Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Tree: ecbfac2ff8
Branches Tags
spring-security
/
doc
/
xdocs
/
upgrade
/
upgrade-04-05.html

upgrade-04-05.html 2.6 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 
  1. <html>
    2. 

  2. <head>
    3. 

  3. <title>Acegi Security - Upgrading from version 0.4 to 0.5</title>
    4. 

  4. </head>
    5. 

  5. <body>
    6. 

  6. <h1>Upgrading from 0.4 to 0.5</h1>
    7. 

  7. 

  8. <p>The following should help most casual users of the project update their
    9. 

  9. applications:
    10. 

  10. <ul>
    11. 

  11. 

  12. <li>All filters are now loaded via FilterToBeanProxy. The FilterToBeanProxy
    13. 

  13.   obtains the filter from a Spring application context via the
    14. 

  14.   WebApplicationContextUtils.getApplicationContext() method. Refer to the
    15. 

  15.   reference documentation to see the new configuration of filters.</li>
    16. 

  16. 

  17. <li>SecurityEnforcementFilter now requires an AuthenticationEntryPoint
    18. 

  18.   and PortResolver. Refer to the reference documentation to see the
    19. 

  19.   alternatives AuthenticationEntryPoint implementations available. Simply
    20. 

  20.   use the PortResolverImpl for the PortResolver requirement.</li>
    21. 

  21. 

  22. <li>Any of your login or login failure pages that previously referred to
    23. 

  23.   AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY
    24. 

  24.   should now use
    25. 

  25.   net.sf.acegisecurity.ui.AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY.</li>
    26. 

  26. 

  27. <li>DaoAuthenticationProvider no longer provides setters for case sensitivity
    28. 

  28.   handling. The respective AuthenticationDao implementations should decide
    29. 

  29.   whether or not to return User instances reflecting the exact case of the
    30. 

  30.   requested username. The new PlaintextPasswordEncoder offers a setter for
    31. 

  31.   ignoring the password case (defaults to require exact case matches).</li>
    32. 

  32. 

  33. <li>DaoAuthenticationProvider now provides caching. Successful authentications
    34. 

  34.   return DaoAuthenticationTokens. You must set the mandatory "key" property
    35. 

  35.   on DaoAuthenticationProvider so these tokens can be validated. You may
    36. 

  36.   also wish to change the "refreshTokenInterval" property from the default
    37. 

  37.   of 60,000 milliseconds.</li>
    38. 

  38. 

  39. <li>If you're using container adapters, please refer to the reference
    40. 

  40.   documentation as additional JARs are now required in your container
    41. 

  41.   classloader.</li>
    42. 

  42. 

  43. <li>Whilst not really a change needed to your program, if you're using
    44. 

  44.   Acegi Security please consider joining the acegisecurity-developer mailing
    45. 

  45.   list. This is currently the best way to keep informed about the project's
    46. 

  46.   status and provide feedback in design discussions. You can join at 
    47. 

  47.   https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer.
    48. 

  48.   Please continue using the Spring Users mailing list for general support.</li>
    49. 

  49. </ul>
    50. 

  50. 

  51. <p>
    52. 

  52. There are also lots of new features you might wish to consider for your
    53. 

  53. projects. These include CAS integration, pluggable password encoders
    54. 

  54. (such as MD5 and SHA), along with pluggable salt sources. We hope you find
    55. 

  55. the new features useful in your projects.
    56. 

  56. 

  57. 

  58. </body>
    59. 

  59. </html>
    60.