Ben Alex wrote:
> Hi Scott
>
> As we're now post-1.0.0, it's important that we follow the APR
> versioning guidelines which state that patch releases (ie 1.0.x) should
> be binary and source compatible with previous releases in that series.
> In other words, people should be able to simply "drop in" the new JAR
> and it work.
>
> Just looking at the revision history for
> SiteminderAuthenticationProvider and its corresponding tests, they seem
> to be new classes added 27 July 2006. As such, I imagine that users
> employing the 1.0.1 SiteMinder integration will need to change their
> configuration to use these new classes, and in doing so not benefit from
> a "drop in" replacement.
>
> I don't think SiteMinder usage with Acegi Security is extremely
> widespread, so we could relax the rules a little if there is good reason
> to include the SEC-319 changes in 1.0.2. The conservative choice would
> be to defer until 1.1.0, though (assuming I haven't misunderstood the
> backward compatibility issue - if the existing integration continues to
> work in 1.0.2, I have no problem at all with the refactoring being
> included so people have the choice of using it if they wish).
>
>
Hi Ben, that's my thinking as well. When I saw that 1.1.0 was the only
upcoming release, I assumed it would remain so and went ahead and
committed changes. I should have known better that interim bug fixes
and small enhancements would come about before then. SEC-319 does in
fact require several changes to one's Acegi config file(s) to make work,
so I'm OK with either rolling back to 1.0.0 Siteminder code for 1.0.2 or
rolling forward and specifically highlighting the changes required for
current Siteminder filter users. My bet is that less than a half dozen
people are using it, so I don't think it would be a big issue, but I'm
equally at ease with putting the 1.0.0 Siteminder code at the project's
trunk/head. Please advise either way. Thanks!
Scott
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
