Release notes - pac4j/play-pac4j GitHub Wiki

See the pac4j release notes as well.

Version 12.0.0-PLAY3.0:

  • Update to Play 3.0

Version 12.0.0-PLAY2.9:

  • Update to Play 2.9
  • Removed the play-pac4j_2.12 module and added the play-pac4j_3 module (Scala 3 support)

Version 12.0.0-PLAY2.8:

  • Use JsonSerializer for PlayCacheStore and PlayCookieSessionStore
  • Update to pac4j v6 and JDK 17
  • Removed Deadbolt support

Version 11.1.0-PLAY2.8:

  • Update to pac4j v5.3

Version 11.0.0-PLAY2.8:

  • Update to pac4j v5

Version 10.0.2:

  • Update to Play 2.8.2
  • Update to pac4j v4.1

Version 9.0.2:

  • Update to pac4j v4.1

Version 10.0.1:

  • Update to pac4j v4.0.1
  • Fix a backward compatibility issue on the PlayCookieSessionStore
  • Solves the definition of the callback endpoint for the SecurityFilter

Version 10.0.0:

  • Upgrade to Play 2.8

Version 9.0.1:

  • Update to pac4j v4.0.1
  • Fix a backward compatibility issue on the PlayCookieSessionStore
  • Solves the definition of the callback endpoint for the SecurityFilter

Version 9.0.0:

  • Added Scala 2.13 support
  • Upgrade to Play 2.7.4
  • Big refactoring of the lib to use Http.RequestHeader instead of Http.Context
  • Upgrade to Deadbolt 2 v2.7.1
  • Upgrade to pac4j v4
  • Clean the SecurityFilter from the specific keywords: _authenticated_ and _anonymous_

Version 8.0.2:

  • Improve security on the ShiroAesDataEncrypter
  • Update to pac4j v3.8.3

Version 8.0.1:

  • Fix a bug on the PlayCacheSessionStore when using a prefix

Version 8.0.0:

  • Update to Play 2.7.2
  • Update to pac4j v3.7.0

Version 7.0.1:

  • Update to pac4j v3.6.1
  • Supports all PlaySessionStore with the Pac4jScalaTemplateHelper

Version 7.0.0:

  • Update to pac4j v3.5.0
  • DefaultHttpActionAdapter is renamed as PlayHttpActionAdapter
  • Scala SecurityFilter refactoring
  • PlayCacheSessionStore refactoring to allow session renewal
  • Updated the Deadbolt integration to support direct clients

Version 6.1.0:

  • Added a PlayCookieSessionStore
  • Check authorizations using the Pac4jScalaTemplateHelper
  • Update to pac4j v3.2

Version 6.0.1:

  • Fix for the default port in the getServerPort method

Version 6.0.0:

  • Upgrade to pac4j v3.0.0
  • Get the profile within a Twirl template via the Pac4jScalaTemplateHelper

Version 5.0.0:

  • Supports for Scala 2.11 and Scala 2.12: the artifact is play-pac4j_2.x (usage of %% recommended)
  • Upgrade to pac4j v2.2.1
  • Revamped the Security trait

Version 4.1.1:

  • Bugfix to avoid a NPE on the body parsing

Version 4.1.0:

  • Matchers support
  • Handle body parameters in Scala
  • Deadbolt support in Scala
  • Upgrade to pac4j v2.2.0

Version 4.0.0:

  • Upgrade to Play 2.6.6
  • Upgrade to pac4j v2.1

Version 3.1.0:

  • Matchers support
  • Handle body parameters in Scala
  • Upgrade to pac4j v2.1

Version 3.0.0:

  • Upgrade to pac4j v2
  • The ApplicationLogoutController has been renamed as LogoutController and the PlayCacheStore as PlayCacheSessionStore

Version 2.6.2:

  • Added the Pac4jRoleHandler for Deadbolt to determine permissions for roles

Version 2.6.1:

  • Fix an issue with the Security trait when dealing with JSON

Version 2.6.0:

  • Deadbolt 2 support (Java only)

Version 2.5.2:

  • Upgrade to pac4j v1.9.4

Version 2.5.0:

  • Use the CacheApi instead of the Cache and make the sessionStore injectable
  • Merge the profileTimeout and sessionTimeout into a single timeout

Version 2.4.2:

  • Upgrade to pac4j v1.9.4 (security fix)

Version 2.4.1:

  • Upgrade to pac4j v1.9.2 (improved CAS, JWT and OpenID Connect supports)
  • Fix a bug in cookies (null domain or maxAge)
  • Use the HttpExecutionContext to make calls asynchronous

Version 2.4.0:

  • Upgrade to Play 2.5
  • Based on pac4j v1.9.0

Version 2.3.2:

  • Upgrade to pac4j v1.9.4 (security fix)

Version 2.3.1:

  • Upgrade to pac4j v1.9.2 (improved CAS, JWT and OpenID Connect supports)
  • Fix a bug in cookies (null domain or maxAge)

Version 2.3.0:

  • Upgrade to pac4j v1.9, but still Play 2.4
  • Multi-profiles support
  • the RequiresAuthentication annotation is renamed as Secure (in Java) and the RequiresAuthentication functions in the Security trait are renamed as Secure (in Scala)

Version 2.2.0:

  • Upgrade to Play 2.5, but still pac4j v1.8

Version 2.1.0:

  • The security can be handled via a specific filter
  • The play-pac4j-java and play-pac4j-scala_2.11 modules have been merged into a single module: play-pac4j
  • Upgrade to pac4j v1.8.6

Version 2.0.1:

  • The session store and default HTTP action handler are handled at the Config level
  • Upgrade to pac4j v1.8.3

Version 2.0.0:

  • Fully based on dependency injection (Play 2.4)
  • Based on pac4j v1.8: REST support (basic auth, header, request parameter, IP), new authentication mechanisms (LDAP, JWT, SQL, MongoDB, Stormpath), authorizations
  • Allow specific data store
  • Allow specific HTTP action handler
  • Application logout support
  • A specific client can be dynamically selected for authentication

Version 1.5.0:

  • Upgrade to Play 2.4 (Java 8)
  • New SecurityCallbackController class, SecureController class and Security trait to replace the old CallbackController, JavaController and ScalaController

Version 1.4.0:

  • Update to pac4j v1.7 (OpenID Connect + Strava - Google OpenID)
  • Support direct authenticated calls in Java

Versions 1.2.3 & 1.1.5:

  • Update to pac4j v1.7 (OpenID Connect + Strava - Google OpenID)

Version 1.3.0:

  • Update to pac4j 1.6.0 (new Google App Engine module, support for Yahoo with OpenID, Support for ORCiD / OAuth)
  • Upgrade to Java 6
  • Support for Play 2.3

Versions 1.2.2 & 1.1.4:

  • Update to pac4j 1.6.0 (new Google App Engine module, support for Yahoo with OpenID, Support for ORCiD / OAuth)
  • Upgrade to Java 6

Versions 1.1.3 & 1.2.1:

  • Add Bitbucket support

Version 1.2.0:

  • Upgraded for Play 2.2
  • Callback URLs can be dynamically computed according to the current host and port
  • remove myopenid.com support
  • add Paypal and vk.com support
  • add Foursquare support

Version 1.1.2:

  • Callback URLs can be dynamically computed according to the current host and port
  • remove myopenid.com support
  • add Paypal and vk.com support

Version 1.1.1:

  • Update to pac4j 1.4.1 : new LinkedIn OAuth 2.0 and Google OpenID providers
  • A previous authentication is not overridden by a new failed one (like Spring Security's behaviour)
  • Handle AJAX requests properly to return 401 error code instead of redirection to the provider (login page)

Version 1.1.0:

  • Switch to pac4j 1.4.0 : add CAS, OpenID and HTTP supports

Version 1.0.0:

  • This is the first version of the library
  • Support of DropBox, Facebook, GitHub, Google, LinkedIn, Twitter, Windows Live, WordPress and Yahoo