Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-25 05:22:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,134 Commits 55 Branches 348 Tags
Commit Graph

5134 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexander Kjäll
783af4012b SEC-2518: UserDetailsService javadoc repeats "insensitive" 
Typo in javadoc, "case insensitive" was repeated twice.
 2014-03-11 15:38:28 -05:00
Spring Buildmaster
5f5b8052d8 Next development version 2014-03-10 15:24:45 -07:00
Rob Winch
7dbb8e777e SEC-2500: Prevent anonymous bind for ActiveDirectoryLdapAuthenticator 2014-03-10 14:21:32 -05:00
Rob Winch
bb563967cc SEC-2507: WebExpressionVoter.supports support subclasses of FilterInvocation 2014-03-10 14:21:07 -05:00
Rob Winch
974105ed19 SEC-2515: Detect object cycle for AuthenticationManager configuration 2014-03-10 14:04:10 -05:00
Rob Winch
2cad2f401b SEC-2325: Polish CSRF Tag support 
- Rename csrfField to csrfInput
- Make AbstractCsrfTag package scope
- rename FormFieldTag to CsrfInputTag
- rename MetaTagsTag to CsrfMetaTagsTag
- removed whitespace from tag output so output is
  minimized & improving browser performance
- Update @since
- changed test names to be more meaningful
 2014-03-07 15:25:57 -06:00
beamerblvd
3048e2c6e7 SEC-2325 Added JSP tags for CSRF meta tags and form fields 2014-03-07 13:18:46 -06:00
beamerblvd
561f284718 SEC-2335 Added ACL schema files for MySQL, SQL Server, Oracle 2014-03-07 13:10:03 -06:00
John Tims
afc6a6ee0d SEC-2514: Fix typo in hellomvc.asc 
packags -> packages
 2014-03-07 10:26:31 -06:00
John Tims
fa05e9c590 SEC-2513: Add link to SpringSource CLA form 2014-03-07 10:22:36 -06:00
Manimaran Selvan
818be86d46 SEC-2512: Fix typo in reference` 
udates -> updates
 2014-03-06 22:21:22 -06:00
Rob Winch
60704eb50e SEC-2511: Remove double ALLOW-FROM in X-Frame-Options header 2014-03-06 22:00:09 -06:00
getvictor
f02b77794f SEC-2511: Remove double ALLOW-FROM from X-Frame-Options header. 
The interface documentation for getAllowFromValue states: Gets the value for ALLOW-FROM excluding the ALLOW-FROM.
 2014-03-06 21:59:46 -06:00
Rob Winch
1172d44397 SEC-2499: Allow MethodSecurityExpressionHandler in parent context 
Previously a NoSuchBeanDefintionException was thrown when the
MethodSecurityExpressionHandler was defined in the parent context. This
happened due to trying to work around ordering issues related to SEC-2136

This commit resolves this by not marking the
MethodSecurityExpressionHandler bean as lazy unless it exists.
 2014-03-06 20:51:24 -06:00
Rob Winch
49738e4588 SEC-2508: Passivity test for SEC-2357 2014-03-06 15:13:34 -06:00
Rob Winch
3b13c1fdf4 SEC-2495: CSRF disables logout on GET 2014-02-20 09:33:30 -06:00
Spring Buildmaster
8f6450ede1 Next development version 2014-02-19 10:52:05 -06:00
Rob Winch
f2cde4ffa3 SEC-2486: Update tests to Spring LDAP 2.0.1.RELEASE 2014-02-19 09:32:37 -06:00
Rob Winch
9810768186 SEC-2485: Update test to Spring 4.0.2.RELEASE 2014-02-19 09:31:46 -06:00
Rob Winch
7f99a2dfbb SEC-2487: Update to Spring 3.2.8.RELEASE 2014-02-19 09:30:40 -06:00
Rob Winch
85305050c0 SEC-2455: Fix XML default login generation 2014-02-18 13:52:05 -06:00
Rob Winch
8a3a7961cb SEC-2492: ExpressionUrlAuthorizationConfigurer private interceptUrl to void 2014-02-15 14:41:26 -06:00
Rob Winch
fc8e4868ce SEC-2468: Fix tests 2014-02-15 14:25:46 -06:00
Rob Winch
65367e6547 SEC-2468: JdbcUserDetailsManager#createNewAuthentication uses null credentials 2014-02-14 16:53:26 -06:00
Rob Winch
bf2df220ca SEC-2490: LdapAuthenticationProviderConfigurer allows custom LdapAuthoritiesPopulator 2014-02-13 16:37:33 -06:00
Rob Winch
152f41f61e SEC-2392: KeyBasedPersistenceTokenService uses bytes instead of bits 
The method setPseudoRandomNumberBits actually sets the number of bytes. This
commit deprecates setPseudoRandomNumberBits and adds
setPseudoRandomNumberBytes. The default value is still 256 to remain passive
but will be updated in 4.x.
 2014-02-13 15:36:47 -06:00
Rob Winch
7a3da28987 SEC-2479: Search parent context for AuthenticationManager 2014-02-12 08:11:26 -06:00
Rob Winch
e17adad878 SEC-2469: Support Spring LDAP 2.0.1+ 2014-02-12 08:11:26 -06:00
Luke Taylor
058b9debef Minor slapd config changes 2014-02-11 14:23:54 +00:00
Rob Winch
6c35c33abe SEC-2447: Fix AuthenticationManagerBuilder ordering issues 2014-02-09 21:17:51 -06:00
Rob Winch
c42e13c966 loginProcessing test 2014-02-07 17:01:11 -06:00
Rob Winch
6b42a2eae1 SEC-2461: Multi WebSecurityConfiguration does not create null springSecurityFilterChain 2014-02-07 17:01:11 -06:00
Rob Winch
ec8b48150d SEC-2474: Update poms 2014-02-07 17:01:11 -06:00
Rob Winch
4eff50b48b SEC-2474: Update tests against Spring 4.0.1 2014-01-30 09:44:26 -06:00
Rob Winch
087b56da96 SEC-2473: Update to Spring 3.2.7 2014-01-30 09:44:26 -06:00
Rob Winch
8d8475deb1 SEC-2455: form-login@login-processing-url & logout@logout-url use matchers 
Remove the deprecation warnings of using setFilterProcessingUrl by invoking
the matcher methods instead.
 2014-01-29 15:35:18 -06:00
Rob Winch
b5f5665ea6 SEC-2463: CSRF documentation includes EnableWebMvcSecurity 2014-01-29 09:28:51 -06:00
Rob Winch
3b05fd6fed SEC-2466: Add link to MultipartFilter in CSRF multipart section 2014-01-28 22:04:35 -06:00
Rob Winch
4c84805ac9 SEC-2466: CSRF MutipartFilter doc now uses <url-pattern> 2014-01-28 16:51:05 -06:00
james
a99c6db327 SEC-2467: Fix Small errors in itest-web's jsps 2014-01-28 16:03:59 -06:00
Rob Winch
1f833b0d6b Add ExpressionUrlAuthorizationCOnfigurer tests 
- Demo custom expression root
- Demo @Bean in expression example
 2014-01-23 11:21:21 -06:00
Spring Buildmaster
add3aae6ef Next development version 2013-12-16 11:27:25 -08:00
Rob Winch
f09ce267b3 Polish MVC doc 2013-12-16 12:30:25 -06:00
Rob Winch
374aceed2b Polish form.asc 2013-12-16 11:13:23 -06:00
Rob Winch
df703e0189 Polish hellomvc.asc 2013-12-16 10:39:18 -06:00
Rob Winch
8c580dc170 SEC-2444: Polish Thymeleaf for samples 2013-12-16 09:51:00 -06:00
Rob Winch
5205bf57c6 SEC-2453: Create 403 CSRF FAQ Entry 2013-12-16 09:02:02 -06:00
Rob Winch
994117ad75 SEC-2436: Fix CsrfConfigurerNoWebMvcTests 2013-12-14 14:48:47 -06:00
Rob Winch
b7041ed00e SEC-2436: Add @EnableWebMvcSecurity 2013-12-14 14:40:01 -06:00
Rob Winch
053c890a69 SEC-2450: WebSecurityConfigurerAdapter have default Order of 100 2013-12-14 13:00:48 -06:00