| 1234567891011121314151617181920212223242526272829303132333435363738 |
- <html>
- <head>
- <title>Acegi Security - Upgrading from version 0.7.0 to 0.8.0</title>
- </head>
- <body>
- <h1>Upgrading from 0.7.0 to 0.8.0</h1>
- <p>
- The following should help most casual users of the project update their
- applications:
- <ul>
- <li>HttpSessionIntegrationFilter has been removed. Use net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter instead.
- Note you will need to set the mandatory "context" property to something like "net.sf.acegisecurity.context.security.SecureContextImpl".
- It's not the default because we want no dependencies between the context package and the rest of Acegi Security.<br><br></li>
-
- <li>Filter ordering has changed. See the reference guide for confirmation of the correct ordering. Basically you should have
- HttpSessionContextIntegrationFilter appear before any of your authentication mechanisms.<br><br></li>
-
- <li>IoC container hosted filter chains can now be used instead of lengthy web.xml declarations. See the reference guide or the
- Contacts Sample for further information.<br><br></li>
- <li>Certain classes have been moved to new packages: ContextHolderAwareRequestWrapper (and its filter),
- AuthenticationSimpleHttpInvokerRequestExecutor, ContextPropagatingRemoteInvocation,
- SecureContext (and its implementation). These classes were moved as part of refactorings aimed at
- improving the simplicity of the project's design.<br><br></li>
- <li>The JaasAuthenticationCallbackHandler interface has had it's setAuthentication method removed. The handle method now takes both the Callback and Authentication objects as arguments.<br><br></li>
-
- <li>Added AuthenticationException to the AutenticationEntryPoint.commence method signature.<br><br></li>
-
- <li>Added AccessDeniedException to the SecurityEncorcementFilter.sendAccessDeniedError method signature.<br><br></li>
- </ul>
- </body>
- </html>
|
