-
Notifications
You must be signed in to change notification settings - Fork 19
Release notes
CAS in the cloud LELEU Jérôme edited this page May 16, 2024
·
49 revisions
See the pac4j release notes as well.
Version 8.0.1:
- Make the
Config
injection optional (when using Shiro)
Version 8.0.0:
- Update to pac4j v6 and JDK 17
Version 7.1.0:
- Use a smart builder for
SecurityFilter
- Update to pac4j v5.6.0
- Use
SessionStoreFactory
capability
Version 7.0.0:
- Update to pac4j v5.4 and split into two modules:
javaee-pac4j
(based onpac4j-javaee
) andjakartaee-pac4j
(based onpac4j-jakartaee
)
Version 6.1.0:
- Update to pac4j v5.2 (pulls
pac4j-jee
)
Version 6.0.0:
- Update to pac4j v5
- Update to Java 11 and JavaEE 8
Version 5.0.1:
- Update to pac4j v4.0.2
Version 5.0.0:
- Updated to pac4j v4
- Renamed J2E to JEE
Version 4.1.0:
- Upgrade to pac4j v3.3
- Logics defined at the
Config
level are taken before the filter ones if they exist
Version 4.0.0:
- Upgrade to pac4j v3.0
- the HTTP servlet request is populated with the "pac4j principal"
Version 3.0.0:
- Update to pac4j v2.1
- The
FilterHelper
can be used to programmatically define filters and mappings - The
WebContext
and theProfileManager
are automatically produced by the Pac4jProducer and the HttpServletResponseProducer (based on JSF) - A new demo (CDI+JSF) is available:
j2e-pac4j-cdi-demo
Version 2.1.0:
- Add several constructors to the filters for programmatic definition
Version 2.0.0:
- Upgrade to pac4j v2.0.0
-
ApplicationLogoutFilter
becomesLogoutFilter
and handles both application and identity provider logouts
Version 1.3.3:
- Upgrade to pac4j v1.9.4 (security fix)
Version 1.3.2:
- Upgrade to pac4j v1.9.2 (improved CAS, JWT and OpenID Connect supports)
Version 1.3.1:
- Upgrade to pac4j v1.9.1
Version 1.3.0:
- Upgrade to pac4j v1.9
- Upgrade to Java 8, Servlet 3.1
- Multi-profiles support
- Protection against "session fixation" attacks
-
RequiresAuthenticationFilter
becomesSecurityFilter
- Updated algorithm for the application logout
Version 1.2.1:
- Update to pac4j v1.8.1: more authorizers: IP check, HTTP method check, profile type verification, Spring Security like security filters (cache control, Xframe...)
- Updated CSRF protection support
- Path exclusions support
- new AnonymousClient for advanced use cases
- Updated OAuth, CAS, SAML and OpenID Connect supports
- new session stores mechanism
- Customizable callback URLs
Version 1.2.0:
- Upgrade to Java 7 / Servlet 3
- Upgrade to pac4j v1.8: REST support (basic auth, header, request parameter, IP), new authentication mechanisms (LDAP, JWT, SQL, MongoDB, Stormpath), authorizations
- Full DI support
- Application logout support
- A specific client can be dynamically selected for authentication
Version 1.1.1:
- Filters can be instantiated by DI (Spring)
Version 1.1.0:
- Handle stateless (REST) calls
- Improve roles management
- Remove Google OpenID support
- Add Strava (OAuth 2) support
- Add OpenID Connect support
Version 1.0.4:
- Update to pac4j 1.6.0 (new Google App Engine module, support for Yahoo with OpenID, Support for ORCiD / OAuth)
- Upgrade to Java 6
Version 1.0.3:
- add Bitbucket support
Version 1.0.2:
- callback URLs can be dynamically computed according to the current host and port
- added PayPal support (OAuth 2.0)
- remove myopenid.com support
- add vk.com support
- add Foursquare support
- add SAML support
Version 1.0.1:
- a previous authentication is not overridden by a new failed one (like Spring Security's behaviour)
- based on pac4j 1.4.1 : new LinkedIn OAuth 2.0 provider and Google OpenID provider
Version 1.0.0:
- This is the first version of the library, based on pac4j 1.4.0 to have OAuth, CAS, OpenID and HTTP supports
- Support of DropBox, Facebook, GitHub, Google, LinkedIn, Twitter, Windows Live, WordPress Yahoo, myopenid.com