Announcement Announcement Module
Collapse
No announcement yet.
Announcement: Acegi Security - new release 0.6.1 Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Announcement: Acegi Security - new release 0.6.1

    Dear Spring Community

    I'm pleased to announce the Acegi Security System for Spring release 0.6.1 is now available from http://acegisecurity.sourceforge.net. The project provides comprehensive security services for The Spring Framework.

    FEATURES:

    * It is ready NOW
    * Easy to use and deploy (eg see samples/quick-start directory)
    * Enterprise-wide single sign on (via Yale Uni's CAS project)
    * Reuses your Spring expertise
    * Domain object instance security
    * Non-intrusive setup
    * Full (but optional) container integration
    * Keeps your objects free of security code
    * Secures your HTTP requests (regular expressions, Ant Paths etc)
    * Channel security (HTTPS/HTTP auto redirection etc)
    * Supports HTTP BASIC authentication (RFC 1945)
    * Convenient security taglib
    * Application context or attribute-based configuration
    * Various authentication backends (including JDBC)
    * Event support
    * Easy integration with existing databases (no schema changes)
    * Caching (now pluggable, with an EHCACHE implementation)
    * Pluggable architecture
    * Startup-time validation
    * Remoting support (demonstrated in sample application)
    * Advanced password encoding (SHA, MD5, salts etc)
    * Run-as replacement
    * Unit tests (Clover coverage is currently 98%)
    * Container integration tests
    * Supports your own unit tests
    * Peer reviewed
    * Thorough documentation
    * Apache license

    CHANGES IN 0.6.1:

    * Resolved to use http://apr.apache.org/versioning.html for versioning
    * Added additional DaoAuthenticationProvider event when user not found
    * Added Authentication.getDetails() to DaoAuthenticationProvider resp
    * Added DaoAuthenticationProvider.hideUserNotFoundExceptio ns
    * Added PasswordAuthenticationProvider for password-validating DAOs
    * Added FilterToBeanProxy compatibility with ContextLoaderServlet
    * Added convenience methods to ConfigAttributeDefinition
    * Improved sample applications' bean reference notation
    * Clarified contract for ObjectDefinitionSource.getAttributes(Object)
    * Extracted removeUserFromCache(String) to UserCache interface
    * Improved ConfigAttributeEditor so it trims spaces
    * Refactored UsernamePasswordAuthenticationToken.getDetails() to Object
    * Fixed MethodDefinitionAttributes to implement ObjectDefinitionSource
    * Fixed EH-CACHE-based caching implementation behaviour if cache exists
    * Fixed Ant "release" target not including project.properties
    * Fixed GrantedAuthorityEffectiveAclsResolver if null ACLs provided
    * Documentation improvements

    As per the Apache APR project versioning guidelines (URL above), this is a patch release. Existing users of release 0.6 should be able to upgrade by simply replacing the JAR(s) and testing.

    Please visit http://acegisecurity.sourceforge.net to access the latest
    release or read more about the features.

    Best regards
    Ben
Working...
X