4.0.0

Major new release aligned with Jakarta EE 11. Jakarta Security defines a standard for creating secure Jakarta EE applications in modern application paradigms.

What's Changed

• Initial commit for TCK by @arjantijms in #220
• Clarifications about using EL in property values by @OndroMih in #225
• Migrate the security tests from jakartaee-tck repo by @alwin-joseph in #230
• Test fix: set bean-discovery-mode to all for empty beans in Old security TCK by @alwin-joseph in #232
• Migrate Security TCK documentation from jakartaee-tck by @alwin-joseph in #233
• Organised old tck into a source, build and run module. by @arjantijms in #234
• Add assembly file to zip entire TCK by @arjantijms in #237
• Set PATH and ANT_HOME when building old TCK by @arjantijms in #238
• Migrate security tck signature test from jakartaee-tck by @alwin-joseph in #226
• Add aggregate failsafe report for TCK run by @arjantijms in #240
• Update reporting plugin by @arjantijms in #241
• Add site plugin version to build old, and add skipIts to more plugins by @arjantijms in #242
• Revert previous unnecessary update to speclicense by @arjantijms in #243
• Update copyright by @arjantijms in #244
• Fix link to website by @pzygielo in #245
• Stabilized tomcat tests by @dmatej in #246
• Update versions in pom by @arjantijms in #247
• Add signature module to main pom by @arjantijms in #248
• Move distribution to separate folder by @arjantijms in #249
• Update common dependency to use project placeholder by @arjantijms in #250
• FISH-6084 Added payara-ci-managed profile to tck/pom.xml by @jGauravGupta in #251
• Merge 3.0.0 release branch into master by @arjantijms in #253
• Remove the WildFly profiles from the TCK. by @darranl in #261
• fix typo in authentication dialog section by @jimmy1wu in #257
• update mock OP to use SignedJWT and return preferred_username in user info by @jimmy1wu in #278
• Resolves #263 The HttpMessageContextWrapper should return itself from fluent method call. by @darranl in #264
• Resolves #267 Update the decorator mechanism to use a HttpMessageContextWrapper by @darranl in #268
• Bump jsoup from 1.15.1 to 1.15.3 in /tck by @dependabot[bot] in #271
• Next version of TCK is 3.0.1 by @arjantijms in #279
• Update various versions of dependencies and plugins by @arjantijms in #280
• Fix copy paste errors in app names by @arjantijms in #281
• Add nimbus jar to deployed war for OpenID app by @arjantijms in #282
• change userinfoEndpoint in OpenIdProviderMetadata to optional by @jimmy1wu in #272
• Fix ldap issues in TCK by @arjantijms in #283
• OpenId apps use TLS (HTTPS) as asked for in challenge #273 by @arjantijms in #284
• Allow profile to specify https port for issue #277 by @teddyjtorres in #285
• Update keytool-maven-plugin to 1.7 by @arjantijms in #290
• Update versions in pom, next version is 4.0.0 by @arjantijms in #298
• Require transitive for servlet, authentication and json in module-info by @arjantijms in #299
• Add missing serialVersionUID for LoginToContinue.Literal by @arjantijms in #300
• Remove references to SecurityManager as per #301 by @arjantijms in #302
• Add method to get all declared roles as per #203 by @arjantijms in #303
• Provide a simple in-memory identity store as per #289 by @arjantijms in #304
• Set TCK to 4.0 and JDK for the entire project to JDK 17 by @arjantijms in #306
• Add conveniences by @arjantijms in #308
• Introduce HttpAuthenticationMechanismHandler for #309 by @arjantijms in #310
• Add qualifiers to build-in authentication mechanism beans by @arjantijms in #312
• Add tests for interaction between a Policy and Jakarta Security by @arjantijms in #313
• Make the custom principal Serializable. by @arjantijms in #314
• Fix javadoc error by @arjantijms in #315
• Clarify the mandated behaviour of the mechanism handler. by @arjantijms in #316
• Take qualifiers into account for decoration, add qualifier Any by @arjantijms in #317
• Add new test modules to main pom by @arjantijms in #318
• Update versions in API pom by @arjantijms in #319
• Update to authorization m2, copyright to 2024, and OSGi to Java SE 17 by @arjantijms in #321
• On branch edburns-msft-jea-339-absorb-assertions-from-cdi-integration Built-in beans from CDI integration spec. by @edburns in #323
• Fixes #262: Clarify using hasAccessToWebResource with no methods by @OndroMih in #322
• Update poms by @arjantijms in #324
• Update old tck to run again by @arjantijms in #325
• Update signature test by @arjantijms in #326
• Update list with excluded JDK classes so we can pass on JDK 21 too by @arjantijms in #327
• Tidying up API before proposed final by @arjantijms in #328
• Update spec for 40 by @arjantijms in #329
• Update TCK signature file to align with latest API updates by @arjantijms in #330
• Update EFSL from 1.0 to 1.1 by @arjantijms in #331
• Add missing annotation to list of defined annotations for concepts by @arjantijms in #332

New Contributors

• @OndroMih made their first contribution in #225
• @alwin-joseph made their first contribution in #230
• @pzygielo made their first contribution in #245
• @jGauravGupta made their first contribution in #251
• @darranl made their first contribution in #261
• @jimmy1wu made their first contribution in #257
• @teddyjtorres made their first contribution in #285
• @edburns made their first contribution in #323

Full Changelog: 3.0.0-RELEASE...4.0.0-RELEASE

3.0.0

Major new release aligned with Jakarta EE 10. Jakarta Security defines a standard for creating secure Jakarta EE applications in modern application paradigms.

This release contains as major new edition support for the Open ID Connect authentication mechanism.

What's Changed

• Update README.md API link to https by @srbala in #73
• Removed obsolete Travis badge by @ggam in #75
• Addressing #76 Version number in POM? by @keilw in #77
• fixes two warnings by @arjantijms in #78
• #79 Added wrappers for HttpAuthenticationMechanism and IdentityStore by @arjantijms in #80
• 82 annotation literals by @arjantijms in #83
• Fixed Javadoc ommission by @arjantijms in #84
• #82 - Changed of to builder by @arjantijms in #85
• Updated dependencies to make the project compile on Java 10 by @ggam in #91
• Automatic module name by @ggam in #92
• Updated artifactId and groupId by @ggam in #95
• Disabled Maven Spec Plugin for now by @keilw in #96
• Update artifactId and groupID by @Cousjava in #97
• Jakarta spec fixes by @arjantijms in #98
• Replace dependency for javaee-api by @earcam in #99
• Jakarta POM fixes by @arjantijms in #100
• EE4J_8 release prepare (dependencies in pom.xml updated to jakarta.*) by @senivam in #103
• Update parent pom to 1.0.5 by @Cousjava in #104
• Made CallerPrincipal Serializable by @MattGill98 in #107
• Several pom fixes, but most importantly blocking 1.6.1 JACC by @arjantijms in #108
• Update parent pom to 1.0.5 by @Cousjava in #105
• Update dependencies, remove tabs by @lukasj in #111
• Interceptor API dependency updated to 1.2.4. by @Tomas-Kraus in #114
• Update pom.xml by @arjantijms in #115
• Merge EE4J_8 into master by @arjantijms in #125
• Set version to 1.0.2, remove duplicate plugin, fix javadoc version by @arjantijms in #126
• #124 Prepare Jakarta Security for Jakarta EE 8 Release by @arjantijms in #127
• Boilerplate Spec for master Branch by @dblevins in #129
• Update readme with description and API path by @arjantijms in #131
• Small updated to pom - clarify name for parent and relax JDK8 restr. by @arjantijms in #132
• Update readme javadoc to Jakarta GAV by @arjantijms in #133
• #124 Prepare for 1.0.2 release - update deps to staged versions by @arjantijms in #134
• Reverted master back to 1.0 API by @arjantijms in #135
• Update Jakarta Dependencies by @arjantijms in #137
• Update README.md by @arjantijms in #138
• Update to latest Jakarta EE 8 requirements by @arjantijms in #139
• Update doctitle by removing version by @arjantijms in #140
• Added Eclipse copyright to spec doc by @arjantijms in #141
• Update to new Jakarta Authorization maven coordinates by @arjantijms in #142
• Merge final release branch 1.0.2 by @arjantijms in #144
• Initial version. Still has Java EE refs by @ivargrimstad in #145
• Change Java EE to Jakarta EE by @Cousjava in #146
• Replaced JCP terms (fixes #147) by @ggam in #148
• Proposed fix for #149 by @ggam in #150
• Remove original license and front pages, and unused placeholder scope by @arjantijms in #152
• Consistently rename all files to recommended .adoc by @arjantijms in #153
• Updated Preface with Jakarta people involved by @arjantijms in #154
• Update spec refs for authentication, authorization and expression lan. by @arjantijms in #155
• #156 Jakarta package update, part 1 by @arjantijms in #157
• #156 Update to Jakarta dependencies by @arjantijms in #158
• #156 Updated copyrights and interceptor API by @arjantijms in #159
• Update versions in pom to latest by @arjantijms in #160
• Formatting/ordering of poms by @arjantijms in #161
• #156 Prepare for RC1 release by @arjantijms in #162
• #156 Updated CDI dependency to Jakarta version by @arjantijms in #164
• #156 Prepare for RC2 release by @arjantijms in #165
• Update EFSL for Specifications and Javadoc. solves #168 by @mcserra in #170
• Version back to snapshot, removed unneeded plugin, updated versions by @arjantijms in #171
• Remaining javax-to-jakarta renames by @dblevins in #172
• Update dependency versions in pom by @arjantijms in #173
• Several fixes by @arjantijms in #174
• Add spec.version property so we can easily rename it. by @jeanouii in #175
• Add jakarta- prefix to file names by @jeanouii in #176
• White space and versions by @arjantijms in #178
• 2.0.0 by @arjantijms in #182
• Bump junit from 4.13 to 4.13.1 in /api by @dependabot in #179
• Update dependencies, specifically of asciidoc by @arjantijms in #186
• Switch master over to 3.0 by @arjantijms in #194
• #193 Add wrapper for HttpAuthenticationMechanism by @arjantijms in #195
• #196 - Add missing annotation literals to interceptor bindings by @arjantijms in #197
• #102 Make CallerPrincipal Serializable (again) by @arjantijms in #198
• #193 Add default constructor to wrapper so it can be proxied by @arjantijms in #199
• Move latest copyright to top, to keep copyright plugin happy. by @arjantijms in #201
• OpenIdAuthenticationDefinition Draft. Part of #183. by @rdebusscher in #185
• Update dependencies in poms and copyright year by @arjantijms in #206
• Fix the license so the API actually builds by @arjantijms in #207
• Fix javadoc by @arjantijms in #208
• Fix authentication and authorization versions by @arjantijms in #209
• 184 Add module-info by @arjantijms in #210
• Fix javadoc link by @arjantijms in #211
• Reorg packages for OpenID feature by @arjantijms in #212
• Remove the logout method from the OpenIdContext by @arjantijms in #213
• Remove redundant methods by @arjantijms in #214
• Add attributes to set redirect to original resource by @arjantijms in #215
• Update references to other Jakarta specifications by @arjantijms in #216
• Integrate text for the OpenID Authentication Mechanism by @arjantijms in #217
• Update versions in pom by @arjantijms in #218

New Contributors

• @srbala made their first contribution in #73
• @ggam made their first contribution in #75
• @keilw made their first contribution in #77
• @Cousjava made their first contribution in #97
• @earcam made their first contribution in #99
• @senivam made their first ...