After more than two and a half years of development, I am delighted to announce that Acegi Security 1.0.0 is now officially released.

Download | Documentation | Changelog 

In addition to more than 80 improvements and fixes since 1.0.0 RC2, this new release includes several changes to help new users. This entails a significant restructure and expansion of the reference guide (now at more than 90 pages) and a new "bare bones" tutorial sample application.

Furthermore, many of the frequently-identified problems experienced by new users have been addressed, such as:

• custom 403 messages (as opposed to using the Servlet Container's error handler)
• detecting corrupt property input following the reformatting of XML files
• a new logout filter. 

We've also refactored our LDAP services, made the SecurityContextHolder a pluggable strategy (especially useful for rich clients who wish to avoid ThreadLocal), and improved CAS support.

Please visit here for a detailed changelog. As always, detailed upgrade instructions are included in the release ZIP file.

The project's web site at http://acegisecurity.org provides additional information on Acegi Security's features, access to online documentation, and links to download the latest release. I will also be providing a presentation on Acegi Security at SpringOne next month, so I hope to see you there.