Road Map / TODO List
Last modified by RaffaelloPelagalli on 2007/12/24 12:11
RoadMap/TODO List
1.2
- handle static permissions
- add CAS support
- add JACC support
- add JSR 196 support
- add JCIFS support
- add a better integrated KerberosLoginModule support
- add jGuard-WS-example
- add a secure "remember me"
- add AOP support via AspectJ (compiler-time/first classloading time weaving)
- add AOP support via Spring (proxy-based weaving)
1.1
planned release date:- add jGuard-JSF-example
- remove domain refinement (group of permissions) to enhance ease of use
- transform DTDs into XSDs
- audit feature foundation
- decoupling HTTP rpotocol from AccessFilter for preparing JSF support in the next beta release
1.0 final
- provide integratrion in DWR library for AJAX security
- add 'hasPermission' tag
1.0 Beta 3
- add an isolated authentication mechanism
1.0 Beta 2
- add a complete LDAP support for authentication (LoginModule implementation)
1.0 Beta 1
- add ABAC feature (attribute based access control)
- activate/unactivate a role by user
- maven 2 migration
- subversion migration
- negative permission
- swing example
- support multiple security model (with advanced domain combiners)
- singlePolicy for standalone applications
- handle JMX security(with RMI connector)
- localized execution rights restriction
- activate/passivate roles on the fly
- internationalization of jguard error messages
0.80
- add Jcaptcha integration
- add authenticationManager implementations based on databases with the same mechanism than authorizationManager(properties based)
- fix auto-ddl feature
- refactor database-related loginModules into Jdbcloginmodule with properties (like authorizationManager)
- enhance CRL and OCSP support
- add JNDIAuthorizationManager (very simple)
- refactor database connection handlings (through driverManager or JNDI)
- enhance message digest and salt
0.70
- externalize in an XML file configuration all the web.xml parameters with the corresponding dtd
- add JBoss support
- add the redirect after authentication feature (#1213549)
- add BASIC authentication
- add CLIENT_CERT (server and clients authenticate through certificates) authentication via CRL and OCSP mechanism
- manage any java.security.Permission subclasses with the XML backend(#1202809)
- propagate security controls on any code on the webapp
- add better integration with libraries which use the j2ee secuirty methods from HttpServletRequest ('isUserInrole','getuserPrincipal',and 'getRemoteUser' methods)
- add an auditManager
- add jGuard's own LDAPLoginModule
- add role inheritance
- add registration api
- integrate jGuard tld into jGuard-j2ee.jar