Congrats for 1.0 release! But, how did you dare to release without official logo yet?? :D
Thanks, ~t~ On Tue, Jun 1, 2010 at 7:01 PM, Les Hazlewood <lhazlew...@apache.org> wrote: > Dear Apache Shiro Community, > > We are proud and excited to offer Apache Shiro's first stable release > as an Apache Incubator podling! > > Version 1.0.0-incubating is available immediately for download here: > > http://incubator.apache.org/shiro/download.html > > Associated documentation is available here: > > http://incubator.apache.org/shiro/documentation.html > > Release notes are included below. > > Thank you so much to the Apache community and the Apache Incubator for > helping us move toward our first release. A very special thanks goes > to our user community and early adopters for helping us refine our > first stable release. > > Best Regards, > > Les Hazlewood > > ------ > > Release Notes are browsable online here: > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&styleName=Html&version=12314078 > > And included here for convenience: > > Release Notes - Shiro - Version 1.0.0-incubating > > ** Bug > * [SHIRO-10] - Aliases in the ini configuration builder do not > work correctly > * [SHIRO-82] - Shiro strips anchor (#) values from the URL if user > is unauthenticated > * [SHIRO-87] - Fix package name of package-info.java in shiro-core > * [SHIRO-89] - Sample Spring Application - WebStart won't launch > * [SHIRO-95] - Specifying my own Cache in ShiroFilter not working > * [SHIRO-101] - Comma in role in the properties file is not read > correctly by the PropertyRealm > * [SHIRO-106] - AuthorizationFilter needs to use sendError not > setStatus to make container process the request through ERROR > dispatcher > * [SHIRO-108] - Basic HTTP Auth: Empty password or username causes > IllegalStateException > * [SHIRO-115] - ActiveDirectoryRealm might by vulnerable to LDAP > search code injection > * [SHIRO-120] - AbstractLdapRealm's doGetAuthenticationInfo > catches naming exception, but then only logs a message > * [SHIRO-124] - MethodInvocation is missing a getThis() (or > equivalent) method > * [SHIRO-130] - ShiroFilter does not work with proxied security manager > * [SHIRO-135] - AccessControlException exception on GAE with Grails > * [SHIRO-138] - AbstractRememberMeManager attempts to process > null/empty byte array > * [SHIRO-141] - Problem with WebRememberMeManager > * [SHIRO-142] - Jetty throws an IllegalStateException after > redirect in AuthorizationFilter > * [SHIRO-145] - Losing Session > * [SHIRO-150] - RememberMeManager NPE > * [SHIRO-154] - Adding ehcahe CacheManager to Spring Sample failes > * [SHIRO-156] - SimpleAuthenticationInfo.merge does not merge > principals if its internal principal collection is not mutable > * [SHIRO-157] - RememberMeManager should no longer be consulted > once a remembered identity is discovered > * [SHIRO-158] - Date > AbstractSessionManager.getLastAccessTime(Serializable) returns start > time > * [SHIRO-159] - ThreadLocal is not cleared upon the unloading of > the webapp and the SHiro Servlet > * [SHIRO-161] - No SecurityManager accessible to the calling code > * [SHIRO-163] - ModularRealmAuthorizer.setRealms needs to call > applyRolePermissionResolverToRealms > * [SHIRO-164] - The request/response pair should be available at > all times to web-related components > * [SHIRO-167] - getServletContext allways return null with conf > via spring (native mode) > * [SHIRO-172] - Missing SVN properties > > ** Improvement > * [SHIRO-59] - Refactor Realm implementations to favor delegation > over inheritance > * [SHIRO-83] - Make sessionId cookie optional > * [SHIRO-86] - Add Builder design pattern for arbitrary Subject > construction > * [SHIRO-88] - Create a profile for installing javadocs and source > to keep build time short > * [SHIRO-104] - Default AuthenticationStrategy should be > AtLeastOneSuccessful instead of All > * [SHIRO-109] - RememberMeManager should have access to Subject context > map > * [SHIRO-110] - Remove org.apache.shiro.mgt.SubjectBinder and its usages > * [SHIRO-111] - Web SecurityManager should not fail in non-request > usages > * [SHIRO-112] - Implement Externalizable for serializable classes > * [SHIRO-114] - Break circular dependency between SubjectFactory > and DefaultSecurityManager > * [SHIRO-125] - Support overrding the credentialsMatcher for the > implicit IniRealm > * [SHIRO-128] - Remove convenience configuration methods > * [SHIRO-131] - Improved Shiro Filter configuration for Spring > environments > * [SHIRO-133] - Automatically shut down the Session validation thread > * [SHIRO-136] - Mark Spring as scope provided to let users > specificy their own version of Spring > * [SHIRO-137] - Go through Shiro dependencies and consider marking > most third-party dependencies as provided > * [SHIRO-139] - Cookie support refactoring - Simplify cookie > configuration, support HttpOnly cookies and default session cookies to > be HttpOnly = true > * [SHIRO-144] - MemorySessionDao should be propably abstract > * [SHIRO-146] - Annotation authorizations should throw > UnauthenticationException if the subject identity is not known. > * [SHIRO-148] - SimpleSession efficient serialization > * [SHIRO-152] - INI configuration must support configuration of > Lists, Sets and Maps > * [SHIRO-153] - INI: remove need for [filters] section and perform > all object configuration in [main] > > ** New Feature > * [SHIRO-25] - Assumed Identity, aka 'Run As' support > * [SHIRO-30] - Subject acquisition based on method argument > * [SHIRO-92] - Add method to Subject interface: isRemembered() > * [SHIRO-105] - PrincipalCollection should have a > getPrimaryPrincipal() method > * [SHIRO-107] - Filter chain definitions should match on request > method as well as request path (REST support) > * [SHIRO-116] - Ini configuration - users/roles sections should > trigger automatic Realm creation > * [SHIRO-118] - Ini Realm support > * [SHIRO-121] - Change usages of java.net.InetAddress to be Strings > * [SHIRO-122] - Create IdentifierGenerator interface for pluggable > id generation strategies > * [SHIRO-129] - Aspecjt integration for annotation base authorization > * [SHIRO-140] - Add a subject-aware ExecutorService implementation > to support Subject execution on other threads > * [SHIRO-147] - Add an AES Cipher > > ** Task > * [SHIRO-34] - Cipher refactoring > * [SHIRO-37] - Deploy snapshots automatically > * [SHIRO-43] - Ignore Eclipse folders & files and mvn target > folders from svn > * [SHIRO-49] - Fix SimpleAccountRealm to not rely on caching > * [SHIRO-50] - Spring NOTICE > * [SHIRO-52] - Verify all samples deploy/run successfully > * [SHIRO-94] - Update web pages to change JSecurity and Ki to Shiro > * [SHIRO-102] - Set-up AutoExport of Shiro documentation to the > appropriate location > * [SHIRO-103] - Fix "Ki" in the Apache Incubator Status Page > * [SHIRO-149] - Create release configuration and a profile for > deploying release docs to a separate directory > * [SHIRO-155] - Remove all deprecated methods and classes > * [SHIRO-162] - Create SessionContext to mirror SubjectContext > concept for starting new sessions > > ** Test > * [SHIRO-90] - > org.apache.shiro.session.mgt.DefaultSessionManagerTest.testGlobalTimeout > is unreliable > * [SHIRO-91] - Tests for getRememberedPrincipals and > getRememberedPrincipalsDecryptionError in WebRememberMeManagerTest are > disabled > * [SHIRO-93] - Add container-based integration tests for samples/web > module > * [SHIRO-96] - Add meaningful integration tests to assert key web > functionality > > ** Wish > * [SHIRO-143] - Change logging level from trace to warning in > ModularRealmAuthenticator when a Realm throws an Exception >
