announcement-0.8.1.txt

acegi构造安全的java系统

The acegi-security-doc team is pleased to announce the Acegi Security System 
for Spring 0.8.1 release! 

http://acegisecurity.org/

Acegi Security System for Spring 

Changes in this version include:

  New Features:

o X509 (certificate-based) authentication support 

  Fixed bugs:

o SecurityEnforcementFilter caused NullPointerException when anonymous 
  authentication used with BasicProcessingFilterEntryPoint 
o FilterChainProxy now supports replacement of ServletRequest and 
  ServetResponse by Filter beans 
o Corrected Authz parsing of whitespace in GrantedAuthoritys 
o TokenBasedRememberMeServices now respects expired users, expired 
  credentials and disabled users 
o HttpSessionContextIntegrationFilter now handles HttpSession invalidation 
  without redirection 
o StringSplitUtils.split() ignored delimiter argument 
o DigestProcessingFilter now provides userCache getter and setter 
o Contacts Sample made to work with UserDetails-based Principal 

  Changes:

o UserDetails now advises locked accounts, with corresponding 
  DaoAuthenticationProvider events and enforcement 
o ContextHolderAwareRequestWrapper methods return null if user is anonymous 
o AbstractBasicAclEntry improved compatibility with Hibernate 
o User now provides a more useful toString() method 
o Update to match Spring 1.1.5 official JAR dependencies (NB: now using 
  Servlet 2.4 and related JSP/taglib JARs) 
o Documentation improvements 
o Test coverage improvements  

Have fun!
-The acegi-security-doc team