7fa9a959b5
Added webAppRootKey context-param to samples to prevent conflicts when run together in Tomcat.
2008-12-16 21:13:03 +00:00
681f1ee00c
Fix duplicate logging.
2008-12-16 19:07:31 +00:00
2927b8464f
SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException.
2008-12-14 22:20:21 +00:00
df771038b4
SEC-1051: Fixed class names in dms sample app context.
2008-12-12 17:43:09 +00:00
6ccdcec629
SEC-1033: Added web expressions to tutorial sample configuration.
2008-12-08 21:56:44 +00:00
bc6878c1c5
SEC-1044: Removed remember-me functionality from http auto-config namespace configuration. Added explicit <remember-me> elements to contacts and tutorial sample configurations.
2008-12-05 16:36:43 +00:00
3cbad3ebd7
Corrected comment.
2008-12-05 16:04:22 +00:00
781b09e889
SEC-1036: Updated ldap sample pom
2008-11-29 14:16:08 +00:00
7e562031cc
Better demonstrate the new EL-based "overdraft" authorization rules.
2008-11-19 09:32:04 +00:00
f3b3004085
Removed references to Acegi in contacts sample home page
2008-11-15 06:28:01 +00:00
78065ba47c
Fixed up contacts sample: removed casfailed page, corrected debug.jsp errors and fixed incorrect bean reference in context files.
2008-11-15 03:38:49 +00:00
3261fcb174
Tidying stuff
2008-11-14 07:16:30 +00:00
464da0f0df
SEC-999: Refactored namespace to take an expression handler instead of a permission evaluator, allowig fo greater cusomtomization and for a single handler to be used in both web and method security expressions.
2008-11-13 07:41:21 +00:00
e5b1073501
SEC-1012: Added more generics and warning suppression
2008-11-11 09:06:50 +00:00
7731a3df57
Typo.
2008-11-11 03:41:50 +00:00
e11114ce77
SEC-1023: Add hasPermission() support to SecurityExpressionRoot
...
http://jira.springframework.org/browse/SEC-1023 .
hasPermission() now delegates to a PermissionEvaluator interface, with a default implementation provided by the Acl module. The contacts sample now uses expressions on the ContactManager interface. The permission-evaluator element on global-method-security can be used to set the instance to an AclPermissionEvaluator. If not set, all hasPermission() expressions will evaluate to 'false'.
2008-11-10 04:27:25 +00:00
d6cd392a9e
Tidying up some stuff in tutorial app
2008-11-07 06:55:00 +00:00
d6bb6ccbf5
Removed .cvsignore files
2008-11-06 01:11:08 +00:00
a7d046357b
SEC-1013: Refactored out use of ConfigAttributeDefinition from remaining interfaces
2008-10-30 04:10:54 +00:00
4aa32f7d06
SEC-999: First commit of expression-based authorization implementation
2008-10-24 00:38:36 +00:00
6c8a82fa13
Updated poms to Spring 2.5 and fixed up sandbox to work with latest build
2008-10-15 05:52:40 +00:00
a62eae4587
Script for running all the sample apps
2008-10-15 05:49:31 +00:00
7cc0965383
SEC-1001: Move core tiger code into core and adjust pom files
2008-10-03 15:23:31 +00:00
5b9bb8ba54
[maven-release-plugin] prepare for next development iteration
2008-09-05 19:04:22 +00:00
73eed2656d
[maven-release-plugin] prepare release spring-security-parent-2.0.4
2008-09-05 18:57:43 +00:00
6e06789a28
SEC-937: Added CAS logout filter to sample application
2008-07-28 10:53:55 +00:00
d9634bcb39
SEC-920: Update preauth sample to make use of internal authentication manager
...
http://jira.springframework.org/browse/SEC-920 . Updated context file to use <custom-authentication-provider>.
2008-07-11 10:56:57 +00:00
6ff0b969d5
Corrected ldap sample config (traditional bean version was wrong)
2008-06-23 23:43:48 +00:00
775a6c3939
[maven-release-plugin] prepare for next development iteration
2008-06-23 14:10:35 +00:00
87d50aecce
[maven-release-plugin] prepare release spring-security-parent-2.0.3
2008-06-23 14:05:36 +00:00
57558de3ec
Added error page URL to openid login sample
2008-06-23 13:18:35 +00:00
5ec06778f5
removed optional scope from jaxen dependecy in preauth sample as it breaks war file
2008-06-23 13:00:03 +00:00
5b089aea16
SEC-852
...
provided mechanism to do get a proxy ticket
2008-06-18 17:34:14 +00:00
de897ad1ac
SEC-867: Remove superfluous <property /> entry.
2008-06-05 22:51:47 +00:00
ff785a829f
[maven-release-plugin] prepare for next development iteration
2008-06-03 16:07:20 +00:00
db1d8604a6
[maven-release-plugin] prepare release spring-security-parent-2.0.2
2008-06-03 16:05:40 +00:00
d784d854cd
Corrected log file name.
2008-06-03 14:57:40 +00:00
cf4072c517
Context file improvements (based on sts suggestions)
2008-05-25 20:57:07 +00:00
859e99edf4
SEC-851: Fix port number in LDAP sample.
2008-05-23 21:24:48 +00:00
4f6b4e4bfd
Make sample login pages use c:out for data output
2008-05-15 12:48:13 +00:00
d4defb10fe
SEC-833: Fixed login-failure-url in contacts sample app.
2008-05-14 22:41:13 +00:00
5cf0c84e2f
SEC-814: Added standard bean config to ldap example and updated doc to provide some pointers to DefaultLdapAuthoritiesPopulator
2008-05-06 14:50:14 +00:00
a599ef5398
[maven-release-plugin] prepare for next development iteration
2008-05-01 20:09:03 +00:00
3e808335a4
[maven-release-plugin] prepare release spring-security-parent-2.0.1
2008-05-01 20:07:46 +00:00
18a9965b80
Moved dummy file out of default package for easy exclusion from javadoc
2008-05-01 19:45:36 +00:00
fc498954c6
Updated sample context files to point at 2.0.1 schema
2008-05-01 17:51:48 +00:00
014f21ee85
Deleted attributes sample
2008-05-01 17:50:47 +00:00
882509fb2a
Renamed context file
2008-04-24 00:27:37 +00:00
eba18675fc
Removed old acegi file from tutorial sample as it's causing confusion with users.
2008-04-23 21:08:41 +00:00
80cd7f4acc
Removed accidental commit of tutorial context file
2008-04-23 13:13:56 +00:00
Luke Taylor
Ben Alex
Scott Battaglia