Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,689 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

502 Commits

Author SHA1 Message Date
David Kane 503828c994 Add FAQ for JSP taglib & method security 
Updated FAQ to clarify how the url attribute of the authorize tag
interacts with method security
 2016-05-23 08:39:54 -05:00
Pedro Vilaça ea2b5dd412 Fix wrong class name reference in the docs 
In the documentation, there was a reference to a class called CsrfTokenResolver
and it should CsrfTokenArgumentResolver

Fixes gh-3890
 2016-05-18 20:26:20 +01:00
Rob Winch f363c62afd Document spring-security-test dependency 
Fixes gh-3873
 2016-05-16 10:56:50 -04:00
Joe Grandja 66980e827c Add Spring Boot Hello World guide 
Add Spring Boot Hello World Guide

Fixes gh-3866
 2016-05-13 14:05:29 -05:00
Rob Winch ede521dc8d authorizeUrls -> authorizeRequests 
Replace remaining authorizeUrls with authorizeRequests

Fixes gh-3875
 2016-05-09 10:34:36 -05:00
Rob Winch d4218c70f1 Update CookieCsrfTokenRepository docs to cookiHttpOnly=false 
Currently CookieCsrfTokenRepository does not specify that the httpOnly
flag needs set to false. We should update the reference to include this
setting (and a comment about it) since it states that the settings will
work with AngularJS.

This commit updates the documentation and provides a convenience factory
method to create a CookieCsrfTokenRepository with cookiHttpOnly=false

Fixes gh-3865
 2016-05-06 16:28:04 -04:00
Joe Grandja 447fb70f1d Add Hello World Xml guide 
Issue gh-3850
 2016-05-04 21:05:31 -04:00
Rob Winch 9745de9510 Add @AuthenticationPrincipal expression 
It is now possible to provide a SpEL expression for
@AuthenticationPrincipal. This allows invoking custom logic including
methods on the principal object.

Fixes gh-3859
 2016-05-03 18:08:52 -04:00
Patrick Cornelißen eaf8729941 Fixes RC1/RC2 URLs 
Fixes gh-3838
 2016-04-22 13:45:21 -04:00
Wim Deblauwe 85786824af Fix logout url in doc 
The default for logout is to redirect to `/login?logout`

Fixes gh-251
 2016-04-21 14:25:44 -04:00
Joe Grandja 4ee46a5f58 Add What's new in 4.1 RC2 
Add What's new in 4.1 RC2

Fixes gh-3830
 2016-04-20 19:26:54 -05:00
Johnny Lim 933a7e8363 Remove duplicate words 
Fixes gh-3826
 2016-04-18 23:21:20 -05:00
Joe Grandja 81c9fa805f Fix AuthenticationPrincipalArgumentResolver xml doc 
Fixes gh-3771
 2016-04-15 16:06:17 -05:00
Joe Grandja 2ef3da1b47 Documents the new @AuthenticationPrincipal in more detail. 
Fixes gh-3771
 2016-04-13 12:27:23 -04:00
Rob Winch 95a3e30d9f Polish Pbkdf2PasswordEncoder 
Fixes gh-2158
Fixes gh-51
 2016-04-12 17:16:38 -05:00
Rob Winch d3a9cc6eae Add CsrfTokenRepository (#3805) 
* Create LazyCsrfTokenRepository

Fixes gh-3790

* Add CookieCsrfTokenRepository

Fixes gh-3009
 2016-04-12 17:26:53 -04:00
Art O Cathain 1d271184c9 Fix Documentation Formatting 
Fix corrupted character and add formatting per the duplicated text
block

Fixes gh-193
 2016-04-12 13:07:07 -05:00
Soeun Park 8f7cf28435 Fix typos in documentation 
Fixes gh-196
Fixes gh-3109
 2016-04-12 12:59:21 -05:00
Johnny Lim fe94d654ed Fix typos (#228) 2016-04-12 11:11:51 -05:00
Joe Grandja 849c62b870 Disables doclint in Java 8 to prevent build error from javadoc task. 
Fixes gh-3767
 2016-04-11 18:19:30 -04:00
Joe Grandja 945a21a3fb Use xml / javaconfig folders for samples 
Fixes gh-3752
 2016-04-11 09:47:06 -05:00
Kamill Sokol 9c3db557dd Add missing # in SpEL expression doc 
SpEL variables can be referenced in the expression using the syntax
23.2.2 Path Variables in Web Security Expressions.

Fixes gh-3781
 2016-04-01 10:21:17 -05:00
Joe Grandja 9e5cdbd133 Includes a reference to the https://report-uri.io/ service in the CSP and HPKP documentation. 
Fixes gh-3772
 2016-03-30 12:12:43 -04:00
Rob Winch b3d26ed5d6 Add changelog in What's New 
Issue gh-3768
 2016-03-22 22:40:58 -05:00
Rob Winch bf9a837b9a Polish What's New 
Issue gh-3768
 2016-03-22 22:37:52 -05:00
Rob Winch 40b7fa5b72 Update Issues Link 
Issue gh-3333
 2016-03-22 22:37:52 -05:00
Rob Winch 3e47531b19 Polish CSP reference 
Issue gh-3763
 2016-03-22 22:37:51 -05:00
Rob Winch e04f685747 Fix Typo in @WithUserDetails reference 
Issue gh-3346
 2016-03-22 22:37:41 -05:00
Joe Grandja 2f7f2ff589 Adds support for Content Security Policy 
Fixes gh-2342
 2016-03-22 21:59:13 -05:00
Rob Winch 4cb9b202f8 Remove subversion from reference 
Fixes gh-3766
 2016-03-22 16:37:39 -05:00
Rob Winch 683d751902 Polish What's New 
Fixes gh-3768
 2016-03-22 16:33:25 -05:00
Rob Winch 4b650dc58d Allow AuthenticationProvider Bean in Java Config 
This commit adds support for defaulting java configuration's
authentication by providing an AuthenticationProvider Bean.

Fixes gh-3091
 2016-03-22 16:17:25 -05:00
Rob Winch 988b54ec3d Remove invalid ` from docs 
Fixes gh-3751
 2016-03-15 14:38:23 -05:00
Rob Winch 134a0a7f96 Move FAQ to appendix 
Fixes gh-3761
 2016-03-15 14:37:35 -05:00
Rob Winch 1382bd728b Clean up Javadoc log levels 
Issue gh-3757
 2016-03-15 08:37:01 -05:00
Shazin Sadakath e33e21fe6b Add Forward after authentication attempt config support 
Fixes gh-3728
 2016-03-11 10:49:30 -06:00
Rob Winch dbf73c4692 Update spring-security-config module description 
Include Java Configuration in the description.

Fixes gh-3298
 2016-03-10 10:45:15 -06:00
Rob Winch 835ac0a217 Add @WithUserDetails userDetailsServiceBeanName 
Fixes gh-3346
 2016-03-09 15:59:23 -06:00
Martin Macko dd8ba8c07e Fix formatting error in documentation 
Fixes gh-3279
 2016-03-09 15:00:52 -06:00
Rob Winch db81977a1a Polish HPKP 
* Javadoc polish
* Whitespace cleanup

Issue gh-3706
 2016-03-03 15:11:40 -06:00
Tim Ysewyn 331c7e91b7 HTTP Public Key Pinning 
HTTP Public Key Pinning (HPKP) is a security mechanism which allows HTTPS websites
to resist impersonation by attackers using mis-issued or otherwise fraudulent certificates.
(For example, sometimes attackers can compromise certificate authorities,
 and then can mis-issue certificates for a web origin.)
The HTTPS web server serves a list of public key hashes, and on subsequent connections
clients expect that server to use 1 or more of those public keys in its certificate chain.

This commit will add this new functionality.

Fixes gh-3706
 2016-03-03 14:21:46 -06:00
drdamour 004bb8e577 Fix ` in documentation 
There were a few rendering issues within the documentation
associated with `

This commit fixes those rendering issues

Fixes gh-3699
 2016-02-12 08:22:55 -06:00
Zied Zaïem 83992a7a27 fix typo in doc 2016-01-05 14:12:04 +01:00
Juzer Ali 1f32e96d31 SEC-3181: Fixed reference formatting 
The code ticks was broken.
 2015-12-21 17:23:16 -06:00
Kazuki Shimizu b7360a803d SEC-3152: Add @Retention to @WithMock documentation 2015-11-12 16:21:12 -06:00
Kazuki Shimizu 5c36c9f659 SEC-3151 Polishing reference document (springsoruce -> spring, etc..) 2015-11-12 16:04:01 -06:00
Rob Winch c93d6bc823 SEC-3120: Remove .and() from httpStrictTransportSecurity() doc 2015-10-30 09:11:47 -05:00
Rob Winch 0981cd975f SEC-3120: Reference hsts() -> httpStrictTransportSecurity() 2015-10-29 15:07:44 -05:00
Rob Winch 861ec76991 SEC-3133: Correct test doc username parameter 2015-10-26 12:59:44 -05:00
Rob Winch 8858419696 SEC-3052: Doc DEFAULT_MATCHER->DEFAULT_CSRF_MATCHER 2015-10-21 16:22:37 -05:00