60 lines
2.6 KiB
HTML
60 lines
2.6 KiB
HTML
<html>
|
|
<head>
|
|
<title>Acegi Security - Upgrading from version 0.4 to 0.5</title>
|
|
</head>
|
|
<body>
|
|
<h1>Upgrading from 0.4 to 0.5</h1>
|
|
|
|
<p>The following should help most casual users of the project update their
|
|
applications:
|
|
<ul>
|
|
|
|
<li>All filters are now loaded via FilterToBeanProxy. The FilterToBeanProxy
|
|
obtains the filter from a Spring application context via the
|
|
WebApplicationContextUtils.getApplicationContext() method. Refer to the
|
|
reference documentation to see the new configuration of filters.</li>
|
|
|
|
<li>SecurityEnforcementFilter now requires an AuthenticationEntryPoint
|
|
and PortResolver. Refer to the reference documentation to see the
|
|
alternatives AuthenticationEntryPoint implementations available. Simply
|
|
use the PortResolverImpl for the PortResolver requirement.</li>
|
|
|
|
<li>Any of your login or login failure pages that previously referred to
|
|
AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY
|
|
should now use
|
|
net.sf.acegisecurity.ui.AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY.</li>
|
|
|
|
<li>DaoAuthenticationProvider no longer provides setters for case sensitivity
|
|
handling. The respective AuthenticationDao implementations should decide
|
|
whether or not to return User instances reflecting the exact case of the
|
|
requested username. The new PlaintextPasswordEncoder offers a setter for
|
|
ignoring the password case (defaults to require exact case matches).</li>
|
|
|
|
<li>DaoAuthenticationProvider now provides caching. Successful authentications
|
|
return DaoAuthenticationTokens. You must set the mandatory "key" property
|
|
on DaoAuthenticationProvider so these tokens can be validated. You may
|
|
also wish to change the "refreshTokenInterval" property from the default
|
|
of 60,000 milliseconds.</li>
|
|
|
|
<li>If you're using container adapters, please refer to the reference
|
|
documentation as additional JARs are now required in your container
|
|
classloader.</li>
|
|
|
|
<li>Whilst not really a change needed to your program, if you're using
|
|
Acegi Security please consider joining the acegisecurity-developer mailing
|
|
list. This is currently the best way to keep informed about the project's
|
|
status and provide feedback in design discussions. You can join at
|
|
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer.
|
|
Please continue using the Spring Users mailing list for general support.</li>
|
|
</ul>
|
|
|
|
<p>
|
|
There are also lots of new features you might wish to consider for your
|
|
projects. These include CAS integration, pluggable password encoders
|
|
(such as MD5 and SHA), along with pluggable salt sources. We hope you find
|
|
the new features useful in your projects.
|
|
|
|
|
|
</body>
|
|
</html>
|