Prior to this commit, the ObjectIdentity id had to be a number. This
commit allows for domain objects to use UUIDs as their identifier. The
fully qualified class name of the identifier type can be specified
in the acl_object_identity table and a ConversionService can be provided
to BasicLookupStrategy to convert from String to the actual identifier
type.
There are the following other changes:
- BasicLookupStrategy has a new property, aclClassIdSupported, which
is used to retrieve the new column from the database. This preserves
backwards-compatibility, as it is false by default.
- JdbcMutableAclService has the same property, aclClassIdSupported,
which is needed to modify the insert statement to write to the
new column. Defaults to false for backwards-compatibility.
- Tests have been updated to verify both the existing functionality
for backwards-compatibility and the new functionality.
Fixes gh-1224
As of Spring 4.3 RC1 the `org.aopalliance` interfaces are once again bundled
with `spring-aop` [1]. Moreover, all modules with a dependency on
`aopalliance:aopalliance` directly or indirectly also depend on `spring-aop`.
This change drops the `aopalliance:aopalliance` dependency in all places it's
declared. Where applicable an explicit dependency on `spring-aop` was added in
its place. (This dependency was already present in most places; in one case the
module didn't require `aopalliance:aopalliance` in the first place.)
The documentation is updated accordingly.
[1] https://jira.spring.io/browse/SPR-13984
GrantedAuthorityImpl has been replaced a couple of years ago with
SimpleGrantedAuthority and this commit fixes the documentation items
which weren’t updated to reflect this change.
Fixes gh-4163.
Previously, the Referrer Header Policy was accidentally placed within
the CSP section.
Move Referrer Header Polich outside of the CSP section.
Issue gh-4110
This commit creates a UserBuilder and updates samples to use it. We do not
leverate it for JdbcUserDetailsManager because it requires the schema to
be created which is difficult with a single bean definition and
unpredicatble ordering. For this, it is still advised to use
AuthenticationManagerBuilder
Fixes gh-4095
Previously @AuthenticationPrincipal's expression attribute didn't support
bean references because the BeanResolver was not set on the SpEL context.
This commit adds a BeanResolver and ensures that the configuration
sets a BeanResolver.
Fixes gh-3949
Rob Winch
Joe Grandja
Jay Bryant
Johnny Lim
Arend v. Reinersdorff
Kyle Anderson
Paul Wheeler
Hanson, Tristan
Robby Pond
Stephan Schroevers
stonio
Rob Winch
pkovacs
Artyom Kosykh
Dapeng
Eddú Meléndez
Kazuki Shimizu
Joe