Skip to content
CAS in the cloud LELEU Jérôme edited this page Dec 21, 2022 · 60 revisions

See the pac4j release notes as well.

Version 10.0.0:

  • Update to pac4j v6

Version 9.0.0:

  • Upgrade to JDK 17 and Spring 6

Version 8.0.0:

  • spring-security-pac4j is now only a bridge which must be used with a pac4j security library (for example: javaee-pac4j)
  • Support for Spring Security reactive

Version 7.0.3:

Version 7.0.2:

Version 7.0.0:

  • Update to pac4j v5.4 (pulls pac4j-javaee)

Version 6.2.0:

  • Update to pac4j v5.3

Version 6.1.0:

  • Update to pac4j v5.2 (pulls pac4j-jee)

Version 6.0.0:

  • Update to pac4j v5
  • Update to Java 11

Version 5.1.0:

  • The CallbackFilter may call the Spring Security filters
  • Fix back-channel logout calls
  • Clear the Spring Security context when clearing the pac4j context (remove method in the SpringSecurityProfileManager)
  • Update to pac4j v4.0.1

Version 5.0.0:

  • Update to pac4j v4
  • Upgrade to Spring Security v5.3

Version 4.1.0:

  • Upgrade to pac4j v3.3
  • The LogoutFilter may only apply for a specific path suffix
  • Upgrade to Spring Security v5.1

Version 4.0.0:

  • Upgrade to pac4j v3

Version 3.1.0:

  • Upgrade to Spring (Security) v5
  • Upgrade to pac4j v2.3.1

Version 3.0.0:

  • Upgrade to pac4j v2.1.0
  • Use the new LogoutFilter to handle both local and identity server logout mechanisms

Version 2.1.2:

  • authentication.name and authentication.principal return relevant values

Version 2.1.1:

  • Upgrade to pac4j v1.9.4 (security fix)

Version 2.1.0:

  • The CallbackFilter applies on a /callback URL by default
  • The Pac4jEntryPoint can be defined with the config and clientName parameters to redirect to an identity provider for login

Version 2.0.1:

  • Upgrade to pac4j v1.9.2 (improved CAS, JWT and OpenID Connect supports)
  • Replace SpringSecurityContext by SpringSecurityProfileManager

Version 2.0.0:

  • Based on pac4j v1.9.1 (Java 8, Spring Security 4.1, Servlet 3.1...)
  • Using all pac4j capabilities: clients, authorizers, matchers, SecurityFilter, CallbackFilter
  • Multi-profiles support

Version 1.4.3:

  • Based on pac4j v1.8.8

Version 1.4.2:

  • Based on pac4j v1.8.7
  • Pass a web context to the authentication provider (for the getUserProfile method)

Version 1.4.1:

  • Upgrade to pac4j v1.8.2 (improved JWT support)
  • Use the current failure handler (instead of the success handler) when no credentials are returned by the identity provider

Version 1.4.0:

  • Upgrade to pac4j v1.8.1 (Updated OAuth, CAS, SAML, OpenID Connect supports + customizable callback urls)

Version 1.3.0:

  • Credentials can now be erased by the ProviderManager
  • Upgrade to Spring Security 4
  • Upgrade to Java 7
  • Upgrade to Servlet 3.0.1
  • Callback endpoint is /callback (instead of /j_spring_pac4j_security_check) by default

Version 1.2.5:

  • Update to pac4j v1.7
  • OpenID Connect protocol support
  • Strava OAuth identity provider support

Version 1.2.4:

  • Update to pac4j 1.6.0 (new Google App Engine module, support for Yahoo with OpenID, Support for ORCiD / OAuth)
  • Upgrade to Java 6

Version 1.2.3:

  • Upgrade to Spring Security 3.2.2
  • add Bitbucket support

Version 1.2.2:

  • Update to pac4j 1.5.0 : new PayPal OAuth 2.0 support
  • remove myopenid.com support
  • add vk.com support
  • add Foursquare support
  • add SAML support

Version 1.2.1:

  • Update to pac4j 1.4.1 : new LinkedIn OAuth 2.0 and Google OpenID providers

Version 1.2.0:

  • Switch to pac4j 1.4.0 : add CAS, OpenID and HTTP supports

Version 1.1.0:

  • All providers have a CommonProfile
  • Multiple providers can be gathered in a ProvidersDefinition and share the same OAuth callback url

Version 1.0.0:

  • This is the first version of the library
  • Support of DropBox, Facebook, GitHub, Google, LinkedIn, Twitter, Windows Live, WordPress and Yahoo
Clone this wiki locally