Changes Report

Release History

Version Date Description
3.0 2017-03-05 Overhaul for Tomcat 8.5
2.1 2016-06-09 Minor improvements and new features
2.0 2016-03-16 Major documentation and realm overhaul

Release 3.0 – 2017-03-05

Type Changes By
Add Introduce GSSRealm interface for third-party implementations michael-o
Update ActiveDirectoryPrincipal now implements TomcatPrincipal michael-o
Add Add proper warning if referrals are expected to handle, but Oracle JDNI provider not able to do so michael-o
Update Renamed attribute resourceName to dirContextSourceName in ActiveDirectoryRealm michael-o
Remove Remove code portions already implemented in Tomcat 8.5 michael-o
Update Attribute storeDelegatedCredential has been moved to GSSAuthenticatorBase michael-o
Remove Remove custom classes already present in Tomcat 8.5 michael-o
Update Full code update to Tomcat 8.5 michael-o

Release 2.1 – 2016-06-09

Type Changes By
Add A CombinedActiveDirectoryRealm which iterates over multiple ActiveDirectoryRealms michael-o
Remove Don't return principal with NULL_SID if not found in Active Directory michael-o
Add Have ActiveDirectoryPrincipal expose roles as SID strings via #getRoles() michael-o
Update Upgrade to DirContextSource 1.3 michael-o
Remove Don't log that referral throw is not handled michael-o
Fix Make #getRelativeName() comparison case-insensitive as per RFC 2253 michael-o
Fix Avoid number overflows while parsing a SID from bytes michael-o

Release 2.0 – 2016-03-16

Type Changes By
Add ActiveDirectoryRealm will properly inform about referral handling and log when not possible/failed michael-o
Add Return anonymous principal (ANONYMOUS_SID) if GSS context is anonymous michael-o
Update Realms return now principals with NULL_SID if not found instead of null because users are fully authenticated anyway michael-o
Add Add equals and hashCode to Sid michael-o
Update User search in ActiveDirectoryRealm will ignore users which are disabled michael-o
Update Change in signatures of GSSRealmBase michael-o
Update Authenticator and realm prefix 'GssAware' has been shortened to 'GSS' only michael-o
Remove Authenticators do not analyze X-Requested-With header anymore michael-o
Fix NTLM type 1 message is properly detected now michael-o
Update Authenticators will fail with Internal Server Error if security context requires continuation michael-o
Remove Property strippableRoleNamePrefixes on realms has been removed michael-o
Update HTTP connections aren't closed on successful authentiction anymore michael-o
Update Improved logging messages michael-o
Update Improved overall documentation michael-o
Add Created VisualBasic scripts to mimic the UsernameSearchMapper implementations michael-o
Add Added an immutable SID (security identifier) implementation michael-o
Update Make roles by default stored as SID strings derived from objectSid and sIDHistory michael-o
Update Retrieve security-enabled roles only michael-o
Update Search in Active Directory for user and machine accounts only michael-o
Remove ActiveDirectoryPrincipal does not contain the mech OID and DN anymore michael-o
Add ActiveDirectoryRealm queries role mappings from Context michael-o
Add Retrieve additional attributes from AD and store in the ActiveDirectoryPrincipal michael-o
Add Added documentation for Spring Security michael-o