Qwicap version 1.4b1 includes a more flexible, rearchitected authentication & authorization system, includes cleaner core code wherever the code became involved with Servlet life-cycles, futher simplifies web application deployment descriptors, adds three convenience methods to the Results class, and includes numerous improvements to the Javadocs.
The new authentication & authorization system is not backward compatible with the previous one, but neither is it fundamentally different, so adapting an existing
Auth2Scheme implementation to it is a minor matter. Primarily, the architecture has benefitted from the adoption of the factory pattern, while new features permit access to the static content in a web application (web pages, style sheets, etc.) to be regulated, and regulated independently of access to the web application, itself.
As usual, the documentation, download links, etc. can be found on the Qwicap main page.
Change Log for Version 1.4b1
- Filled-in some old gaps in the Javadoc, and made numerous improvements to the Javadoc markup throughout the classes of the public API.
- Added to the authentication & authorization (Auth2) system the ability to regulate access to the static content in a web application, independently of access to the application itself.
- Rearchitected the authentication & authorization (Auth2) code. The new implementation uses an
Auth2SchemeFactoryassociated with each servlet to produce an
Auth2Schemeinstance (optionally associated with each session) which is used to authenticate & authorize each hit in a session. It returns to Qwicap an
Auth2SchemeReplyinstance describing its conclusions, upon which Qwicap acts, restricting access to the web application and/or its static content accordingly. The client application may retrieve the current reply object by using the new
Qwicap.getAuth2SchemeReplymethod. (The old
Qwicap.getAuth2Schememethod has been discontinued.)
- Modified a number of core classes to reflect a better understanding of servlet life cycles. This cleaned-up the code in a number of places, and outright eliminated the need for the internal
- Simplified the web application deployment descriptor (the "web.xml" file) by eliminating the need to specify
edu.utexas.its.eis.tools.qwicap.servlet.QwicapContextas a "listener". Revised the Deployment Descriptor documentation accordingly. (Web applications using previous versions of Qwicap 1.4 will need to remove that "listener" specification from their "web.xml" files.)
- Added several new methods to the