Skip to content

Releases: buession/buession-security

v3.0.0

06 Nov 16:38
@eduosi eduosi
v3.0.0
dffa6da
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v3.0.0 Latest
Latest

🔨依赖升级

⭐ 新特性

🔔 变化

  • buession-security-mcrypt 替换为 buession-security-crypto
  • shiro Session DAO 不再实现接口 com.buession.security.shiro.session.SessionDAO,并删除 com.buession.security.shiro.session.SessionDAO
  • shiro Cache 类不再实现接口 com.buession.security.shiro.cache.Cache,并删除 com.buession.security.shiro.cache.Cache
  • shiro Cache Manager 类不再实现接口 com.buession.security.shiro.cache.CacheManager,并删除 com.buession.security.shiro.cache.CacheManager
  • 删除 com.buession.security.pac4j.env.Pac4jIniEnvironment
  • 删除 com.buession.security.pac4j.context.ShiroSessionStore
  • 删除 com.buession.security.pac4j.filter.CallbackFilter
  • 删除 com.buession.security.pac4j.filter.SecurityFilter
  • 删除 com.buession.security.pac4j.filter.LogoutFilter
  • 删除 com.buession.security.pac4j.engine.ShiroCallbackLogic
  • 删除 com.buession.security.pac4j.engine.ShiroSecurityLogic
  • 删除 com.buession.security.pac4j.profile.ShiroProfileManager
  • 删除 com.buession.security.pac4j.realm.Pac4jRealm
  • 删除 com.buession.security.pac4j.subject.Pac4jPrincipal
  • 删除 com.buession.security.pac4j.subject.Pac4jSubjectFactory
  • 删除 com.buession.security.pac4j.token.Pac4jToken
  • buession-security-mcrypt 代码移至 buession-security-crypto,废弃 Mcrypt 和 Mcrypt PasswordGenerator 相关类

🐞 Bug 修复

  • buession-httpclient: 修复 ConnectionManager 未设置 connectionManagerShared 时,无法从 Configuration 中获取 connectionManagerShared 值的 BUG
  • buession-httpclient: 修复 okhttp 设置 followRedirects 时,followSslRedirects 未生效的 BUG

⏪ 优化

  • buession-security-core: 排除不必要依赖
  • buession-security-pac4j: 排除不必要依赖

漏洞修复

Assets 2
Loading

v2.3.3

06 May 14:17
@eduosi eduosi
v2.3.3
0142df0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.3.3

🔨依赖升级

⭐ 新特性

  • buession-security-crypto: 新增密码生成器
  • buession-security-web: XSSFilter 支持 HTML 标签转义和删除

🔔 变化

  • buession-security-mcrypt: 密码生成器逐步过渡至 buession-security-crypto
  • buession-security-pac4j: 移除依赖 org.pac4j:spring-webmvc-pac4j

🐞 Bug 修复

  • buession-security-shiro: 修复 RedisCache 中序列化、反序列化未对 null 进行判断的 BUG
  • buession-security-web: 修复 Csrf 未 指定 mode 时,csrf 配置参数无效的问题
Assets 2
Loading

v2.3.2

27 Dec 03:21
@eduosi eduosi
v2.3.2
55234cd
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.3.2

🔨依赖升级

⭐ 新特性

  • buession-security-captcha: GeetestClient 增加 v3、v4 版本判断方法
  • buession-security-shiro: 增加判断是否具备所有权限 Tag HasAllPermissionsTag

🔔 变化

  • buession-security-shiro: 依赖 javax.servlet.jsp-api 更换为 jakarta.servlet.jsp-api

🐞 Bug 修复

  • buession-security-pac4j: 修复 webflux 模式下 PrincipalMethodArgumentResolver 继承了错误类的 BUG

漏洞修复

⏪ 优化

  • buession-security-captcha: 代码质量优化
  • buession-security-pac4j: 代码质量优化

📔 文档

  • buession-security-shiro: 完善注释
Assets 2
Loading

v2.3.1

17 Nov 05:52
@eduosi eduosi
v2.3.1
3b22bb9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.3.1

🔨依赖升级

⭐ 新特性

  • buession-security-shiro: 新增任意权限 jsp tag HasAnyPermissionsTag

🔔 变化

  • buession-security-mcrypt: Base64 编码、解码使用 java 内置 API
  • buession-security-pac4j: cas client 不再默认引用
  • buession-security-web: 移除 org.bouncycastle 依赖
Assets 2
Loading

v2.3.0

17 Aug 02:19
@eduosi eduosi
v2.3.0
a9b2de1
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.3.0

🔨依赖升级

⭐ 新特性

  • buession-security-crypto: 新增该模块,逐步替代 buession-security-mcrypt
  • buession-security-mcrypt: 新增 SM3、SM4 加密
  • buession-security-mcrypt: 新增 ShaPasswordGenerator、Sm3PasswordGenerator、Sm4PasswordGenerator 密码生成器

⏪ 优化

  • 其它优化
Assets 2
Loading

v2.2.1

31 Mar 13:58
@eduosi eduosi
v2.2.1
13d08da
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.2.1

🔨依赖升级

Assets 2
Loading

v2.2.0

10 Mar 06:30
@eduosi eduosi
v2.2.0
5ca9b7c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.2.0

2.2.0 (2022-03-10)

🔨依赖升级

⭐ 新特性

  • buession-security-web: 新增实验性 jackson HttpMessageConverter 支持 XSS 过滤

🔔 变化

  • buession-security-captcha: AliYunCaptchaClient 构造函数参数 regionId 为 null 或空字符串时,不再抛出异常;而使用默认值

🐞 Bug 修复

  • buession-security-core: 修复 SameSite LAX 值
Assets 2
Loading

v2.1.2

13 Nov 14:39
@eduosi eduosi
v2.1.2
c2c0fcb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.1.2

🔨依赖升级

🐞 Bug 修复

  • buession-captcha: 修复极验 v3 版本生成签名错误的问题
Assets 2
Loading

v2.1.1

18 Aug 09:48
@eduosi eduosi
v2.1.1
c2c0fcb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.1.1

🔨依赖升级

🔔 变化

  • buession-security-pac4j: ProfileUtils.toMap(CommonProfile profile) 从 CommonProfile 转换为 Map 由首先写入 CommonProfile.getAttributes() 的数据,再也入固有字段的数据转换为先写入固有字段的数据,再写入 CommonProfile.getAttributes() 的数据,该变化影响注解 @principal 的转换结果
  • buession-security-pac4j: 废弃注解 @principal 的 id、realName 属性

🐞 Bug 修复

  • buession-security-pac4j: 修复 JsonAjaxRequestResolver 返回值不是合法 JSON 字符的 BUG

Contributors

principal
Assets 2
Loading

v2.1.0

07 Aug 14:57
@eduosi eduosi
v2.1.0
538d999
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2.1.0

🔨依赖升级

⭐ 新特性

  • buession-security-pac4j: 注解 @principal 支持 webflux 环境
  • buession-security-web: 新增 ReferrerPolicy 策略转换器 ReferrerPolicyConverter

🔔 变化

  • buession-security-mcrypt: 废弃加密类中仅传递字符串形式的编码的构造函数
  • buession-security-pac4j: 优化注解 @principal HandlerMethodArgumentResolver,继承 spring 原生 HandlerMethodArgumentResolver 实现抽象类

🐞 Bug 修复

  • buession-security-web: 修复 HttpSecurity 构建器 ReactiveHttpSecurityBuilder、ServletHttpSecurityBuilder 中 Boolean 类型未判断 null 的 BUG

Contributors

principal
Assets 2
Loading