2.1

Nov 12, 2018

Fixed Issues

Fixed issue when resolving metadata of a WSDL that contains multiple operations with the same name for different ports. (MULE-15988)
Fixed issue when parsing embedded Base64 attachments. (MULE-15790)

1.2.0

October 29, 2018

Features

This release includes major performance improvements to resolving values for configurations and DataSense.

Known Issues

RPC WSDLs are not supported.

Fixed Issues

WSC headers metadata is being badly generated. (MULE-15922)
Improve the WSC value provider performance. (MULE-15885)
WSC should allow timeout configuration for default HTTP config. (MULE-15844)
Make WSC take advantage of the metadata cache. (MULE-15551)
Upgrade commons-lang3 to 3.7. (MULE-15082)
Upgrade Guava to 25.1. (MULE-15079)
WSC cannot load WSDL files inside JAR files. (MULE-14996)

1.1.1

March 26, 2018

Known Issues

RPC WSDLs are not supported

Fixed Issues

WSC is affected by CVE-2017-9735. (EE-5773)

1.1.0

January 19, 2018

Features

This release includes the following enhancements, changes, and fixes:

Support for multipart messages
Added configuration hints through Value Providers
Same experience for MTON and Soap with Attachments
Improved UX

Known Issues

RPC WSDLs are not supported

Upgrade Requirements

Mule 4.1

Fixed Issues

WSC Connector exports internal classes. (MULE-14445)
Upgrade to CXF 3.2.1. (MULE-14060)
Correct event is not used when running with custom HTTP transport config. (MULE-14388)