Spring Security 3.0.0 Released

Luke Taylor · #1 Dec 23rd, 2009, 08:59 AM

We're pleased to announce the Spring Security 3.0.0 final release. It is available from the SpringSource downloads area and from the Maven central repository.

Thanks to everyone in the community who's helped by kicking the tyres of the milestones and release candidates and providing feedback.

Check out the changelog to find out what's in the final release. Its probably worth browsing previous 3.0.x issues too if this is the first time you've tried one of the series.

There are a number of areas where functionality has changed since 2.0

All namespace configurations must now include the <authentication-manager> element in order to instantiate the AuthenticationManager (it is no longer created internally).
Namespace elements which create an AuthenticationProvider instance must be declared as children of the <authentication-manager>.
The use of <custom-authentication-provider> has been dropped. Use <authentication-provider ref='yourProviderBeanName'> as a child of the <authentication-manager> element.
<custom-filter> should no longer be used to decorate filter beans, but used with a ref="yourFilterBean" attribute as a child of the <http> block.
<custom-after-invocation-provider> declarations should be replaced by <after-invocation-provider ref='yourProviderBeanName'>
within the <global-method-security> element.
Changes to concurrent session control syntax https://jira.springsource.org/browse/SEC-1229. (see the reference manual for full details)
Changes in authentication filter names https://jira.springsource.org/browse/SEC-1259.

If you encounter problems, please check the reference manual and sample applications which have all been updated to reflect these changes.

The project packaging and jars have also been changed in version 3.0. This blog entry on the M1 release contains more information.

We hope you enjoy the release.

vw729 · #2 Dec 23rd, 2009, 06:56 PM

Great!

Have anyone downloaded it yet? I get "This link appears to be broken" for the download link http://s3.amazonaws.com/dist.springf....0.RELEASE.zip.

Bohtvaroh · #3 Dec 24th, 2009, 11:45 AM

QQ.

What should we use now instead of TargetUrlResolver? I use custom URL resolver in my app to redirect to different URLs based on user role.

snicoll · #4 Dec 28th, 2009, 03:38 AM

Does this version officially supports Spring 2.5?

Luke Taylor · #5 Dec 28th, 2009, 06:49 AM

Quote:

Originally Posted by snicoll

Does this version officially supports Spring 2.5?

No.

http://static.springsource.org/sprin...q-requirements

Luke Taylor · #6 Dec 28th, 2009, 06:52 AM

Quote:

Originally Posted by Bohtvaroh

QQ.

What should we use now instead of TargetUrlResolver? I use custom URL resolver in my app to redirect to different URLs based on user role.

Use an AuthenticationSuccessHandler instead.

http://static.springsource.org/sprin...-flow-handling

Bohtvaroh · #7 Dec 28th, 2009, 08:17 AM

Thanks, Luke.

Another problem I got:

PHP Code:


			
Unable to locate Spring NamespaceHandler for XML schema namespace [http://www.springframework.org/schema/security]

These jars: spring-security-acl-3.0.0.RELEASE.jar, spring-security-core-3.0.0.RELEASE.jar, spring-security-taglibs-3.0.0.RELEASE.jar, spring-security-web-3.0.0.RELEASE.jar are on classpath.

Luke Taylor · #8 Dec 28th, 2009, 08:38 AM

Namespace parsing code is in the spring-security-config jar:

http://static.springsource.org/sprin...n.html#modules

Bohtvaroh · #9 Dec 28th, 2009, 09:42 AM

Thanks, Luke. Now the migration is done. Good work!

jitabc · #10 Dec 29th, 2009, 06:37 PM

thank you,good job!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode