Rob Winch
0e36f85dab
SEC-3019: Java Config for Http Basic supports Rememberme
2015-07-16 11:12:44 -05:00
Rob Winch
b96cee7950
SEC-2984: WithMockUser authorities doc
2015-07-16 08:48:53 -05:00
Rob Winch
64938ebcfc
SEC-2996: Suport configuring SecurityExpressionHandler<Message<Object>>
2015-07-13 22:45:35 -05:00
Rob Winch
a46ad0f446
SEC-2951: Polish
2015-04-30 09:52:52 -05:00
Gunnar Hillert
013177c644
SEC-2951: Document Logouthandler and LogoutSuccesshandler
...
Jira: https://jira.spring.io/browse/SEC-2951
2015-04-30 09:37:17 -05:00
Rob Winch
600927def6
SEC-2952: Document Spring Security leveraging WebMvcConfigurerAdapter
2015-04-29 10:18:02 -05:00
Rob Winch
1087d19346
SEC-2933: Update ProviderManager reference XML to use constructor
2015-04-20 15:57:04 -05:00
Rob Winch
67762321f8
SEC-2920: Fix tickets resolved link in reference
2015-04-20 15:14:40 -05:00
Rob Winch
c94a5cf8e2
SEC-2916: disable-url-rewriting=true by default
2015-03-25 13:14:15 -05:00
Rob Winch
0a2e496a84
SEC-2915: groovy/gradle spaces->tabs
2015-03-25 13:08:59 -05:00
Rob Winch
cf9f58a4ac
SEC-2915: XML spaces->tabs
2015-03-25 13:08:52 -05:00
Rob Winch
8105b05dd0
SEC-2782: Migrate guide links include "current" in URL
2015-03-23 09:33:00 -05:00
Rob Winch
b262c198d8
SEC-2782: Polish Migrating from 3 to 4 Guide
2015-03-20 14:14:55 -05:00
Rob Winch
a18fa3f1db
saving updates to migrate
2015-03-16 12:32:58 -05:00
Rob Winch
1da1b8b12f
SEC-2892: Added Guides Back to dist
2015-03-11 13:29:18 -05:00
Rob Winch
9169186d48
SEC-2889: Update documentation to use sameOriginDisabled
2015-03-10 14:48:19 -05:00
Rob Winch
5e2720723a
SEC-2884: Fix WebSocket reference link text
2015-03-10 10:51:53 -05:00
Rob Winch
dea5723ecc
SEC-2782: Finish Migration Guide from 3.x to 4.x
2015-03-09 17:09:00 -05:00
Rob Winch
9b4cbff58c
SEC-2782: Additional Updates to Migration Guide from 3.x to 4.x
2015-03-06 17:10:06 -06:00
Rob Winch
ff4e9e6ad4
SEC-2782: Started Migration Guide from 3.x to 4.x
2015-02-27 16:18:18 -06:00
drdamour
ff5a176675
trivial docs fixed a few typos and grammatical errors
...
I have signed and agree to the terms of the SpringSource Individual Contributor License Agreement.
2015-02-25 00:04:15 -06:00
Eugene Wolfson
4ca99ef88c
SEC-2877: Fix doc typo in index.adoc
...
Replace "a`" with "a `"
2015-02-24 22:28:07 -06:00
Rob Winch
5f57e5b0c3
SEC-2873: Remember Me XML Configuration Defaults Should Match Java Config
2015-02-24 20:49:56 -06:00
Kazuki Shimizu
67cd8465c3
SEC-2826: Add remember-me-cookie attribute in xml namespace
2015-02-24 17:54:54 -06:00
Rob Winch
9ffd5db466
SEC-2584: Add What's New in 4.0
2015-02-24 16:14:15 -06:00
Rob Winch
bfa12ade40
SEC-2870: Add Spring Data Documentation
2015-02-24 16:14:08 -06:00
Rob Winch
37740cd020
SEC-2861: Add WebSocket Documentation & Sample
2015-02-24 10:29:47 -06:00
Rob Winch
b9563f6102
SEC-2830: Cleanup disabling Same Origin SockJS
...
- Defaults for properties false
- Add XML Namespace support
2015-02-24 10:28:33 -06:00
Rob Winch
b9e2a57131
SEC-2854: Add intercept-message@message-type
2015-02-20 11:43:16 -06:00
Rob Winch
fea03536d6
SEC-2853: Rename WebSocket XML Namespace elements
2015-02-20 11:43:15 -06:00
Rob Winch
6a8475adbb
SEC-2830: Provide Same Origin support for SockJS
2015-02-18 11:21:02 -06:00
Rob Winch
a27c33754c
SEC-2859: Add CsrfTokenArgumentResolver
2015-02-18 10:51:30 -06:00
Rob Winch
c4fe630f8e
SEC-2846: Security HTTP Response Headers Configuration Cleanup
2015-02-10 10:36:00 -06:00
Rob Winch
6627f76df7
SEC-2758: Make ROLE_ consistent
2015-01-29 17:08:43 -06:00
Rob Winch
081f84844c
SEC-2777: Fix <header> attributes in doc
2015-01-20 16:28:02 -06:00
Rob Winch
c30c97005b
SEC-2572: Document Spring Test
2015-01-20 16:20:14 -06:00
Christopher Pelloux
aab0eea9cf
SEC-2800 Documentation typo in class name
2014-12-22 19:22:26 -05:00
Rob Winch
d5ff80011b
Polish Documentation
2014-12-11 20:36:55 -06:00
Rob Winch
1677836d53
SEC-2790: Deprecate @EnableWebMvcConfig
2014-12-10 21:10:27 -06:00
Rob Winch
3171cc4364
SEC-2788: Add @Configuration as meta annotation to @Enable* annotations
2014-12-10 21:10:15 -06:00
Rob Winch
c67ff42b8a
SEC-2783: XML Configuration Defaults Should Match JavaConfig
...
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
2014-12-08 15:09:15 -06:00
Rob Winch
5f5e7e7265
SEC-2785: Reference outputs PDF, Html Multi, & epub
2014-12-08 13:29:15 -06:00
Rob Winch
87a52ffbfd
SEC-2784: Update to Gradle 2.2.1
2014-12-08 13:29:07 -06:00
Rob Winch
6e204fff72
SEC-2781: Remove deprecations
2014-12-04 15:28:40 -06:00
Rob Winch
2cb2657f5b
SEC-2702: Clean WebSocket Namespace documentation
2014-11-25 12:27:29 -06:00
Rob Winch
3c487c0348
SEC-2348: Update doc headers enabled by default with XML
2014-11-21 21:55:03 -06:00
Rob Winch
4392205f63
SEC-2347: CSRF Enabled by default w/ XML Config
2014-11-21 21:32:56 -06:00
Rob Winch
eedbf44235
SEC-2348: Security HTTP Response Headers enabled by default w/ XML
2014-11-21 16:06:29 -06:00
Rob Winch
4dcc89fab0
SEC-2674: Documentation refers to httpStrictTransportSecurity() instead of hsts()
2014-11-19 13:31:09 -06:00
Rob Winch
55d6d5a86a
SEC-2615: accesscontrollist tag hasPermission performs OR not AND
...
In 3.1 the accesscontrollist tag began performing an and on the
permissions. This may have been accidental, but I think that it is more
intuitive & secure for it to behave this way. When compared to hasAnyRole
and hasRoles the hasPermission tag implies it is an and. If users end up
needing OR support, then the authorize tag can be used along with the
hasPermission expression. For example:
<sec:authorize access="hasPermission(#domain, 'read') or hasPermission(#domain, 'write') ">
In general, the authorize tag should be preferred as it is the more
powerful way of performing authorization checks.
2014-11-18 16:59:46 -06:00
