Upgrading from 0.7.0 to 0.8.0

The following should help most casual users of the project update their applications:

• HttpSessionIntegrationFilter has been removed. Use net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter instead. Note you will need to set the mandatory "context" property to something like "net.sf.acegisecurity.context.security.SecureContextImpl". It's not the default because we want no dependencies between the context package and the rest of Acegi Security.
  
  
• Filter ordering has changed. See the reference guide for confirmation of the correct ordering. Basically you should have HttpSessionContextIntegrationFilter appear before any of your authentication mechanisms.
  
  
• IoC container hosted filter chains can now be used instead of lengthy web.xml declarations. See the reference guide or the Contacts Sample for further information.
  
  
• Certain classes have been moved to new packages: ContextHolderAwareRequestWrapper (and its filter), AuthenticationSimpleHttpInvokerRequestExecutor, ContextPropagatingRemoteInvocation, SecureContext (and its implementation). These classes were moved as part of refactorings aimed at improving the simplicity of the project's design.
  
  
• If you wish to use the new ConcurrentSessionController you must declare the HttpSessionEventPublisher context listener in your web.xml
  
  
• The JaasAuthenticationCallbackHandler interface has had it's setAuthentication method removed. The handle method now takes both the Callback and Authentication objects as arguments.
  
  
• Added AuthenticationException to the AutenticationEntryPoint.commence method signature.
  
  
• Added AccessDeniedException to the SecurityEncorcementFilter.sendAccessDeniedError method signature.
  
  
• The Authentication.getDetails() no longer returns simply the IP address used for authentication. It now returns a WebAuthenticationDetails instance, which contains the IP address, session information, and can be extended to store further details.