shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Merlin <eska...@n0pe.org>
Subject Re: [ANN] Apache Shiro 1.0.0-incubating Released!
Date Tue, 01 Jun 2010 19:11:27 GMT
Congrats !!

\o/

Le 1 juin 2010 à 19:01, Les Hazlewood <lhazlewood@apache.org> a  
écrit :

> Dear Apache Shiro Community,
>
> We are proud and excited to offer Apache Shiro's first stable release
> as an Apache Incubator podling!
>
> Version 1.0.0-incubating is available immediately for download here:
>
> http://incubator.apache.org/shiro/download.html
>
> Associated documentation is available here:
>
> http://incubator.apache.org/shiro/documentation.html
>
> Release notes are included below.
>
> Thank you so much to the Apache community and the Apache Incubator for
> helping us move toward our first release.  A very special thanks goes
> to our user community and early adopters for helping us refine our
> first stable release.
>
> Best Regards,
>
> Les Hazlewood
>
> ------
>
> Release Notes are browsable online here:
>
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950&styleName=Html&version=12314078
>
> And included here for convenience:
>
> Release Notes - Shiro - Version 1.0.0-incubating
>
> ** Bug
>    * [SHIRO-10] - Aliases in the ini configuration builder do not
> work correctly
>    * [SHIRO-82] - Shiro strips anchor (#) values from the URL if user
> is unauthenticated
>    * [SHIRO-87] - Fix package name of package-info.java in shiro-core
>    * [SHIRO-89] - Sample Spring Application - WebStart won't launch
>    * [SHIRO-95] - Specifying my own Cache in ShiroFilter not working
>    * [SHIRO-101] - Comma in role in the properties file is not read
> correctly by the PropertyRealm
>    * [SHIRO-106] - AuthorizationFilter needs to use sendError not
> setStatus to make container process the request through ERROR
> dispatcher
>    * [SHIRO-108] - Basic HTTP Auth: Empty password or username causes
> IllegalStateException
>    * [SHIRO-115] - ActiveDirectoryRealm might by vulnerable to LDAP
> search code injection
>    * [SHIRO-120] - AbstractLdapRealm's doGetAuthenticationInfo
> catches naming exception, but then only logs a message
>    * [SHIRO-124] - MethodInvocation is missing a getThis() (or
> equivalent) method
>    * [SHIRO-130] - ShiroFilter does not work with proxied security  
> manager
>    * [SHIRO-135] - AccessControlException exception on GAE with Grails
>    * [SHIRO-138] - AbstractRememberMeManager attempts to process
> null/empty byte array
>    * [SHIRO-141] - Problem with WebRememberMeManager
>    * [SHIRO-142] - Jetty throws an IllegalStateException after
> redirect in AuthorizationFilter
>    * [SHIRO-145] - Losing Session
>    * [SHIRO-150] - RememberMeManager NPE
>    * [SHIRO-154] - Adding ehcahe CacheManager to Spring Sample failes
>    * [SHIRO-156] - SimpleAuthenticationInfo.merge does not merge
> principals if its internal principal collection is not mutable
>    * [SHIRO-157] - RememberMeManager should no longer be consulted
> once a remembered identity is discovered
>    * [SHIRO-158] - Date
> AbstractSessionManager.getLastAccessTime(Serializable) returns start
> time
>    * [SHIRO-159] - ThreadLocal is not cleared upon the unloading of
> the webapp and the SHiro Servlet
>    * [SHIRO-161] - No SecurityManager accessible to the calling code
>    * [SHIRO-163] - ModularRealmAuthorizer.setRealms needs to call
> applyRolePermissionResolverToRealms
>    * [SHIRO-164] - The request/response pair should be available at
> all times to web-related components
>    * [SHIRO-167] - getServletContext allways return null with conf
> via spring (native mode)
>    * [SHIRO-172] - Missing SVN properties
>
> ** Improvement
>    * [SHIRO-59] - Refactor Realm implementations to favor delegation
> over inheritance
>    * [SHIRO-83] - Make sessionId cookie optional
>    * [SHIRO-86] - Add Builder design pattern for arbitrary Subject  
> construction
>    * [SHIRO-88] - Create a profile for installing javadocs and source
> to keep build time short
>    * [SHIRO-104] - Default AuthenticationStrategy should be
> AtLeastOneSuccessful instead of All
>    * [SHIRO-109] - RememberMeManager should have access to Subject  
> context map
>    * [SHIRO-110] - Remove org.apache.shiro.mgt.SubjectBinder and its  
> usages
>    * [SHIRO-111] - Web SecurityManager should not fail in non- 
> request usages
>    * [SHIRO-112] - Implement Externalizable for serializable classes
>    * [SHIRO-114] - Break circular dependency between SubjectFactory
> and DefaultSecurityManager
>    * [SHIRO-125] - Support overrding the credentialsMatcher for the
> implicit IniRealm
>    * [SHIRO-128] - Remove convenience configuration methods
>    * [SHIRO-131] - Improved Shiro Filter configuration for Spring  
> environments
>    * [SHIRO-133] - Automatically shut down the Session validation  
> thread
>    * [SHIRO-136] - Mark Spring as scope provided to let users
> specificy their own version of Spring
>    * [SHIRO-137] - Go through Shiro dependencies and consider marking
> most third-party dependencies as provided
>    * [SHIRO-139] - Cookie support refactoring - Simplify cookie
> configuration, support HttpOnly cookies and default session cookies to
> be HttpOnly = true
>    * [SHIRO-144] - MemorySessionDao should be propably abstract
>    * [SHIRO-146] - Annotation authorizations should throw
> UnauthenticationException if the subject identity is not known.
>    * [SHIRO-148] - SimpleSession efficient serialization
>    * [SHIRO-152] - INI configuration must support configuration of
> Lists, Sets and Maps
>    * [SHIRO-153] - INI: remove need for [filters] section and perform
> all object configuration in [main]
>
> ** New Feature
>    * [SHIRO-25] - Assumed Identity, aka 'Run As' support
>    * [SHIRO-30] - Subject acquisition based on method argument
>    * [SHIRO-92] - Add method to Subject interface: isRemembered()
>    * [SHIRO-105] - PrincipalCollection should have a
> getPrimaryPrincipal() method
>    * [SHIRO-107] - Filter chain definitions should match on request
> method as well as request path (REST support)
>    * [SHIRO-116] - Ini configuration - users/roles sections should
> trigger automatic Realm creation
>    * [SHIRO-118] - Ini Realm support
>    * [SHIRO-121] - Change usages of java.net.InetAddress to be Strings
>    * [SHIRO-122] - Create IdentifierGenerator interface for pluggable
> id generation strategies
>    * [SHIRO-129] - Aspecjt integration for annotation base  
> authorization
>    * [SHIRO-140] - Add a subject-aware ExecutorService implementation
> to support Subject execution on other threads
>    * [SHIRO-147] - Add an AES Cipher
>
> ** Task
>    * [SHIRO-34] - Cipher refactoring
>    * [SHIRO-37] - Deploy snapshots automatically
>    * [SHIRO-43] - Ignore Eclipse folders & files and mvn target
> folders from svn
>    * [SHIRO-49] - Fix SimpleAccountRealm to not rely on caching
>    * [SHIRO-50] - Spring NOTICE
>    * [SHIRO-52] - Verify all samples deploy/run successfully
>    * [SHIRO-94] - Update web pages to change JSecurity and Ki to Shiro
>    * [SHIRO-102] - Set-up AutoExport of Shiro documentation to the
> appropriate location
>    * [SHIRO-103] - Fix "Ki" in the Apache Incubator Status Page
>    * [SHIRO-149] - Create release configuration and a profile for
> deploying release docs to a separate directory
>    * [SHIRO-155] - Remove all deprecated methods and classes
>    * [SHIRO-162] - Create SessionContext to mirror SubjectContext
> concept for starting new sessions
>
> ** Test
>    * [SHIRO-90] -
> org.apache.shiro.session.mgt.DefaultSessionManagerTest.testGlobalTimeout
 

> is unreliable
>    * [SHIRO-91] - Tests for getRememberedPrincipals and
> getRememberedPrincipalsDecryptionError in WebRememberMeManagerTest are
> disabled
>    * [SHIRO-93] - Add container-based integration tests for samples/ 
> web module
>    * [SHIRO-96] - Add meaningful integration tests to assert key web
> functionality
>
> ** Wish
>    * [SHIRO-143] - Change logging level from trace to warning in
> ModularRealmAuthenticator when a Realm throws an Exception

Mime
View raw message