diff --git a/core/src/main/java/org/springframework/security/config/AnnotationDrivenBeanDefinitionParser.java b/core/src/main/java/org/springframework/security/config/AnnotationDrivenBeanDefinitionParser.java
index 5c69378be8..e05eb9440a 100644
--- a/core/src/main/java/org/springframework/security/config/AnnotationDrivenBeanDefinitionParser.java
+++ b/core/src/main/java/org/springframework/security/config/AnnotationDrivenBeanDefinitionParser.java
@@ -25,8 +25,8 @@ import org.w3c.dom.Element;
class AnnotationDrivenBeanDefinitionParser implements BeanDefinitionParser {
public static final String SECURITY_ANNOTATION_ATTRIBUTES_CLASS = "org.springframework.security.annotation.SecurityAnnotationAttributes";
public static final String JSR_250_SECURITY_ANNOTATION_ATTRIBUTES_CLASS = "org.springframework.security.annotation.Jsr250SecurityAnnotationAttributes";
- private static final String ATT_ACCESS_MGR = "access-decision-manager";
- private static final String ATT_USE_JSR250 = "jsr250";
+ private static final String ATT_ACCESS_MGR = "access-decision-manager-ref";
+ private static final String ATT_USE_JSR250 = "jsr250";
public BeanDefinition parse(Element element, ParserContext parserContext) {
String className = "true".equals(element.getAttribute(ATT_USE_JSR250)) ?
@@ -55,7 +55,7 @@ class AnnotationDrivenBeanDefinitionParser implements BeanDefinitionParser {
String accessManagerId = element.getAttribute(ATT_ACCESS_MGR);
if (!StringUtils.hasText(accessManagerId)) {
- ConfigUtils.registerDefaultAccessManagerIfNecessary(parserContext);
+ ConfigUtils.registerDefaultAccessManagerIfNecessary(parserContext);
accessManagerId = BeanIds.ACCESS_MANAGER;
}
diff --git a/core/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java b/core/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java
index 42fa72022d..4d44fa564e 100644
--- a/core/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java
+++ b/core/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java
@@ -79,7 +79,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
static final String ATT_SERVLET_API_PROVISION = "servlet-api-provision";
static final String DEF_SERVLET_API_PROVISION = "true";
- static final String ATT_ACCESS_MGR = "access-decision-manager";
+ static final String ATT_ACCESS_MGR = "access-decision-manager-ref";
public BeanDefinition parse(Element element, ParserContext parserContext) {
BeanDefinitionRegistry registry = parserContext.getRegistry();
diff --git a/core/src/main/java/org/springframework/security/config/JdbcUserServiceBeanDefinitionParser.java b/core/src/main/java/org/springframework/security/config/JdbcUserServiceBeanDefinitionParser.java
index ba298f510e..0e3b9d6b4b 100644
--- a/core/src/main/java/org/springframework/security/config/JdbcUserServiceBeanDefinitionParser.java
+++ b/core/src/main/java/org/springframework/security/config/JdbcUserServiceBeanDefinitionParser.java
@@ -10,7 +10,7 @@ import org.w3c.dom.Element;
* @version $Id$
*/
public class JdbcUserServiceBeanDefinitionParser extends AbstractUserDetailsServiceBeanDefinitionParser {
- static final String ATT_DATA_SOURCE = "data-source";
+ static final String ATT_DATA_SOURCE = "data-source-ref";
protected Class getBeanClass(Element element) {
return JdbcUserDetailsManager.class;
diff --git a/core/src/main/java/org/springframework/security/config/RememberMeBeanDefinitionParser.java b/core/src/main/java/org/springframework/security/config/RememberMeBeanDefinitionParser.java
index 5fb059aa57..66ba6b2c37 100644
--- a/core/src/main/java/org/springframework/security/config/RememberMeBeanDefinitionParser.java
+++ b/core/src/main/java/org/springframework/security/config/RememberMeBeanDefinitionParser.java
@@ -24,9 +24,9 @@ import org.w3c.dom.Element;
public class RememberMeBeanDefinitionParser implements BeanDefinitionParser {
static final String ATT_KEY = "key";
static final String DEF_KEY = "doesNotMatter";
-
+
static final String ATT_DATA_SOURCE = "data-source";
- static final String ATT_TOKEN_REPOSITORY = "token-repository";
+ static final String ATT_TOKEN_REPOSITORY = "token-repository-ref";
protected final Log logger = LogFactory.getLog(getClass());
public BeanDefinition parse(Element element, ParserContext parserContext) {
@@ -70,14 +70,14 @@ public class RememberMeBeanDefinitionParser implements BeanDefinitionParser {
isPersistent = false;
services = new RootBeanDefinition(TokenBasedRememberMeServices.class);
}
-
+
if (!StringUtils.hasText(key) && !isPersistent) {
key = DEF_KEY;
}
BeanDefinition authManager = ConfigUtils.registerProviderManagerIfNecessary(parserContext);
BeanDefinition provider = new RootBeanDefinition(RememberMeAuthenticationProvider.class);
-
+
provider.getPropertyValues().addPropertyValue(ATT_KEY, key);
services.getPropertyValues().addPropertyValue(ATT_KEY, key);
diff --git a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
index 276eab5423..a8cfe14b31 100644
--- a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
+++ b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
@@ -93,7 +93,9 @@ annotation-driven =
annotation-driven.attlist &=
## Specifies that JSR-250 style attributes are to be used (for example "RolesAllowed" instead of "Secured"). This will require the javax.annotation.security classes on the classpath. Defaults to false.
attribute jsr250 {"true" | "false" }?
-
+annotation-driven.attlist &=
+ ## Optional AccessDecisionManager bean ID to override the default.
+ attribute access-decision-manager-ref {xsd:string}?
http =
## Container element for HTTP security configuration
@@ -115,7 +117,7 @@ http.attlist &=
attribute servlet-api-provision {"true" | "false"}?
http.attlist &=
## Optional attribute specifying the ID of the AccessDecisionManager implementation which should be used for authorizing HTTP requests.
- attribute access-decision-manager {xsd:string}?
+ attribute access-decision-manager-ref {xsd:string}?
http.attlist &=
## Optional attribute specifying the realm name that will be used for all authentication features that require a realm name (eg BASIC and Digest authentication). If unspecified, defaults to "Spring Security Application".
attribute realm {xsd:string}?
@@ -198,7 +200,7 @@ concurrent-sessions.attlist &=
remember-me =
element remember-me {remember-me.attlist}
remember-me.attlist &=
- (attribute key {xsd:string} | (attribute token-repository {xsd:string} | attribute data-source {xsd:string}))
+ (attribute key {xsd:string} | (attribute token-repository-ref {xsd:string} | attribute data-source-ref {xsd:string}))
anonymous =
## Adds support for automatically granting all anonymous web requests a particular principal identity and a corresponding granted authority.
@@ -257,7 +259,7 @@ jdbc-user-service =
element jdbc-user-service {id? & jdbc-user-service.attlist}
jdbc-user-service.attlist &=
## The bean ID of the DataSource which provides the required tables.
- attribute data-source {xsd:string}
+ attribute data-source-ref {xsd:string}
user-filter =
diff --git a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd
index ce5bba3145..85b62961ba 100644
--- a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd
+++ b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd
@@ -244,6 +244,11 @@
+
+
+ Optional AccessDecisionManager bean ID to override the default.
+
+
@@ -320,7 +325,7 @@
-
+
Optional attribute specifying the ID of the AccessDecisionManager implementation which should be used for authorizing HTTP requests.
@@ -493,8 +498,8 @@
-
-
+
+
@@ -623,7 +628,7 @@
-
+
The bean ID of the DataSource which provides the required tables.
diff --git a/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java b/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java
index b61cc6e2b2..6316a8c395 100644
--- a/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java
+++ b/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java
@@ -9,6 +9,7 @@ import org.springframework.security.ui.ExceptionTranslationFilter;
import org.springframework.security.ui.basicauth.BasicProcessingFilter;
import org.springframework.security.ui.logout.LogoutFilter;
import org.springframework.security.ui.rememberme.RememberMeProcessingFilter;
+import org.springframework.security.ui.rememberme.PersistentTokenBasedRememberMeServices;
import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
import org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter;
import org.springframework.security.util.FilterChainProxy;
@@ -191,6 +192,19 @@ public class HttpSecurityBeanDefinitionParserTests {
assertEquals("userFilter", ((OrderedFilterBeanDefinitionDecorator.OrderedFilterDecorator)filters.get(10)).getBeanName());
}
+ @Test
+ public void rememberMeServiceWorksWithTokenRepoRef() {
+ setContext(
+ "" +
+ " " +
+ "" +
+ " " + AUTH_PROVIDER_XML);
+ Object rememberMeServices = appContext.getBean(BeanIds.REMEMBER_ME_SERVICES);
+
+ assertTrue(rememberMeServices instanceof PersistentTokenBasedRememberMeServices);
+ }
+
private void setContext(String context) {
appContext = new InMemoryXmlApplicationContext(context);
}
diff --git a/core/src/test/resources/org/springframework/security/config/http-security.xml b/core/src/test/resources/org/springframework/security/config/http-security.xml
index e4b0577c27..7511f376c6 100644
--- a/core/src/test/resources/org/springframework/security/config/http-security.xml
+++ b/core/src/test/resources/org/springframework/security/config/http-security.xml
@@ -7,9 +7,9 @@
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
-
-
-
+
+
+
@@ -20,33 +20,32 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
-
+
-
+
-
+
-
-
+
+
-
+
-
+
-
-
+
+
-
-
+
\ No newline at end of file
diff --git a/core/src/test/resources/org/springframework/security/config/jdbc-user-details.xml b/core/src/test/resources/org/springframework/security/config/jdbc-user-details.xml
index e0e8c04d48..de17637e09 100644
--- a/core/src/test/resources/org/springframework/security/config/jdbc-user-details.xml
+++ b/core/src/test/resources/org/springframework/security/config/jdbc-user-details.xml
@@ -17,8 +17,8 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
-
+
-
+
\ No newline at end of file
diff --git a/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
index ea1f7dd703..9b69c7ee26 100644
--- a/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
+++ b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
@@ -128,7 +128,7 @@
-
+