Skip to content

1.5.0-RELEASE

Choose a tag to compare

View all tags
@OhadR OhadR released this 20 Apr 09:53
· 213 commits to master since this release
v.1.5.0.RELEASE
df0ae19

This release contains bug-fixes, and major improvements.

crypto-common

  • issue #15 : Support common-crypto to work on system like GAE, where files cannot be created/stored. So if the keystore does not exist, common-crypto checks a flag before it stores a new-created KS file; in cases of GAE this flag is false.

auth-flows

  • Better support Spring data-structures. Several classes were removed, like AuthenticationUser iface, and some logic from the 'JdbcAuthenticationAccountRepositoryImpl'
  • issue #17 : 'loadUserByUsername()': use 'UsernameNotFoundException' if user not found (never return null). change all callers to adapt.
  • issue #7 : read Auth-Policy from DB
  • issue #11 : add login-success-handler
  • issue #18 : supprt flow: account lock-out after exceeding max login attempts.
    support AuthenticationFailure handler (rather than listener) - so upon exceeding # attempts, user is redirected to "account locked" page. listener cannot (and should not) redirect (it has no request/response)
    add bean declaration in spring-servlet.xml for handler, with all ctor and props.
  • support flow : change password #20 . this flow occurs in 2 cases: (1) after successful login, when password has expired. (2) a link "change password" was clicked in the 'hosting' application.

auth-flows is available from Maven Central:

<dependency>
    <groupId>com.ohadr</groupId>
    <artifactId>authentication-flows</artifactId>
    <version>1.5.0-RELEASE</version>
</dependency>

in the next release:

  • support GAE as another data-source. different implementation for the repository.
Assets 2
Loading