|
|
@@ -1,16 +1,65 @@
|
|
|
--------------------------------
|
|
|
Acegi Security System for Spring
|
|
|
--------------------------------
|
|
|
+
|
|
|
|
|
|
-What is Acegi Security?
|
|
|
+Spring Security 2.0.0 Released
|
|
|
+
|
|
|
+ Acegi Security is now {{{http://www.springframework.org/projects/}Spring Security}},
|
|
|
+ the official security project of the {{{http://www.springframework.org/projects/}Spring Portfolio}}.
|
|
|
+ If you are planning a new project, we'd recommend you consider using Spring Security.
|
|
|
+ Acegi Security 1.0.7 will be the last non-critical release of the 1.0.x series.
|
|
|
+
|
|
|
+ Spring Security 2.0.0 builds on Acegi Security's solid foundations, adding many new features:
|
|
|
|
|
|
- Acegi Security is a powerful, flexible security solution for enterprise software,
|
|
|
- with a particular emphasis on applications that use
|
|
|
- {{{http://www.springframework.org/}Spring}}. Using Acegi Security provides your
|
|
|
- applications with comprehensive authentication, authorization, instance-based access control,
|
|
|
- channel security and human user detection capabilities.
|
|
|
+ * Simplified namespace-based configuration syntax. Old configurations
|
|
|
+ could require hundreds of lines of XML but our new convention over configuration
|
|
|
+ approach ensures that many deployments will now require less than 10 lines.
|
|
|
|
|
|
-Key Features
|
|
|
+ * OpenID integration, which is the web's emerging single sign on
|
|
|
+ standard (supported by Google, IBM, Sun, Yahoo and others)
|
|
|
+
|
|
|
+ * Windows NTLM support, providing easy enterprise-wide single sign on
|
|
|
+ against Windows corporate networks
|
|
|
+
|
|
|
+ * Support for JSR 250 ("EJB 3") security annotations, delivering a
|
|
|
+ standards-based model for authorization metadata
|
|
|
+
|
|
|
+ * AspectJ pointcut expression language support, allowing developers to
|
|
|
+ apply cross-cutting security logic across their Spring managed objects
|
|
|
+
|
|
|
+ * Substantial improvements to the high-performance domain object
|
|
|
+ instance security ("ACL") capabilities
|
|
|
+
|
|
|
+ * Comprehensive support for RESTful web request authorization, which
|
|
|
+ works well with Spring 2.5's @MVC model for building RESTful systems
|
|
|
+
|
|
|
+ * Long-requested support for groups, hierarchical roles and a user
|
|
|
+ management API, which all combine to reduce development time and
|
|
|
+ significantly improve system administration
|
|
|
+
|
|
|
+ * An improved, database-backed "remember me" implementation
|
|
|
+
|
|
|
+ * Support for portlet authentication out-of-the-box
|
|
|
+
|
|
|
+ * Support for additional languages
|
|
|
+
|
|
|
+ * Numerous other general improvements, documentation and new samples
|
|
|
+
|
|
|
+ * New support for web state and flow transition authorization through
|
|
|
+ the Spring Web Flow 2.0 release
|
|
|
+
|
|
|
+ * New support for visualizing secured methods, plus configuration
|
|
|
+ auto-completion support in Spring IDE
|
|
|
+
|
|
|
+ * Enhanced WSS (formerly WS-Security) support through the Spring Web
|
|
|
+ Services 1.5 release
|
|
|
+
|
|
|
+ Please visit {{{http://www.springframework.org/download}http://www.springframework.org/download}}
|
|
|
+ to download the latest release and access the change log.
|
|
|
+
|
|
|
+
|
|
|
+Acegi Security - Key Features
|
|
|
|
|
|
* <<Stable and mature:>> Acegi Security 1.0.0 was released in May 2006 after
|
|
|
more than two and a half years of use in large production software projects, 70,000+ downloads
|
Luke Taylor