Skip to content

Release notes

Victor Noël edited this page Jun 24, 2018 · 43 revisions

See the pac4j release notes as well.

Version 3.0.0

  • Upgrade to pac4j 3.0.0
  • New multi-module organisation (#37)
    • Container-specific dependencies are now provided via org.pac4j.jersey-pac4j and org.pac4j.resteasy-pac4j.
    • Introduces org.pac4j.jersey225-pac4j for Jersey before 2.26 thanks to @pierre-l (#40).
    • Removed org.pac4j.jax-rs-pac4j.
  • Removed readFromSession of @Pac4JProfile: it is not needed anymore.
  • Support for CDI in Resteasy and better compliance with various dependency framework thanks to ganeshs (#42 #34)
  • Fix a bug where a security filter would remove the profiles of a request previously processed by another security filter (commit)
  • Simplified Pac4JValueFactoryProvider.Binder use for tests (#43)

Version 2.3.0

  • Support for CDI in Resteasy and better compliance with various dependency framework thanks to ganeshs (#34 #42 backport commit)
  • Fix a bug where a security filter would remove the profiles of a request previously processed by another security filter (commit)
  • Simplified Pac4JValueFactoryProvider.Binder use for tests (#43)

Version 3.0.0-RC1

  • Upgrade to pac4j 3.0.0-RC1
  • New multi-module organisation (#37)
    • Container-specific dependencies are now provided via org.pac4j.jersey-pac4j and org.pac4j.resteasy-pac4j.
    • Introduces org.pac4j.jersey225-pac4j for Jersey before 2.26 thanks to @pierre-l (#40).
    • Removed org.pac4j.jax-rs-pac4j.
  • Removed readFromSession of @Pac4JProfile: it is not needed anymore.

Version 2.2.0

  • Upgrade to pac4j 2.3.1
  • New multi-module organisation (#38):
    • Container-specific dependencies are now provided via org.pac4j.jersey-pac4j and org.pac4j.resteasy-pac4j.
    • Introduces org.pac4j.jersey226-pac4j for Jersey after and including 2.26 thanks to @pierre-l (#41).
    • Deprecated org.pac4j.jax-rs-pac4j: it is still available but will be removed for 3.0.0.
  • Document and improve SecurityContext support (#32, #33)
  • Deprecated readFromSession of @Pac4JProfile: it is not needed anymore (#33)
  • Add saveInSession to @Pac4JCallback (#38)

Version 2.1.0

Version 2.0.2

  • Upgrade to pac4j 2.1.0
  • Set headers, cookies and co on the normal response when auth succeeded (#29, dropwizard-pac4j#34)
    • IMPORTANT: this means that skipResponse will also prevent setting those on the normal response
  • Prevent duplicate headers (e.g., for redirect) in response (commit)
  • Accept all subtypes of form-urlencoded in request parameters (#27)

Version 2.0.1

  • Fix typo in GrizzlyJaxRsContext when setting the SessionStore via the constructor (commit)
  • Fix NPE on Grizzly's SessionStore when attributes are removed (#22)

Version 2.0.0

  • Update to pac4j 2.0.0
  • Stricter profile injection and support of Optional (#19)
  • Refactor profile injection to support mocking (commit)

Version 1.2.2 (Unreleased)

  • Do not break app with JAX-RS autoscanning (#18)
  • Introduce JaxRsConfig for extra configurations for the SecurityFilter (commit)
  • Prevent duplicate headers (e.g., for redirect) in response (commit)

Version 2.0.0-RC2

  • Update to pac4j 2.0.0-RC2
  • Do not break app with JAX-RS autoscanning (#18)

Version 2.0.0-RC1

  • Update to pac4j 2.0.0-RC1
  • ApplicationLogoutFilter becomes LogoutFilter and handles both application and identity provider logouts

Version 1.2.1:

  • The JAX-RS Filters now honour the SecurityLogic, CallbackLogic and ApplicationLogoutLogic settings on pac4j Config object (#14)

Version 1.2.0:

  • Upgrade to pac4j 1.9.6
  • Give access to JAX-RS Providers from the JaxRsContext (commit)
  • The JAX-RS Filters now honour the HttpActionAdapter setting on pac4j Config object (#15)

Version 1.1.0:

  • Upgrade to pac4j 1.9.5
  • Annotations are now also looked up in superclass and implemented interfaces (#10)
  • Pac4JSecurityFeature now can take a default value for the client parameters of Pac4JSecurity annotations (commit)

Version 1.0.0:

  • This is the first version of the library, based on pac4j 1.9.4.
  • For JAX-RS:
  • Annotations support to protect resource methods
  • Global security filter to protected a whole application
  • No session (i.e., no indirect clients) support by default
  • For Servlet-based and Grizzly containers:
  • Session support
  • For Jersey:
  • Pac4j profile injection in methods parameters
Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.