2.0.0-alpha available

[SHIRO-772] - PowerMock blocks JDK 11+ builds

[SHIRO-773] - Outdated Groovy version does not work with JDK14

[SHIRO-775] - Excessive logging in jetty ContainerITs

[SHIRO-349] - Security: Byte arrays (and other memory) holding sensitive data (even temporarily) should be zerod-out

[SHIRO-512] - Race condition in Shiro’s web container session timeout handling

[SHIRO-537] - Class load issue in OSGI in ClassUtils

[SHIRO-610] - Incorrect filterchainResolver in 1.4.0-RC2

[SHIRO-632] - org.apache.felix:maven-bundle-plugin causing duplicate class problems between core and lang

[SHIRO-646] - Unable to login a DelegatingSubject on a DefaultWebSecurityManager

[SHIRO-654] - Multiple shiro OSGi bundles export the same packages

[SHIRO-678] - Strings garbled when POST without JSESSIONID cookie

[SHIRO-761] - Bad OSGi import for javax.annotation in shiro-guice

[SHIRO-762] - SecurityUtils.securityManager should be volatile

[SHIRO-766] - ArrayIndexOutOfBoundsException in Base64#decode

[SHIRO-767] - org.apache.shiro.util.ClassUtil cannot load the array of Primitive DataType when use undertown as web container

[SHIRO-774] - Remove wrong usage of prerequisites in pom.xml

[SHIRO-778] - onInit method on AuthenticatingRealm is called twice

[SHIRO-792] - ShiroWebFilterConfiguration seems to conflict with other FilterRegistrationBean

[SHIRO-797] - Shiro 1.7.0 is lower than using springboot version 2.0.7 dependency error

[SHIRO-812] - Key value separator in config is broken with escape char

[SHIRO-817] - CommonsInterpolator does not follow javadoc

[SHIRO-818] - JAX-RS ExceptionMapper returns wrong status code

[SHIRO-819] - Hasher Utility not executable

[SHIRO-825] - Trailing slash in URI results in "IllegalArgumentException: There is no configured chain under the name/key"

[SHIRO-845] - Dependencies for test-jars missing

[SHIRO-899] - Jakarta 9+ fails with Shiro native sesions

[SHIRO-902] - Separator conflict between PermissionUtils.resolveDelimitedPermissions() and WildcardPermission.SUBPART_DIVIDER_TOKEN

[SHIRO-897] - Group all Jakarta-EE related issues here

[SHIRO-206] - Support for JSF/Facelets

[SHIRO-290] - Create a BCrypt Hash implementation

[SHIRO-337] - adding support for CDI

[SHIRO-789] - Also add cookie SameSite option to Spring

[SHIRO-898] - Migrate Jakarta EE support from FlowLogix to Shiro

[SHIRO-216] - Add @Documented to Shiro authorization annotations

[SHIRO-398] - Inconsistent name for session validation interval property in different implementations

[SHIRO-478] - Upgrade dependencies on trunk

[SHIRO-551] - DelegatingSubject should implement toString()

[SHIRO-671] - Add support for javax.annotation.security.RolesAllowed, PermitAll, and DenyAll

[SHIRO-679] - Shiro modules have split packages

[SHIRO-708] - Remove deprecated shiro-cas module

[SHIRO-740] - SslFilter with HTTP Strict Transport Security (HSTS)

[SHIRO-750] - Migrate to jakarta APIs

[SHIRO-764] - Add IpFilter for restricting access IP ranges

[SHIRO-770] - Remove Base64

[SHIRO-771] - Add OpenJDK-OpenJ9 travis builds

[SHIRO-795] - Disable session path rewriting by default

[SHIRO-804] - Avoid conflicts with spring boot aop

[SHIRO-806] - Remove deprecated DefaultLdapContextFactory

[SHIRO-807] - Remove deprecated getLdapContext(String username, String password)

[SHIRO-811] - Convert AuthorizationFilterTest to using Mockito

[SHIRO-836] - Delete jsecurty-sample.jks

[SHIRO-838] - Create SHA512-Hashes

[SHIRO-840] - Java 17 compatibility

[SHIRO-846] - Creation of site takes very long time

[SHIRO-848] - Relative Path in pom.xml is not needed

[SHIRO-850] - The profile name jdk19-plus is misleading

[SHIRO-851] - Handling properties for compile/enconding vs. default configurations of plugins

[SHIRO-852] - Configuration for maven-release-plugin prepationGoal should be changed

[SHIRO-853] - Versions of maven-surefire/failsafe/report plugin are not in sync

[SHIRO-854] - Konfiguration includes/excludes maven-failsafe-plugin can be reduced to default

[SHIRO-860] - update logback to 1.2.10

[SHIRO-862] - Replace Google Analytics with Matomo for new Javadocs

[SHIRO-871] - ActiveDirectoryRealm - append suffix only if missing from username

[SHIRO-872] - fix Reproducible Builds issues

[SHIRO-884] - fix source jar Reproducible Builds issue

[SHIRO-885] - Use OWASP Java Encoder with OSGi manifest

[SHIRO-889] - Provide Jakarta jar modules

[SHIRO-890] - Avoid another proxy creator when @EnableAspectJAutoProxy enabled

[SHIRO-900] - Refactor of root POM (and update groovy to apache)

[SHIRO-776] - JUnit update to version 5

[SHIRO-777] - Remove PowerMock and update the enforcer exclusion list

[SHIRO-780] - NOTICE files of shiro components don’t match NOTICE in source code repository

[SHIRO-39] - JEE integration

[SHIRO-573] - Remove shiro-cas from master (2.0)

[SHIRO-768] - Remove the shiro-all module

[SHIRO-793] - deleteMe cookie should use the defined "sameSite"

[SHIRO-805] - Spelling

[SHIRO-841] - NullPointerException from SessionsSecurityManager.start()

[SHIRO-849] - Add support for JCache

[SHIRO-904] - Make JDK 11 base compatibility in Shiro 2.0

[SHIRO-765] - Upgrade to Apache Pom Parent 23

[SHIRO-785] - Upgrade to maven-bundle-plugin 5.1.1

[SHIRO-786] - Upgrade to Spring 5.2.8.RELEASE and Spring boot 2.3.2.RELEASE

[SHIRO-828] - aspectj-maven-plugin 1.14.0

[SHIRO-842] - shiro-web depends on older log4j

[SHIRO-878] - Update Spring Dependencies to 5.2.20

[SHIRO-882] - Upgrade to apache pom parent 26

[SHIRO-886] - Upgrade to commons configuration 2.8.0

[SHIRO-784] - Error creating bean with name 'org.apache.shiro.spring.web.config.ShiroWebFilterConfiguration': Unsatisfied dependency expressed through field 'filterMap';

[SHIRO-881] - pom.xml in samples/web may lack dependency