Spring Security 3.2.0.RC1 发布了,包含大量更新和 bug 修复,值得关注的有:
- Polishing of Spring Security Java Configuration
- Uses content negotiation to determine how to prompt user for authentication when multiple authentication mechanisms (i.e. HTTP Basic and Form login) enabled
- AbstractSecurityWebApplicationInitializer allows registering Java Configuration directly
- A number of bugs fixed
- CSRF protection and automatic integration with Spring Web MVC jsp tags
- Automatic cache control support
- Defence against Clickjacking attacks
- HTTP Strict Transport Security support to reduce Man in the Middle attacks
- Samples include pom.xml so they can be imported as Maven projects
- MediaTypeRequestMatcher for matching on requests with content negotiation
- Over ten java configuration samples have been integrated into the samples directory
- Three new guides that walk users through samples and provide detailed instructions on how to do specific tasks. More of these guides will follow in coming releases
相关链接:
Changelog | Download | Reference Manual | Guides | FAQ
引用来自“屁屁果”的评论
引用来自“人头马没面”的评论
shiro也不太适合中国国情
在飞机上,一个小伙子和一位老人并排坐着。
小伙子:“请问,现在几点钟?”
老年人:“我不能告诉你,我要是告诉你现在几点钟,你就会向我表示感谢。
这样,话匣子一打开,就不容易收场了。再过一会儿,我们就会一道下飞机。
在机场上,你又会请我进咖啡馆,我也会请你到我家去做客,我家里有一个小女儿,她长得很漂亮。
于是你就会爱上了她,她也会爱上你,于是你们就会决定结婚。
可是, 你要知道,我决不会把女儿嫁给一个连手表都没有的穷光蛋。”
引用来自“屁屁果”的评论
引用来自“人头马没面”的评论
shiro也不太适合中国国情
引用来自“人头马没面”的评论
shiro也不太适合中国国情