Release notes

See the pac4j release notes as well.

Version 4.0.0:

• Upgrade to Sparkjava v2.9.1
• Upgrade to pac4j v4

Version 3.0.0:

• Upgrade to Sparkjava v2.7.2
• Upgrade to pac4j v3.2

Version 2.3.0:

• Internally refactored the SecurityFilter

Version 2.2.0:

• Upgrade to Sparkjava v2.7.1
• Upgrade to pac4j v2.2.1

Version 2.1.0:

• Extended DefaultHttpActionAdapter for supporting individual/multiple services
• Upgrade to pac4j v2.1
• Upgrade to Spark 2.6

Version 2.0.0:

• Upgrade to pac4j v2
• The ApplicationLogoutRoute has been renamed as LogoutRoute with more options

Version 1.3.0:

• Always halt if the access is not granted in the SecurityFilter
• Use context.getSparkResponse().body() instead of context.getBody()

Version 1.2.3:

• Fix a security flaw on indirect client redirection

Version 1.2.2:

• Upgrade to pac4j v1.9.4 (security fix)

Version 1.2.1:

• Upgrade to pac4j v1.9.2 (improved CAS, JWT and OpenID Connect supports)

Version 1.2.0:

• Upgrade to pac4j v1.9.1 and Spark Java 2.5
• Multi-profiles support
• Protection against "session fixation" attacks
• RequiresAuthenticationFilter becomes SecurityFilter
• Updated algorithm for the application logout

Version 1.1.0 (based on pac4j v1.8.x):

• REST support (basic auth, header, request parameter, IP)
• New authentication mechanisms (LDAP, JWT, SQL, MongoDB, Stormpath)
• Authorizations: IP check, HTTP method check, profile type verification, Spring Security like security filters (cache control, Xframe), CSRF protection...
• Application logout support
• A specific client can be dynamically selected for authentication
• Path exclusions support
• New AnonymousClient for advanced use cases
• Updated OAuth, CAS, SAML and OpenID Connect supports
• New session store mechanism
• Customizable callback urls
• Upgrade to Java 8

Versions 1.0.1, 1.0.2 & 1.0.3:

• Fix bugs on SAML support

Version 1.0.0:

• Based on pac4j v1.7: supports for CAS / OAuth / OpenID / SAML / HTTP / GAE / OpenID Connect