diff --git a/src/site/apt/index.apt b/src/site/apt/index.apt index d9f2fb5315..4b60fc80ca 100644 --- a/src/site/apt/index.apt +++ b/src/site/apt/index.apt @@ -2,16 +2,59 @@ Spring Security -------------------------------- -What is Spring Security? +Spring Security - Formerly the Acegi Security System for Spring (which became an official Spring - Portfolio project towards the end of 2007), Spring Security provides powerful and + Formerly the Acegi Security System for Spring, Spring Security provides powerful and flexible security solutions for enterprise applications developed using the Spring Framework. It is a stable and mature product - Acegi Security 1.0.0 was released in May 2006 after more than two and a half - years of use in large production software projects. + years of use in large production software projects and adopted as an official Spring sub-project on its release. - Spring Security 2.0 builds on Acegi Security's solid foundations, adding new features such as a simplified - namespace configuration syntax. - + Spring Security 2.0.0 builds on Acegi Security's solid foundations, adding many new features: + + * Simplified namespace-based configuration syntax. Old configurations + could require hundreds of lines of XML but our new convention over configuration + approach ensures that many deployments will now require less than 10 lines. + + * OpenID integration, which is the web's emerging single sign on + standard (supported by Google, IBM, Sun, Yahoo and others) + + * Windows NTLM support, providing easy enterprise-wide single sign on + against Windows corporate networks + + * Support for JSR 250 ("EJB 3") security annotations, delivering a + standards-based model for authorization metadata + + * AspectJ pointcut expression language support, allowing developers to + apply cross-cutting security logic across their Spring managed objects + + * Substantial improvements to the high-performance domain object + instance security ("ACL") capabilities + + * Comprehensive support for RESTful web request authorization, which + works well with Spring 2.5's @MVC model for building RESTful systems + + * Long-requested support for groups, hierarchical roles and a user + management API, which all combine to reduce development time and + significantly improve system administration + + * An improved, database-backed "remember me" implementation + + * Support for portlet authentication out-of-the-box + + * Support for additional languages + + * Numerous other general improvements, documentation and new samples + + * New support for web state and flow transition authorization through + the Spring Web Flow 2.0 release + + * New support for visualizing secured methods, plus configuration + auto-completion support in Spring IDE + + * Enhanced WSS (formerly WS-Security) support through the Spring Web + Services 1.5 release + + * Updated support for CAS single sign-on (CAS 3 is now supported). - ~~ TODO: Expand based on original Acegi page. \ No newline at end of file + + ~~ TODO: Expand based on original Acegi page to supply full feature set. \ No newline at end of file