Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-31 06:38:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,273 Commits 48 Branches 362 Tags
Commit Graph

145 Commits

Author SHA1 Message Date
Luke Taylor
afd586c96e Re-instate the CAS integration sequence description in the CAS chapter, with corrections (and minus proxying). 2011-01-18 16:50:18 +00:00
Luke Taylor
8da0de459b SEC-1651: Added remaining module information to dependencies appendix. 2011-01-12 15:09:01 +00:00
Luke Taylor
b858b23927 SEC-1651: Added first draft of dependencies appendix to reference manual. 2011-01-07 19:23:06 +00:00
Luke Taylor
8d7830a1ee SEC-1603: Add support in namespace for use of AuthenticationSuccessHandler with remember-me. 2011-01-06 15:16:13 +00:00
Luke Taylor
48ea0a6249 SEC-1638: Added paragraph to docs explaining that for complete security, an app should not switch out of HTTPS at all. 2010-12-17 17:34:08 +00:00
Luke Taylor
7cf9740fd4 SEC-1638: Added an example configuration to the Javadoc for ChannelProcessingFilter and a pointer from the reference manual. 2010-12-17 17:09:20 +00:00
Luke Taylor
ce421f22bf SEC-1635: Stop security interceptors from calling AfterInvocationManager if exception occurs during invocation 2010-12-14 16:24:51 +00:00
Luke Taylor
4a40d80da1 SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority. 
It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
 2010-12-03 16:41:46 +00:00
Luke Taylor
89f80659a1 Move docs on request matching to correct file and delete unused one 2010-11-24 00:30:37 +00:00
Luke Taylor
6b691f6fc0 SEC-1613: Corrected preauth docs. 2010-11-04 14:32:06 +00:00
Luke Taylor
cf0289bc02 SEC-1598: Removed invalid properties from SessionFixationProtectionStrategy bean declaration in Session Management chapter docbook. 2010-10-27 13:25:40 +01:00
Luke Taylor
fabadff5f1 SEC-1597: Corrected bean class name for RememberMeAuthenticationProvider in docbook source. 2010-10-27 13:25:40 +01:00
Luke Taylor
31afb9c76d Deleted superseded dao-auth-provider.xml chapter. 2010-10-27 13:25:40 +01:00
Luke Taylor
07b9ded126 SEC-1599: Corrected docbook source. 2010-10-27 13:25:40 +01:00
Luke Taylor
173537f4f2 SEC-1584: Added namespace support for injecting custom HttpFirewall instance into FilterChainProxy. 2010-10-27 13:25:39 +01:00
Luke Taylor
f455e9a5a4 SEC-1584: Documentation of request-checking and matching process. Logging of servletPath and and pathInfo in DebugFilter for comparison. 2010-10-27 13:25:39 +01:00
Rob Winch
7258abbbf4 SEC-1585: changed spring-beans-3.1.xsd to spring-beans-3.0.xsd 2010-10-10 19:51:37 -05:00
Luke Taylor
1b2b371970 SEC-1544: Added CookieClearingLogoutHandler and 'delete-cookies' attribute to the 'logout' namespace element. 
When the user logs out, the handler will attempt to delete the named cookies (which it is constructor-injected with) by expiring them in the response.

Also added documentation on the feature and a suggestion for deleting JSESSIONID through an Apache proxy server, if the servlet container doesn't allow clearing the session cookie.
 2010-09-16 16:03:24 +01:00
rwinch
de819378fc SEC-1536: added JAAS API Integration, updated doc, updated jaas sample 2010-09-13 13:12:45 -05:00
Luke Taylor
c5231fc213 SEC-1538: Deprecate PreAuthenticatedGrantedAuthoritiesAuthenticationDetails (forgot originally) and update documentation to remove reference to AbstractPreAuthenticationAuthenticationDetailsSource. 2010-09-13 12:19:21 +01:00
rwinch
58d9903ebc SEC-1564: JAAS Configuration can now be injected into DefaultJaasAuthenticationProvider 2010-09-10 20:17:22 -05:00
Luke Taylor
c1418c7536 Minor change in doc information about samples since these are no longer in maven repo. 2010-08-23 14:58:27 +01:00
Luke Taylor
35335e84b3 Reset post-release build version. 2010-08-23 00:13:20 +01:00
Luke Taylor
23c4d1ec28 Set version to 3.1.0.M1. 2010-08-22 23:54:33 +01:00
Luke Taylor
d04e37c0c4 Minor changes to doc on version numbering. It's not true that minor versions are source/binary compatible. 2010-08-19 23:24:12 +01:00
Luke Taylor
992566b6cb SEC-1527: Internationalization of contacts sample (Adding message resource bundle and RequestContextFilter). Re-working of L12n section of manual to mention existing localized message files and use of RequestContextFilter. 2010-08-14 01:07:51 +01:00
Luke Taylor
4935aa07c7 SEC-1535: Added suggested doc fixes. 2010-08-12 20:41:29 +01:00
Luke Taylor
bb7165ac6e SEC-1530: Added information on calling getAllPrincipals() on SessionRegistry for direct use in an application to provide currently logged in users. 2010-08-07 15:43:55 +01:00
Luke Taylor
e2ba500c3c SEC-1529: More user-friendly expressions on method annotations in EL chapter. 2010-08-05 18:14:11 +01:00
Luke Taylor
74b66591e9 Build refactoring. 2010-08-04 02:09:07 +01:00
Luke Taylor
5de68cb18f SEC-1499: Additional doc paragraph that escaped the commit. 2010-07-23 23:03:54 +01:00
Luke Taylor
9dd6a5eb8f SEC-1499: Added some Javadoc and doc on the problems of using session-fixation protection with attributes that implement HttpSessionBindingListener. 2010-07-23 16:27:57 +01:00
Luke Taylor
d7d8448120 SEC-1521: Add check for null SecurityContextRepository and clarify related docs on use of null implementation (NullSecurityContextRepository). 2010-07-23 15:59:53 +01:00
Luke Taylor
c1c8fd1874 SEC-1171: Changed attribute name/value from secured="false" to security="none" to allow future extension by adding extra options (e.g. contextOnly to provide security context information during the request). 2010-07-20 19:46:47 +01:00
Luke Taylor
080710e023 Minor doc updates on default filters created by namespace. 2010-07-06 13:29:11 +01:00
Luke Taylor
06368f956a Minor doc/javadoc updates to clarify use of UserDetailsContextapper. 2010-07-04 15:13:27 +01:00
Luke Taylor
d6159e884a Some minor doc fixes. 2010-07-03 13:11:39 +01:00
Luke Taylor
8ad6cbbe85 SEC-1508: Update docbook processing to use Docbook 5 namespaces. 2010-07-03 13:10:48 +01:00
Luke Taylor
8615369697 Added information on config jar to instructions on getting started using namespace. 2010-06-30 13:45:13 +01:00
Luke Taylor
4da4734750 Minor doc link updates and tidying. 2010-06-26 13:20:48 +01:00
Luke Taylor
ad82e6a575 SEC-1493: Documentation of support for erasing credentials. 2010-06-26 12:27:49 +01:00
Luke Taylor
1dd4787194 Added note in namespace chapter clarifying that method security only applies to Spring beans, plus aspectj mode info to appendix. 2010-06-10 22:17:58 +01:00
Luke Taylor
8bddc8f820 SEC-1484: Documentation for some namespace attributes. 2010-06-05 17:35:24 +01:00
Luke Taylor
0d94e75a93 SEC-1171: Documentation of changes related to use of multiple <http> elements. 2010-06-05 17:12:33 +01:00
Luke Taylor
ca91b9abc5 Corrected section layout in DB schema appendix of ref manual. 2010-05-23 00:05:29 +01:00
Luke Taylor
5aab06775e SEC-1106: Added section on hierarchical roles to manual. 2010-05-18 16:43:55 +01:00
Luke Taylor
e0d06b2b53 Added documentation on RequestCache functionality. 2010-05-16 15:18:03 +01:00
Luke Taylor
f0c4cccb0d SEC-1479: Clarify that matching is against servletPath + pathInfo for ant pattern matching. Added some extra pointers to request-matching info in namespace doc. 2010-05-16 14:14:13 +01:00
Luke Taylor
705f896209 SEC-1478: Added 'use-expressions' attribute to namespace appendix. 2010-05-11 02:25:45 +01:00
Luke Taylor
2c44461264 SEC-1473: Remove references to ContactSecurityVoter. 
Replaced with reference to Oleg's blog article as an example of custom voter use
 2010-05-03 14:53:06 +01:00