Dear Spring Community I'm pleased to announce the Acegi Security System for Spring release 0.51 is now available from http://acegisecurity.sourceforge.net. The project provides comprehensive security services for The Spring Framework.
FEATURES: * It is ready NOW * Easy to use and deploy (includes a new samples/quick-start directory) * Enterprise-wide single sign on (via Yale Uni's CAS project) * Reuses your Spring expertise * Non-intrusive setup * Full (but optional) container integration * Keeps your objects free of security code * Secures your HTTP requests as well (regular expressions, Ant Paths etc) * Channel security (HTTPS/HTTP auto redirection etc) * Supports HTTP BASIC authentication (RFC 1945) * Convenient security taglib * Application context or attribute-based configuration * Various authentication backends (including JDBC) * Event support * Easy integration with existing databases (no schema changes) * Caching (now pluggable, with an EHCACHE implementation) * Pluggable architecture * Startup-time validation * Remoting support (demonstrated in sample application) * Advanced password encoding (SHA, MD5, salts etc) * Run-as replacement * Unit tests (Clover coverage is currently 97%) * Container integration tests * Supports your own unit tests * Peer reviewed * Thorough documentation * Apache license CHANGES IN 0.51: * Added samples/quick-start * Added NullRunAsManager and made default for AbstractSecurityInterceptor * Added event notification (see net.sf.acegisecurity.providers.dao.event) * Updated JAR to Spring 1.0.2 * Updated JAR to Commons Attributes CVS snapshot from Spring 1.0.2 release * Updated GrantedAuthorityImpl to be serializable (JBoss support) * Updated Authentication interface to present extra details for a request * Updated Authentication interface to subclass java.security.Principal * Refactored DaoAuthenticationProvider caching (refer to reference docs) * Improved HttpSessionIntegrationFilter to manage additional attributes * Improved URL encoding during redirects * Fixed issue with hot deploy of EhCacheBasedTicketCache (used with CAS) * Fixed issue with NullPointerExceptions in taglib * Removed DaoAuthenticationToken and session-based caching * Documentation improvements Whilst 0.51 is mostly a maintenance release, we recommend that you upgrade to take advantage of the various fixes and caching improvements. The only 0.5 to 0.51 upgrade issue most typical users would need to be aware of is DaoAuthenticationProvider no longer has a "key" property. References to this property should be removed from your application context configuration file(s). The reference documentation describes the new pluggable caching support and event support in sections 1.5.4 and 1.5.5 respectively. Please visit http://acegisecurity.sourceforge.net to access the latest version or read more about the features. Best regards Ben ------------------------------------------------------- This SF.Net email is sponsored by the new InstallShield X. >From Windows to Linux, servers to mobile, InstallShield X is the one installation-authoring solution that does it all. Learn more and evaluate today! http://www.installshield.com/Dev2Dev/0504 _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
