5f57e5b0c3
SEC-2873: Remember Me XML Configuration Defaults Should Match Java Config
2015-02-24 20:49:56 -06:00
706e7fd7a2
SEC-2863: Update to Spring 4.1.5
2015-02-20 11:43:04 -06:00
8f0001f59a
Next Development Version
2014-12-11 20:39:26 -06:00
49b69196de
Release version 4.0.0.RC1
2014-12-11 20:36:55 -06:00
11116c2b80
SEC-2787: Update Versions
2014-12-10 16:37:19 -06:00
c67ff42b8a
SEC-2783: XML Configuration Defaults Should Match JavaConfig
...
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
2014-12-08 15:09:15 -06:00
b56e5edbbd
SEC-2784: Fix build plugins
2014-12-08 14:24:34 -06:00
6e204fff72
SEC-2781: Remove deprecations
2014-12-04 15:28:40 -06:00
09f6210c73
SEC-2347: Polish
2014-11-21 22:31:03 -06:00
3187ee8bf3
SEC-2700: Register WithSecurityContextTestExecutionListener by default
2014-08-15 16:41:33 -05:00
b72c1ad314
SEC-2686: Create SecurityMockMvcConfigurer
2014-07-22 15:11:37 -05:00
3118e39de8
SEC-2542: Use exclusions to remove duplicate dependencies
...
A number of projects had duplicate dependencies on their classpaths
as a result of the same classes being available in more than one
artifact, each with different Maven coordinates. Typically this only
affected the tests, but meant that the actual classes that were
loaded was somewhat unpredictable and had the potential to vary
between an IDE and the command line depending on the order in which
the aritfacts appeared on the classpath. This commit adds a number of
exclusions to remove such duplicates.
In addition to the new exclusions, notable other changes are:
- Spring Data JPA has been updated to 1.4.1. This brings its
transitive dependency upon spring-data-commons into line with
Spring LDAP's and prevents both spring-data-commons-core and
spring-data-commons from being on the classpath
- All Servlet API dependencies have been updated to use the official
artifact with all transitive dependencies on unofficial servlet API
artifacts being excluded.
- In places, groovy has been replaced with groovy-all. This removes
some duplicates caused by groovy's transitive dependencies.
- JUnit has been updated to 4.11 which brings its transitive Hamcrest
dependency into line with other components.
There appears to be a bug in Gradle which means that some exclusions
applied to an artifact do not work reliably. To work around this
problem it has been necessary to apply some exclusions at the
configuration level
Conflicts:
samples/messages-jc/pom.xml
2014-04-02 09:47:26 -05:00
9988fa141c
Update Spring Security version in pom.xml
2014-03-06 08:13:52 -06:00
7f99a2dfbb
SEC-2487: Update to Spring 3.2.8.RELEASE
2014-02-19 09:30:40 -06:00
ec8b48150d
SEC-2474: Update poms
2014-02-07 17:01:11 -06:00
a99c6db327
SEC-2467: Fix Small errors in itest-web's jsps
2014-01-28 16:03:59 -06:00
a34178bc40
SEC-2434: Update to Spring 3.2.6 and Spring 4.0 GA
2013-12-12 08:16:59 -06:00
4460e84b29
Updates to pom.xml author and repo
2013-12-09 08:57:30 -06:00
2c8946c406
Next development version
2013-11-01 14:20:55 -05:00
9c703a3051
Release version 3.2.0.RC2
2013-11-01 14:20:49 -05:00
88f41cdf62
SEC-2341: Update to Gradle 1.8
...
Some dependencies were necessary to update due to issues with JUnit
integration.
2013-09-24 15:35:51 -05:00
3d2f23602f
SEC-2294: Update Spring Version to 3.2.4.RELEASE
2013-08-31 11:26:43 -05:00
13da42ca1b
SEC-2137: Allow disabling session fixation and enable concurrency control
2013-08-15 12:50:40 -05:00
976d9a9016
SEC-2194: Polish java config sample apps
2013-08-08 14:33:54 -05:00
5e6ca12b01
SEC-2097: Update integrationTestCompile to use optional and provided
...
Also update slf4j version and remove explicit commons-logging from pom generation
2013-07-16 15:59:06 -05:00
02551e1b7a
SEC-2214: Update Spring Version
2013-07-16 15:15:47 -05:00
faa8b354b7
SEC-2209: add pom.xml
2013-07-16 15:15:47 -05:00
e5fc063680
SEC-2206: Gradle Propdeps
2013-07-16 15:15:42 -05:00
e8661913d1
SEC-2119: Update to 3.2 schema and use default schema version when available
2013-03-01 16:29:27 -06:00
1ed643ca1f
SEC-1998: Provide integration with WebAsyncManager#startCallableProcessing
...
Support integration of the Spring SecurityContext on Callable's used with
WebAsyncManager by registering SecurityContextCallableProcessingInterceptor.
2012-11-28 17:56:03 -06:00
f883c6e579
SEC-1723: Fix use of bean names in integration test app context.
2011-04-25 22:30:51 +01:00
94b7868039
SEC-1675: Add missing body-content elements to tag descriptor and update it to use 2.0 tag library schema.
2011-02-14 21:17:16 +00:00
44fb3aa4ab
SEC-1677: Create integrationTest task for Java projects and make all tests in itest module run as integration tests only.
2011-02-14 15:03:15 +00:00
c1f2fa1983
SEC-1558: Changed signatures of PrePostInvocationAttributeFactory to take strings rather than annotation types to allow the metadata to be obtained from other sources (not just annotations).
2011-01-05 16:56:28 +00:00
85d685f7d3
SEC-1611: Make access attribute in authorize tag a runtime expression
2010-12-14 16:55:34 +00:00
4a40d80da1
SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority.
...
It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
2010-12-03 16:41:46 +00:00
8d867e8b67
Updated integration tests to detect case reported as SPR-7563.
2010-11-02 20:35:24 +00:00
0fd2c48dfb
SEC-1584: Additional integration tests.
2010-10-27 13:25:39 +01:00
bd84a2bfa1
SWC-1552 Update .tld in integration test to match change in taglib.
2010-10-26 14:00:45 +01:00
f4d57ab5e8
SEC-1456: Remove maven poms as we are now using gradle for the build.
2010-08-30 19:02:19 +01:00
bdb906e588
Enable parameterization for log levels in logback files to allow the use of command-line options for controlling log output.
2010-08-24 18:25:39 +01:00
1680807470
Added eclipse plugin to build. Some minor fixes to remove eclipse warnings.
2010-08-18 14:11:16 +01:00
6abfa2e887
Update minimum required schema to 3.1.
2010-08-17 02:19:55 +01:00
dca0fd871c
SEC-1532: Add cache of previously matched beans to ProtectPointcutPostProcessor to ensure that it doesn't perform pointcut matching every time a new prototype bean is created.
2010-08-09 17:16:43 +01:00
85c4c91e0e
IDEA inspection refactorings.
2010-08-05 23:28:07 +01:00
413b2a06e3
Improvements in up-to-date checking and use of parallel tests where possible.
2010-08-05 02:11:00 +01:00
64375484a1
More build and logging tuning.
2010-08-04 22:55:17 +01:00
c4ee46824c
Removing log4j.properties files and adding logback config ones.
2010-08-04 21:16:05 +01:00
c1c8fd1874
SEC-1171: Changed attribute name/value from secured="false" to security="none" to allow future extension by adding extra options (e.g. contextOnly to provide security context information during the request).
2010-07-20 19:46:47 +01:00
ea5f2088b5
Comment out OpenLDAP tests to allow running in IDEA, and reduce default load configuration of performance test class.
2010-07-12 12:40:19 +01:00
69a10c48ae
Switch to using slf4j/logback for logging.
...
We still compile modules against commons-logging but all runtime logging and samples will use logback
2010-07-12 12:39:52 +01:00
6093dbce7e
Converted test to use namespace to set method securityMetadataSource property.
2010-07-02 20:00:01 +01:00
34401416b0
SEC-1171: Implement parsing of empty filter chain patters via http 'secured' attribute and remove filters='none' support.
2010-05-27 15:54:15 +01:00
dada047e04
SEC-1456: Set rtexprvalue=true for "url" attribute in access tag to allow dynamic values (such as URL of current page).
2010-04-21 17:31:44 +01:00
0521d10069
SEC-1294: Enable access to beans from ApplicationContext in EL expressions.
...
ExpressionHandlers are now ApplicationContextAware and set the app context on the SecurityExpressionRoot. A custom PropertyAccessor resolves the properties against the root by looking them up in the app context.
2010-04-01 01:24:23 +01:00
a5a95a8ebc
Upgrade jython and disable cachedir.
2010-03-31 19:11:00 +01:00
bf91f2ca67
SEC-524: Added "var" attribute to authorize and accesscontrollist JSP tags.
...
Allows the result of the boolean condition granting/denying access to be stored in the page context for later use, without having to duplicate the tag.
2010-03-24 18:35:17 +00:00
111d49d68a
Added build file for itest-context.
2010-03-12 01:40:27 +00:00
f3264ba9ab
Addition of commons-logging exclusions and adjustments to pom generation.
2010-03-07 21:58:25 +00:00
d66ff32a1d
Added taglib dependency to itest-web project. Needed by additional test for SEC-1420.
2010-03-05 23:23:01 +00:00
4d70f88285
SEC-1420: JSP for itest of authentication tags with and without escaping.
2010-03-04 01:44:27 +00:00
0551dd89ac
SEC-1420: Add htmlEscape attribute to authentication JSP tag.
...
This allows HTML escaping to be disabled if required.
2010-03-04 00:47:22 +00:00
962a2d5272
Tone down Apache DS log level in itest-web
2010-03-01 01:20:11 +00:00
2ee7696bf4
Update version number to 3.1.0.CI-SNAPSHOT.
2010-02-19 17:35:19 +00:00
44f45d21f0
3.0.2 release. Update version in build files.
2010-02-19 01:22:21 +00:00
e678ba7283
Improvements to itest-web subproject.
...
Added to gradle build. Updated deps (testng and jwebunit). New test added for persistent remember-me.
2010-02-11 01:48:21 +00:00
70ef0d8b3e
Added extra test to itest/context as POC of using extra interceptor with http ns.
2010-02-11 01:48:00 +00:00
23511c930f
Standardising slf4j versions.
2010-02-11 01:33:31 +00:00
51dfc0fb39
Set versions to 3.0.2-CI-SNAPSHOT, post release.
2010-01-15 18:15:19 +00:00
05634f97dc
Updated version numbers for 3.0.1 release.
2010-01-15 18:04:28 +00:00
052537c8b0
Removing $Id$ markers and stripping trailing whitespace from the codebase.
2010-01-08 21:05:13 +00:00
9a323f15bc
Bring versions in itext module up-to-date
2010-01-07 17:56:32 +00:00
4e4242d010
SEC-1354: Added integration tests for combinations of @PreAuthorize and @Secured annotations.
2010-01-06 22:23:01 +00:00
fac07ba8ff
Schema updates to Spring 3.0
2009-12-18 18:44:17 +00:00
282bfc3151
Added some integration tests for Basic authentication, both alone and in combination with form login.
2009-12-12 17:32:27 +00:00
0f25601f54
Upgraded jwebunit version
2009-12-08 01:49:03 +00:00
131edf7a07
SEC-1318: Added integration test for custom concurrency setup.
2009-12-08 01:46:56 +00:00
8cf032c7b1
Switch off jetty debugging.
2009-12-08 01:45:38 +00:00
62b429a3b1
Updated spring schema versions in itest web contexts.
2009-12-08 01:44:56 +00:00
7fd03409fc
Updating dependency versions to match spring RC1 ones
2009-10-11 19:58:52 +00:00
735ecac215
SEC-1255: Forot dispathcer-servlet context
2009-10-11 15:27:09 +00:00
bf7d691c45
Update and fix tests
2009-10-11 15:24:42 +00:00
c9e2121504
SEC-1255: Replace file with controller to avoid windows filename problems
2009-10-11 15:24:17 +00:00
1286741c7c
SEC-1259: Improve consistency of authentication filter names.
2009-10-07 14:43:55 +00:00
07d7c0ddae
Renamed form and openID filters to shorten names
2009-10-05 17:33:34 +00:00
1042305cfe
Renamed web.wrapper to web.servletapi. Added some package.html files.
2009-10-05 16:59:37 +00:00
acf13c74ca
SEC-1229: Refactored authentication.concurrent in core, moving classes into core.session
2009-10-05 15:51:00 +00:00
073198886d
SEC-1255: Modified UrlUtils. Full request URL for redirects uses the requestURI (which is encoded). The URL for path comparsions is built using the servletpath, as before.
2009-10-02 17:29:43 +00:00
7247902911
SEC-1229: Updated sample and itest namespace concurrency configs.
2009-09-29 16:18:01 +00:00
5bdfd8cd77
Tidying imports etc to remove compiler warnings.
2009-09-05 14:14:58 +00:00
e40b9fbc75
SEC-1196: Introduce AuthenticationManagerDelegator is MethodSecurityInterceptor which is configured by global-method-security. Prevents regression of SEC-933 caused by eager init of AuthenitcationManager and dependent beans
2009-08-03 01:44:49 +00:00
68364f06a2
Minor itest updates
2009-07-29 16:05:47 +00:00
66f7e8bcc8
SEC-1168: Added filter-security-metadat-source to namespace.
2009-06-08 12:59:13 +00:00
131ba5c62e
Reset poms to 3.0.0.CI-SNAPSHOT after tagging M1 release
2009-05-27 00:12:30 +00:00
e2c218e8c9
[maven-release-plugin] prepare release spring-security-3.0.0.M1
2009-05-26 23:44:11 +00:00
45c54c558c
Updated build to use maven.springframework.org deps
2009-05-13 06:16:05 +00:00
a8215fa2cb
SEC-1160: Renaming of authentication filters and entry points and associated doc changes
2009-05-12 05:37:11 +00:00
4bad213b19
SEC-1132: Moved remaining preauth code from core to web
2009-05-12 00:11:06 +00:00
c7a2e12c65
Moved python script to correct directory
2009-05-11 06:03:59 +00:00
76438b3347
SEC-1132: Refactoring of access/intercept package to extract packages and classes which are externally depended on or potentially may be used outside of the standard interceptor model (e.g. SecurityMetadataSource)
2009-05-11 05:44:31 +00:00
Rob Winch
Spring Buildmaster
Rob Winch
james
Luke Taylor
Rossen Stoyanchev