e11114ce77
SEC-1023: Add hasPermission() support to SecurityExpressionRoot
...
http://jira.springframework.org/browse/SEC-1023 .
hasPermission() now delegates to a PermissionEvaluator interface, with a default implementation provided by the Acl module. The contacts sample now uses expressions on the ContactManager interface. The permission-evaluator element on global-method-security can be used to set the instance to an AclPermissionEvaluator. If not set, all hasPermission() expressions will evaluate to 'false'.
2008-11-10 04:27:25 +00:00
d6cd392a9e
Tidying up some stuff in tutorial app
2008-11-07 06:55:00 +00:00
d6bb6ccbf5
Removed .cvsignore files
2008-11-06 01:11:08 +00:00
a7d046357b
SEC-1013: Refactored out use of ConfigAttributeDefinition from remaining interfaces
2008-10-30 04:10:54 +00:00
4aa32f7d06
SEC-999: First commit of expression-based authorization implementation
2008-10-24 00:38:36 +00:00
6c8a82fa13
Updated poms to Spring 2.5 and fixed up sandbox to work with latest build
2008-10-15 05:52:40 +00:00
a62eae4587
Script for running all the sample apps
2008-10-15 05:49:31 +00:00
7cc0965383
SEC-1001: Move core tiger code into core and adjust pom files
2008-10-03 15:23:31 +00:00
5b9bb8ba54
[maven-release-plugin] prepare for next development iteration
2008-09-05 19:04:22 +00:00
73eed2656d
[maven-release-plugin] prepare release spring-security-parent-2.0.4
2008-09-05 18:57:43 +00:00
6e06789a28
SEC-937: Added CAS logout filter to sample application
2008-07-28 10:53:55 +00:00
d9634bcb39
SEC-920: Update preauth sample to make use of internal authentication manager
...
http://jira.springframework.org/browse/SEC-920 . Updated context file to use <custom-authentication-provider>.
2008-07-11 10:56:57 +00:00
6ff0b969d5
Corrected ldap sample config (traditional bean version was wrong)
2008-06-23 23:43:48 +00:00
775a6c3939
[maven-release-plugin] prepare for next development iteration
2008-06-23 14:10:35 +00:00
87d50aecce
[maven-release-plugin] prepare release spring-security-parent-2.0.3
2008-06-23 14:05:36 +00:00
57558de3ec
Added error page URL to openid login sample
2008-06-23 13:18:35 +00:00
5ec06778f5
removed optional scope from jaxen dependecy in preauth sample as it breaks war file
2008-06-23 13:00:03 +00:00
5b089aea16
SEC-852
...
provided mechanism to do get a proxy ticket
2008-06-18 17:34:14 +00:00
de897ad1ac
SEC-867: Remove superfluous <property /> entry.
2008-06-05 22:51:47 +00:00
ff785a829f
[maven-release-plugin] prepare for next development iteration
2008-06-03 16:07:20 +00:00
db1d8604a6
[maven-release-plugin] prepare release spring-security-parent-2.0.2
2008-06-03 16:05:40 +00:00
d784d854cd
Corrected log file name.
2008-06-03 14:57:40 +00:00
cf4072c517
Context file improvements (based on sts suggestions)
2008-05-25 20:57:07 +00:00
859e99edf4
SEC-851: Fix port number in LDAP sample.
2008-05-23 21:24:48 +00:00
4f6b4e4bfd
Make sample login pages use c:out for data output
2008-05-15 12:48:13 +00:00
d4defb10fe
SEC-833: Fixed login-failure-url in contacts sample app.
2008-05-14 22:41:13 +00:00
5cf0c84e2f
SEC-814: Added standard bean config to ldap example and updated doc to provide some pointers to DefaultLdapAuthoritiesPopulator
2008-05-06 14:50:14 +00:00
a599ef5398
[maven-release-plugin] prepare for next development iteration
2008-05-01 20:09:03 +00:00
3e808335a4
[maven-release-plugin] prepare release spring-security-parent-2.0.1
2008-05-01 20:07:46 +00:00
18a9965b80
Moved dummy file out of default package for easy exclusion from javadoc
2008-05-01 19:45:36 +00:00
fc498954c6
Updated sample context files to point at 2.0.1 schema
2008-05-01 17:51:48 +00:00
014f21ee85
Deleted attributes sample
2008-05-01 17:50:47 +00:00
882509fb2a
Renamed context file
2008-04-24 00:27:37 +00:00
eba18675fc
Removed old acegi file from tutorial sample as it's causing confusion with users.
2008-04-23 21:08:41 +00:00
80cd7f4acc
Removed accidental commit of tutorial context file
2008-04-23 13:13:56 +00:00
0cf745b85f
Updated clean plugin to 2.2
2008-04-22 21:59:40 +00:00
1663142cf1
SEC-784: removed 'optional' tag on dependencies
2008-04-19 12:40:17 +00:00
b5dc523041
[maven-release-plugin] prepare for next development iteration
2008-04-14 07:06:44 +00:00
0c42670431
[maven-release-plugin] prepare release spring-security-parent-2.0.0
2008-04-14 07:05:46 +00:00
8f52c6a79c
Corrected name in cas samples pom
2008-04-13 21:26:43 +00:00
da72a7dc00
Forgot to add cas samples parent pom
2008-04-13 00:25:11 +00:00
0422cb1f8f
Fixed artifact groups for aspectjrt and added cas sample to project build
2008-04-13 00:08:18 +00:00
83c152e379
SEC-768: Changed exception to error reported through parser context. Added entry-point-ref to cas config
2008-04-13 00:02:46 +00:00
42cd91e259
Some updates to contacts sample to match description in docs, remove unnecessary cas code etc.
2008-04-12 18:08:35 +00:00
c7f182309f
Removed excess config from tutorial sample file
2008-04-12 17:17:46 +00:00
677607bcad
SEC-530: Refactor ACL module so ACE manipulation is index-based as
...
opposed to AccessControlEntry.getId() based.
2008-04-05 20:43:10 +00:00
d5a751e784
Added log4j dependency
2008-04-01 19:14:41 +00:00
f7ae69880c
Minor tweaking so the tutorial is a little more illustrative of the present namespace capabilities.
2008-04-01 17:15:31 +00:00
21e83e8364
[maven-release-plugin] prepare for next development iteration
2008-04-01 15:03:29 +00:00
91ed7dceb6
[maven-release-plugin] prepare release release_2_0_0_RC1
2008-04-01 15:01:30 +00:00
4d306c2c1e
Fix spring-portlet dep at 2.0.8
2008-04-01 12:43:08 +00:00
e05d1da102
Refactored AuthenticationUserDetailsService to userdetails package as it isn't preauth specific
2008-03-31 23:08:30 +00:00
ea489baf6f
SEC-730
...
updated configuration to new CAS client
2008-03-28 18:25:02 +00:00
1490fe0b0a
Various fine-tuning so people can see AspectJ expressions and a simple, minimal configuration.
2008-03-28 00:47:08 +00:00
595a14dbd5
Sample should permit people to anonymously call all methods except post(Account).
2008-03-28 00:44:42 +00:00
ef5b3e2f9c
SEC-733: Changed names of <global-method-security> attributes as discussed with Ben and updated sample to reflect the changes. Also changed explicit instantiation of Jsr250 and Secured annotation MethodDefinitionSource beans in GlobalMethodSecurityBDP into bean definitions to make more tooling friendly.
2008-03-26 21:48:24 +00:00
071c91540c
SEC-722: Added explicit login page to open-id element in openid sample.
2008-03-26 17:01:54 +00:00
743d72ca7b
Added log4j support to tutorial app
2008-03-26 15:27:09 +00:00
1cd7865ed5
SEC-729: Removed version numbers and jstl declarations from sample parent pom
2008-03-26 15:21:41 +00:00
0860333a3f
SEC-733: AspectJ Pointcut Expression Parsing support.
2008-03-25 08:28:53 +00:00
f67c7bcb38
Update dependency versions and POM structure
2008-03-24 09:06:46 +00:00
6ab301981c
Update dependency versions and POM structure.
2008-03-24 09:05:44 +00:00
9a02b9862e
Fixed preauth sample configuration to match recent changes in naming in core code.
2008-03-23 23:03:28 +00:00
b54e3978dc
SEC-729: Organization of pom dependencies, particularly for servlet-api and jstl. Some other adjustments, removal of unrequired deps etc
2008-03-23 00:31:32 +00:00
1d47945893
Added portlet and ldap samples to build
2008-03-22 11:43:24 +00:00
69f2075872
SEC-722: Fix jstl versions in openID sample login page.
2008-03-22 00:05:53 +00:00
563dabda2f
SEC-722: Add Open ID Namespace Support
...
http://jira.springframework.org/browse/SEC-722 . Added OpenIDProvider to bean registry and fixed login page generator to use correct URL for OpenID. Added user-service-ref to namespace element. Changed OpenID sample to use <openid-login />.
2008-03-21 23:47:09 +00:00
d333655b0b
Updated to commons logging 1.1.1 to get rid of servlet api dependency in their pom
2008-03-20 19:43:55 +00:00
f3a6f768ba
SEC-724: Create portlet sample
...
http://jira.springframework.org/browse/SEC-724
2008-03-19 17:58:07 +00:00
8f7b216de3
Import cleaning, removal of unnecessary constructors etc based on eclipse warnings
2008-03-17 14:10:22 +00:00
114969f7f7
SEC-706: Removed LDAP dependencies from tutorial app, since we now have a separate sample
2008-03-17 14:06:13 +00:00
1e28a67410
SEC-706: Added sample app with LDAP configuration
2008-03-14 12:14:27 +00:00
e5a7303015
Remove unnecessary deps
2008-03-06 22:23:40 +00:00
ff16c413dd
[maven-release-plugin] prepare for next development iteration
2008-02-29 14:55:31 +00:00
b8916ffaba
[maven-release-plugin] prepare release release_2_0_M2
2008-02-29 14:54:15 +00:00
45e43073a0
SEC-690: Use consistent naming in OpenID classes
...
http://jira.springframework.org/browse/SEC-690
2008-02-29 12:51:52 +00:00
9eb86194a2
SEC-640: Converted preauth sample to use filter-invocation-definition-source element. (also fixed some recently changed property names).
2008-02-28 19:31:16 +00:00
25c3b84149
Remove security taglib dependency in OpenID sample.
2008-02-25 16:56:15 +00:00
18f6cb1565
Setting svn:ignore for new (and existing) modules
2008-02-25 16:51:06 +00:00
8c00bb1537
SEC-674: Updated samples to work with new module layout. Changed taglib build to copy tld file to META-INF directory.
...
Also standardized JSTL version to 1.1.0 (impl 1.1.2), moving deps to root sample pom.
2008-02-22 16:21:37 +00:00
659fe5308a
Corrected wrong bean reference in cas sample and removed dependence on taglibs. Upgraded ehcache version to match core.
2008-02-22 16:15:30 +00:00
2dd9faabc0
SEC-674: Created new project modules for cas, captcha, acls and taglibs
2008-02-19 20:30:53 +00:00
38237341b4
Removed unused getContactManager method
2008-02-15 18:06:59 +00:00
503e426707
Inlined destroyContext method.
2008-02-15 17:07:53 +00:00
be62979a01
Switch JSTL back to 1.1.2.
2008-02-15 12:15:20 +00:00
e2bf583fe9
Removed unused MessageSource from contacts app-context file.
2008-02-09 15:57:06 +00:00
dd47689687
Updated contact app to make more use of namespace configuration (now uses intercept-methods in target bean to set up method interceptor).
2008-02-09 15:41:29 +00:00
10ab4136d1
SEC-309: Patch for Authentication tag to use property of authentication object, rather than invoking an operation on the principal. Allows use of nested properties.
2008-02-09 13:41:05 +00:00
bd5a64825d
SEC-552: Replaced authorites populators in CAS and OpenID with a plain UserDetailsService
2008-02-08 13:23:43 +00:00
842c49c890
SEC-665: Renaming of rolemapping package to authoritymapping, and corresponding refactoring of classes.
2008-02-08 12:01:10 +00:00
eb998b6554
Updated jetty plugin version.
2008-02-08 11:57:10 +00:00
ca16a9608c
Corrected typo
2008-02-08 11:26:38 +00:00
adba67326f
Removed accidentally committed version of tutorial app context file.
2008-02-04 21:27:35 +00:00
84c7ac5e57
SEC-664: Removed validateUserDetails method from AbstractRememberMeServices, wrapped the UserDetailsService in a status-checking one and added a catch block for AccountStatusExceptions. Also some minor tidying up of other remember-me classes.
2008-02-04 21:26:07 +00:00
26fa0c143b
Added myself to the users list because I can :P
2008-02-04 14:25:12 +00:00
b93583164d
SEC-659: Change CAS sample to use authentication-manager element.
2008-02-04 00:12:56 +00:00
3da2471b7f
Some tidying up of OpenID login form.
2008-02-01 16:01:34 +00:00
287726335a
OpenID sample application.
2008-02-01 14:32:54 +00:00
df1def412e
Changed to using new alias for security filter chain in samples.
2008-02-01 14:28:04 +00:00
86f7b47fac
Updated jetty plugin to 6.1.7
2008-02-01 14:18:23 +00:00
Luke Taylor
Scott Battaglia
Ben Alex
Ray Krueger