Yeah, I grabbed a 1.1.0-SNAPSHOT yesterday and it seems to have solved several issues we were having. I recommend it to anyone who put 1.0-final in a production app... do it now.
Not to be a snit, but I feel I should throw out -- for posterity's sake if nothing else -- that that spring-2.0 dependency gaffe was pretty bad. It turned out that it wasn't just the use of EmptyResultDataAccessException that was a problem. There were also places where IncorrectResultSizeDataAccessException was used, but with a constructor that was added in 2.0. So, the app would start up fine and would appear to run fine, but when the conditions were right for that exception to be thrown, a NoSuchMethodError was thrown instead! We suspect that this was somehow causing session corruption, but we haven't figured out exactly how yet. I've been fighting to get acceptance of spring and acegi at work and this really didn't help. Anyway, the point is just to say that seemingly little things can have disastrous consequences. I think someone mentioned putting tests in place to make sure that releases are compiled to specific, publicly-announced version numbers of dependencies. This would be an excellent idea. In any case, I thank you all for your hard work. I certainly would not have had the guts to tackle writing a security library. My hats off to you. Ben Munat Luke Taylor wrote: > I'm not sure a release will be possible until Ben gets back from Europe. > > There are always the nightly builds until then, if people need a quick fix. > > > Ray Krueger wrote: > >>OK so, 1.0.0 did not release well. The LDAP/Spring compatability >>issue, and the NotSerializableException issue both warrant getting a >>patch out asap I would think. >> >>Unfortunately there hasn't been any talk about that. What's the plan here? >> >> > > > > _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer