wamblee.org

News

  • 22-Jan-2019: Version 1.3

    Issue Description
    FLEX-11 Support for Payara 5

  • 29-Mar-2011: Version 1.2

    Issue Description
    FLEX-8 Improved logging for SimpleExpiryCacheManagement
    FLEX-10 Statistics

  • 22-Jan-2011: Version 1.1.

    Issue Description
    FLEX-6 Default expiry time should be 60 seconds but turns out to be 60000 seconds
    FLEX-7 Simple Expiry Cache always removes cached entry after garbage collection

  • 22-Jan-2011: Version 1.0. It is now functionally complete and includes (optional) caching to minimize database access.

    Issue Description
    FLEX-4 Flexible JDBC Realm should be available in the central maven repo
    FLEX-1 Upgrade to latest version of utilities library for improved JPA support in unit test of Flexible JDBC Realm.
    FLEX-3 Caching of groups is required for efficiency. In fact caching is now (optionally) done for all database access.
    FLEX-5 Log formatting errors

  • 12-May-2010: Version 0.5 available:

    • More extensive unit test using the wamblee.org security library.
    • Fixes for Glassfish V2.1. Apparently the APIs changed. Now flexible JDBC realm uses standard JNDI lookups for the datasource instead of a glassfish API. Also, it implements the additional groups functionality itself instead of using glassfish APIs.
    • The password.encoding property has been extended so the number of digits to be padded with can be configured. This allows a fix for a problem where SHA-1 encoding in MySQL uses padding to a length of 40 instead of teh default 32. Also simple TEXT encoding has been added by which the byte array of the digest method is just converted to a string.
    • Added charset optional property that allows setting of the charset when converting a password to a byte array as input to the digest algorithm.

  • 7-Feb-2010: Version 0.4 available. Improved logging. Basically traffic related logging (i.e. users being authenticated) is only done with log level FINEST> In addition there are improvements in the internal design.

  • 15-Feb-2009: Version 0.3 available. Fixed a problem in hex encoding so that a hex number is always at least 32 characters long and padded with leading zeroes if needed.

  • 6-Dec-2008: Version 0.2 available. Extension with user-specific password seeding as an option to avoid dictionary attacks. The features in this version are based on feedback from and discussions with Arnaud Rolly from gedial.com.

  • 29-Jan-2008: Version 0.1 available!