Skip to content
CAS in the cloud LELEU Jérôme edited this page May 16, 2024 · 49 revisions

See the pac4j release notes as well.

Version 8.0.1:

  • Make the Config injection optional (when using Shiro)

Version 8.0.0:

  • Update to pac4j v6 and JDK 17

Version 7.1.0:

  • Use a smart builder for SecurityFilter
  • Update to pac4j v5.6.0
  • Use SessionStoreFactory capability

Version 7.0.0:

  • Update to pac4j v5.4 and split into two modules: javaee-pac4j (based on pac4j-javaee) and jakartaee-pac4j(based on pac4j-jakartaee)

Version 6.1.0:

  • Update to pac4j v5.2 (pulls pac4j-jee)

Version 6.0.0:

  • Update to pac4j v5
  • Update to Java 11 and JavaEE 8

Version 5.0.1:

  • Update to pac4j v4.0.2

Version 5.0.0:

  • Updated to pac4j v4
  • Renamed J2E to JEE

Version 4.1.0:

  • Upgrade to pac4j v3.3
  • Logics defined at the Config level are taken before the filter ones if they exist

Version 4.0.0:

  • Upgrade to pac4j v3.0
  • the HTTP servlet request is populated with the "pac4j principal"

Version 3.0.0:

  • Update to pac4j v2.1
  • The FilterHelper can be used to programmatically define filters and mappings
  • The WebContext and the ProfileManager are automatically produced by the Pac4jProducer and the HttpServletResponseProducer (based on JSF)
  • A new demo (CDI+JSF) is available: j2e-pac4j-cdi-demo

Version 2.1.0:

  • Add several constructors to the filters for programmatic definition

Version 2.0.0:

  • Upgrade to pac4j v2.0.0
  • ApplicationLogoutFilter becomes LogoutFilter and handles both application and identity provider logouts

Version 1.3.3:

  • Upgrade to pac4j v1.9.4 (security fix)

Version 1.3.2:

  • Upgrade to pac4j v1.9.2 (improved CAS, JWT and OpenID Connect supports)

Version 1.3.1:

  • Upgrade to pac4j v1.9.1

Version 1.3.0:

  • Upgrade to pac4j v1.9
  • Upgrade to Java 8, Servlet 3.1
  • Multi-profiles support
  • Protection against "session fixation" attacks
  • RequiresAuthenticationFilter becomes SecurityFilter
  • Updated algorithm for the application logout

Version 1.2.1:

  • Update to pac4j v1.8.1: more authorizers: IP check, HTTP method check, profile type verification, Spring Security like security filters (cache control, Xframe...)
  • Updated CSRF protection support
  • Path exclusions support
  • new AnonymousClient for advanced use cases
  • Updated OAuth, CAS, SAML and OpenID Connect supports
  • new session stores mechanism
  • Customizable callback URLs

Version 1.2.0:

  • Upgrade to Java 7 / Servlet 3
  • Upgrade to pac4j v1.8: REST support (basic auth, header, request parameter, IP), new authentication mechanisms (LDAP, JWT, SQL, MongoDB, Stormpath), authorizations
  • Full DI support
  • Application logout support
  • A specific client can be dynamically selected for authentication

Version 1.1.1:

  • Filters can be instantiated by DI (Spring)

Version 1.1.0:

  • Handle stateless (REST) calls
  • Improve roles management
  • Remove Google OpenID support
  • Add Strava (OAuth 2) support
  • Add OpenID Connect support

Version 1.0.4:

  • Update to pac4j 1.6.0 (new Google App Engine module, support for Yahoo with OpenID, Support for ORCiD / OAuth)
  • Upgrade to Java 6

Version 1.0.3:

  • add Bitbucket support

Version 1.0.2:

  • callback URLs can be dynamically computed according to the current host and port
  • added PayPal support (OAuth 2.0)
  • remove myopenid.com support
  • add vk.com support
  • add Foursquare support
  • add SAML support

Version 1.0.1:

  • a previous authentication is not overridden by a new failed one (like Spring Security's behaviour)
  • based on pac4j 1.4.1 : new LinkedIn OAuth 2.0 provider and Google OpenID provider

Version 1.0.0:

  • This is the first version of the library, based on pac4j 1.4.0 to have OAuth, CAS, OpenID and HTTP supports
  • Support of DropBox, Facebook, GitHub, Google, LinkedIn, Twitter, Windows Live, WordPress Yahoo, myopenid.com
Clone this wiki locally