|
@@ -5,7 +5,8 @@ applications:
|
|
</p></section><section name="Changes 0.9.0 to RC1"><ul>
|
|
</p></section><section name="Changes 0.9.0 to RC1"><ul>
|
|
|
|
|
|
<li>The top level package name has changed. Simply find "net.sf.acegisecurity" and replace with
|
|
<li>The top level package name has changed. Simply find "net.sf.acegisecurity" and replace with
|
|
-"org.acegisecurity".</li>
|
|
|
|
|
|
+ "org.springframework.security".
|
|
|
|
+</li>
|
|
|
|
|
|
<li>
|
|
<li>
|
|
DaoAuthenticationProvider has a property, authenticationDao. This property should now be renamed to
|
|
DaoAuthenticationProvider has a property, authenticationDao. This property should now be renamed to
|
|
@@ -17,8 +18,9 @@ In JSPs, each "authz" taglib prefix must be changed from uri="http://acegisecuri
|
|
to uri="http://acegisecurity.org/authz".
|
|
to uri="http://acegisecurity.org/authz".
|
|
</li>
|
|
</li>
|
|
|
|
|
|
-<li>net.sf.acegisecurity.providers.dao.AuthenticationDao is now org.acegisecurity.userdetails.UserDetailsService.
|
|
|
|
-The interface signature has not changed. Similarly, User and UserDetails have moved into the latter's package as well.
|
|
|
|
|
|
+<li>net.sf.acegisecurity.providers.dao.AuthenticationDao is now
|
|
|
|
+ org.springframework.security.userdetails.UserDetailsService.
|
|
|
|
+ The interface signature has not changed. Similarly, User and UserDetails have moved into the latter's package as well.
|
|
If you've implemented your own AuthenticationDao, you'll need to change the class it's implementing and quite likely
|
|
If you've implemented your own AuthenticationDao, you'll need to change the class it's implementing and quite likely
|
|
the import packages for User and UserDetails. In addition, if using JdbcDaoImpl or InMemoryDaoImpl please
|
|
the import packages for User and UserDetails. In addition, if using JdbcDaoImpl or InMemoryDaoImpl please
|
|
note they have moved to this new package.</li>
|
|
note they have moved to this new package.</li>
|
|
@@ -35,18 +37,18 @@ so that we can include it in future Acegi Security releases.</li>
|
|
</ul></section><section name="Changes RC1 to RC2"><ul>
|
|
</ul></section><section name="Changes RC1 to RC2"><ul>
|
|
|
|
|
|
<li>
|
|
<li>
|
|
-org.acegisecurity.ui.rememberme.RememberMeProcessingFilter now requires an authenticationManager property. This will generally
|
|
|
|
-point to an implementation of org.acegisecurity.providers.ProviderManager.
|
|
|
|
|
|
+ org.springframework.security.ui.rememberme.RememberMeProcessingFilter now requires an authenticationManager property. This will generally
|
|
|
|
+point to an implementation of org.springframework.security.providers.ProviderManager.
|
|
</li>
|
|
</li>
|
|
|
|
|
|
<li>
|
|
<li>
|
|
-org.acegisecurity.intercept.web.AuthenticationEntryPoint has moved to a new location,
|
|
|
|
-org.acegisecurity.ui.AuthenticationEntryPoint.
|
|
|
|
|
|
+ org.springframework.security.intercept.web.AuthenticationEntryPoint has moved to a new location,
|
|
|
|
+ org.springframework.security.ui.AuthenticationEntryPoint.
|
|
</li>
|
|
</li>
|
|
|
|
|
|
<li>
|
|
<li>
|
|
-org.acegisecurity.intercept.web.SecurityEnforcementFilter has moved to a new location and name,
|
|
|
|
-org.acegisecurity.ui.ExceptionTranslationFilter. In addition, the "filterSecurityInterceptor"
|
|
|
|
|
|
+ org.springframework.security.intercept.web.SecurityEnforcementFilter has moved to a new location and name,
|
|
|
|
+ org.springframework.security.ui.ExceptionTranslationFilter. In addition, the "filterSecurityInterceptor"
|
|
property on the old SecurityEnforcementFilter class has been removed. This is because
|
|
property on the old SecurityEnforcementFilter class has been removed. This is because
|
|
SecurityEnforcementFilter will no longer delegate to FilterSecurityInterceptor as it has in the
|
|
SecurityEnforcementFilter will no longer delegate to FilterSecurityInterceptor as it has in the
|
|
past. Because this delegation feature has been removed (see SEC-144 for a background as to why),
|
|
past. Because this delegation feature has been removed (see SEC-144 for a background as to why),
|
|
@@ -82,8 +84,9 @@ new AccessDeniedHandler instead if custom handling is required.
|
|
There have been some changes to the LDAP provider APIs to allow for future improvements, as detailed in
|
|
There have been some changes to the LDAP provider APIs to allow for future improvements, as detailed in
|
|
<a href="http://opensource.atlassian.com/projects/spring/browse/SEC-264">SEC-264</a>. These
|
|
<a href="http://opensource.atlassian.com/projects/spring/browse/SEC-264">SEC-264</a>. These
|
|
should only affect users who have written their own extensions to the provider. The general LDAP
|
|
should only affect users who have written their own extensions to the provider. The general LDAP
|
|
-classes are now in the packages org.acegisecurity.ldap and the org.acegisecurity.userdetails.ldap
|
|
|
|
-package has been introduced. The search and authentication classes now return an
|
|
|
|
|
|
+classes are now in the packages org.springframework.security.ldap and the
|
|
|
|
+ org.springframework.security.userdetails.ldap
|
|
|
|
+ package has been introduced. The search and authentication classes now return an
|
|
<a href="../multiproject/acegi-security/apidocs/org/acegisecurity/userdetails/ldap/LdapUserDetails.html">LdapUserDetails</a>
|
|
<a href="../multiproject/acegi-security/apidocs/org/acegisecurity/userdetails/ldap/LdapUserDetails.html">LdapUserDetails</a>
|
|
instance. The LdapAuthoritiesPopulator interface and its default implementation now both make use of
|
|
instance. The LdapAuthoritiesPopulator interface and its default implementation now both make use of
|
|
LdapUserDetails. Any customized versions should be updated to use the new method signatures.
|
|
LdapUserDetails. Any customized versions should be updated to use the new method signatures.
|