OACC Framework v2.0.0-rc.8

« Changelog History

OACC Framework v2.0.0-rc.8 Release Notes

• 🚀 Release date: 2017-06-07

  🚀 Summary of changes in this release:

  • ➕ adds support for pluggable password encryptors to the built-in SQLPasswordAuthenticationProvider, and prefixes the password hash with an identifier for the encryptor settings that created the hash
  • ➕ adds a Jasypt-based password encryptor implementation with configurable digest parameters
  • ➕ adds an OpenBSD-based bcrypt password encryptor implementation
  • ➕ adds a transitioning password encryptor that can check existing passwords hashed with an old encryptor, but creates hashes with a new encryptor
  • 🗄 deprecates old factory methods for SQLAccessControlContext that did not specify a SQLPasswordAuthenticationProvider
  • ➕ adds a PasswordEncryptor parameter to SQLAccessControlContext factory methods that did not already take a SQLPasswordAuthenticationProvider
  • 💻 SQLAccessControlSystemInitializer now requires a new -pwdencryptor command line argument
  • 🗄 deprecates LegacyJasyptPasswordEncryptor (formerly known as StrongCleanablePasswordEncryptor)
  • 📇 renames CleanablePasswordEncryptor interface to PasswordEncryptor
  • replaces Jasypt-based Unicode text normalization with up-to-date (and backwards compatible) ICU4J implementation, and applies it across all password encryptors
  • 🛠 fixes #31 - SQLAccessControlSystemInitializer command line tool now correctly accepts not specifying dbSchema
  • 👉 makes several command line arguments of SQLAccessControlSystemInitializer optional for databases that do not require them, and improves usage info
  • 🔄 changes Resource's toString() to output a more accurate and future-proof representation
  • modifies toString() on all permission implementations for simplicity and consistency
  • ➕ adds equals() and hashCode() methods to the PasswordCredentials implementation
  • 🛠 fixes acciente/oacc-db#3 - changes case of table identifiers in SQL statements to match the database setup scripts
  • 🔨 refactors internal SQLAccessControlSystemInitializer to delegate to AuthenticationProvider and to use Credentials
  • ⚡️ updates SQLPasswordAuthenticationProvider's serialVersionUID due to serialization-incompatible structural changes
  • ✂ removes unused SQLDialect parameter in the SQLPasswordAuthenticationProvider constructors
  • ✂ removes the JUnit test suite classes to simplify running all tests, and removes obsolete test classes
  • 👌 improves Javadoc comments and fixes typos
  • ⚡️ updates dependencies to latest versions in pom.xml, and adds the PostgreSQL JDBC driver (test scope)
  • ✂ removes obsolete configuration of surefire plugin in pom.xml and updates licensing-related information
  • ⚡️ updates copyright notices

  Summary of API changes:

  • *New feature* Pluggable password encryptors
    • Prior to this release, OACC's built-in authentication provider used a Jasypt-based password hash. Now OACC supports configuring the password hashing scheme and provides two implementations of the PasswordEncryptor interface: Jasypt and BCrypt.
    • adds a Jasypt-based password encryptor implementation with configurable digest parameters
    • adds an OpenBSD-based bcrypt password encryptor implementation
    • adds a transitioning password encryptor that can check existing passwords hashed with an old encryptor, but creates hashes with a new encryptor
    • deprecates and moves StrongCleanablePasswordEncryptor to LegacyJasyptPasswordEncryptor
    • renames CleanablePasswordEncryptor interface to PasswordEncryptor
    • updates SQLPasswordAuthenticationProvider's serialVersionUID due to serialization-incompatible structural changes
    • adds new factory methods to SQLAccessControlContextFactory that take a PasswordEncryptor parameter
    • SQLAccessControlSystemInitializer now requires a new -pwdencryptor command line argument, but several command line arguments become optional for databases that do not require them
    • adds support to provide alternate resource identifier to createResource() with externalId String parameter
    • allows one-time setting of alternate resource identifier to an existing resource via the new setExternalId() method
    • adds externalId to Resource and modifies getId() to return Long instead of a primitive
  • 🔄 changes Resource's toString() to output a more accurate and future-proof representation
  • modifies toString() on all permission implementations for simplicity and consistency
  • ➕ adds equals() and hashCode() methods to the PasswordCredentials implementation
  • *Deprecation* deprecates old factory methods for SQLAccessControlContext that did not specify a SQLPasswordAuthenticationProvider
  • *Deprecation* deprecates LegacyJasyptPasswordEncryptor (formerly known as StrongCleanablePasswordEncryptor)

  🐛 Bug fixes:

  • 🛠 fixes #31 - SQLAccessControlSystemInitializer command line tool now allows not specifying the optional dbschema
  • 🛠 fixes acciente/oacc-db#3 - changes case of table identifiers in SQL statements to match the database setup scripts

  🚀 Use the following dependency to include this release of OACC into your Maven project:

  <dependency>
    <groupId>com.acciente.oacc</groupId>
    <artifactId>acciente-oacc</artifactId>
    <version>2.0.0-rc.8</version>
  </dependency>
  

  🚀 Corresponding oacc-db release:
  🚀 The version of the oacc-db database configuration scripts to be used with this release can be found here.

• All Versions
• Previous v2.0.0-rc.7
• Latest Version