Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 17:22:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added info on project jars and downloads to manual

Browse Source
This commit is contained in:
Luke Taylor 2009-10-08 00:15:49 +00:00
parent 0e9452c17c
commit 523d5eac10
3 changed files with 140 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

95
docs/manual/src/docbook/community.xml
View File

@ -1,59 +1,50 @@
<chapter xmlns="http://docbook.org/ns/docbook" version="5.0" <chapter xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="community"
xml:id="community" xmlns:xlink="http://www.w3.org/1999/xlink">
xmlns:xlink="http://www.w3.org/1999/xlink" >
<info> <info>
<title>Spring Security Community</title></info> <title>Spring Security Community</title>
</info>
<section xml:id="jira">
<section xml:id="jira"> <info>
<info><title>Issue Tracking</title></info> <title>Issue Tracking</title>
</info>
<para>Spring Security uses JIRA to manage bug reports and enhancement <para>Spring Security uses JIRA to manage bug reports and enhancement requests. If you find
requests. If you find a bug, please log a report using JIRA. Do not a bug, please log a report using JIRA. Do not log it on the support forum, mailing list
log it on the support forum, mailing list or by emailing the project's or by emailing the project's developers. Such approaches are ad-hoc and we prefer to
developers. Such approaches are ad-hoc and we prefer to manage bugs manage bugs using a more formal process.</para>
using a more formal process.</para> <para>If possible, in your issue report please provide a JUnit test that demonstrates any
incorrect behaviour. Or, better yet, provide a patch that corrects the issue. Similarly,
<para>If possible, in your issue report please provide a JUnit test enhancements are welcome to be logged in the issue tracker, although we only accept
that demonstrates any incorrect behaviour. Or, better yet, provide a enhancement requests if you include corresponding unit tests. This is necessary to
patch that corrects the issue. Similarly, enhancements are welcome to ensure project test coverage is adequately maintained.</para>
be logged in the issue tracker, although we only accept enhancement requests <para>You can access the issue tracker at <link
if you include corresponding unit tests. This is necessary to ensure xlink:href="http://jira.springframework.org/browse/SEC"
project test coverage is adequately maintained.</para> >http://jira.springframework.org/browse/SEC</link>. </para>
</section>
<para>You can access the issue tracker at <section xml:id="becoming-involved">
<link xlink:href="http://jira.springframework.org/browse/SEC">http://jira.springframework.org/browse/SEC</link>. <info>
</para> <title>Becoming Involved</title>
</section> </info>
<para>We welcome your involvement in the Spring Security project. There are many ways of
<section xml:id="becoming-involved"> contributing, including reading the forum and responding to questions from other people,
<info><title>Becoming Involved</title></info> writing new code, improving existing code, assisting with documentation, developing
samples or tutorials, or simply making suggestions.</para>
<para>We welcome your involvement in Spring Security project. <!-- TODO: Not currently there on SSec 2.0
There are many ways of contributing, including reading the forum
and responding to questions from other people, writing new code,
improving existing code, assisting with documentation, developing
samples or tutorials, or simply making suggestions.</para>
<!-- TODO: Not currently there on SSec 2.0
<para>Please read our project policies web page that is available on <para>Please read our project policies web page that is available on
Spring Security home page. This explains the path to become a Spring Security home page. This explains the path to become a
committer, and the administration approaches we use within the committer, and the administration approaches we use within the
project.</para> project.</para>
--> -->
</section> </section>
<section xml:id="further-info">
<section xml:id="further-info"> <info>
<info><title>Further Information</title></info> <title>Further Information</title>
</info>
<para>Questions and comments on Spring Security are welcome. You can use the <para>Questions and comments on Spring Security are welcome. You can use the Spring
Spring Community Forum web site at Community Forum web site at <uri xlink:href="http://forum.springframework.org"
<uri xlink:href="http://forum.springframework.org">http://forum.springframework.org</uri> >http://forum.springsource.org</uri> to discuss Spring Security with other users of
to discuss Spring Security with other users of the framework. the framework. Remember to use JIRA for bug reports, as explained above. Everyone is
Remember to use JIRA for bug reports, as explained above. also welcome to join the Acegisecurity-developer mailing list and participate in design
Everyone is also welcome to join the Acegisecurity-developer mailing discussions. The traffic volume is very light.</para>
list and participate in design discussions. The </section>
traffic volume is very light.</para> </chapter>
</section>
</chapter>

118
docs/manual/src/docbook/introduction.xml
View File

@ -2,7 +2,7 @@
<chapter version="5.0" xml:id="introduction" xmlns="http://docbook.org/ns/docbook" <chapter version="5.0" xml:id="introduction" xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"> xmlns:xlink="http://www.w3.org/1999/xlink">
<title>Introduction</title> <title>Introduction</title>
<sect1 xml:id="what-is-acegi-security"> <section xml:id="what-is-acegi-security">
<title>What is Spring Security?</title> <title>What is Spring Security?</title>
<para>Spring Security provides comprehensive security services for J2EE-based enterprise <para>Spring Security provides comprehensive security services for J2EE-based enterprise
software applications. There is a particular emphasis on supporting projects built using software applications. There is a particular emphasis on supporting projects built using
@ -161,8 +161,8 @@
Specification web pattern security, EJB Container Managed Security and file system Specification web pattern security, EJB Container Managed Security and file system
security respectively. Spring Security provides deep capabilities in all of these security respectively. Spring Security provides deep capabilities in all of these
important areas, which we'll explore later in this reference guide.</para> important areas, which we'll explore later in this reference guide.</para>
</sect1> </section>
<sect1 xml:id="history"> <section xml:id="history">
<title>History</title> <title>History</title>
<para>Spring Security began in late 2003 as "The Acegi Security System for Spring". A <para>Spring Security began in late 2003 as "The Acegi Security System for Spring". A
question was posed on the Spring Developers' mailing list asking whether there had been question was posed on the Spring Developers' mailing list asking whether there had been
@ -181,7 +181,7 @@
Container Managed Security was relied upon for the authentication process, with Acegi Container Managed Security was relied upon for the authentication process, with Acegi
Security instead focusing on authorization. This was suitable at first, but as more and Security instead focusing on authorization. This was suitable at first, but as more and
more users requested additional container support, the fundamental limitation of more users requested additional container support, the fundamental limitation of
container-specific authentication realm interfaces was experienced. There was also a container-specific authentication realm interfaces became clear. There was also a
related issue of adding new JARs to the container's classpath, which was a common source related issue of adding new JARs to the container's classpath, which was a common source
of end user confusion and misconfiguration.</para> of end user confusion and misconfiguration.</para>
<para>Acegi Security-specific authentication services were subsequently introduced. Around a <para>Acegi Security-specific authentication services were subsequently introduced. Around a
@ -190,13 +190,13 @@
use in numerous production software projects and many hundreds of improvements and use in numerous production software projects and many hundreds of improvements and
community contributions.</para> community contributions.</para>
<para>Acegi Security became an official Spring Portfolio project towards the end of 2007 and <para>Acegi Security became an official Spring Portfolio project towards the end of 2007 and
was rebranded as "Spring Security".</para> was rebranded as <quote>Spring Security</quote>.</para>
<para>Today Spring Security enjoys a strong and active open source community. There are <para>Today Spring Security enjoys a strong and active open source community. There are
thousands of messages about Spring Security on the support forums. There is an active thousands of messages about Spring Security on the support forums. There is an active
core of developers work who work on the code itself and an active community which also core of developers who work on the code itself and an active community which also
regularly share patches and support their peers.</para> regularly share patches and support their peers.</para>
</sect1> </section>
<sect1 xml:id="release-numbering"> <section xml:id="release-numbering">
<title>Release Numbering</title> <title>Release Numbering</title>
<para>It is useful to understand how Spring Security release numbers work, as it will help <para>It is useful to understand how Spring Security release numbers work, as it will help
you identify the effort (or lack thereof) involved in migrating to future releases of you identify the effort (or lack thereof) involved in migrating to future releases of
@ -209,22 +209,88 @@
the API. MINOR versions retain source and binary compatibility with older minor the API. MINOR versions retain source and binary compatibility with older minor
versions, and changes in the PATCH level are perfectly compatible, forwards and versions, and changes in the PATCH level are perfectly compatible, forwards and
backwards.</quote></para> backwards.</quote></para>
</sect1> </section>
<sect1 xml:id="get-source"> <section xml:id="get-spring-security">
<title>Getting the Source</title> <title>Getting Spring Security</title>
<para> Since Spring Security is an Open Source project, we'd strongly encourage you to check <para>You can get hold of Spring Security in several ways. You can download a packaged
out the source code using subversion. This will give you full access to all the sample distribution from the main Spring <link
applications and you can build the most up to date version of the project easily. Having xlink:href="http://www.springsource.com/download/community?project=Spring%20Security"
the source for a project is also a huge help in debugging. Exception stack traces are no >download page</link>, download individual jars (and sample WAR files) from the
longer obscure black-box issues but you can get straight to the line that's causing the Maven Central repository (or a SpringSource Maven repository for snapshot and milestone
problem and work out what's happening. The source is the ultimate documentation for a releases). Alternatively, you can build the project from source yourself. See the
project and often the simplest place to find out how something actually works. </para> project web site for more details. </para>
<para> To obtain the source for the project trunk, use the following subversion command: <section xml:id="modules">
<programlisting> <title>Project Modules</title>
svn checkout https://src.springframework.org/svn/spring-security/trunk/ <para>In Spring Security 3.0, the codebase has been sub-divided into separate jars which
</programlisting> more clearly separate different functionaltiy areas and third-party dependencies. If
You can checkout specific versions from you are using Maven to build your project, then these are the modules you will add
<literal>https://src.springframework.org/svn/spring-security/tags/</literal>. to your <filename>pom.xml</filename>. Even if you're not using Maven, we'd recommend
</para> that you consult the <filename>pom.xml</filename> files to get an idea of
</sect1> third-party dependencies and versions. Alternatively, a good idea is to examine the
libraries that are included in the sample applications.</para>
<section xml:id="spring-security-core">
<title>Core - <literal>spring-security-core.jar</literal></title>
<para>Contains core authentication and access-contol classes and interfaces,
remoting support and basic provisioning APIs. Required by any application which
uses Spring Security. Supports standalone applications, remote clients, method
(service layer) security and JDBC user provisioning. Contains the top-level packages:<itemizedlist><listitem><para><literal>org.springframework.security.core</literal></para></listitem><listitem><para><literal>org.springframework.security.access</literal></para></listitem><listitem><para><literal>org.springframework.security.authentication</literal></para></listitem><listitem><para><literal>org.springframework.security.provisioning</literal></para></listitem><listitem><para><literal>org.springframework.security.remoting</literal></para></listitem></itemizedlist></para>
</section>
<section xml:id="spring-security-web">
<title>Web - <literal>spring-security-web.jar</literal></title>
<para>Contains filters and related web-security infrastructure code. Anything with a
servlet API dependency. You'll need it if you require Spring Security web
authentication services and URL-based access-control. The main package is
<literal>org.springframework.security.web</literal>.</para>
</section>
<section xml:id="spring-security-config">
<title>Config - <literal>spring-security-config.jar</literal></title>
<para>Contains the security namespace parsing code (and hence nothing that you are
likely yo use directly in your application). You need it if you are using the
Spring Security XML namespace for configuration. The main package is
<literal>org.springframework.security.config</literal>.</para>
</section>
<section xml:id="spring-security-ldap">
<title>LDAP - <literal>spring-security-ldap.jar</literal></title>
<para>LDAP authentication and provisioning code. Required if you need to use LDAP
authentication or manage LDAP user entries. The top-level package is
<literal>org.springframework.security.ldap</literal>.</para>
</section>
<section xml:id="spring-security-acl">
<title>ACL - <literal>spring-security-acl.jar</literal></title>
<para>Specialized domain object ACL implementation. Used to apply security to
specific domain object instances within your application. The top-level package
is <literal>org.springframework.security.acls</literal>.</para>
</section>
<section xml:id="spring-security-cas">
<title>CAS - <literal>spring-security-cas-client.jar</literal></title>
<para>Spring Security's CAS client integration. If you want to use Spring Security
web authentication with a CAS single sign-on server. The top-level package is
<literal>org.springframework.security.cas</literal>.</para>
</section>
<section xml:id="spring-security-openid">
<title>OpenID - <literal>spring-security-openid.jar</literal></title>
<para>OpenID web authentication support. Used to authenticate users against an
external OpenID server. <literal>org.springframework.security.openid</literal>.
Requires OpenID4Java.</para>
</section>
</section>
<section xml:id="get-source">
<title>Checking out the Source</title>
<para> Since Spring Security is an Open Source project, we'd strongly encourage you to
check out the source code using subversion. This will give you full access to all
the sample applications and you can build the most up to date version of the project
easily. Having the source for a project is also a huge help in debugging. Exception
stack traces are no longer obscure black-box issues but you can get straight to the
line that's causing the problem and work out what's happening. The source is the
ultimate documentation for a project and often the simplest place to find out how
something actually works. </para>
<para> To obtain the source for the project trunk, use the following subversion command:
<programlisting>
svn checkout https://src.springframework.org/svn/spring-security/trunk/
</programlisting>
You can checkout specific versions from
<literal>https://src.springframework.org/svn/spring-security/tags/</literal>.
</para>
</section>
</section>
</chapter> </chapter>

7
docs/manual/src/docbook/springsecurity.xml
View File

@ -76,7 +76,10 @@
approach where you have to wire up all the implementation classes individually. </para> approach where you have to wire up all the implementation classes individually. </para>
<para> We'll also take a look at the sample applications that are available. It's worth trying <para> We'll also take a look at the sample applications that are available. It's worth trying
to run these and experimenting with them a bit even before you read the later sections - you to run these and experimenting with them a bit even before you read the later sections - you
can dip back into them as your understanding of the framework increases. </para> can dip back into them as your understanding of the framework increases. Please also check
out the <link xlink:href="http://static.springsource.org/spring-security/site/index.html">project website</link> as
it has useful information on building the project, plus links to articles, videos and tutorials.
</para>
</partintro> </partintro>
<xi:include href="introduction.xml"/> <xi:include href="introduction.xml"/>
<xi:include href="namespace-config.xml"/> <xi:include href="namespace-config.xml"/>
@ -112,7 +115,7 @@
<xi:include href="core-filters.xml"/> <xi:include href="core-filters.xml"/>
<xi:include href="basic-and-digest-auth.xml"/> <xi:include href="basic-and-digest-auth.xml"/>
<xi:include href="remember-me-authentication.xml"/> <xi:include href="remember-me-authentication.xml"/>
<xi:include href="concurrent-sessions.xml"/> <xi:include href="session-mgmt.xml"/>
<xi:include href="anon-auth-provider.xml"/> <xi:include href="anon-auth-provider.xml"/>
</part> </part>
<!-- <!--