首页 发现 帮助
注册 登录
github
/
spring-security
镜像自地址 https://github.com/spring-projects/spring-security
2
0
派生 0
文件 工单管理 0 Wiki
目录树: ac3b142e4f
分支列表 标签列表
spring-security
/
doc
/
xdocs
/
upgrade
/
upgrade-070-080.xml

upgrade-070-080.xml 2.4 KB
文件历史 原始文件

1234567891011121314151617181920212223242526272829303132333435363738394041 
  1. <?xml version="1.0" encoding="ISO-8859-1"?>
    2. 

  2. <document><properties><title>Acegi Security - Upgrading from version 0.7.0 to 0.8.0</title></properties><body><section name="Upgrading from 0.7.0 to 0.8.0"><p>
    3. 

  3. The following should help most casual users of the project update their
    4. 

  4. applications:
    5. 

  5. 

  6.     <ul>
    7. 

  7. 

  8.     <li>HttpSessionIntegrationFilter has been removed. Use net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter instead. 
    9. 

  9.     Note you will need to set the mandatory "context" property to something like "net.sf.acegisecurity.context.security.SecureContextImpl".
    10. 

  10.     It's not the default because we want no dependencies between the context package and the rest of Acegi Security.<br></br><br></br></li>
    11. 

  11.     
    12. 

  12. 	<li>Filter ordering has changed. See the reference guide for confirmation of the correct ordering. Basically you should have
    13. 

  13. 	HttpSessionContextIntegrationFilter appear before any of your authentication mechanisms.<br></br><br></br></li>
    14. 

  14.     
    15. 

  15. 	<li>IoC container hosted filter chains can now be used instead of lengthy web.xml declarations. See the reference guide or the
    16. 

  16. 	Contacts Sample for further information.<br></br><br></br></li>
    17. 

  17. 

  18. 	<li>Certain classes have been moved to new packages: ContextHolderAwareRequestWrapper (and its filter),
    19. 

  19. 	AuthenticationSimpleHttpInvokerRequestExecutor, ContextPropagatingRemoteInvocation,
    20. 

  20. 	SecureContext (and its implementation). These classes were moved as part of refactorings aimed at
    21. 

  21. 	improving the simplicity of the project's design.<br></br><br></br></li>
    22. 

  22. 

  23. 	<li>If you wish to use the new ConcurrentSessionController you must declare the HttpSessionEventPublisher context listener in your
    24. 

  24. 	web.xml<br></br><br></br></li>
    25. 

  25. 

  26.     <li>The JaasAuthenticationCallbackHandler interface has had it's setAuthentication method removed.
    27. 

  27.     The handle method now takes both the Callback and Authentication objects as arguments.<br></br><br></br></li>
    28. 

  28.     
    29. 

  29.     <li>Added AuthenticationException to the AutenticationEntryPoint.commence method signature.<br></br><br></br></li>
    30. 

  30.     
    31. 

  31.     <li>Added AccessDeniedException to the SecurityEncorcementFilter.sendAccessDeniedError method signature.<br></br><br></br></li>
    32. 

  32. 

  33.     <li>The Authentication.getDetails() no longer returns simply the IP address used for authentication.
    34. 

  34.     It now returns a WebAuthenticationDetails instance, which contains the IP address, session information,
    35. 

  35.     and can be extended to store further details.<br></br><br></br></li>
    36. 

  36. 

  37.     </ul>
    38. 

  38. 

  39. 

  40. 

  41. </p></section></body></document>
    42.