Rob Winch
e4c13e3c0e
Add MvcRequestMatcher
...
Fixes gh-3964
2016-07-06 15:47:23 -05:00
Rob Winch
13bc70f693
Add CorsFilter support
2016-07-05 14:28:04 -05:00
Rob Winch
dd9b59ba31
Document Digest is insecure
...
Fixes gh-3894
2016-06-20 14:10:36 -05:00
Shannon Carey
9fa2c64737
Documentation SecurityConfig->WebSecurityConfig
...
Rename SecurityConfig to WebSecurityConfig in the documentation.
Fixes gh-153
2016-06-17 16:55:46 -05:00
Pedro Vilaça
208f898403
Improve csrf login caveats
...
Add a suggestion to retrieve a fresh csrf token right before the
form submission in order to avoid problems with invalid csrf tokens
due session timeouts.
Fixes gh-3925
2016-06-13 16:26:16 +01:00
Ryan W. Moore
8aea83011d
Docs: Remove broken link
...
I think the originally intended destination no longer exists in the
documentation.
2016-05-28 21:09:15 -04:00
Ryan W. Moore
fd65652bbe
Docs: Fix broken link to security database schema
2016-05-28 21:09:15 -04:00
Ryan W. Moore
38e9f6a851
Docs: Fix broken link to csrfInput tag info
...
ID names are case sensitive.
2016-05-28 21:09:15 -04:00
Ryan W. Moore
cdb04c50e8
Docs: Fix broken link to websocket security info
2016-05-28 21:09:15 -04:00
Ryan W. Moore
057ea4fb17
Docs: Make 'Getting Started' a level 1 section heading
...
This fixes the following build error:
asciidoctor: ERROR: index.adoc: line 26: invalid part, must have at least one
section (e.g., chapter, appendix, etc.)
2016-05-28 21:09:01 -04:00
David Kane
503828c994
Add FAQ for JSP taglib & method security
...
Updated FAQ to clarify how the url attribute of the authorize tag
interacts with method security
2016-05-23 08:39:54 -05:00
Pedro Vilaça
ea2b5dd412
Fix wrong class name reference in the docs
...
In the documentation, there was a reference to a class called CsrfTokenResolver
and it should CsrfTokenArgumentResolver
Fixes gh-3890
2016-05-18 20:26:20 +01:00
Rob Winch
f363c62afd
Document spring-security-test dependency
...
Fixes gh-3873
2016-05-16 10:56:50 -04:00
Joe Grandja
66980e827c
Add Spring Boot Hello World guide
...
Add Spring Boot Hello World Guide
Fixes gh-3866
2016-05-13 14:05:29 -05:00
Rob Winch
ede521dc8d
authorizeUrls -> authorizeRequests
...
Replace remaining authorizeUrls with authorizeRequests
Fixes gh-3875
2016-05-09 10:34:36 -05:00
Rob Winch
d4218c70f1
Update CookieCsrfTokenRepository docs to cookiHttpOnly=false
...
Currently CookieCsrfTokenRepository does not specify that the httpOnly
flag needs set to false. We should update the reference to include this
setting (and a comment about it) since it states that the settings will
work with AngularJS.
This commit updates the documentation and provides a convenience factory
method to create a CookieCsrfTokenRepository with cookiHttpOnly=false
Fixes gh-3865
2016-05-06 16:28:04 -04:00
Joe Grandja
447fb70f1d
Add Hello World Xml guide
...
Issue gh-3850
2016-05-04 21:05:31 -04:00
Rob Winch
9745de9510
Add @AuthenticationPrincipal expression
...
It is now possible to provide a SpEL expression for
@AuthenticationPrincipal. This allows invoking custom logic including
methods on the principal object.
Fixes gh-3859
2016-05-03 18:08:52 -04:00
Patrick Cornelißen
eaf8729941
Fixes RC1/RC2 URLs
...
Fixes gh-3838
2016-04-22 13:45:21 -04:00
Wim Deblauwe
85786824af
Fix logout url in doc
...
The default for logout is to redirect to `/login?logout`
Fixes gh-251
2016-04-21 14:25:44 -04:00
Joe Grandja
4ee46a5f58
Add What's new in 4.1 RC2
...
Add What's new in 4.1 RC2
Fixes gh-3830
2016-04-20 19:26:54 -05:00
Johnny Lim
933a7e8363
Remove duplicate words
...
Fixes gh-3826
2016-04-18 23:21:20 -05:00
Joe Grandja
81c9fa805f
Fix AuthenticationPrincipalArgumentResolver xml doc
...
Fixes gh-3771
2016-04-15 16:06:17 -05:00
Joe Grandja
2ef3da1b47
Documents the new @AuthenticationPrincipal in more detail.
...
Fixes gh-3771
2016-04-13 12:27:23 -04:00
Rob Winch
95a3e30d9f
Polish Pbkdf2PasswordEncoder
...
Fixes gh-2158
Fixes gh-51
2016-04-12 17:16:38 -05:00
Rob Winch
d3a9cc6eae
Add CsrfTokenRepository ( #3805 )
...
* Create LazyCsrfTokenRepository
Fixes gh-3790
* Add CookieCsrfTokenRepository
Fixes gh-3009
2016-04-12 17:26:53 -04:00
Art O Cathain
1d271184c9
Fix Documentation Formatting
...
Fix corrupted character and add formatting per the duplicated text
block
Fixes gh-193
2016-04-12 13:07:07 -05:00
Soeun Park
8f7cf28435
Fix typos in documentation
...
Fixes gh-196
Fixes gh-3109
2016-04-12 12:59:21 -05:00
Johnny Lim
fe94d654ed
Fix typos ( #228 )
2016-04-12 11:11:51 -05:00
Joe Grandja
849c62b870
Disables doclint in Java 8 to prevent build error from javadoc task.
...
Fixes gh-3767
2016-04-11 18:19:30 -04:00
Joe Grandja
945a21a3fb
Use xml / javaconfig folders for samples
...
Fixes gh-3752
2016-04-11 09:47:06 -05:00
Kamill Sokol
9c3db557dd
Add missing # in SpEL expression doc
...
SpEL variables can be referenced in the expression using the syntax
23.2.2 Path Variables in Web Security Expressions.
Fixes gh-3781
2016-04-01 10:21:17 -05:00
Joe Grandja
9e5cdbd133
Includes a reference to the https://report-uri.io/ service in the CSP and HPKP documentation.
...
Fixes gh-3772
2016-03-30 12:12:43 -04:00
Rob Winch
b3d26ed5d6
Add changelog in What's New
...
Issue gh-3768
2016-03-22 22:40:58 -05:00
Rob Winch
bf9a837b9a
Polish What's New
...
Issue gh-3768
2016-03-22 22:37:52 -05:00
Rob Winch
40b7fa5b72
Update Issues Link
...
Issue gh-3333
2016-03-22 22:37:52 -05:00
Rob Winch
3e47531b19
Polish CSP reference
...
Issue gh-3763
2016-03-22 22:37:51 -05:00
Rob Winch
e04f685747
Fix Typo in @WithUserDetails reference
...
Issue gh-3346
2016-03-22 22:37:41 -05:00
Joe Grandja
2f7f2ff589
Adds support for Content Security Policy
...
Fixes gh-2342
2016-03-22 21:59:13 -05:00
Rob Winch
4cb9b202f8
Remove subversion from reference
...
Fixes gh-3766
2016-03-22 16:37:39 -05:00
Rob Winch
683d751902
Polish What's New
...
Fixes gh-3768
2016-03-22 16:33:25 -05:00
Rob Winch
4b650dc58d
Allow AuthenticationProvider Bean in Java Config
...
This commit adds support for defaulting java configuration's
authentication by providing an AuthenticationProvider Bean.
Fixes gh-3091
2016-03-22 16:17:25 -05:00
Rob Winch
988b54ec3d
Remove invalid ` from docs
...
Fixes gh-3751
2016-03-15 14:38:23 -05:00
Rob Winch
134a0a7f96
Move FAQ to appendix
...
Fixes gh-3761
2016-03-15 14:37:35 -05:00
Rob Winch
1382bd728b
Clean up Javadoc log levels
...
Issue gh-3757
2016-03-15 08:37:01 -05:00
Shazin Sadakath
e33e21fe6b
Add Forward after authentication attempt config support
...
Fixes gh-3728
2016-03-11 10:49:30 -06:00
Rob Winch
dbf73c4692
Update spring-security-config module description
...
Include Java Configuration in the description.
Fixes gh-3298
2016-03-10 10:45:15 -06:00
Rob Winch
835ac0a217
Add @WithUserDetails userDetailsServiceBeanName
...
Fixes gh-3346
2016-03-09 15:59:23 -06:00
Martin Macko
dd8ba8c07e
Fix formatting error in documentation
...
Fixes gh-3279
2016-03-09 15:00:52 -06:00
Rob Winch
db81977a1a
Polish HPKP
...
* Javadoc polish
* Whitespace cleanup
Issue gh-3706
2016-03-03 15:11:40 -06:00