17c2a18fee
SEC-2269: Fix CSRF link in appendix
2013-08-21 10:01:19 -05:00
0247dd124f
SEC-2271: LogoutConfigurer#logoutUrl explains about CSRF
2013-08-21 06:58:09 -05:00
a3a432f7b6
SEC-2269: Fix additional links
2013-08-20 14:02:33 -05:00
3b2156969d
SEC-2269: Fix headers link
2013-08-20 10:06:00 -05:00
f707101fdb
SEC-2269: Fix headers documentation
2013-08-20 10:03:31 -05:00
eb95c500f5
Remove dockbook-reference from guides
2013-08-20 10:02:55 -05:00
110e769bd4
SEC-2257: Remove HttpSecurityBuilder#getAuthenticationManager()
...
Removed in favor of using shared object.
2013-08-19 15:22:04 -05:00
8b1ab4e85f
SEC-2260 - update pom/gradle to use current cas client library
2013-08-19 15:22:04 -05:00
658a93178c
SEC-2252: Add custom form guide
2013-08-19 15:22:04 -05:00
51b9c4a19a
Hide logout in main.jsp if not logged in
2013-08-17 14:38:39 -05:00
5fe32bb3c8
SEC-2216: Add withObjectPostProcessor
2013-08-16 15:38:58 -05:00
d62c2e0835
SEC-2244: Defaults based on loginPage are now updated when loginPage changes
2013-08-16 14:48:45 -05:00
e0cad0d684
SEC-2230: Fix Header tests
2013-08-15 16:52:58 -05:00
2e852f4613
SEC-2230: Remove stray import
2013-08-15 16:34:31 -05:00
a469f26b10
SEC-2230: Polish Headers JavaConfig
2013-08-15 16:31:43 -05:00
e9bb9e766e
SEC-1574: Add CSRF Support
2013-08-15 14:49:21 -05:00
5f35d9e3ec
SEC-2135: Document HttpServletRequest.changeSessionId() support
2013-08-15 13:59:16 -05:00
797df51264
SEC-2135: Support HttpServletRequest#changeSessionId()
2013-08-15 13:59:16 -05:00
75fb971d23
SEC-2221: Fix the ignored media types to use includes instead of equals
2013-08-15 13:59:15 -05:00
54c2166567
SEC-2194: Remove unnecessary MessageSecurityWebApplicationInitializer from helloworld
2013-08-15 12:50:41 -05:00
fea4d01aad
SEC-2194: hello samples displays username and logout properly
2013-08-15 12:50:41 -05:00
b5ecaf61ed
SEC-2194: Remove samples errors/tabs folders
2013-08-15 12:50:41 -05:00
f036970f8b
SEC-2194: Add margin to links in header of samples
2013-08-15 12:50:41 -05:00
2feded5fc5
SEC-2194: Update samples to have jsp-api
2013-08-15 12:50:40 -05:00
485676be8c
SEC-2251: Polish Hello World guides
...
* Correct how to add username and logout to mvc
* Externalize :revnumber:
2013-08-15 12:50:40 -05:00
22e4d1646a
SEC-2194: Remove login page from hellomvc and insecuremvc
2013-08-15 12:50:40 -05:00
13da42ca1b
SEC-2137: Allow disabling session fixation and enable concurrency control
2013-08-15 12:50:40 -05:00
867f02e8ac
SEC-2249: AbstractSecurityWebApplicationInitializer does not delegate WebApplicationInitializer
...
Previously AbstractSecurityWebApplicationInitializer delegated to a
WebApplicationInitializer, but it caused issues in some instances where
a container would pass the annonymous inner class to
SpringServletContainerInitializer which caused errors on startup.
Now AbstractSecurityWebApplicationInitializer registers the
ContextLoaderListener on its own instead of delegating.
2013-08-15 12:49:44 -05:00
e1dfa81a0f
GRADLE-1116: Add back workaround for depending on test sources
2013-08-13 09:13:02 -05:00
337c3cf96c
SEC-2255: Update to Gradle 1.7
2013-08-08 16:31:36 -05:00
54bf6c846b
SEC-2097: Remove configure() blocks from gradle/*.gradle
2013-08-08 16:29:43 -05:00
e0cb931f69
SEC-2251: Create Hello World Java Configuration guides
2013-08-08 14:34:50 -05:00
e8278f3b9b
SEC-2249: AbstractSecurityWebApplicationInitializer allows register config
2013-08-08 14:33:54 -05:00
976d9a9016
SEC-2194: Polish java config sample apps
2013-08-08 14:33:54 -05:00
d20a8e0373
SEC-2245: Cast to interface instead of implementation
...
Makes our life easier when we want to override the
MethodSecurityExpressionRoot.
2013-08-05 17:07:12 -05:00
1f86d5dad9
SEC-2097: Add Tomcat Gradle plugin
2013-08-05 16:49:34 -05:00
343a76de13
Use eclipse-wtp instead of eclipse in java projects
2013-08-05 16:49:34 -05:00
6a1a6b080f
No longer using Eclipse classpath container, so remove workarounds for it
2013-08-05 16:49:34 -05:00
ab2b461075
Gradle workaround for test source being deployed
2013-08-05 16:49:34 -05:00
9d58317731
Use included configuration instead of sourceSets.main.output
...
Previously the crypto module was not exported in Eclipse because it was
listed as a test dependency to have it added as a dependency. Note that
this was all to work around GRADLE-1116
Now we add an included configuration that is exported for Eclipse, but not
added to the Maven pom (since all the crypto module is included in core).
2013-08-05 16:49:34 -05:00
51a48fa9fa
Allow import without Eclipse dependency management
...
This adds a .classpath file that contains no source folders to ensure
that the projects that are not java projects work. The projects still
require a java project nature to add the gradle project nature.
2013-08-05 16:49:34 -05:00
fdb73fac23
Remove @Override from interface define methods
2013-08-05 16:49:33 -05:00
b13b87a1e7
Remove @Override from methods that override interfaces
...
Ensure JDK5 compatibility
2013-08-05 16:49:33 -05:00
388a4dd9db
SEC-2194: Add Java Config samples
2013-08-05 16:49:33 -05:00
36418b964d
Remove samples/runall.sh
2013-08-01 13:19:21 -05:00
333a7291a4
SEC-2242: Fixed typo in technical overview
...
Changed "source source" to "source"
2013-08-01 13:02:56 -05:00
2266f0ca3f
SEC-2238: Polish
2013-08-01 11:57:32 -05:00
2fef79f3d2
SEC-2238: WebAsyncManagerIntegrationFilter Java Config
2013-08-01 11:40:34 -05:00
e242aeff3e
SEC-2230: Polish and clickjacking demo
2013-08-01 10:19:36 -05:00
8c3ac719bb
SEC-2230: Added testing certificates
2013-08-01 09:48:09 -05:00
Rob Winch
Hans-Joachim Kliemeck
beamerblvd
Guillaume Smet
Asaf David