decoupling HTTP rpotocol from AccessFilter for preparing JSF support in the next beta release
1.0 final
provide integratrion in DWR library for AJAX security
add 'hasPermission' tag
1.0 Beta 3
add an isolated authentication mechanism
1.0 Beta 2
add a complete LDAP support for authentication (LoginModule implementation)
1.0 Beta 1
add ABAC feature (attribute based access control)
activate/unactivate a role by user
maven 2 migration
subversion migration
negative permission
swing example
support multiple security model (with advanced domain combiners)
singlePolicy for standalone applications
handle JMX security(with RMI connector)
localized execution rights restriction
activate/passivate roles on the fly
internationalization of jguard error messages
0.80
add Jcaptcha integration
add authenticationManager implementations based on databases with the same mechanism than authorizationManager(properties based)
fix auto-ddl feature
refactor database-related loginModules into Jdbcloginmodule with properties (like authorizationManager)
enhance CRL and OCSP support
add JNDIAuthorizationManager (very simple)
refactor database connection handlings (through driverManager or JNDI)
enhance message digest and salt
0.70
externalize in an XML file configuration all the web.xml parameters with the corresponding dtd
add JBoss support
add the redirect after authentication feature (#1213549)
add BASIC authentication
add CLIENT_CERT (server and clients authenticate through certificates) authentication via CRL and OCSP mechanism
manage any java.security.Permission subclasses with the XML backend(#1202809)
propagate security controls on any code on the webapp
add better integration with libraries which use the j2ee secuirty methods from HttpServletRequest ('isUserInrole','getuserPrincipal',and 'getRemoteUser' methods)