The goal of this release is to continue adding features and evolving the API. A number of those had been discussed and even had prototype implementations during the development of the previous version, but didn't make it in.
Extended authentication mechanisms:
* Authentication mechanism per URL SECURIY #86
* User choice of authentication mechanism (login with provider X, login with provider Y, etc)
* Multiple authentication mechanisms (try JWT, fallback to BASIC, etc)
* @RolesAllowed alternative
* Easily adding an interceptor to a build-in CDI bean blog
* Authorization modules blog