Announcement Announcement Module
Collapse
No announcement yet.
Spring Security 2.0.0 RC1 Released Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring Security 2.0.0 RC1 Released

    Dear Spring Community

    I'm delighted to announce that Spring Security 2.0.0 RC1 is now available. This is our first release candidate, with the core framework now considered feature complete.

    We've addressed over 65 issues in this new release, including:

    * Authentication support for OpenID, which is rapidly becoming the de facto standard for Internet SSO
    * Method authorization support via the new "protect-pointcut" element, which uses the powerful AspectJ pointcut expression language
    * Dynamic retrieval of method authorization metadata from multiple sources (AspectJ, declarative XML, @Secured, JSR 250 annotations etc)
    * Complete support for method authorization on superclass, generic, bridge, class and interface methods
    * Web authorization of restful URIs
    * Further expansion of namespace capabilities
    * Continued simplification and improvement of the end user experience
    * Improvements to the "tutorial" sample
    * Dependency updates and compatibility testing
    * Various refactoring, repackaging and general fixes

    This release is suitable for development purposes, and we warmly welcome your feedback, suggestions and issue reports. Over the coming weeks we will be finalizing the documentation, tests, and ACL support as part of our 2.0.0 final release.

    Please visit http://www.springframework.org/download to download the latest release and access the change log.

    We hope you find this new release useful in your projects.

    Best regards

    Ben Alex
    Project Lead, Spring Security

  • #2
    Congratulations!

    We are very happy with the active developments around Spring Security.

    A question: I would like to integrate Spring Security into my Spring-JPA(Hibernate) application. At the moment the daoAuthenticationProviderfor is not based on JPA or Hibernate. I am urgently looking for a component who does this, including the ACL's. It would be great if such a component would be incorporated in Spring Security.

    Are there any plans for this or are there known examples which I can use?

    I saw this link
    http://toubsen.de/appfuse/acls/new-models
    Would that approach fit with the Spring Security strategy? Could this be done also with apects?
    Last edited by erikvaningen; Apr 4th, 2008, 03:11 AM.

    Comment


    • #3
      Note that as with previous milestone releases, the jars are available from the Spring milestone repository if you are using maven. See Ben Hale's blog entry here for more information

      http://blog.springsource.com/main/20...n-artifacts-2/

      Comment


      • #4
        I understand this Maven thing, but this is now answering my question!

        Comment


        • #5
          My post wasn't meant to answer your question. It was supplementary information to the initial release note as we always get requests for this.

          Comment


          • #6
            Congratulations on reaching this milestone.
            Do you have a (very approximate) date for the final release of 2.0?

            Comment


            • #7
              release for the maven repository

              Hello together!

              Why is there no release to the maven-repository for RC1? This would be very nice, because my actual projects using spring-security (SS) lack this dependency and everything needs to be done manually

              Best regards,
              Patrick

              Comment


              • #8
                Please read the blog article from my post above. Only final releases are uploaded to the central repository. If you want to use intermediate snapshots, milestone releases etc then you can do so by adding the appropriate repository declarations to your maven project.

                Comment


                • #9
                  maven repository

                  Ahh, that is the reason Thanks a lot!

                  Comment


                  • #10
                    Originally posted by erikvaningen View Post
                    Congratulations!

                    We are very happy with the active developments around Spring Security.

                    A question: I would like to integrate Spring Security into my Spring-JPA(Hibernate) application. At the moment the daoAuthenticationProviderfor is not based on JPA or Hibernate.
                    You can still use daoAuthenticationProvider and do your own implementation of UserDetailsService and UserDetails to accomplish this.

                    This is how I did the configuration in applicationContext.xml:
                    Code:
                      <bean id="authenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
                            <property name="userDetailsService" ref="userDetailsService"/>
                        </bean>
                        
                        <bean id="userDetailsService" class="se.xxx.invoice.UserDetailsServiceImpl">
                            <property name="invoiceService" ref="invoiceService"/>
                        </bean>
                    invoiceService is of course the dao service object

                    Comment

                    Working...
                    X