Release Notes - Spring Security - Version 2.0.0 - HTML format

Sub-task

  • [SEC-639] - Update FilterChainProxy examples to use <filter-chain-map> syntax
  • [SEC-653] - Namespace configuration overview
  • [SEC-667] - Taglib changes as of SEC-309
  • [SEC-698] - Change references to contacts sample client directory
  • [SEC-766] - Rewrite ACL docs

Bug

  • [SEC-422] - BasicLookupStrategy - computeRepeatingSql contains bad SQL
  • [SEC-527] - Serialization Error in ACL cacheing (new acls packages)
  • [SEC-530] - ACLs: No way to insert an ACE at the first position in the ACE list
  • [SEC-547] - acls BasicLookupStrategy user too many (> 1) databasse connections
  • [SEC-572] - Cannot set ACL's parent to null
  • [SEC-589] - BasicLookupStrategy#readAclsById(ObjectIdentity[], Sid[]), throws exception, when a warning log would do
  • [SEC-590] - BasicLookupStrategy#readAclsById(ObjectIdentity[], Sid[]) has a loop that sometimes terminates prematurely
  • [SEC-602] - Acl (Acls) class ObjectIdentityRetrievalStrategyImpl doesn't work well with proxied objects
  • [SEC-655] - When inserting ACE's in a parent ACL it's possible to end up with a child ACL that has a stale reference to its parent
  • [SEC-669] - PrincipleSid.equals(..) is case sensitive
  • [SEC-670] - Deleting from ACL_OBJECT_IDENTITY can cause deadlocks under (load test)
  • [SEC-676] - Children Acls are not removed from cache when parent is deleted
  • [SEC-697] - It's not possible to change ACL owner
  • [SEC-750] - Support for JPA PersistenceContext annotation broken
  • [SEC-754] - Wrong byte array lenght used in Md4PasswordEncoder#encodePassword
  • [SEC-768] - Namespace throws IllegalStateException if no namespace filters are used and a entry-point-ref isn't set

Task

  • [SEC-743] - Update petclinic tutorial for Spring Security 2.0
  • [SEC-770] - Mark old org.springframework.security.acl module as deprecated

Improvement

  • [SEC-426] - Improve the ACL documentation.
  • [SEC-597] - AclImpl.setParent() throws Exception when changing parent to null
  • [SEC-703] - Expose customization of SQL used by <jdbc-user-service>
  • [SEC-753] - Import-Package versioning prevents usage of Spring > 2.5.0
  • [SEC-755] - Bundle-SymbolicName should follow Spring nameing conventions
  • [SEC-767] - Make session fixation protection check for committed response

Edit/Copy Release Notes

The text area below allows the project release notes to be edited and copied to another document.