Ben Alex has announced that Acegi Security release 0.9.0 is now available. This release includes 70 improvements and fixes, with several new features including JCaptcha (human user detection) support, a web.xml to Acegi Security migration tool, Java 5 annotations, "switch user" style capabilities for web applications, and SiteMinder integration.

Please see the release notes for a detailed changelog. Upgrade instructions (from 0.8.x to 0.9.0) are included in the release ZIP file.

Congrats, Ben et al! I found Acegi a very useful, for example to implement rememberme and the like. Also, the doco is quite good.

-Stefan

I had a look at Acegi Security to enhance my application. The main thing I found missing is the notion of a Group, like the java.security.acl.Group. Is this likely to appear in the final release or is there some fundamental reason why this is not implemented?

I've found that the easiest way to support groups using Acegi is to associated them with roles in your AuthenticationDao implementation.

I had a look at Acegi Security to enhance my application. The main thing I found missing is the notion of a Group, like the java.security.acl.Group.

You might want to take a look at section 1.2 in the docs:

http://acegisecurity.org/docbook/acegi.html

Acegi uses the "Principal"(ala JAAS) concept instead of groups/roles. A little different nomenclature but the ideas are the similar.