InfoQ

News

Acegi Security System for Spring 1.0 is out

Posted by Floyd Marinescu on May 30, 2006 08:45 AM

Community
Java
Topics
Security
Tags
Spring ,
Acegi
Acegi Security 1.0 has just been released, after more than two and a half years of use in large production software projects, 70,000+ downloads and hundreds of community contributions. The Acegi framework is particularly useful with Spring, it offers authentication, authorization, instance-based access control, channel security and human user detection capabilities.

Project founder Ben Alex announced the launch on the SpringFramework forums:
In addition to more than 80 improvements and fixes since 1.0.0 RC2, this new release also includes several changes to help new users. This includes a significant restructure and expansion of the reference guide (now more than 90 pages) and a new "bare bones" tutorial sample application. Furthermore, many of the frequently-identified problems experienced by new users have been addressed, such as custom 403 messages (as opposed to using the Servlet Container's error handler), detecting corrupt property input following the reformatting of XML files, and a new logout filter. We've also refactored our LDAP services, made the SecurityContextHolder a pluggable strategy (especially useful for rich clients who wish to avoid ThreadLocal), and improved CAS support.
Acegi Security began in late 2003 in response to a Spring Developers' mailing list question about whether a Spring-based security implementation was in the works. Since then, Acegi has become one of the few Java security frameworks out there, and definitely one of the most comprehensive.   Insufficient features and lack of portability of Servlet and EJB security standards initially drove interest in Acegi, which since the has evolved into a project with support for most of today's authentication schemes.  While much has been written about authentication, the hardest security challenges (which are also the least discussed) is authorization, for which Acegi supports authorization on web requests, method calls, and even access to individual domain object instances.

Related Sponsor

The Adobe Flash Platform provides everything you need to develop applications, content and video across operating systems and devices.

No comments

Watch Thread Reply

Educational Content

Bindings, Platforms, and Innovation

This presentation focuses on the Internet and separating myth from fact, history from the future, and the mundane from the imaginative. Bob Frankston presents a vision of what could and should be.

  •  Jul 02, 2009,
  •  

Orchestrating Long Running Activities with JBoss / JBPM

This article explores the use of JBoss and jBPM to implement design solutions that effectively address the issue of orchestrating long running activities.

  •  Jul 01, 2009,
  •  

Neo4j - The Benefits of Graph Databases

This presentation covers the use of graph databases as an optimal solution for data that is difficult to fit in static tables, rapidly evolving data or data that has a lot of optional attributes.

Realistic about Risk: Software development with Real Options

This session introduces Real Options and shows how it can help in running your project. Real Options is a decision-making process that can be used to manage risk.

  •  Jun 30, 2009,
  •  

Communication Flexibility Using Bindings

This article discusses the use of bindings on services and references (including the instance of non-configured bindings) as the means to implement SCA communications in a Web and SOA environment.

  •  Jun 30, 2009,
  •  

Writing DSLs in Groovy

After a short introduction to DSLs, Scott Davis plays with the keyboard showing how to approach the creation of a DSL by typing working snippets of Groovy code that get executed.

Scaling Agile with C/ALM (Collaborative Application Lifecycle Management)

IBM Rational and InfoQ present, Scaling Agile with C/ALM, an eBook showing organizations how to become “finely tuned software delivery machines” by enabling team integration and scaling.

Concurrent Programming with Microsoft F#

Amanda Laucher presents a real life enterprise application written in F#. She shows actual code snippets, explaining design decisions and suggesting how to use some of the F# constructs.