Dear Spring Community
I'm pleased to announce the Acegi Security System for Spring release 0.6.1 is now available from http://acegisecurity.sourceforge.net. The project provides comprehensive security services for The Spring Framework.
FEATURES:
* It is ready NOW * Easy to use and deploy (eg see samples/quick-start directory) * Enterprise-wide single sign on (via Yale Uni's CAS project) * Reuses your Spring expertise * Domain object instance security * Non-intrusive setup * Full (but optional) container integration * Keeps your objects free of security code * Secures your HTTP requests (regular expressions, Ant Paths etc) * Channel security (HTTPS/HTTP auto redirection etc) * Supports HTTP BASIC authentication (RFC 1945) * Convenient security taglib * Application context or attribute-based configuration * Various authentication backends (including JDBC) * Event support * Easy integration with existing databases (no schema changes) * Caching (now pluggable, with an EHCACHE implementation) * Pluggable architecture * Startup-time validation * Remoting support (demonstrated in sample application) * Advanced password encoding (SHA, MD5, salts etc) * Run-as replacement * Unit tests (Clover coverage is currently 98%) * Container integration tests * Supports your own unit tests * Peer reviewed * Thorough documentation * Apache license
CHANGES IN 0.6.1:
* Resolved to use http://apr.apache.org/versioning.html for versioning * Added additional DaoAuthenticationProvider event when user not found * Added Authentication.getDetails() to DaoAuthenticationProvider resp * Added DaoAuthenticationProvider.hideUserNotFoundExceptions * Added PasswordAuthenticationProvider for password-validating DAOs * Added FilterToBeanProxy compatibility with ContextLoaderServlet * Added convenience methods to ConfigAttributeDefinition * Improved sample applications' bean reference notation * Clarified contract for ObjectDefinitionSource.getAttributes(Object) * Extracted removeUserFromCache(String) to UserCache interface * Improved ConfigAttributeEditor so it trims spaces * Refactored UsernamePasswordAuthenticationToken.getDetails() to Object * Fixed MethodDefinitionAttributes to implement ObjectDefinitionSource * Fixed EH-CACHE-based caching implementation behaviour if cache exists * Fixed Ant "release" target not including project.properties * Fixed GrantedAuthorityEffectiveAclsResolver if null ACLs provided * Documentation improvements
As per the Apache APR project versioning guidelines (URL above), this is a patch release. Existing users of release 0.6 should be able to upgrade by simply replacing the JAR(s) and testing.
Please visit http://acegisecurity.sourceforge.net to access the latest release or read more about the features.
Best regards Ben
------------------------------------------------------- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
