Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Tree: 992cf44b36
Branches Tags
spring-security
/
changelog.txt

changelog.txt 8.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165 
  1. Changes in version 0.7 (2004-xx-xx)
    2. 

  2. -----------------------------------
    3. 

  3. 

  4. * Added MethodDefinitionSourceAdvisor for performance and autoproxying
    5. 

  5. * Added MethodDefinitionMap querying of interfaces defined by secure objects
    6. 

  6. * Documentation improvements
    7. 

  7. 

  8. Changes in version 0.6.1 (2004-09-25)
    9. 

  9. -------------------------------------
    10. 

  10. 

  11. * Resolved to use http://apr.apache.org/versioning.html for future versioning
    12. 

  12. * Added additional DaoAuthenticationProvider event when user not found
    13. 

  13. * Added Authentication.getDetails() to DaoAuthenticationProvider response
    14. 

  14. * Added DaoAuthenticationProvider.hideUserNotFoundExceptions (default=true)
    15. 

  15. * Added PasswordAuthenticationProvider for password-validating DAOs (eg LDAP)
    16. 

  16. * Added FilterToBeanProxy compatibility with ContextLoaderServlet (lazy inits)
    17. 

  17. * Added convenience methods to ConfigAttributeDefinition
    18. 

  18. * Improved sample applications' bean reference notation
    19. 

  19. * Clarified contract for ObjectDefinitionSource.getAttributes(Object)
    20. 

  20. * Extracted removeUserFromCache(String) to UserCache interface
    21. 

  21. * Improved ConfigAttributeEditor so it trims preceding and trailing spaces
    22. 

  22. * Refactored UsernamePasswordAuthenticationToken.getDetails() to Object
    23. 

  23. * Fixed MethodDefinitionAttributes to implement ObjectDefinitionSource change
    24. 

  24. * Fixed EH-CACHE-based caching implementation behaviour when cache exists
    25. 

  25. * Fixed Ant "release" target not including project.properties
    26. 

  26. * Fixed GrantedAuthorityEffectiveAclsResolver if null ACLs provided to method
    27. 

  27. * Documentation improvements
    28. 

  28. 

  29. Changes in version 0.6 (2004-08-09)
    30. 

  30. -----------------------------------
    31. 

  31. 

  32. * Added domain object instance access control list (ACL) packages
    33. 

  33. * Added feature so DaoAuthenticationProvider returns User in Authentication
    34. 

  34. * Added AbstractIntegrationFilter.secureContext property for custom contexts
    35. 

  35. * Added stack trace logging to SecurityEnforcementFilter
    36. 

  36. * Added exception-specific target URLs to AbstractProcessingFilter
    37. 

  37. * Added JdbcDaoImpl hook so subclasses can insert custom granted authorities
    38. 

  38. * Added AuthenticationProvider that wraps JAAS login modules
    39. 

  39. * Added support for EL expressions in the authz tag library
    40. 

  40. * Added failed Authentication object to AuthenticationExceptions
    41. 

  41. * Added signed JARs to all official release builds (see readme.txt)
    42. 

  42. * Added remote client authentication validation package
    43. 

  43. * Added protected sendAccessDeniedError method to SecurityEnforcementFilter
    44. 

  44. * Updated Authentication to be serializable (Weblogic support)
    45. 

  45. * Updated JAR to Spring 1.1 RC 1
    46. 

  46. * Updated to Clover 1.3
    47. 

  47. * Updated to HSQLDB version 1.7.2 Release Candidate 6D
    48. 

  48. * Refactored User to net.sf.acegisecurity.UserDetails interface
    49. 

  49. * Refactored CAS package to store UserDetails in CasAuthenticationToken
    50. 

  50. * Improved organisation of DaoAuthenticationProvider to facilitate subclassing
    51. 

  51. * Improved test coverage (now 98.3%)
    52. 

  52. * Improved JDBC-based tests to use in-memory database rather than filesystem
    53. 

  53. * Fixed Linux compatibility issues (directory case sensitivity etc)
    54. 

  54. * Fixed AbstractProcessingFilter to handle servlet spec container differences
    55. 

  55. * Fixed AbstractIntegrationFilter to resolve a Weblogic compatibility issue
    56. 

  56. * Fixed CasAuthenticationToken if proxy granting ticket callback not requested
    57. 

  57. * Fixed EH-CACHE handling on web context refresh
    58. 

  58. * Documentation improvements
    59. 

  59. 

  60. Changes in version 0.51 (2004-06-06)
    61. 

  61. ------------------------------------
    62. 

  62. 

  63. * Added samples/quick-start
    64. 

  64. * Added NullRunAsManager and made default for AbstractSecurityInterceptor
    65. 

  65. * Added event notification (see net.sf.acegisecurity.providers.dao.event)
    66. 

  66. * Updated JAR to Spring 1.0.2
    67. 

  67. * Updated JAR to Commons Attributes CVS snapshot from Spring 1.0.2 release
    68. 

  68. * Updated GrantedAuthorityImpl to be serializable (JBoss support)
    69. 

  69. * Updated Authentication interface to present extra details for a request
    70. 

  70. * Updated Authentication interface to subclass java.security.Principal
    71. 

  71. * Refactored DaoAuthenticationProvider caching (refer to reference docs)
    72. 

  72. * Improved HttpSessionIntegrationFilter to manage additional attributes
    73. 

  73. * Improved URL encoding during redirects
    74. 

  74. * Fixed issue with hot deploy of EhCacheBasedTicketCache (used with CAS)
    75. 

  75. * Fixed issue with NullPointerExceptions in taglib
    76. 

  76. * Removed DaoAuthenticationToken and session-based caching
    77. 

  77. * Documentation improvements
    78. 

  78. * Upgrade Note: DaoAuthenticationProvider no longer has a "key" property
    79. 

  79. 

  80. Changes in version 0.5 (2004-04-29)
    81. 

  81. -----------------------------------
    82. 

  82. 

  83. * Added single sign on support via Yale Central Authentication Service (CAS)
    84. 

  84. * Added full support for HTTP Basic Authentication
    85. 

  85. * Added caching for DaoAuthenticationProvider successful authentications
    86. 

  86. * Added Burlap and Hessian remoting to Contacts sample application
    87. 

  87. * Added pluggable password encoders including plaintext, SHA and MD5
    88. 

  88. * Added pluggable salt sources to enhance security of hashed passwords
    89. 

  89. * Added FilterToBeanProxy to obtain filters from Spring application context
    90. 

  90. * Added support for prepending strings to roles created by JdbcDaoImpl
    91. 

  91. * Added support for user definition of SQL statements used by JdbcDaoImpl
    92. 

  92. * Added definable prefixes to avoid expectation of "ROLE_" GrantedAuthoritys
    93. 

  93. * Added pluggable AuthenticationEntryPoints to SecurityEnforcementFilter
    94. 

  94. * Added Apache Ant path syntax support to SecurityEnforcementFilter
    95. 

  95. * Added filter to automate web channel requirements (eg HTTPS redirection)
    96. 

  96. * Updated JAR to Spring 1.0.1
    97. 

  97. * Updated several classes to use absolute (not relative) redirection URLs
    98. 

  98. * Refactored filters to use Spring application context lifecycle support
    99. 

  99. * Improved constructor detection of nulls in User and other key objects
    100. 

  100. * Fixed FilterInvocation.getRequestUrl() to also include getPathInfo()
    101. 

  101. * Fixed Contacts sample application <A></A> tags
    102. 

  102. * Established acegisecurity-developer mailing list
    103. 

  103. * Documentation improvements
    104. 

  104. 

  105. Changes in version 0.4 (2004-04-03)
    106. 

  106. -----------------------------------
    107. 

  107. 

  108. * Added HTTP session authentication as an alternative to container adapters
    109. 

  109. * Added HTTP request security interceptor (offers considerable flexibility)
    110. 

  110. * Added security taglib
    111. 

  111. * Added Clover test coverage instrumentation (currently 97.2%)
    112. 

  112. * Added support for Catalina (Tomcat) 4.1.30 to in-container integration tests
    113. 

  113. * Added HTML test and summary reporting to in-container integration tests
    114. 

  114. * Updated JARs to Spring Framework release 1.0, with associated AOP changes
    115. 

  115. * Updated to Apache License version 2.0
    116. 

  116. * Updated copyright with permission of past contributors
    117. 

  117. * Refactored unit tests to use mock objects and focus on a single class each
    118. 

  118. * Refactored many classes to enable insertion of mock objects during testing
    119. 

  119. * Refactored core classes to ease support of new secure object types
    120. 

  120. * Changed package layout to better describe the role of contained items
    121. 

  121. * Changed the extractor to extract additional classes from JBoss and Catalina
    122. 

  122. * Changed Jetty container adapter configuration (see reference documentation)
    123. 

  123. * Improved AutoIntegrationFilter handling of deployments without JBoss JARs
    124. 

  124. * Fixed case handling support in data access object authentication provider
    125. 

  125. * Documentation improvements
    126. 

  126. 

  127. Changes in version 0.3 (2004-03-16)
    128. 

  128. -----------------------------------
    129. 

  129. 

  130. * Added "in container" unit test system for container adapters and sample app
    131. 

  131. * Added library extractor tool to reduce the "with deps" ZIP release sizes
    132. 

  132. * Added unit test to the attributes sample
    133. 

  133. * Added Jalopy source formatting
    134. 

  134. * Modified all files to use net.sf.acegisecurity namespace
    135. 

  135. * Renamed springsecurity.xml to acegisecurity.xml for consistency
    136. 

  136. * Reduced length of ZIP and JAR filenames
    137. 

  137. * Clarified licenses and sources for all included libraries
    138. 

  138. * Updated documentation to reflect new file and package names
    139. 

  139. * Setup Sourceforge.net project and added to CVS etc
    140. 

  140. 

  141. Changes in version 0.2 (2004-03-10)
    142. 

  142. -----------------------------------
    143. 

  143. 

  144. * Added Commons Attributes support and sample (thanks to Cameron Braid)
    145. 

  145. * Added JBoss container adapter
    146. 

  146. * Added Resin container adapter
    147. 

  147. * Added JDBC DAO authentication provider
    148. 

  148. * Added several filter implementations for container adapter integration
    149. 

  149. * Added SecurityInterceptor startup time validation of ConfigAttributes
    150. 

  150. * Added more unit tests
    151. 

  151. * Refactored ConfigAttribute to interface and added concrete implementation
    152. 

  152. * Enhanced diagnostics information provided by sample application debug.jsp
    153. 

  153. * Modified sample application for wider container portability (Resin, JBoss)
    154. 

  154. * Fixed switch block in voting decision manager implementations
    155. 

  155. * Removed Spring MVC interceptor for container adapter integration
    156. 

  156. * Documentation improvements
    157. 

  157. 

  158. Changes in version 0.1 (2004-03-03)
    159. 

  159. -----------------------------------
    160. 

  160. 

  161. * Initial public release
    162. 

  162. 

  163. 

  164. 

  165. $Id$
    166.