Prior to this commit, the ObjectIdentity id had to be a number. This
commit allows for domain objects to use UUIDs as their identifier. The
fully qualified class name of the identifier type can be specified
in the acl_object_identity table and a ConversionService can be provided
to BasicLookupStrategy to convert from String to the actual identifier
type.
There are the following other changes:
- BasicLookupStrategy has a new property, aclClassIdSupported, which
is used to retrieve the new column from the database. This preserves
backwards-compatibility, as it is false by default.
- JdbcMutableAclService has the same property, aclClassIdSupported,
which is needed to modify the insert statement to write to the
new column. Defaults to false for backwards-compatibility.
- Tests have been updated to verify both the existing functionality
for backwards-compatibility and the new functionality.
Fixes gh-1224
As of Spring 4.3 RC1 the `org.aopalliance` interfaces are once again bundled
with `spring-aop` [1]. Moreover, all modules with a dependency on
`aopalliance:aopalliance` directly or indirectly also depend on `spring-aop`.
This change drops the `aopalliance:aopalliance` dependency in all places it's
declared. Where applicable an explicit dependency on `spring-aop` was added in
its place. (This dependency was already present in most places; in one case the
module didn't require `aopalliance:aopalliance` in the first place.)
The documentation is updated accordingly.
[1] https://jira.spring.io/browse/SPR-13984
GrantedAuthorityImpl has been replaced a couple of years ago with
SimpleGrantedAuthority and this commit fixes the documentation items
which weren’t updated to reflect this change.
Fixes gh-4163.
Previously, the Referrer Header Policy was accidentally placed within
the CSP section.
Move Referrer Header Polich outside of the CSP section.
Issue gh-4110
This commit creates a UserBuilder and updates samples to use it. We do not
leverate it for JdbcUserDetailsManager because it requires the schema to
be created which is difficult with a single bean definition and
unpredicatble ordering. For this, it is still advised to use
AuthenticationManagerBuilder
Fixes gh-4095
Previously @AuthenticationPrincipal's expression attribute didn't support
bean references because the BeanResolver was not set on the SpEL context.
This commit adds a BeanResolver and ensures that the configuration
sets a BeanResolver.
Fixes gh-3949
Spring 5 removed support for Tiles 2 and Thymeleaf does not support
Tiles 3 yet. This commit updates to Thymeleaf 3.0.2 and uses
Thymeleaf's build in layout support.
Issue gh-4080
This commit adds an ExpiredSessionStrategy for the ConcurrentSessionFilter
analogous to the InvalidSessionStrategy for the SessionManagementFilter. It also
adds a configuration option for both the InvalidSessionStrategy and
ExpiredSessionStrategy to the XML namespace and Java configuration.
Fixes gh-3794
Fixes gh-3795
Add a suggestion to retrieve a fresh csrf token right before the
form submission in order to avoid problems with invalid csrf tokens
due session timeouts.
Fixes gh-3925
This fixes the following build error:
asciidoctor: ERROR: index.adoc: line 26: invalid part, must have at least one
section (e.g., chapter, appendix, etc.)
Currently CookieCsrfTokenRepository does not specify that the httpOnly
flag needs set to false. We should update the reference to include this
setting (and a comment about it) since it states that the settings will
work with AngularJS.
This commit updates the documentation and provides a convenience factory
method to create a CookieCsrfTokenRepository with cookiHttpOnly=false
Fixes gh-3865
It is now possible to provide a SpEL expression for
@AuthenticationPrincipal. This allows invoking custom logic including
methods on the principal object.
Fixes gh-3859
Rob Winch
Arend v. Reinersdorff
Kyle Anderson
Paul Wheeler
Hanson, Tristan
Robby Pond
Stephan Schroevers
stonio
Joe Grandja
Rob Winch
pkovacs
Artyom Kosykh
Johnny Lim
Dapeng
Eddú Meléndez
Kazuki Shimizu
Joe
Paul Samsotha
Fred Cooke
Marten Deinum
Marek Jeszka
qwazer
Artur Owczarek
Shannon Carey
Pedro Vilaça
Ryan W. Moore
David Kane
Joe Grandja
Patrick Cornelißen
Wim Deblauwe
Art O Cathain
Soeun Park
Kamill Sokol