spring-security/doc/xdocs/upgrade/upgrade-080-090.html

<html>
<head>
<title>Acegi Security - Upgrading from version 0.8.0 to 1.0.0</title>
</head>
<body>
<h1>Upgrading from 0.8.0 to 1.0.0</h1>

<p>
The following should help most casual users of the project update their
applications:

    <ul>

    <li>The most significant change in 0.9.0 is that <code>ContextHolder</code> and all of its
    related classes have been removed. This significant change was made for the sake of consistency
    with the core Spring project's approach of a single <code>ThreadLocal</code> per use case, 
    instead of a shared <code>ThreadLocal</code> for multiple use cases as the previous 
    <code>ContextHolder</code> allowed. <b>This is an important change in 0.9.0.</b> Many applications
    will need to modify their code (and possibly web views) if they directly interact with the old 
    <code>ContextHolder</code>. The replacement security <code>ThreadLocal</code> is called
    <a href="../multiproject/acegi-security/xref/net/sf/acegisecurity/context/SecurityContext.html">
    SecurityContext</a> and provides a single getter/setter for <code>Authentication</code>. There is
    thus no need to work with <code>SecureContext</code> or <code>Context</code> anymore. <BR><BR>
    
    To migrate, simply modify all your code that previously worked with <code>ContextHolder</code>,
    <code>SecureContext</code> and <code>Context</code> to directly call <code>SecurityContext</code>.
    You will also note that the <code>HttpSessionContextIntegrationFilter</code> no longer provides
    a <code>context</code> property, so remove it from your application context XML. For the relatively 
    small number of users who had customised their context, you will need to write your own 
    <code>ThreadLocal</code> to provide functionality for your specific use case.<BR><BR>    
    
    We apologise for the inconvenience, but on a more positive note this means you receive strict
    type checking, you no longer need to mess around with casting to and from <code>Context</code>
    implementations, your applications no longer need to perform checking of <code>null</code> and
    unexpected <code>Context</code> implementation types, and the new <code>SecurityContext</code>
    is an <code>InheritableThreadLocal</code> - which should make life easier in rich client 
    environments.<br><br></li>

    <li>AbstractProcessingFilter has changed its getter/setter approach used for customised
    authentication exception directions. See the <a href="../multiproject/acegi-security/xref/net/sf/acegisecurity/ui/AbstractProcessingFilter.html">
    AbstractProcessingFilter JavaDocs</a> to learn more.<br><br></li>
    
    </ul>

</body>
</html>
Remove ContextHolder and introduce SecurityContext. 2005-05-07 09:11:37 +00:00			`<html>`
			`<head>`
			`<title>Acegi Security - Upgrading from version 0.8.0 to 1.0.0</title>`
			`</head>`
			`<body>`
			`<h1>Upgrading from 0.8.0 to 1.0.0</h1>`

			`<p>`
			`The following should help most casual users of the project update their`
			`applications:`

			`<ul>`

			`<li>The most significant change in 0.9.0 is that <code>ContextHolder</code> and all of its`
			`related classes have been removed. This significant change was made for the sake of consistency`
			`with the core Spring project's approach of a single <code>ThreadLocal</code> per use case,`
			`instead of a shared <code>ThreadLocal</code> for multiple use cases as the previous`
			`<code>ContextHolder</code> allowed. <b>This is an important change in 0.9.0.</b> Many applications`
			`will need to modify their code (and possibly web views) if they directly interact with the old`
			`<code>ContextHolder</code>. The replacement security <code>ThreadLocal</code> is called`
			`<a href="../multiproject/acegi-security/xref/net/sf/acegisecurity/context/SecurityContext.html">`
			`SecurityContext</a> and provides a single getter/setter for <code>Authentication</code>. There is`
			`thus no need to work with <code>SecureContext</code> or <code>Context</code> anymore. <BR><BR>`

			`To migrate, simply modify all your code that previously worked with <code>ContextHolder</code>,`
			`<code>SecureContext</code> and <code>Context</code> to directly call <code>SecurityContext</code>.`
			`You will also note that the <code>HttpSessionContextIntegrationFilter</code> no longer provides`
			`a <code>context</code> property, so remove it from your application context XML. For the relatively`
			`small number of users who had customised their context, you will need to write your own`
			`<code>ThreadLocal</code> to provide functionality for your specific use case.<BR><BR>`

			`We apologise for the inconvenience, but on a more positive note this means you receive strict`
			`type checking, you no longer need to mess around with casting to and from <code>Context</code>`
			`implementations, your applications no longer need to perform checking of <code>null</code> and`
			`unexpected <code>Context</code> implementation types, and the new <code>SecurityContext</code>`
			`is an <code>InheritableThreadLocal</code> - which should make life easier in rich client`
			`environments.<br><br></li>`

			`<li>AbstractProcessingFilter has changed its getter/setter approach used for customised`
			`authentication exception directions. See the <a href="../multiproject/acegi-security/xref/net/sf/acegisecurity/ui/AbstractProcessingFilter.html">`
			`AbstractProcessingFilter JavaDocs</a> to learn more.<br><br></li>`

			`</ul>`

			`</body>`
			`</html>`