Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,968 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

4968 Commits

Author SHA1 Message Date
Rob Winch 9e7fbf8067 SEC-2321: Refine to use X-Requested-With: XMLHttpRequest 2013-10-28 14:00:56 -05:00
Rob Winch 78f85cc129 SEC-2349: Number the reference 2013-10-23 17:46:57 -05:00
Rob Winch 85ec2429d9 SEC-2349: Externalize FAQ 2013-10-23 17:43:32 -05:00
Rob Winch e638f0a547 SEC-2357: old RequestMatcher interface extends new RequestMatcher 2013-10-23 17:09:33 -05:00
Rob Winch 355f884d22 SEC-2093: Document what is new in Spring Security 3.2 2013-10-18 16:39:01 -05:00
Rob Winch 4a24c81147 SEC-2299: Document @AuthenticationPrincipal 2013-10-18 15:46:29 -05:00
Rob Winch 5f290ba10f SEC-2371: Remove ObjectPostProcessor.QUIESENT_POSTPROCESSOR 2013-10-18 14:31:13 -05:00
Rob Winch a3009e303b SEC-2299: Document Web MVC integration 2013-10-18 11:23:58 -05:00
Rob Winch 6ea95cc3a3 SEC-2094: Document Concurrency Support 2013-10-18 09:50:49 -05:00
Rob Winch 04b091c385 SEC-2369: PreAuthenticatedGrantedAuthoritiesUserDetailsService fix case to createUserDetails method 2013-10-17 16:18:43 -05:00
Rob Winch 15a63c58a7 SEC-2368: DebugFilter outputs headers and HTTP method 2013-10-17 14:49:45 -05:00
Rob Winch 604c26eb0d Shis simplifies the class hieararchy significantly.EC-2366: Extract AbstractRequestMatcherRegistry from AbstractRequestMatcherConfigurer 
This simplifies the class hierarchy significantly.
 2013-10-17 13:37:51 -05:00
Rob Winch 348e3a22b6 SEC-2365: registerAuthentication->configure 2013-10-16 13:59:56 -05:00
Rob Winch db3c626ac9 SEC-2281: Document Java Configuration 2013-10-16 10:44:35 -05:00
Rob Winch e3f58fd9d3 Polish guide 2013-10-16 10:44:16 -05:00
Rob Winch bbefc62a87 Fix Security Header's link to HttpServletResponse.setHeader 2013-10-15 16:56:44 -05:00
Rob Winch 730dcffe6d Fix crossrefs in footnotes 2013-10-15 16:50:26 -05:00
Rob Winch bf3b5459cd Fix Authors of manual 2013-10-15 16:22:27 -05:00
Rob Winch 1351c8bada SEC-2362: Clarify AbstractRememberMeServices loginSuccess javadoc 2013-10-15 13:53:23 -05:00
Rob Winch 0978c12c47 SEC-2361: Java Config Sampels use @Autowired AuthenticationManagerBuilder 2013-10-15 12:35:32 -05:00
Adrien be e50b587d60 SEC-2360: AbstractRememberMeServices provide message for Assert on key fieldd 2013-10-14 15:06:11 -05:00
Rob Winch 0b0e7dbea9 SEC-2359: Merge DefaultLoginPageViewFilter w/ DefaultLoginPageGeneratingFilter 2013-10-14 15:00:24 -05:00
Rob Winch 51171efa7a SEC-2357: Move *RequestMatcher to .matcher package 2013-10-14 11:55:56 -05:00
Rob Winch 45ad74a0bd SEC-2357: Fix package cycles 2013-10-14 11:15:16 -05:00
Rob Winch 14b9050616 SEC-2357: Move *RequestMatchers to .matchers package 2013-10-14 10:36:31 -05:00
Rob Winch f2b44e6beb Fix javadoc whitespace issue in HttpBasicConfigurer 2013-10-11 14:53:11 -05:00
Rob Winch 4ef0460ef6 SEC-2321: Improve Java Config defaults for JavaScript clients 2013-10-11 14:53:11 -05:00
Rob Winch 7d99436740 SEC-2358: Add RequestHeaderRequestMatcher 2013-10-11 14:53:11 -05:00
Rob Winch 0ac1176152 Polish RequestMatcher logging and toString 2013-10-07 15:45:42 -05:00
Rob Winch 76a8bbe98d SEC-2354: Add failOnMissingWebXml=false to sample pom.xml 2013-10-07 08:12:35 -05:00
Rob Winch cffbefadd1 SEC-2306: Fix Session Fixation logging race condition 
Previously session fixation protection could output an incorrect warning
that session fixation protection did not work.

The code now synchronizes on WebUtils.getSessionMutex(..).
 2013-10-06 17:13:40 -05:00
kazuki43zoo 611a97023d SEC-2352: HttpSessionCsrfTokenRepository lazy session creation 2013-10-06 16:44:18 -05:00
Rob Winch 5f10d84bf5 SEC-2303: WebSecurity sets the Bean resolver 2013-10-06 13:37:51 -05:00
Rob Winch d28058303b SEC-2349: Move FAQ into reference 2013-10-03 21:28:55 -05:00
Rob Winch dd1c2483b5 SEC-2349: Fix documentation tests 2013-10-03 17:03:17 -05:00
Rob Winch 4b43cf3f50 SEC-2349: Convert Reference to Asciidoctor 2013-10-03 14:15:09 -05:00
Rob Winch df5e034fc3 SEC-2282: Polish CSRF Documentation 2013-09-27 17:14:21 -05:00
Rob Winch 8087cde628 SEC-2331: Include Expires: 0 in xsd and appendix 2013-09-27 17:10:42 -05:00
Rob Winch 8fed90c26c SEC-2282: Add links for AccessDeniedHandler in CSRF doc 2013-09-27 16:44:34 -05:00
Rob Winch 3e95f1c12e SEC-2282: Polish CSRF Documentation 2013-09-27 16:41:06 -05:00
Rob Winch ee33a6deeb SEC-2285: Headers doc explicitly state default headers 2013-09-27 16:29:10 -05:00
Rob Winch 17efd25717 SEC-2331: Include Expires: 0 in security headers documentation 2013-09-27 16:13:40 -05:00
Rob Winch 06a0ec1a9f SEC-2285: Polish Security Headers Documentation 
Explain why (passivity) XML Namespace doesn't enable security headers by
default.
 2013-09-27 16:13:18 -05:00
Rob Winch 9bb283044f SEC-2282: Polish CSRF Documentation 
Explain why (passivity) XML Namespace doesn't enable csrf protection by
default.
 2013-09-27 16:06:25 -05:00
Rob Winch 614c94187e SEC-2305: GlobalMethodSecurityConfiguration autowire PermissionEvaluator 
If a single PermissionEvaluator bean is found the
DefaultMethodSecurityExpressionHandler is configured with the
PermissionEvaluator. If multiple PermissionEvaluator beans are found, the
beans are ignored.
 2013-09-27 15:46:45 -05:00
Rob Winch e696890e8e SEC-2151: Fix spring4Test 2013-09-27 12:36:43 -05:00
Rob Winch 61e6acb3f4 SEC-2151: AnnotationParameterNameDiscoverer support single annotated param 
This makes sense since often times only a single argument is necessary in
the expression.
 2013-09-27 11:53:39 -05:00
Rob Winch e5f034bdef SEC-2151: Fix tests 2013-09-27 11:52:32 -05:00
Rob Winch a09756745f SEC-2151: Support binding method arguments with Annotations 
This allow utilizing method arguments for method access control on
interfaces prior to JDK 8.
 2013-09-27 11:18:37 -05:00
Rob Winch fb0a8d19e8 SEC-2322: Support StandardReflectionParameterNameDiscoverer 2013-09-26 15:55:11 -05:00