From 94b78680392beaff6094ba149bd3677cb32658db Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Mon, 14 Feb 2011 21:17:16 +0000 Subject: [PATCH] SEC-1675: Add missing body-content elements to tag descriptor and update it to use 2.0 tag library schema. --- .../web/src/main/webapp/WEB-INF/security.tld | 114 +++++++++--------- .../src/main/resources/META-INF/security.tld | 114 +++++++++--------- 2 files changed, 118 insertions(+), 110 deletions(-) diff --git a/itest/web/src/main/webapp/WEB-INF/security.tld b/itest/web/src/main/webapp/WEB-INF/security.tld index bd945bae1f..ce94181785 100644 --- a/itest/web/src/main/webapp/WEB-INF/security.tld +++ b/itest/web/src/main/webapp/WEB-INF/security.tld @@ -1,174 +1,178 @@ - - - 1.0 - 1.2 + + + Spring Security Authorization Tag Library + + 3.1 security http://www.springframework.org/security/tags - - Spring Security Authorization Tag Library - - authorize - org.springframework.security.taglibs.authz.JspAuthorizeTag A tag which outputs the body of the tag if the configured access expression evaluates to true for the currently authenticated principal. + authorize + org.springframework.security.taglibs.authz.JspAuthorizeTag + JSP - access - false - true A Spring-EL expression which is supported by the WebSecurityExpressionHandler in the application context. The latter will be used to evaluate the expression. + access + false + true - url - false - true A URL within the application. If the user has access to this URL (as determined by the AccessDecisionManager), the tag body will be evaluated. If not, it will be skipped. + url + false + true - method - false - false Can optionally be used to narrow down the HTTP method (typically GET or POST) to which the URL applies to. Only has any meaning when used in combination with the "url" attribute. + method + false + false - var - false - false A page scoped variable into which the boolean result of the tag evaluation will be written, allowing the same condition to be reused subsequently in the page without re-evaluation. + var + false + false - ifNotGranted - false - true A comma separated list of roles which the user must not have for the body to be output. Deprecated in favour of the access expression. + ifNotGranted + false + true - ifAllGranted - false - true A comma separated list of roles which the user must all possess for the body to be output. Deprecated in favour of the access expression. + ifAllGranted + false + true - ifAnyGranted - false - true A comma separated list of roles, one of which the user must possess for the body to be output. Deprecated in favour of the access expression. + ifAnyGranted + false + true - authentication - org.springframework.security.taglibs.authz.AuthenticationTag Allows access to the current Authentication object. + authentication + org.springframework.security.taglibs.authz.AuthenticationTag + empty - property - true - true Property of the Authentication object which should be output. Supports nested properties. For example if the principal object is an instance of UserDetails, the property "principal.username" will return the username. Alternatively, using "name" will call getName method on the Authentication object directly. + property + true + true - var - false - false Name of the exported scoped variable which will contain the evaluated property of the Authentication object. + var + false + false - Set HTML escaping for this tag, as a boolean value. + + Set HTML escaping for this tag, as a boolean value. + htmlEscape false true - scope - false - false Scope for var. + scope + false + false - accesscontrollist - org.springframework.security.taglibs.authz.AccessControlListTag Allows inclusion of a tag body if the current Authentication has one of the specified permissions to the presented domain object instance. + accesscontrollist + org.springframework.security.taglibs.authz.AccessControlListTag + JSP - hasPermission - true - true A comma separated list of permissions, which will be converted to Permission instances by the configured PermissionFactory. - - - domainObject + hasPermission true true + + The actual domain object instance for which permissions are being evaluated. + domainObject + true + true - var - false - false A page scoped variable into which the boolean result of the tag evaluation will be written, allowing the same condition to be reused subsequently in the page without re-evaluation. + var + false + false diff --git a/taglibs/src/main/resources/META-INF/security.tld b/taglibs/src/main/resources/META-INF/security.tld index 5d8e4fc9b0..ce94181785 100644 --- a/taglibs/src/main/resources/META-INF/security.tld +++ b/taglibs/src/main/resources/META-INF/security.tld @@ -1,174 +1,178 @@ - - - 1.1.1 - 1.2 + + + Spring Security Authorization Tag Library + + 3.1 security http://www.springframework.org/security/tags - - Spring Security Authorization Tag Library - - authorize - org.springframework.security.taglibs.authz.JspAuthorizeTag A tag which outputs the body of the tag if the configured access expression evaluates to true for the currently authenticated principal. + authorize + org.springframework.security.taglibs.authz.JspAuthorizeTag + JSP - access - false - true A Spring-EL expression which is supported by the WebSecurityExpressionHandler in the application context. The latter will be used to evaluate the expression. + access + false + true - url - false - true A URL within the application. If the user has access to this URL (as determined by the AccessDecisionManager), the tag body will be evaluated. If not, it will be skipped. + url + false + true - method - false - false Can optionally be used to narrow down the HTTP method (typically GET or POST) to which the URL applies to. Only has any meaning when used in combination with the "url" attribute. + method + false + false - var - false - false A page scoped variable into which the boolean result of the tag evaluation will be written, allowing the same condition to be reused subsequently in the page without re-evaluation. + var + false + false - ifNotGranted - false - true A comma separated list of roles which the user must not have for the body to be output. Deprecated in favour of the access expression. + ifNotGranted + false + true - ifAllGranted - false - true A comma separated list of roles which the user must all possess for the body to be output. Deprecated in favour of the access expression. + ifAllGranted + false + true - ifAnyGranted - false - true A comma separated list of roles, one of which the user must possess for the body to be output. Deprecated in favour of the access expression. + ifAnyGranted + false + true - authentication - org.springframework.security.taglibs.authz.AuthenticationTag Allows access to the current Authentication object. + authentication + org.springframework.security.taglibs.authz.AuthenticationTag + empty - property - true - true Property of the Authentication object which should be output. Supports nested properties. For example if the principal object is an instance of UserDetails, the property "principal.username" will return the username. Alternatively, using "name" will call getName method on the Authentication object directly. + property + true + true - var - false - false Name of the exported scoped variable which will contain the evaluated property of the Authentication object. + var + false + false + + Set HTML escaping for this tag, as a boolean value. + htmlEscape false true - Set HTML escaping for this tag, as a boolean value. - scope - false - false Scope for var. + scope + false + false - accesscontrollist - org.springframework.security.taglibs.authz.AccessControlListTag Allows inclusion of a tag body if the current Authentication has one of the specified permissions to the presented domain object instance. + accesscontrollist + org.springframework.security.taglibs.authz.AccessControlListTag + JSP - hasPermission - true - true A comma separated list of permissions, which will be converted to Permission instances by the configured PermissionFactory. - - - domainObject + hasPermission true true + + The actual domain object instance for which permissions are being evaluated. + domainObject + true + true - var - false - false A page scoped variable into which the boolean result of the tag evaluation will be written, allowing the same condition to be reused subsequently in the page without re-evaluation. + var + false + false