Skip to content

Release notes

Jump to bottom Edit New page
LELEU Jérôme edited this page Jan 25, 2017 · 24 revisions

See the pac4j release notes as well.

Version 1.3.0:

  • Always halt if the access is not granted in the SecurityFilter

Version 1.2.3:

  • Fix a security flaw on indirect client redirection

Version 1.2.2:

  • Upgrade to pac4j v1.9.4 (security fix)

Version 1.2.1:

  • Upgrade to pac4j v1.9.2 (improved CAS, JWT and OpenID Connect supports)

Version 1.2.0:

  • Upgrade to pac4j v1.9.1 and Spark Java 2.5
  • Multi-profiles support
  • Protection against "session fixation" attacks
  • RequiresAuthenticationFilter becomes SecurityFilter
  • Updated algorithm for the application logout

Version 1.1.0 (based on pac4j v1.8.x):

  • REST support (basic auth, header, request parameter, IP)
  • New authentication mechanisms (LDAP, JWT, SQL, MongoDB, Stormpath)
  • Authorizations: IP check, HTTP method check, profile type verification, Spring Security like security filters (cache control, Xframe), CSRF protection...
  • Application logout support
  • A specific client can be dynamically selected for authentication
  • Path exclusions support
  • New AnonymousClient for advanced use cases
  • Updated OAuth, CAS, SAML and OpenID Connect supports
  • New session store mechanism
  • Customizable callback urls
  • Upgrade to Java 8

Versions 1.0.1, 1.0.2 & 1.0.3:

  • Fix bugs on SAML support

Version 1.0.0:

  • Based on pac4j v1.7: supports for CAS / OAuth / OpenID / SAML / HTTP / GAE / OpenID Connect
Add a custom footer
Add a custom sidebar
Clone this wiki locally