Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 17:22:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,041 Commits 38 Branches 345 Tags
Commit Graph

5041 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
658a93178c SEC-2252: Add custom form guide 2013-08-19 15:22:04 -05:00
Rob Winch
51b9c4a19a Hide logout in main.jsp if not logged in 2013-08-17 14:38:39 -05:00
Rob Winch
5fe32bb3c8 SEC-2216: Add withObjectPostProcessor 2013-08-16 15:38:58 -05:00
Rob Winch
d62c2e0835 SEC-2244: Defaults based on loginPage are now updated when loginPage changes 2013-08-16 14:48:45 -05:00
Rob Winch
e0cad0d684 SEC-2230: Fix Header tests 2013-08-15 16:52:58 -05:00
Rob Winch
2e852f4613 SEC-2230: Remove stray import 2013-08-15 16:34:31 -05:00
Rob Winch
a469f26b10 SEC-2230: Polish Headers JavaConfig 2013-08-15 16:31:43 -05:00
Rob Winch
e9bb9e766e SEC-1574: Add CSRF Support 2013-08-15 14:49:21 -05:00
beamerblvd
5f35d9e3ec SEC-2135: Document HttpServletRequest.changeSessionId() support 2013-08-15 13:59:16 -05:00
Rob Winch
797df51264 SEC-2135: Support HttpServletRequest#changeSessionId() 2013-08-15 13:59:16 -05:00
Rob Winch
75fb971d23 SEC-2221: Fix the ignored media types to use includes instead of equals 2013-08-15 13:59:15 -05:00
Rob Winch
54c2166567 SEC-2194: Remove unnecessary MessageSecurityWebApplicationInitializer from helloworld 2013-08-15 12:50:41 -05:00
Rob Winch
fea4d01aad SEC-2194: hello samples displays username and logout properly 2013-08-15 12:50:41 -05:00
Rob Winch
b5ecaf61ed SEC-2194: Remove samples errors/tabs folders 2013-08-15 12:50:41 -05:00
Rob Winch
f036970f8b SEC-2194: Add margin to links in header of samples 2013-08-15 12:50:41 -05:00
Rob Winch
2feded5fc5 SEC-2194: Update samples to have jsp-api 2013-08-15 12:50:40 -05:00
Rob Winch
485676be8c SEC-2251: Polish Hello World guides 
* Correct how to add username and logout to mvc
* Externalize :revnumber:
 2013-08-15 12:50:40 -05:00
Rob Winch
22e4d1646a SEC-2194: Remove login page from hellomvc and insecuremvc 2013-08-15 12:50:40 -05:00
Rob Winch
13da42ca1b SEC-2137: Allow disabling session fixation and enable concurrency control 2013-08-15 12:50:40 -05:00
Rob Winch
867f02e8ac SEC-2249: AbstractSecurityWebApplicationInitializer does not delegate WebApplicationInitializer 
Previously AbstractSecurityWebApplicationInitializer delegated to a
WebApplicationInitializer, but it caused issues in some instances where
a container would pass the annonymous inner class to
SpringServletContainerInitializer which caused errors on startup.

Now AbstractSecurityWebApplicationInitializer registers the
ContextLoaderListener on its own instead of delegating.
 2013-08-15 12:49:44 -05:00
Rob Winch
e1dfa81a0f GRADLE-1116: Add back workaround for depending on test sources 2013-08-13 09:13:02 -05:00
Rob Winch
337c3cf96c SEC-2255: Update to Gradle 1.7 2013-08-08 16:31:36 -05:00
Rob Winch
54bf6c846b SEC-2097: Remove configure() blocks from gradle/*.gradle 2013-08-08 16:29:43 -05:00
Rob Winch
e0cb931f69 SEC-2251: Create Hello World Java Configuration guides 2013-08-08 14:34:50 -05:00
Rob Winch
e8278f3b9b SEC-2249: AbstractSecurityWebApplicationInitializer allows register config 2013-08-08 14:33:54 -05:00
Rob Winch
976d9a9016 SEC-2194: Polish java config sample apps 2013-08-08 14:33:54 -05:00
Guillaume Smet
d20a8e0373 SEC-2245: Cast to interface instead of implementation 
Makes our life easier when we want to override the
MethodSecurityExpressionRoot.
 2013-08-05 17:07:12 -05:00
Rob Winch
1f86d5dad9 SEC-2097: Add Tomcat Gradle plugin 2013-08-05 16:49:34 -05:00
Rob Winch
343a76de13 Use eclipse-wtp instead of eclipse in java projects 2013-08-05 16:49:34 -05:00
Rob Winch
6a1a6b080f No longer using Eclipse classpath container, so remove workarounds for it 2013-08-05 16:49:34 -05:00
Rob Winch
ab2b461075 Gradle workaround for test source being deployed 2013-08-05 16:49:34 -05:00
Rob Winch
9d58317731 Use included configuration instead of sourceSets.main.output 
Previously the crypto module was not exported in Eclipse because it was
listed as a test dependency to have it added as a dependency. Note that
this was all to work around GRADLE-1116

Now we add an included configuration that is exported for Eclipse, but not
added to the Maven pom (since all the crypto module is included in core).
 2013-08-05 16:49:34 -05:00
Rob Winch
51a48fa9fa Allow import without Eclipse dependency management 
This adds a .classpath file that contains no source folders to ensure
that the projects that are not java projects work. The projects still
require a java project nature to add the gradle project nature.
 2013-08-05 16:49:34 -05:00
Rob Winch
fdb73fac23 Remove @Override from interface define methods 2013-08-05 16:49:33 -05:00
Rob Winch
b13b87a1e7 Remove @Override from methods that override interfaces 
Ensure JDK5 compatibility
 2013-08-05 16:49:33 -05:00
Rob Winch
388a4dd9db SEC-2194: Add Java Config samples 2013-08-05 16:49:33 -05:00
Rob Winch
36418b964d Remove samples/runall.sh 2013-08-01 13:19:21 -05:00
Asaf David
333a7291a4 SEC-2242: Fixed typo in technical overview 
Changed "source source" to "source"
 2013-08-01 13:02:56 -05:00
Rob Winch
2266f0ca3f SEC-2238: Polish 2013-08-01 11:57:32 -05:00
Rob Winch
2fef79f3d2 SEC-2238: WebAsyncManagerIntegrationFilter Java Config 2013-08-01 11:40:34 -05:00
Rob Winch
e242aeff3e SEC-2230: Polish and clickjacking demo 2013-08-01 10:19:36 -05:00
Rob Winch
8c3ac719bb SEC-2230: Added testing certificates 2013-08-01 09:48:09 -05:00
Rob Winch
0bc08f8a23 SEC-2230: Update contacts sample to use <headers> with no child elements 2013-08-01 09:47:57 -05:00
Rob Winch
283c906215 SEC-2230: Fix reference PDF 2013-07-31 12:22:41 -05:00
Rob Winch
94a73fee37 SEC-2230: Polish scoping and finals 2013-07-31 11:34:35 -05:00
Rob Winch
a1bf28a697 SEC-2239: Remove duplicate SessionCreationPolicy 2013-07-31 10:44:22 -05:00
Rob Winch
606bddf598 SEC-2230: Add Header JavaConfig 
Added JavaConfig for Headers. In the process, more HeaderWriter instances
were added so that we can reuse logic between the XML and JavaConfig. This
also prompted repackaging the writers.
 2013-07-31 10:39:52 -05:00
Rob Winch
988e97e366 SEC-2230: Polish headers reference 2013-07-31 10:39:52 -05:00
Rob Winch
bc8ff9590c SEC-2230: Defaults when using only <headers/> 
Previously an error occurred when no child elements were specified with
<headers/>.

Now all the explicitly supported header elements are added with their
default settings.
 2013-07-31 10:39:52 -05:00
Rob Winch
c85328c5d1 SEC-2230: HTTP Strict Transport Security (HSTS)Add support for Strict 
This is a distinct filter as apposed to reusing StaticHeaderWriter
since the specification specifies that the "Strict-Transport-Security"
header should only be set on secure requests. It would not make sense to
require DelegatingRequestMatcherHeaderWriter since this requirement is
in the specification.
 2013-07-31 10:39:52 -05:00