The new Silhouette 5.0 version depends on Play 2.6. So please visit the Play 2.6 Migration Guide for more information.
If you migrate from version 3.0 to 4.0 please refer to the 4.0 migration guide.
The Play team has removed a lot of global state in the 2.6 release. Therefore it's now required to inject cookie and session based functionality provided by Play. This means that the
CookieAuthenticatorService needs now the
CookieHeaderEncoding implementation and the
SessionAuthenticatorService needs now the
SessionCookieBaker implementation injected.
With the release of Play 2.6 there is now a sync and an async cache API available for Play. Silhouette has already used an async approach for the cache layer, so it now depends on the
AsyncCacheApi of Play. The
PlayCacheLayer interface hasn't changed. It's only the dependency to the Play cache API which has changed.
The Play team has removed request tags in favor of request attributes. These attributes cannot be used with the
RequestExtractor because a TypedKey uses reference equality for comparisons. This means that each new instance is a different key. The
RequestExtractor interface uses strings as key and therefore we must create a new instance of a
TypedKey from this string key. This makes it impossible to extract keys from a
CookieSigner has been renamed to
Signer because the same functionality is also needed to sign the OAuth2 state.
OAuth2StateProvider has been removed in favor of a new social state implementation called
SocialStateProvider. This implementation can now handle custom user state. Please read the documentation for more information.
A new password hasher has been implemented to support password lengths greater than 72 characters. Please read the documentation for more information.