Commit Graph

512 Commits

Author SHA1 Message Date
Rob Winch e4c13e3c0e Add MvcRequestMatcher
Fixes gh-3964
2016-07-06 15:47:23 -05:00
Rob Winch 13bc70f693 Add CorsFilter support 2016-07-05 14:28:04 -05:00
Rob Winch dd9b59ba31 Document Digest is insecure
Fixes gh-3894
2016-06-20 14:10:36 -05:00
Shannon Carey 9fa2c64737 Documentation SecurityConfig->WebSecurityConfig
Rename SecurityConfig to WebSecurityConfig in the documentation.

Fixes gh-153
2016-06-17 16:55:46 -05:00
Pedro Vilaça 208f898403 Improve csrf login caveats
Add a suggestion to retrieve a fresh csrf token right before the
form submission in order to avoid problems with invalid csrf tokens
due session timeouts.

Fixes gh-3925
2016-06-13 16:26:16 +01:00
Ryan W. Moore 8aea83011d Docs: Remove broken link
I think the originally intended destination no longer exists in the
documentation.
2016-05-28 21:09:15 -04:00
Ryan W. Moore fd65652bbe Docs: Fix broken link to security database schema 2016-05-28 21:09:15 -04:00
Ryan W. Moore 38e9f6a851 Docs: Fix broken link to csrfInput tag info
ID names are case sensitive.
2016-05-28 21:09:15 -04:00
Ryan W. Moore cdb04c50e8 Docs: Fix broken link to websocket security info 2016-05-28 21:09:15 -04:00
Ryan W. Moore 057ea4fb17 Docs: Make 'Getting Started' a level 1 section heading
This fixes the following build error:

  asciidoctor: ERROR: index.adoc: line 26: invalid part, must have at least one
  section (e.g., chapter, appendix, etc.)
2016-05-28 21:09:01 -04:00
David Kane 503828c994 Add FAQ for JSP taglib & method security
Updated FAQ to clarify how the url attribute of the authorize tag
interacts with method security
2016-05-23 08:39:54 -05:00
Pedro Vilaça ea2b5dd412 Fix wrong class name reference in the docs
In the documentation, there was a reference to a class called CsrfTokenResolver
and it should CsrfTokenArgumentResolver

Fixes gh-3890
2016-05-18 20:26:20 +01:00
Rob Winch f363c62afd Document spring-security-test dependency
Fixes gh-3873
2016-05-16 10:56:50 -04:00
Joe Grandja 66980e827c Add Spring Boot Hello World guide
Add Spring Boot Hello World Guide

Fixes gh-3866
2016-05-13 14:05:29 -05:00
Rob Winch ede521dc8d authorizeUrls -> authorizeRequests
Replace remaining authorizeUrls with authorizeRequests

Fixes gh-3875
2016-05-09 10:34:36 -05:00
Rob Winch d4218c70f1 Update CookieCsrfTokenRepository docs to cookiHttpOnly=false
Currently CookieCsrfTokenRepository does not specify that the httpOnly
flag needs set to false. We should update the reference to include this
setting (and a comment about it) since it states that the settings will
work with AngularJS.

This commit updates the documentation and provides a convenience factory
method to create a CookieCsrfTokenRepository with cookiHttpOnly=false

Fixes gh-3865
2016-05-06 16:28:04 -04:00
Joe Grandja 447fb70f1d Add Hello World Xml guide
Issue gh-3850
2016-05-04 21:05:31 -04:00
Rob Winch 9745de9510 Add @AuthenticationPrincipal expression
It is now possible to provide a SpEL expression for
@AuthenticationPrincipal. This allows invoking custom logic including
methods on the principal object.

Fixes gh-3859
2016-05-03 18:08:52 -04:00
Patrick Cornelißen eaf8729941 Fixes RC1/RC2 URLs
Fixes gh-3838
2016-04-22 13:45:21 -04:00
Wim Deblauwe 85786824af Fix logout url in doc
The default for logout is to redirect to `/login?logout`

Fixes gh-251
2016-04-21 14:25:44 -04:00
Joe Grandja 4ee46a5f58 Add What's new in 4.1 RC2
Add What's new in 4.1 RC2

Fixes gh-3830
2016-04-20 19:26:54 -05:00
Johnny Lim 933a7e8363 Remove duplicate words
Fixes gh-3826
2016-04-18 23:21:20 -05:00
Joe Grandja 81c9fa805f Fix AuthenticationPrincipalArgumentResolver xml doc
Fixes gh-3771
2016-04-15 16:06:17 -05:00
Joe Grandja 2ef3da1b47 Documents the new @AuthenticationPrincipal in more detail.
Fixes gh-3771
2016-04-13 12:27:23 -04:00
Rob Winch 95a3e30d9f Polish Pbkdf2PasswordEncoder
Fixes gh-2158
Fixes gh-51
2016-04-12 17:16:38 -05:00
Rob Winch d3a9cc6eae Add CsrfTokenRepository (#3805)
* Create LazyCsrfTokenRepository

Fixes gh-3790

* Add CookieCsrfTokenRepository

Fixes gh-3009
2016-04-12 17:26:53 -04:00
Art O Cathain 1d271184c9 Fix Documentation Formatting
Fix corrupted character and add formatting per the duplicated text
block

Fixes gh-193
2016-04-12 13:07:07 -05:00
Soeun Park 8f7cf28435 Fix typos in documentation
Fixes gh-196
Fixes gh-3109
2016-04-12 12:59:21 -05:00
Johnny Lim fe94d654ed Fix typos (#228) 2016-04-12 11:11:51 -05:00
Joe Grandja 849c62b870 Disables doclint in Java 8 to prevent build error from javadoc task.
Fixes gh-3767
2016-04-11 18:19:30 -04:00
Joe Grandja 945a21a3fb Use xml / javaconfig folders for samples
Fixes gh-3752
2016-04-11 09:47:06 -05:00
Kamill Sokol 9c3db557dd Add missing # in SpEL expression doc
SpEL variables can be referenced in the expression using the syntax
23.2.2 Path Variables in Web Security Expressions.

Fixes gh-3781
2016-04-01 10:21:17 -05:00
Joe Grandja 9e5cdbd133 Includes a reference to the https://report-uri.io/ service in the CSP and HPKP documentation.
Fixes gh-3772
2016-03-30 12:12:43 -04:00
Rob Winch b3d26ed5d6 Add changelog in What's New
Issue gh-3768
2016-03-22 22:40:58 -05:00
Rob Winch bf9a837b9a Polish What's New
Issue gh-3768
2016-03-22 22:37:52 -05:00
Rob Winch 40b7fa5b72 Update Issues Link
Issue gh-3333
2016-03-22 22:37:52 -05:00
Rob Winch 3e47531b19 Polish CSP reference
Issue gh-3763
2016-03-22 22:37:51 -05:00
Rob Winch e04f685747 Fix Typo in @WithUserDetails reference
Issue gh-3346
2016-03-22 22:37:41 -05:00
Joe Grandja 2f7f2ff589 Adds support for Content Security Policy
Fixes gh-2342
2016-03-22 21:59:13 -05:00
Rob Winch 4cb9b202f8 Remove subversion from reference
Fixes gh-3766
2016-03-22 16:37:39 -05:00
Rob Winch 683d751902 Polish What's New
Fixes gh-3768
2016-03-22 16:33:25 -05:00
Rob Winch 4b650dc58d Allow AuthenticationProvider Bean in Java Config
This commit adds support for defaulting java configuration's
authentication by providing an AuthenticationProvider Bean.

Fixes gh-3091
2016-03-22 16:17:25 -05:00
Rob Winch 988b54ec3d Remove invalid ` from docs
Fixes gh-3751
2016-03-15 14:38:23 -05:00
Rob Winch 134a0a7f96 Move FAQ to appendix
Fixes gh-3761
2016-03-15 14:37:35 -05:00
Rob Winch 1382bd728b Clean up Javadoc log levels
Issue gh-3757
2016-03-15 08:37:01 -05:00
Shazin Sadakath e33e21fe6b Add Forward after authentication attempt config support
Fixes gh-3728
2016-03-11 10:49:30 -06:00
Rob Winch dbf73c4692 Update spring-security-config module description
Include Java Configuration in the description.

Fixes gh-3298
2016-03-10 10:45:15 -06:00
Rob Winch 835ac0a217 Add @WithUserDetails userDetailsServiceBeanName
Fixes gh-3346
2016-03-09 15:59:23 -06:00
Martin Macko dd8ba8c07e Fix formatting error in documentation
Fixes gh-3279
2016-03-09 15:00:52 -06:00
Rob Winch db81977a1a Polish HPKP
* Javadoc polish
* Whitespace cleanup

Issue gh-3706
2016-03-03 15:11:40 -06:00