Skip to content

Release notes

Jump to bottom
CAS in the cloud LELEU Jérôme edited this page Apr 23, 2024 · 52 revisions

See the pac4j release notes as well.

Version 6.0.1

  • Fix an exception on session creation

Version 6.0.0

  • Update to JAX-RS v3 and servlet v5

Version 5.0.1

  • Fix an exception on session creation

Version 5.0.0

  • Update to pac4j v5.x

Version 4.0.0

  • Update to pac4j v4
  • Update to Resteasy v3.1.3

Version 3.0.2

  • the JaxRsUrlResolver retains the original unresolved URL when no appropriate WebContext is provided

Version 3.0.1

  • Support the expires attribute in cookies
  • Update to pac4j v3.8.2

Version 3.0.0

  • Upgrade to pac4j 3.0.0
  • New multi-module organisation (#37)
    • Container-specific dependencies are now provided via org.pac4j.jersey-pac4j and org.pac4j.resteasy-pac4j.
    • Introduces org.pac4j.jersey225-pac4j for Jersey before 2.26 thanks to @pierre-l (#40).
    • Removed org.pac4j.jax-rs-pac4j.
  • Removed readFromSession of @Pac4JProfile: it is not needed anymore.
  • Support for CDI in Resteasy and better compliance with various dependency framework thanks to ganeshs (#42 #34)
  • Fix a bug where a security filter would remove the profiles of a request previously processed by another security filter (commit)
  • Simplified Pac4JValueFactoryProvider.Binder use for tests (#43)

Version 2.3.0

  • Support for CDI in Resteasy and better compliance with various dependency framework thanks to ganeshs (#34 #42 backport commit)
  • Fix a bug where a security filter would remove the profiles of a request previously processed by another security filter (commit)
  • Simplified Pac4JValueFactoryProvider.Binder use for tests (#43)

Version 3.0.0-RC1

  • Upgrade to pac4j 3.0.0-RC1
  • New multi-module organisation (#37)
    • Container-specific dependencies are now provided via org.pac4j.jersey-pac4j and org.pac4j.resteasy-pac4j.
    • Introduces org.pac4j.jersey225-pac4j for Jersey before 2.26 thanks to @pierre-l (#40).
    • Removed org.pac4j.jax-rs-pac4j.
  • Removed readFromSession of @Pac4JProfile: it is not needed anymore.

Version 2.2.0

  • Upgrade to pac4j 2.3.1
  • New multi-module organisation (#38):
    • Container-specific dependencies are now provided via org.pac4j.jersey-pac4j and org.pac4j.resteasy-pac4j.
    • Introduces org.pac4j.jersey226-pac4j for Jersey after and including 2.26 thanks to @pierre-l (#41).
    • Deprecated org.pac4j.jax-rs-pac4j: it is still available but will be removed for 3.0.0.
  • Document and improve SecurityContext support (#32, #33)
  • Deprecated readFromSession of @Pac4JProfile: it is not needed anymore (#33)
  • Add saveInSession to @Pac4JCallback (#38)

Version 2.1.0

Version 2.0.2

  • Upgrade to pac4j 2.1.0
  • Set headers, cookies and co on the normal response when auth succeeded (#29, dropwizard-pac4j#34)
    • IMPORTANT: this means that skipResponse will also prevent setting those on the normal response
  • Prevent duplicate headers (e.g., for redirect) in response (commit)
  • Accept all subtypes of form-urlencoded in request parameters (#27)

Version 2.0.1

  • Fix typo in GrizzlyJaxRsContext when setting the SessionStore via the constructor (commit)
  • Fix NPE on Grizzly's SessionStore when attributes are removed (#22)

Version 2.0.0

  • Update to pac4j 2.0.0
  • Stricter profile injection and support of Optional (#19)
  • Refactor profile injection to support mocking (commit)

Version 1.2.2 (Unreleased)

  • Do not break app with JAX-RS autoscanning (#18)
  • Introduce JaxRsConfig for extra configurations for the SecurityFilter (commit)
  • Prevent duplicate headers (e.g., for redirect) in response (commit)

Version 2.0.0-RC2

  • Update to pac4j 2.0.0-RC2
  • Do not break app with JAX-RS autoscanning (#18)

Version 2.0.0-RC1

  • Update to pac4j 2.0.0-RC1
  • ApplicationLogoutFilter becomes LogoutFilter and handles both application and identity provider logouts

Version 1.2.1:

  • The JAX-RS Filters now honour the SecurityLogic, CallbackLogic and ApplicationLogoutLogic settings on pac4j Config object (#14)

Version 1.2.0:

  • Upgrade to pac4j 1.9.6
  • Give access to JAX-RS Providers from the JaxRsContext (commit)
  • The JAX-RS Filters now honour the HttpActionAdapter setting on pac4j Config object (#15)

Version 1.1.0:

  • Upgrade to pac4j 1.9.5
  • Annotations are now also looked up in superclass and implemented interfaces (#10)
  • Pac4JSecurityFeature now can take a default value for the client parameters of Pac4JSecurity annotations (commit)

Version 1.0.0:

  • This is the first version of the library, based on pac4j 1.9.4.
  • For JAX-RS:
  • Annotations support to protect resource methods
  • Global security filter to protected a whole application
  • No session (i.e., no indirect clients) support by default
  • For Servlet-based and Grizzly containers:
  • Session support
  • For Jersey:
  • Pac4j profile injection in methods parameters
Clone this wiki locally