Apache Shiro 1.3.0 发布,轻量安全框架

2016年07月26日

Apache Shiro 1.3.0 发布了。此版本解决了包含自1.2.6版以来的26个问题,目前可供下载。

更新内容:

Bug

  • [SHIRO-373] - Complete CAS remember-me support

  • [SHIRO-397] - SingleArgumentMethodEventListenerTest fails

  • [SHIRO-421] - Unable to set long timeouts on HttpServletSession

  • [SHIRO-435] - SecurityManager is not a singleton in ShiroWebModule

  • [SHIRO-473] - DefaultAnnotationResolver.getAnnotation throws NullPointerException

  • [SHIRO-480] - setTarget method in DomainPermission does not set targets

  • [SHIRO-483] - passwordsMatch() returns false with right plain password-encrypted password in JVM with default locale tr_TR

  • [SHIRO-502] - OSGi import of com.google.inject in shiro-guice has incorrect version range

  • [SHIRO-515] - ExecutorServiceSessionValidationScheduler leaks resources due to improper synchronization

  • [SHIRO-547] - Use MessageDigest#isEqual() instead of Arrays#equals() for comparing digests

  • [SHIRO-568] - hash iterations is calculated wrongly in SimpleHash

  • [SHIRO-570] - SimpleCookie should check the path of the cookie

改进

  • [SHIRO-278] - Rename JndiLdapRealm to DefaultLdapRealm

  • [SHIRO-300] - WildcardPermission: change visibility of field 'parts' to protected

  • [SHIRO-361] - HttpServletResponse.encodeURL: only append JSESSIONID when necessary

  • [SHIRO-428] - AuthorizingRealm "no cache" logging should be at DEBUG level, not INFO, OR is should log only once

  • [SHIRO-437] - WildcardPermission: conformed toString

  • [SHIRO-514] - ExecutorServiceSessionValidationScheduler should create threads with a configurable name

  • [SHIRO-564] - WildcardPermission case-insensitive makes parts collections twice

  • [SHIRO-566] - CollectionUtils should use Collections wrappers of arrays if possible

新特性

  • [SHIRO-200] - Add ability to configure basic authentication for specific HTTP methods

  • [SHIRO-395] - Add an Event Bus for event publishing and low-coupling for custom components/plugins.

  • [SHIRO-412] - Hazelcast-based caching and session clustering

  • [SHIRO-436] - Add EnvironmentLoader finalizeEnvironment method

Task

  • [SHIRO-208] - Correct JDK 1.5 / 1.6 incompatibilities

  • [SHIRO-571] - Mark shiro-cas deprecated (replaced with buji-pac4j)

下载地址:

Latest Stable Release (1.3.0)

详情:http://shiro.apache.org/download.html

Shiro 是一个权限控制框架,因其简单而又不失强大的特点引起了不少开发者的注意。

展开阅读全文
35 收藏
分享
加载中
最新评论 (6)
现在新推出了一个权限框架,叫jCasbin(https://github.com/casbin/jcasbin)。jCasbin采用了元模型的设计思想,支持多种经典的访问控制方案,如ACL、RBAC、ABAC,还支持对RESTful API的控制。现在已经支持Spring Boot、JFinal等Web框架了。需要中文文档的话,可以在百度搜索:jCasbin
2018-09-21 20:10
0
回复
举报
好东西啊
2016-07-31 23:41
0
回复
举报
什么时候能出2.0……
2016-07-27 07:26
0
回复
举报
更新
2016-07-26 20:55
0
回复
举报
牛逼哄哄的更新了,马上更新
2016-07-26 14:31
0
回复
举报
这回更新了啥?
2016-07-26 14:16
0
回复
举报
更多评论
6 评论
35 收藏
分享
返回顶部
顶部