SEC-1284: Added proxy-target-class attribute to method security namespace

2025-06-27 06:12:27 +00:00 · 2009-11-17 16:19:05 +00:00 · 2009-11-17 16:19:05 +00:00 · 9eae7b899c
commit 9eae7b899c
parent d84542cf88
3 changed files with 6 additions and 3 deletions
--- a/config/src/main/resources/org/springframework/security/config/spring-security-3.0.rnc
+++ b/config/src/main/resources/org/springframework/security/config/spring-security-3.0.rnc
@ -206,7 +206,9 @@ global-method-security.attlist &=
 global-method-security.attlist &=
    ## Allows the advice "order" to be set for the method security interceptor.
    attribute order {xsd:token}?
-    
+global-method-security.attlist &=
+    attribute proxy-target-class {boolean}?
+
 after-invocation-provider =
    ## Allows addition of extra AfterInvocationProvider beans which should be called by the MethodSecurityInterceptor created by global-method-security.
    element after-invocation-provider {ref} 
@ -325,7 +327,7 @@ logout.attlist &=
 logout.attlist &=
 	## Specifies whether a logout also causes HttpSession invalidation, which is generally desirable. If unspecified, defaults to true.
    attribute invalidate-session {boolean}?
-    
+
 request-cache =
    ## Allow the RequestCache used for saving requests during the login process to be set
    element request-cache {ref}
--- a/config/src/main/resources/org/springframework/security/config/spring-security-3.0.xsd
+++ b/config/src/main/resources/org/springframework/security/config/spring-security-3.0.xsd
@ -538,6 +538,7 @@
        <xs:documentation>Allows the advice "order" to be set for the method security interceptor.</xs:documentation>
      </xs:annotation>
    </xs:attribute>
+    <xs:attribute name="proxy-target-class" type="security:boolean"/>
  </xs:attributeGroup>
  
  
--- a/config/src/test/java/org/springframework/security/config/method/GlobalMethodSecurityBeanDefinitionParserTests.java
+++ b/config/src/test/java/org/springframework/security/config/method/GlobalMethodSecurityBeanDefinitionParserTests.java
@ -48,7 +48,7 @@ public class GlobalMethodSecurityBeanDefinitionParserTests {
    public void loadContext() {
        setContext(
                "<b:bean id='target' class='org.springframework.security.access.annotation.BusinessServiceImpl'/>" +
-                "<global-method-security order='1001'>" +
+                "<global-method-security order='1001' proxy-target-class='false' >" +
                "    <protect-pointcut expression='execution(* *.someUser*(..))' access='ROLE_USER'/>" +
                "    <protect-pointcut expression='execution(* *.someAdmin*(..))' access='ROLE_ADMIN'/>" +
                "</global-method-security>" + ConfigTestUtils.AUTH_PROVIDER_XML