Google Site Search


Saturday, May 12, 2007

Have you noticed JBoss4.2.0.GA?

If you have not noticed Rajesh's email on the development mailing list, then you should look at the new JBoss 4.2.0.GA release to the community.

You can download it from:

The release notes:

For security, the following may be interesting:
[ JBAS-1824 ] JACC: * in web.xml should allow configurable authorization bypass
[ JBAS-2895 ] Extend SecureIdentityLoginModule to externalize the secret
[ JBAS-3400 ] JaasSecurityManagerService can show security provider/JCA algorithm information
[ JBAS-1537 ] When Tomcat error handler is invoked, JBossGenericPrincipal is returned instead of custom principal
[ JBAS-4158 ] JACC:WebUserDataPermission creation for unchecked policy should consider excluded constraints
[ JBAS-4149 ] Update Jacc Authorization to consider deployment level roles

There are other security related stuff in the release.

If you have an opportunity, just use it.

No comments: