Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Tree: e83c66bb37
Branches Tags
spring-security
/
upgrade-04-05.txt

upgrade-04-05.txt 2.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 
  1. ===============================================================================
    2. 

  2.           ACEGI SECURITY SYSTEM FOR SPRING - UPGRADING FROM 0.4 TO 0.5
    3. 

  3. ===============================================================================
    4. 

  4. 

  5. The following should help most casual users of the project update their
    6. 

  6. applications:
    7. 

  7. 

  8. - All filters are now loaded via FilterToBeanProxy. The FilterToBeanProxy
    9. 

  9.   obtains the filter from a Spring application context via the
    10. 

  10.   WebApplicationContextUtils.getApplicationContext() method. Refer to the
    11. 

  11.   reference documentation to see the new configuration of filters.
    12. 

  12. 

  13. - SecurityEnforcementFilter now requires an AuthenticationEntryPoint
    14. 

  14.   and PortResolver. Refer to the reference documentation to see the
    15. 

  15.   alternatives AuthenticationEntryPoint implementations available. Simply
    16. 

  16.   use the PortResolverImpl for the PortResolver requirement.
    17. 

  17. 

  18. - Any of your login or login failure pages that previously referred to
    19. 

  19.   AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY
    20. 

  20.   should now use
    21. 

  21.   net.sf.acegisecurity.ui.AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY
    22. 

  22. 

  23. - DaoAuthenticationProvider no longer provides setters for case sensitivity
    24. 

  24.   handling. The respective AuthenticationDao implementations should decide
    25. 

  25.   whether or not to return User instances reflecting the exact case of the
    26. 

  26.   requested username. The new PlaintextPasswordEncoder offers a setter for
    27. 

  27.   ignoring the password case (defaults to require exact case matches).
    28. 

  28. 

  29. - DaoAuthenticationProvider now provides caching. Successful authentications
    30. 

  30.   return DaoAuthenticationTokens. You must set the mandatory "key" property
    31. 

  31.   on DaoAuthenticationProvider so these tokens can be validated. You may
    32. 

  32.   also wish to change the "refreshTokenInterval" property from the default
    33. 

  33.   of 60,000 milliseconds.
    34. 

  34. 

  35. - If you're using container adapters, please refer to the reference
    36. 

  36.   documentation as additional JARs are now required in your container
    37. 

  37.   classloader.
    38. 

  38. 

  39. - Whilst not really a change needed to your program, if you're using
    40. 

  40.   Acegi Security please consider joining the acegisecurity-developer mailing
    41. 

  41.   list. This is currently the best way to keep informed about the project's
    42. 

  42.   status and provide feedback in design discussions. You can join at 
    43. 

  43.   https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer.
    44. 

  44.   Please continue using the Spring Users mailing list for general support.
    45. 

  45. 

  46. There are also lots of new features you might wish to consider for your
    47. 

  47. projects. These include CAS integration, pluggable password encoders
    48. 

  48. (such as MD5 and SHA), along with pluggable salt sources. We hope you find
    49. 

  49. the new features useful in your projects.
    50. 

  50. 

  51. $Id$
    52.