0.4.0 (Released 2008-01-26)

• upgraded restlet jars
• fixes for server bind issues when running with jsvc
• added password recovery support
• added ability to control whether a session is created and its expiration

0.5.0 (February 2008)

• add ability to assign a URI path a set of required permissions
• URI path permission checking per user based on session or via authenticated

realm administrator (e.g. /auth/check/s/{session}/{path} or /check/{path} )

0.6.0 (May 2008)

• add the 'across-realm' permission and 'any-realm' role
• Allow any global user with the 'across-realm' permission to authenticate for any realm.
• differentiate between global users with aliases and those without by adding a /all suffix to /admin/users