1490fe0b0a
Various fine-tuning so people can see AspectJ expressions and a simple, minimal configuration.
2008-03-28 00:47:08 +00:00
595a14dbd5
Sample should permit people to anonymously call all methods except post(Account).
2008-03-28 00:44:42 +00:00
ef5b3e2f9c
SEC-733: Changed names of <global-method-security> attributes as discussed with Ben and updated sample to reflect the changes. Also changed explicit instantiation of Jsr250 and Secured annotation MethodDefinitionSource beans in GlobalMethodSecurityBDP into bean definitions to make more tooling friendly.
2008-03-26 21:48:24 +00:00
071c91540c
SEC-722: Added explicit login page to open-id element in openid sample.
2008-03-26 17:01:54 +00:00
743d72ca7b
Added log4j support to tutorial app
2008-03-26 15:27:09 +00:00
1cd7865ed5
SEC-729: Removed version numbers and jstl declarations from sample parent pom
2008-03-26 15:21:41 +00:00
0860333a3f
SEC-733: AspectJ Pointcut Expression Parsing support.
2008-03-25 08:28:53 +00:00
f67c7bcb38
Update dependency versions and POM structure
2008-03-24 09:06:46 +00:00
6ab301981c
Update dependency versions and POM structure.
2008-03-24 09:05:44 +00:00
9a02b9862e
Fixed preauth sample configuration to match recent changes in naming in core code.
2008-03-23 23:03:28 +00:00
b54e3978dc
SEC-729: Organization of pom dependencies, particularly for servlet-api and jstl. Some other adjustments, removal of unrequired deps etc
2008-03-23 00:31:32 +00:00
1d47945893
Added portlet and ldap samples to build
2008-03-22 11:43:24 +00:00
69f2075872
SEC-722: Fix jstl versions in openID sample login page.
2008-03-22 00:05:53 +00:00
563dabda2f
SEC-722: Add Open ID Namespace Support
...
http://jira.springframework.org/browse/SEC-722 . Added OpenIDProvider to bean registry and fixed login page generator to use correct URL for OpenID. Added user-service-ref to namespace element. Changed OpenID sample to use <openid-login />.
2008-03-21 23:47:09 +00:00
d333655b0b
Updated to commons logging 1.1.1 to get rid of servlet api dependency in their pom
2008-03-20 19:43:55 +00:00
f3a6f768ba
SEC-724: Create portlet sample
...
http://jira.springframework.org/browse/SEC-724
2008-03-19 17:58:07 +00:00
8f7b216de3
Import cleaning, removal of unnecessary constructors etc based on eclipse warnings
2008-03-17 14:10:22 +00:00
114969f7f7
SEC-706: Removed LDAP dependencies from tutorial app, since we now have a separate sample
2008-03-17 14:06:13 +00:00
1e28a67410
SEC-706: Added sample app with LDAP configuration
2008-03-14 12:14:27 +00:00
e5a7303015
Remove unnecessary deps
2008-03-06 22:23:40 +00:00
ff16c413dd
[maven-release-plugin] prepare for next development iteration
2008-02-29 14:55:31 +00:00
b8916ffaba
[maven-release-plugin] prepare release release_2_0_M2
2008-02-29 14:54:15 +00:00
45e43073a0
SEC-690: Use consistent naming in OpenID classes
...
http://jira.springframework.org/browse/SEC-690
2008-02-29 12:51:52 +00:00
9eb86194a2
SEC-640: Converted preauth sample to use filter-invocation-definition-source element. (also fixed some recently changed property names).
2008-02-28 19:31:16 +00:00
25c3b84149
Remove security taglib dependency in OpenID sample.
2008-02-25 16:56:15 +00:00
18f6cb1565
Setting svn:ignore for new (and existing) modules
2008-02-25 16:51:06 +00:00
8c00bb1537
SEC-674: Updated samples to work with new module layout. Changed taglib build to copy tld file to META-INF directory.
...
Also standardized JSTL version to 1.1.0 (impl 1.1.2), moving deps to root sample pom.
2008-02-22 16:21:37 +00:00
659fe5308a
Corrected wrong bean reference in cas sample and removed dependence on taglibs. Upgraded ehcache version to match core.
2008-02-22 16:15:30 +00:00
2dd9faabc0
SEC-674: Created new project modules for cas, captcha, acls and taglibs
2008-02-19 20:30:53 +00:00
38237341b4
Removed unused getContactManager method
2008-02-15 18:06:59 +00:00
503e426707
Inlined destroyContext method.
2008-02-15 17:07:53 +00:00
be62979a01
Switch JSTL back to 1.1.2.
2008-02-15 12:15:20 +00:00
e2bf583fe9
Removed unused MessageSource from contacts app-context file.
2008-02-09 15:57:06 +00:00
dd47689687
Updated contact app to make more use of namespace configuration (now uses intercept-methods in target bean to set up method interceptor).
2008-02-09 15:41:29 +00:00
10ab4136d1
SEC-309: Patch for Authentication tag to use property of authentication object, rather than invoking an operation on the principal. Allows use of nested properties.
2008-02-09 13:41:05 +00:00
bd5a64825d
SEC-552: Replaced authorites populators in CAS and OpenID with a plain UserDetailsService
2008-02-08 13:23:43 +00:00
842c49c890
SEC-665: Renaming of rolemapping package to authoritymapping, and corresponding refactoring of classes.
2008-02-08 12:01:10 +00:00
eb998b6554
Updated jetty plugin version.
2008-02-08 11:57:10 +00:00
ca16a9608c
Corrected typo
2008-02-08 11:26:38 +00:00
adba67326f
Removed accidentally committed version of tutorial app context file.
2008-02-04 21:27:35 +00:00
84c7ac5e57
SEC-664: Removed validateUserDetails method from AbstractRememberMeServices, wrapped the UserDetailsService in a status-checking one and added a catch block for AccountStatusExceptions. Also some minor tidying up of other remember-me classes.
2008-02-04 21:26:07 +00:00
26fa0c143b
Added myself to the users list because I can :P
2008-02-04 14:25:12 +00:00
b93583164d
SEC-659: Change CAS sample to use authentication-manager element.
2008-02-04 00:12:56 +00:00
3da2471b7f
Some tidying up of OpenID login form.
2008-02-01 16:01:34 +00:00
287726335a
OpenID sample application.
2008-02-01 14:32:54 +00:00
df1def412e
Changed to using new alias for security filter chain in samples.
2008-02-01 14:28:04 +00:00
86f7b47fac
Updated jetty plugin to 6.1.7
2008-02-01 14:18:23 +00:00
5394350cc8
SEC-576: Renamed PreAuthenticateduserDetailsService to AuthenticationUserdetailsService and changed signature accordingly.
2008-01-31 14:24:12 +00:00
46a69b6d93
SEC-652: CAS sample application and server using maven jetty plugin.
2008-01-28 16:03:28 +00:00
511ebb5af4
Reformat pom.xml.
2008-01-28 14:30:15 +00:00
eb620f09eb
Switched preauth default namespace to "beans" for readability.
2008-01-28 13:22:50 +00:00
5738a51040
SEC-651: Support for ldap-user-service bean.
2008-01-28 00:47:34 +00:00
acf5601714
SEC-645: Reimplementation of X509 provider and namespace implementation.
2008-01-27 22:45:44 +00:00
aeba732ba5
SEC-647: Created separate "certificates" directory so SSL certificates and keys can be shared between different sample applications. Added key for user "scott" and separate certificate authority pem file (can be installed in a browser).
2008-01-27 20:42:10 +00:00
82940db6c8
SEC-648: Added custom-authentication-provider support.
2008-01-27 13:31:34 +00:00
e44e641106
SEC-647: Updated server keystore (new certificate using our own Test CA) and added client certificates for users rod and dianne.
2008-01-26 17:21:23 +00:00
483068d486
SEC-647: Delete unused certificated directory and outdated certificates.
2008-01-26 11:28:36 +00:00
b85f76e6c1
Added SSL support to the tutorial app Jetty plugin configuration and added a requirement for SSL on the "extremely secure" page.
2008-01-24 16:30:06 +00:00
342677fabc
Removed auto-config from tutorial sample and added commented out ldap support. Updated ldif file to match sample users.
2008-01-23 22:21:39 +00:00
837ecd85ec
SEC-576: Tidied up code, added preauth sample demo app.
2008-01-23 20:02:11 +00:00
06f3bcbf6a
Converted all namespace attributes which refer to bean IDs to use "-ref" suffix (or "ref").
2008-01-22 20:58:12 +00:00
7d88ee8c48
Formatted ACL SQL for readability.
2008-01-21 18:35:22 +00:00
462b4b450f
Added use of authz tag to tutorial. Upgraded to use webapp 2.4 xsd. Changed JSTL dependency to 1.2
2008-01-18 18:17:09 +00:00
10ec13e4e2
[maven-release-plugin] prepare for next development iteration
2008-01-02 22:42:21 +00:00
2c5090da90
[maven-release-plugin] prepare release release_2_0_M1
2008-01-02 22:41:31 +00:00
09242ec66d
[maven-release-plugin] rollback the release of release_2_0_M1
2008-01-02 22:31:09 +00:00
42dcccd1b7
[maven-release-plugin] prepare release release_2_0_M1
2008-01-02 22:18:28 +00:00
aafbb5bb67
[maven-release-plugin] rollback the release of release_2_0_M1
2008-01-02 22:10:46 +00:00
425508d70d
[maven-release-plugin] prepare release release_2_0_M1
2008-01-02 22:01:34 +00:00
0b1e17f69a
[maven-release-plugin] rollback the release of release_2_0_M1
2008-01-02 21:54:37 +00:00
07aa0c6880
[maven-release-plugin] prepare release release_2_0_M1
2008-01-02 21:52:42 +00:00
7583aca3eb
Configured contacts app to use namespaces. Removed ldap, cas, x509 files to avoid confusion. Ldap and CAS will be better served by new samples.
2008-01-01 16:51:15 +00:00
b91e82d91c
Changed _authenticationManager -> authenticationManager to get contact app tests passing again.
2007-12-25 00:34:28 +00:00
5f1eea42fc
Moved configuration of security interceptors with access and authentication manangers from post processing stage to bean creation stage.
2007-12-23 16:40:29 +00:00
46c99d1991
Converted tutorial context file to match namespace changes.
2007-12-23 16:36:44 +00:00
e65cb9b472
Made group names singular and added "teller" role.
2007-12-14 20:41:33 +00:00
09f68400ec
Add <intercept-methods> to example, but it is disabled in favour of @Secured annotation. Still, we include it so people can have a play around and switch between the two syntaxes easily in demos etc.
2007-12-14 19:56:31 +00:00
55e4568003
Throw an exception instead of sending back a HTTP error code. This is necessary so any demonstration of upgrading from Servlet Spec authorization to Spring Security authorization, as the latter's ExceptionTranslationFilter expects specific exceptions to be thrown if you wish to commence the authentication process.
2007-12-14 19:44:50 +00:00
2e4773525b
Updated tutorial to allow authentication against ldap provider using <ldap /> namespace element.
2007-12-14 19:18:18 +00:00
d90ff50686
Use Java 5 to illustrate annotation support.
2007-12-14 16:54:10 +00:00
b1bc39a0df
Provide some shell scripts that help with demos. These assume the application is deployed to http://localhost:8080/spring-security-samples-tutorial .
2007-12-14 02:45:01 +00:00
f4c3e701d5
Enhance sample to show method authorization.
2007-12-14 02:27:48 +00:00
77d286c36f
Enhance tutorial to also demonstrate Spring Security method
...
authorization, and add a services layer accordingly.
2007-12-14 02:26:27 +00:00
fa510b3187
Modify attribute names to use "ref" instead of "id", plus use a hyphen
...
as an attribute value separator rather than a colon. This was changed
for compatibility with other components in the Spring Portfolio. tests
pass.
2007-12-13 20:19:56 +00:00
1cae1719bc
Fix bean referencing error.
2007-12-11 19:18:44 +00:00
2655955a40
Add MethodSecurityInterceptor, to more accurately reflect the capabilities offered by auto-config="true".
2007-12-11 19:14:34 +00:00
1bbe6ca456
Proper comparison with auto-configure="true".
2007-12-11 16:44:24 +00:00
5e0cb21c8d
SEC-619: Added test class for LdapUserDetailsService. The LdapAuthoritiesPopulator interface and also implementations have been moved to the org.springframework.security.ldap package since they are now used by both the ldap provider and the user service.
2007-12-09 18:40:28 +00:00
4770c29094
Use hyphens in attribute names, and not Camel Case. This is to maintain
...
consistency with the rest of Spring Portfolio. Camel Case was preserved
for attribute values, consistent with Spring Portfolio usage such as
autowiring modes (byName, byType etc).
2007-12-09 03:42:20 +00:00
85085abf9e
Add namespace support for Servlet API integration.
2007-12-04 12:23:41 +00:00
a205f95c19
No need for an access denied page.
2007-12-04 11:24:54 +00:00
8c3cc5c67b
Add hash code support.
2007-12-04 11:21:39 +00:00
8e7c540b16
General refactorings and improvements to namespace support, including
...
autoDetect="true" attribute for <http> element.
2007-12-04 10:35:08 +00:00
2441ab6d9a
Move "realm" attribute to be on <http> element rather than <http-basic>.
...
This faciltiates reuse with other mechanisms (like Digest) whilst also
moving towards the <http-auto-configure> element (which benefits from
having shared configuration in <http> as opposed to mechanism-specific
elements).
2007-12-04 08:02:40 +00:00
0b0b174eda
Support <repository> and JbcUserDetailsManager.
2007-12-04 05:27:17 +00:00
53fca59301
Add namespace support for anonymous requests. Remove unnecessary files from tutorial sample.
2007-12-03 08:07:10 +00:00
cb765bc34b
SEC-615: Automatically focus on login name HTML element on page load.
2007-12-03 06:34:43 +00:00
7aa28ea742
SEC-614: Use DelegatingFilterProxy instead of FilterToBeanProxy.
2007-12-03 06:31:03 +00:00
3e48b52cdf
Make name consistent with other MVN modules.
2007-12-03 04:17:31 +00:00
1694242855
Make project name consistent with other MVN modules.
2007-12-03 04:07:21 +00:00
Ben Alex
Luke Taylor
Ray Krueger