Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-03-06 21:39:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,434 Commits 36 Branches 337 Tags
Commit Graph

50 Commits

Author SHA1 Message Date
Luke Taylor
94b7868039 SEC-1675: Add missing body-content elements to tag descriptor and update it to use 2.0 tag library schema. 2011-02-14 21:17:16 +00:00
Luke Taylor
00200cecbc SEC-1494: Added system property "spring.security.disableUISecurity" which will prevent authorize tags from hiding content. By default, the property will also cause the area that would normally be hidden to be decorated with a <span class="securityHiddenUI"> tag, thus allowing the area to be rendered with some distinguishing css (e.g. a different background colour). 2011-01-25 13:16:46 +00:00
Luke Taylor
85d685f7d3 SEC-1611: Make access attribute in authorize tag a runtime expression 2010-12-14 16:55:34 +00:00
Luke Taylor
4a40d80da1 SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority. 
It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
 2010-12-03 16:41:46 +00:00
Luke Taylor
4ad0652787 Removed array of authorities constructor from TestingAuthenticationToken and RunAsUserToken. 2010-12-01 20:52:37 +00:00
Luke Taylor
ca679e1479 Reformatting. 2010-12-01 20:52:37 +00:00
Luke Taylor
1c8d28501c SEC-1550: Convert signatures to use Collection<? extends GrantedAuthority> where appropriate. 2010-11-03 13:48:59 +00:00
Rossen Stoyanchev
bd84a2bfa1 SWC-1552 Update .tld in integration test to match change in taglib. 2010-10-26 14:00:45 +01:00
Rossen Stoyanchev
70600a0277 SEC-1552 Refactor AuthorizeTag and LegacyAuthorize tag to make them independent of JSP tag rendering. 2010-10-26 12:33:51 +01:00
Luke Taylor
af56f4844d SEC-1562: Created SecurityExpressionHandler interface and AbstractSecurityExpressionHandler. 2010-09-07 19:46:45 +01:00
Luke Taylor
3c02989d67 Removal of jmock test dependency and upgrading of mockito version to 1.8.5. Minor adjustments to other build deps and configurations (e.g. prevent groovy from being used as a transitive dep, since we only use it for tests). 2010-08-18 02:32:43 +01:00
Luke Taylor
85c4c91e0e IDEA inspection refactorings. 2010-08-05 23:28:07 +01:00
Luke Taylor
36e0fb6d91 SEC-1518: Fix element ordering in security.tld 2010-07-21 16:16:15 +01:00
Luke Taylor
b3aad4cf19 Javadoc fixes. 2010-05-06 20:02:08 +01:00
Luke Taylor
dada047e04 SEC-1456: Set rtexprvalue=true for "url" attribute in access tag to allow dynamic values (such as URL of current page). 2010-04-21 17:31:44 +01:00
Luke Taylor
bf91f2ca67 SEC-524: Added "var" attribute to authorize and accesscontrollist JSP tags. 
Allows the result of the boolean condition granting/denying access to be stored in the page context for later use, without having to duplicate the tag.
 2010-03-24 18:35:17 +00:00
Luke Taylor
0551dd89ac SEC-1420: Add htmlEscape attribute to authentication JSP tag. 
This allows HTML escaping to be disabled if required.
 2010-03-04 00:47:22 +00:00
Luke Taylor
c12c43da9e Javadoc fixes. 2010-02-14 23:27:09 +00:00
Luke Taylor
36612377e2 Replace package.html with package-info.java files, creating new ones where missing and updating outdated contents. 2010-02-14 23:23:23 +00:00
Luke Taylor
052537c8b0 Removing $Id$ markers and stripping trailing whitespace from the codebase. 2010-01-08 21:05:13 +00:00
Luke Taylor
893f212fa5 Tidying 2010-01-02 19:53:19 +00:00
Luke Taylor
3a24ddfb43 Corrected description in tld file for accescontrollist tag, removing reference to outdated class. 2009-12-15 00:02:02 +00:00
Luke Taylor
cad32ffe39 SEC-1325: Tighten up Authentication interface contract to disallow null authorities. Modified internals of AbstractAuthenticationToken to use an empty list instead of null. Clarified Javadoc. removed unnecessary null checks in classes which use the interface. 2009-12-13 17:37:24 +00:00
Luke Taylor
2b99c6331e Javadoc. 2009-10-07 19:07:22 +00:00
Luke Taylor
9374bddceb Added test class for AccessControlListTag. 2009-09-16 19:20:07 +00:00
Luke Taylor
937e370fb4 SEC-1022: Minor reformatting. 2009-09-16 12:51:11 +00:00
Luke Taylor
3f70d79df5 SEC-1022: Remove use of static methods/initializers in Acl Permissions. Converted PermissionFactory to a strategy which is used to convert integers and names to Permission instances. 2009-09-16 12:45:53 +00:00
Luke Taylor
731402e9f5 SEC-525: [PATCH] Add AccessCheckerTag based on URL resource access permissions. Added functionality to "authorize" tag to allow evaluation of whether a particual url is accessible to the user. Uses a WebInvocationPrivilegeEvaluator registered in the application context. 2009-09-16 00:23:13 +00:00
Luke Taylor
b531a81176 SEC-1246: Introduce EL-based authorization tag. Added optional access expression to authorize tag. 2009-09-15 16:34:05 +00:00
Luke Taylor
5605386a30 SEC-1132: Restructuring of ACL packages 2009-05-11 05:37:22 +00:00
Luke Taylor
e94baf38b3 Tidying up to remove warnings (generics, use of deprecated test classes etc). 2009-04-28 06:49:43 +00:00
Luke Taylor
1454cbb78e SEC-1132: Moved TextUtils to web module and StringSplit utils into Digest authentication package (as they aren't used elsewhere). 2009-04-25 08:04:26 +00:00
Luke Taylor
93bdcccaee SEC-1132: Moved userdetails into core and added core/authority sub-package 2009-04-15 07:39:21 +00:00
Luke Taylor
ca7d055c2b SEC-1132: Created core and authentication packages within core module. 2009-04-13 13:43:23 +00:00
Luke Taylor
4a41416c9b Tidying up and removing compiler warnings. 2008-12-21 16:36:16 +00:00
Luke Taylor
0d7002e322 SEC-1012: Extra fixes to dependent modules following changes to Acl APIs. 2008-12-21 02:06:55 +00:00
Luke Taylor
cc5966bc7e Tidying up, removing compiler warnings etc. 2008-12-20 00:16:49 +00:00
Luke Taylor
8154161ef5 SEC-1035: Updated build to use Spring 3.0.0.M1 Release 2008-12-18 02:37:00 +00:00
Luke Taylor
55cc98ab54 SEC-1006: Fixed Javadoc. 2008-12-16 00:06:56 +00:00
Luke Taylor
0ba690fb0e SEC-1015: Removed acl package from core and also related taglib declaration and implementation class (AclTag). 2008-11-11 09:21:51 +00:00
Luke Taylor
514bca669f SEC-999: Introduced custom SecurityExpressionEvaluationContext which is responsible for lazy initialization of parameter values in the context. Also some further conversion of code using GrantedAuthority arrays. 2008-10-31 11:40:11 +00:00
Luke Taylor
ec44f2bdfe SEC-1012: Refactoring of use of GrantedAuthority[] to generified collections 2008-10-31 03:53:00 +00:00
Luke Taylor
d781deffe7 OPEN - issue SEC-966: Consider adding escapeXml attribute to security:authentication 
http://jira.springframework.org/browse/SEC-966.  Added escaping of rendered text as default.
 2008-08-26 16:21:29 +00:00
Luke Taylor
8fe1b4b402 SEC-914: Slight modification of tld description text for readability. 2008-07-11 08:14:28 +00:00
Luke Taylor
30f1e5729a SEC-914: Corrected tagllib descriptor documentation for var attribute in authentication tag. 2008-07-11 07:52:52 +00:00
Luke Taylor
c372c2df87 SEC-896: Changed result.toString() to String.valueOf(result) in tag class to prevent NPE when value of property is null 2008-06-30 21:02:23 +00:00
Luke Taylor
8f7b216de3 Import cleaning, removal of unnecessary constructors etc based on eclipse warnings 2008-03-17 14:10:22 +00:00
Ben Alex
4586183f17 SEC-717: Resolve UserDetails.getAuthorities() sort logic issue. 2008-03-16 04:51:33 +00:00
Luke Taylor
af0992b7d1 Refactored taglib directory layout to simplify build. 2008-02-25 17:56:25 +00:00
Luke Taylor
2dd9faabc0 SEC-674: Created new project modules for cas, captcha, acls and taglibs 2008-02-19 20:30:53 +00:00