c85358915a
Add Opaque Token Documentation
...
Fixes gh-7420
2019-09-11 08:06:48 -06:00
08f68c9122
Update JwtAuthenticationConverter Docs
...
Replaced usage of deprecated API
Fixes gh-7062
2019-09-05 16:15:55 -06:00
1de885e298
use simple link instead of 'pass' macro
2019-08-29 06:17:06 -05:00
24cd9b990a
fix footnotes markup
...
Fixes #3180
2019-08-29 06:17:06 -05:00
052256db0a
Add WebSecurityConfigurerAdapter Doc Detail
...
Fixes gh-6809
2019-08-22 17:56:39 -06:00
712dfbdabd
Fix typo in docs
2019-08-19 12:53:54 -05:00
abc90280e0
Add unbounid support in xml
...
Add unbounid support in xml
Fixes gh-6011
2019-08-14 10:05:49 -05:00
f396e0197e
Fix websocket configuration documentation
...
Fixes: gh-4845
2019-08-14 10:24:59 -04:00
9b2af944fa
Add unbounid support in xml
...
Currently, spring-security provides apacheds integration by default. This
commit introduces a new `mode` in the `ldap-server` tag which allows to choose
beetween `apacheds` and `unboundid`. In order to keep backward compatibility
if `mode` is not set and apacheds jars are in the classpath apacheds is used
as a embedded ldap.
Fixes gh-6011
Currently, unboundid was added as a support for embbeded LDAP and it
is used on the Java Config. This commit introduces support from XML side.
Also, give the chance to users to move from apacheds to unboundid using
a new attribute `mode`.
Fixes gh-6011
2019-08-10 19:07:45 -05:00
646f257e01
docs, change name of class in multiple httpSecurity
2019-08-06 13:05:55 -05:00
b3da1e466b
Add Argon2PasswordEncoder
...
Add PasswordEncoder for the Argon2 hashing algorithm (Password Hashing
Competition (PHC) winner).
This implementation uses the BouncyCastle-implementation of Argon2.
Fixes gh-5354
2019-08-05 13:54:29 -05:00
0b4502b2c5
Remove exceptions from lambda security configuration
...
Fixes: gh-7128
2019-07-30 08:31:37 -05:00
a288ce4b00
Support nested builder in DSL for reactive apps
...
Fixes: gh-7107
2019-07-23 15:57:10 -05:00
dc2705189f
Fix typo in documentation
...
Fixed typo in documentation.
2019-07-16 12:01:07 -05:00
b004f9f677
Use http security nested builder in docs
...
Issue: gh-5557
2019-07-12 13:58:17 -04:00
8948ba3a48
Fixed typo in documentation.
2019-07-09 23:41:40 +03:00
3b5a4189ef
Minor fix
...
These four items, not three items, constitute the auth process:
. A user is prompted to log in with a username and password.
. The system (successfully) verifies that the password is correct for the username.
. The context information for that user is obtained (their list of roles and so on).
. A security context is established for the user
2019-06-28 11:41:55 -05:00
c43e632a6d
Fix typo in OAuth2TokenValidator doc
...
Fixes gh-6925
2019-06-10 11:07:20 -06:00
8e5dd19b3b
Updates modules.adoc (typo fix)
...
Typo fix
2019-06-10 11:06:19 -06:00
f6998547b8
Remove '.html' from interface name
2019-05-20 16:25:30 -05:00
9078885a1a
Remove redundant for
2019-05-20 16:25:30 -05:00
0aa4805be8
Add documentation on Reactive x509 security
...
[gh #5038 ]
2019-04-26 12:15:18 -05:00
0957ecb1e9
Align webclient section level in documentation
...
Make "WebClient for Servlet Environments" section level align with
other documents in "additional-topics".
2019-04-25 14:48:54 -06:00
4a6e91531a
Fix Broken Documentation Link
...
Fixes: gh-6553
2019-04-13 20:58:03 -06:00
4a286be2b9
Update samples documentation
2019-04-13 19:21:10 -06:00
21f7148e7a
Update filters documentation
...
Fixes: gh-5553
2019-04-13 19:21:10 -06:00
bf88e8790f
Fix a typo
2019-04-01 11:06:48 -06:00
4e9c37b1ae
Manual URL Cleanup
2019-03-29 13:24:11 -04:00
3b89754926
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.
* http://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html (200) with 1 occurrences could not be migrated:
([https](https://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html ) result ClosedChannelException).
* http://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html (200) with 1 occurrences could not be migrated:
([https](https://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html ) result SSLHandshakeException).
* http://cujojs.com/ (200) with 1 occurrences could not be migrated:
([https](https://cujojs.com/ ) result SSLHandshakeException).
* http://erik.eae.net/archives/2007/07/27/18.54.15/ (200) with 1 occurrences could not be migrated:
([https](https://erik.eae.net/archives/2007/07/27/18.54.15/ ) result SSLHandshakeException).
* http://javascript.nwbox.com/IEContentLoaded/ (200) with 1 occurrences could not be migrated:
([https](https://javascript.nwbox.com/IEContentLoaded/ ) result SSLHandshakeException).
* http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html (200) with 1 occurrences could not be migrated:
([https](https://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html ) result SSLHandshakeException).
* http://monkeymachine.co.uk/ (200) with 2 occurrences could not be migrated:
([https](https://monkeymachine.co.uk/ ) result SSLHandshakeException).
* http://perfectionkills.com/detecting-event-support-without-browser-sniffing/ (200) with 1 occurrences could not be migrated:
([https](https://perfectionkills.com/detecting-event-support-without-browser-sniffing/ ) result SSLHandshakeException).
* http://somesite.com/login (200) with 3 occurrences could not be migrated:
([https](https://somesite.com/login ) result AnnotatedConnectException).
* http://someurl.com/ (200) with 2 occurrences could not be migrated:
([https](https://someurl.com/ ) result SSLHandshakeException).
* http://sscce.org/ (200) with 1 occurrences could not be migrated:
([https](https://sscce.org/ ) result SSLHandshakeException).
* http://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf (200) with 2 occurrences could not be migrated:
([https](https://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf ) result 404).
* http://www.example.com:80/ (200) with 1 occurrences could not be migrated:
([https](https://www.example.com:80/ ) result NotSslRecordException).
* http://www.faqs.org/qa/rfcc-1940.html (200) with 3 occurrences could not be migrated:
([https](https://www.faqs.org/qa/rfcc-1940.html ) result AnnotatedConnectException).
* http://www.faqs.org/rfcs/rfc1945.html (200) with 2 occurrences could not be migrated:
([https](https://www.faqs.org/rfcs/rfc1945.html ) result AnnotatedConnectException).
* http://www.faqs.org/rfcs/rfc3548.html (200) with 3 occurrences could not be migrated:
([https](https://www.faqs.org/rfcs/rfc3548.html ) result AnnotatedConnectException).
* http://www.zytrax.com/books/ldap/ (200) with 2 occurrences could not be migrated:
([https](https://www.zytrax.com/books/ldap/ ) result AnnotatedConnectException).
* http://blindsignals.com/index.php/2009/07/jquery-delay/ (301) with 1 occurrences could not be migrated:
([https](https://blindsignals.com/index.php/2009/07/jquery-delay/ ) result SSLHandshakeException).
* http://www.faqs.org/ (301) with 1 occurrences could not be migrated:
([https](https://www.faqs.org/ ) result AnnotatedConnectException).
* http://sam.zoy.org/wtfpl/ (301) with 2 occurrences could not be migrated:
([https](https://sam.zoy.org/wtfpl/ ) result SSLHandshakeException).
* http://hey.openid.com/ (302) with 1 occurrences could not be migrated:
([https](https://hey.openid.com/ ) result SSLHandshakeException).
* http://iharder.net/base64 (303) with 2 occurrences could not be migrated:
([https](https://iharder.net/base64 ) result AnnotatedConnectException).
* http://jaspan.com/improved_persistent_login_cookie_best_practice (500) with 3 occurrences could not be migrated:
([https](https://jaspan.com/improved_persistent_login_cookie_best_practice ) result AnnotatedConnectException).
# Fixed URLs
## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.
* http://www.relaxng.org/ (301) with 1 occurrences migrated to:
https://relaxng.org/ ([https](https://www.relaxng.org/ ) result SSLHandshakeException).
* http://www.relaxng.org (301) with 1 occurrences migrated to:
https://relaxng.org/ ([https](https://www.relaxng.org ) result SSLHandshakeException).
* http://tools.ietf.org/html/draft-ietf-websec-x-frame-options (301) with 2 occurrences migrated to:
https://tools.ietf.org/html/draft-ietf-websec-x-frame-options ([https](https://tools.ietf.org/html/draft-ietf-websec-x-frame-options ) result ReadTimeoutException).
* http://foo.test.com (302) with 2 occurrences migrated to:
https://www.test.com ([https](https://foo.test.com ) result SSLHandshakeException).
* http://abc.test.com (302) with 2 occurrences migrated to:
https://www.test.com ([https](https://abc.test.com ) result SSLHandshakeException).
* http://192.168.1:8080 (ConnectTimeoutException) with 2 occurrences migrated to:
https://192.168.1:8080 ([https](https://192.168.1:8080 ) result ConnectTimeoutException).
* http://www.example.com:8080/mycontext/secure/page.html (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.example.com:8080/mycontext/secure/page.html ([https](https://www.example.com:8080/mycontext/secure/page.html ) result ConnectTimeoutException).
* http://www.example.com:8888/bigWebApp/hello (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.example.com:8888/bigWebApp/hello ([https](https://www.example.com:8888/bigWebApp/hello ) result ConnectTimeoutException).
* http://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true ) result ConnectTimeoutException).
* http://www.opensymphony.com/sitemesh/decorator (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.opensymphony.com/sitemesh/decorator ([https](https://www.opensymphony.com/sitemesh/decorator ) result ConnectTimeoutException).
* http://www.opensymphony.com/sitemesh/page (ConnectTimeoutException) with 1 occurrences migrated to:
https://www.opensymphony.com/sitemesh/page ([https](https://www.opensymphony.com/sitemesh/page ) result ConnectTimeoutException).
* http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd (ReadTimeoutException) with 1 occurrences migrated to:
https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ([https](https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ) result ReadTimeoutException).
* http://axschema.org/ (UnknownHostException) with 2 occurrences migrated to:
https://axschema.org/ ([https](https://axschema.org/ ) result UnknownHostException).
* http://axschema.org/contact/email (UnknownHostException) with 23 occurrences migrated to:
https://axschema.org/contact/email ([https](https://axschema.org/contact/email ) result UnknownHostException).
* http://axschema.org/namePerson (UnknownHostException) with 5 occurrences migrated to:
https://axschema.org/namePerson ([https](https://axschema.org/namePerson ) result UnknownHostException).
* http://axschema.org/namePerson/first (UnknownHostException) with 4 occurrences migrated to:
https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first ) result UnknownHostException).
* http://axschema.org/namePerson/last (UnknownHostException) with 4 occurrences migrated to:
https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last ) result UnknownHostException).
* http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to:
https://context.blah.com/context/remainder ([https](https://context.blah.com/context/remainder ) result UnknownHostException).
* http://default (UnknownHostException) with 12 occurrences migrated to:
https://default ([https](https://default ) result UnknownHostException).
* http://endpoint (UnknownHostException) with 4 occurrences migrated to:
https://endpoint ([https](https://endpoint ) result UnknownHostException).
* http://endpoint?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to:
https://endpoint?id_token_hint=id-token ([https](https://endpoint?id_token_hint=id-token ) result UnknownHostException).
* http://example.com¶m1=value1¶m2=value2 (UnknownHostException) with 1 occurrences migrated to:
https://example.com¶m1=value1¶m2=value2 ([https](https://example.com¶m1=value1¶m2=value2 ) result UnknownHostException).
* http://host/myapp/index.html;jsessionid=blah (UnknownHostException) with 1 occurrences migrated to:
https://host/myapp/index.html;jsessionid=blah ([https](https://host/myapp/index.html;jsessionid=blah ) result UnknownHostException).
* http://http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to:
https://http://context.blah.com/context/remainder ([https](https://https://context.blah.com/context/remainder ) result UnknownHostException).
* http://id.openid.zz (UnknownHostException) with 2 occurrences migrated to:
https://id.openid.zz ([https](https://id.openid.zz ) result UnknownHostException).
* http://invalid-provider.com/oauth2/token (UnknownHostException) with 4 occurrences migrated to:
https://invalid-provider.com/oauth2/token ([https](https://invalid-provider.com/oauth2/token ) result UnknownHostException).
* http://invalid-provider.com/user (UnknownHostException) with 4 occurrences migrated to:
https://invalid-provider.com/user ([https](https://invalid-provider.com/user ) result UnknownHostException).
* http://issuer/.well-known/jwks.json (UnknownHostException) with 2 occurrences migrated to:
https://issuer/.well-known/jwks.json ([https](https://issuer/.well-known/jwks.json ) result UnknownHostException).
* http://issuer/certs (UnknownHostException) with 1 occurrences migrated to:
https://issuer/certs ([https](https://issuer/certs ) result UnknownHostException).
* http://jimi.hendrix.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
https://jimi.hendrix.myopenid.com/ ([https](https://jimi.hendrix.myopenid.com/ ) result UnknownHostException).
* http://joe.myopenid.com/ (UnknownHostException) with 3 occurrences migrated to:
https://joe.myopenid.com/ ([https](https://joe.myopenid.com/ ) result UnknownHostException).
* http://logout (UnknownHostException) with 2 occurrences migrated to:
https://logout ([https](https://logout ) result UnknownHostException).
* http://logout?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to:
https://logout?id_token_hint=id-token ([https](https://logout?id_token_hint=id-token ) result UnknownHostException).
* http://openid.aol.com/ (UnknownHostException) with 2 occurrences migrated to:
https://openid.aol.com/ ([https](https://openid.aol.com/ ) result UnknownHostException).
* http://pip.verisignlabs.com/server (UnknownHostException) with 2 occurrences migrated to:
https://pip.verisignlabs.com/server ([https](https://pip.verisignlabs.com/server ) result UnknownHostException).
* http://postlogout?encodedparam%3Dvalue (UnknownHostException) with 2 occurrences migrated to:
https://postlogout?encodedparam%3Dvalue ([https](https://postlogout?encodedparam%3Dvalue ) result UnknownHostException).
* http://postlogout?encodedparam=value (UnknownHostException) with 2 occurrences migrated to:
https://postlogout?encodedparam=value ([https](https://postlogout?encodedparam=value ) result UnknownHostException).
* http://schema.openid.net/contact/email (UnknownHostException) with 5 occurrences migrated to:
https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email ) result UnknownHostException).
* http://schema.openid.net/namePerson (UnknownHostException) with 2 occurrences migrated to:
https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson ) result UnknownHostException).
* http://some.site.org/index.html (UnknownHostException) with 1 occurrences migrated to:
https://some.site.org/index.html ([https](https://some.site.org/index.html ) result UnknownHostException).
* http://something/ (UnknownHostException) with 1 occurrences migrated to:
https://something/ ([https](https://something/ ) result UnknownHostException).
* http://specs.openid.net/auth/2.0 (UnknownHostException) with 2 occurrences migrated to:
https://specs.openid.net/auth/2.0 ([https](https://specs.openid.net/auth/2.0 ) result UnknownHostException).
* http://specs.openid.net/auth/2.0/identifier_select (UnknownHostException) with 4 occurrences migrated to:
https://specs.openid.net/auth/2.0/identifier_select ([https](https://specs.openid.net/auth/2.0/identifier_select ) result UnknownHostException).
* http://wiki.fasterxml.com/JacksonFeatureModules (UnknownHostException) with 1 occurrences migrated to:
https://wiki.fasterxml.com/JacksonFeatureModules ([https](https://wiki.fasterxml.com/JacksonFeatureModules ) result UnknownHostException).
* http://www.faqs (UnknownHostException) with 1 occurrences migrated to:
https://www.faqs ([https](https://www.faqs ) result UnknownHostException).
* http://www.test123.com (UnknownHostException) with 1 occurrences migrated to:
https://www.test123.com ([https](https://www.test123.com ) result UnknownHostException).
* http://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29 (301) with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Defense_in_depth_%2528computing%2529 ([https](https://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29 ) result 400).
* http://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html (404) with 1 occurrences migrated to:
https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html ([https](https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html ) result 404).
* http://example.com/auth (404) with 2 occurrences migrated to:
https://example.com/auth ([https](https://example.com/auth ) result 404).
* http://example.com/info (404) with 2 occurrences migrated to:
https://example.com/info ([https](https://example.com/info ) result 404).
* http://example.com/jwkset (404) with 2 occurrences migrated to:
https://example.com/jwkset ([https](https://example.com/jwkset ) result 404).
* http://example.com/login/oauth2/code/registration-id (404) with 1 occurrences migrated to:
https://example.com/login/oauth2/code/registration-id ([https](https://example.com/login/oauth2/code/registration-id ) result 404).
* http://example.com/login/oauth2/code/registration-id-2 (404) with 1 occurrences migrated to:
https://example.com/login/oauth2/code/registration-id-2 ([https](https://example.com/login/oauth2/code/registration-id-2 ) result 404).
* http://example.com/path?a=b&c=d (404) with 1 occurrences migrated to:
https://example.com/path?a=b&c=d ([https](https://example.com/path?a=b&c=d ) result 404).
* http://example.com/pkp-report (404) with 5 occurrences migrated to:
https://example.com/pkp-report ([https](https://example.com/pkp-report ) result 404).
* http://example.com/token (404) with 2 occurrences migrated to:
https://example.com/token ([https](https://example.com/token ) result 404).
* http://example.net/pkp-report (404) with 7 occurrences migrated to:
https://example.net/pkp-report ([https](https://example.net/pkp-report ) result 404).
* http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ (301) with 1 occurrences migrated to:
https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ ([https](https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ ) result 404).
* http://html5shim.googlecode.com/svn/trunk/html5.js (404) with 6 occurrences migrated to:
https://html5shim.googlecode.com/svn/trunk/html5.js ([https](https://html5shim.googlecode.com/svn/trunk/html5.js ) result 404).
* http://json.org/json2.js (404) with 1 occurrences migrated to:
https://json.org/json2.js ([https](https://json.org/json2.js ) result 404).
* http://openid-selector.googlecode.com/svn/trunk/ (404) with 2 occurrences migrated to:
https://openid-selector.googlecode.com/svn/trunk/ ([https](https://openid-selector.googlecode.com/svn/trunk/ ) result 404).
* http://provider.com/user (302) with 2 occurrences migrated to:
https://provider.com/user ([https](https://provider.com/user ) result 404).
* http://relaxng.org/ns/compatibility/annotations/1.0 (301) with 8 occurrences migrated to:
https://relaxng.org/ns/compatibility/annotations/1.0 ([https](https://relaxng.org/ns/compatibility/annotations/1.0 ) result 404).
* http://www.example.com/bigWebApp/hello (404) with 2 occurrences migrated to:
https://www.example.com/bigWebApp/hello ([https](https://www.example.com/bigWebApp/hello ) result 404).
* http://www.example.com/bigWebApp/hello/pathInfo.html?open=true (404) with 1 occurrences migrated to:
https://www.example.com/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com/bigWebApp/hello/pathInfo.html?open=true ) result 404).
* http://www.example.com/identity (404) with 1 occurrences migrated to:
https://www.example.com/identity ([https](https://www.example.com/identity ) result 404).
* http://www.example.com/login/openid (404) with 2 occurrences migrated to:
https://www.example.com/login/openid ([https](https://www.example.com/login/openid ) result 404).
* http://www.example.com/mycontext/HelloWorld (404) with 1 occurrences migrated to:
https://www.example.com/mycontext/HelloWorld ([https](https://www.example.com/mycontext/HelloWorld ) result 404).
* http://www.example.com/mycontext/HelloWorld/some/more/segments.html (404) with 1 occurrences migrated to:
https://www.example.com/mycontext/HelloWorld/some/more/segments.html ([https](https://www.example.com/mycontext/HelloWorld/some/more/segments.html ) result 404).
* http://www.example.com/mycontext/HelloWorld?foo=bar (404) with 1 occurrences migrated to:
https://www.example.com/mycontext/HelloWorld?foo=bar ([https](https://www.example.com/mycontext/HelloWorld?foo=bar ) result 404).
* http://www.example.com/mycontext/secure/page.html (404) with 3 occurrences migrated to:
https://www.example.com/mycontext/secure/page.html ([https](https://www.example.com/mycontext/secure/page.html ) result 404).
* http://www.example.com/realm (404) with 1 occurrences migrated to:
https://www.example.com/realm ([https](https://www.example.com/realm ) result 404).
* http://www.example.com/redirect (404) with 1 occurrences migrated to:
https://www.example.com/redirect ([https](https://www.example.com/redirect ) result 404).
* http://www.example.org/do/something (404) with 4 occurrences migrated to:
https://www.example.org/do/something ([https](https://www.example.org/do/something ) result 404).
* http://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ (301) with 1 occurrences migrated to:
https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ ([https](https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ ) result 404).
* http://www.json.org/json2.js (404) with 1 occurrences migrated to:
https://www.json.org/json2.js ([https](https://www.json.org/json2.js ) result 404).
* http://www.thymeleaf.org/thymeleaf-extras-springsecurity5 (301) with 5 occurrences migrated to:
https://www.thymeleaf.org/thymeleaf-extras-springsecurity5 ([https](https://www.thymeleaf.org/thymeleaf-extras-springsecurity5 ) result 404).
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html with 1 occurrences migrated to:
https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html ([https](https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html ) result 200).
* http://bugs.jquery.com/ticket/12282 with 1 occurrences migrated to:
https://bugs.jquery.com/ticket/12282 ([https](https://bugs.jquery.com/ticket/12282 ) result 200).
* http://bugs.jquery.com/ticket/12359 with 1 occurrences migrated to:
https://bugs.jquery.com/ticket/12359 ([https](https://bugs.jquery.com/ticket/12359 ) result 200).
* http://claimid.com/ with 2 occurrences migrated to:
https://claimid.com/ ([https](https://claimid.com/ ) result 200).
* http://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ with 1 occurrences migrated to:
https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ ([https](https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ ) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html with 1 occurrences migrated to:
https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html ) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html with 26 occurrences migrated to:
https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html ) result 200).
* http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html with 1 occurrences migrated to:
https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html ) result 200).
* http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html with 1 occurrences migrated to:
https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html ) result 200).
* http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html with 1 occurrences migrated to:
https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html ([https](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html ) result 200).
* http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html with 1 occurrences migrated to:
https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html ([https](https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html ) result 200).
* http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to:
https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ ) result 200).
* http://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html (301) with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/3.0.x/reference/remember-me.html ([https](https://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html ) result 200).
* http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html (301) with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html ([https](https://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html ) result 200).
* http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ ) result 200).
* http://docs.spring.io/spring-security/site/docs/current/api/ with 1 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/current/api/ ([https](https://docs.spring.io/spring-security/site/docs/current/api/ ) result 200).
* http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ with 3 occurrences migrated to:
https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ ) result 200).
* http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html (301) with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html ([https](https://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html ) result 200).
* http://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html ([https](https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html ) result 200).
* http://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html ([https](https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html ) result 200).
* http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html with 3 occurrences migrated to:
https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html ) result 200).
* http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html ) result 200).
* http://en.wikipedia.org/wiki/Clickjacking with 9 occurrences migrated to:
https://en.wikipedia.org/wiki/Clickjacking ([https](https://en.wikipedia.org/wiki/Clickjacking ) result 200).
* http://en.wikipedia.org/wiki/Content_sniffing with 2 occurrences migrated to:
https://en.wikipedia.org/wiki/Content_sniffing ([https](https://en.wikipedia.org/wiki/Content_sniffing ) result 200).
* http://en.wikipedia.org/wiki/Cross-site_request_forgery with 11 occurrences migrated to:
https://en.wikipedia.org/wiki/Cross-site_request_forgery ([https](https://en.wikipedia.org/wiki/Cross-site_request_forgery ) result 200).
* http://en.wikipedia.org/wiki/Cross-site_scripting with 7 occurrences migrated to:
https://en.wikipedia.org/wiki/Cross-site_scripting ([https](https://en.wikipedia.org/wiki/Cross-site_scripting ) result 200).
* http://en.wikipedia.org/wiki/Firesheep with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Firesheep ([https](https://en.wikipedia.org/wiki/Firesheep ) result 200).
* http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security with 4 occurrences migrated to:
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ([https](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ) result 200).
* http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol ([https](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol ) result 200).
* http://en.wikipedia.org/wiki/Man-in-the-middle_attack with 2 occurrences migrated to:
https://en.wikipedia.org/wiki/Man-in-the-middle_attack ([https](https://en.wikipedia.org/wiki/Man-in-the-middle_attack ) result 200).
* http://en.wikipedia.org/wiki/Null_Object_pattern with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Null_Object_pattern ([https](https://en.wikipedia.org/wiki/Null_Object_pattern ) result 200).
* http://en.wikipedia.org/wiki/SRV_record with 2 occurrences migrated to:
https://en.wikipedia.org/wiki/SRV_record ([https](https://en.wikipedia.org/wiki/SRV_record ) result 200).
* http://en.wikipedia.org/wiki/Same-origin_policy with 1 occurrences migrated to:
https://en.wikipedia.org/wiki/Same-origin_policy ([https](https://en.wikipedia.org/wiki/Same-origin_policy ) result 200).
* http://en.wikipedia.org/wiki/Session_fixation with 6 occurrences migrated to:
https://en.wikipedia.org/wiki/Session_fixation ([https](https://en.wikipedia.org/wiki/Session_fixation ) result 200).
* http://example.com with 8 occurrences migrated to:
https://example.com ([https](https://example.com ) result 200).
* http://example.com/ with 1 occurrences migrated to:
https://example.com/ ([https](https://example.com/ ) result 200).
* http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice with 2 occurrences migrated to:
https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice ([https](https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice ) result 200).
* http://flywaydb.org/ with 1 occurrences migrated to:
https://flywaydb.org/ ([https](https://flywaydb.org/ ) result 200).
* http://getbootstrap.com/docs/4.0/examples/signin/signin.css with 1 occurrences migrated to:
https://getbootstrap.com/docs/4.0/examples/signin/signin.css ([https](https://getbootstrap.com/docs/4.0/examples/signin/signin.css ) result 200).
* http://gradle.org with 1 occurrences migrated to:
https://gradle.org ([https](https://gradle.org ) result 200).
* http://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ with 2 occurrences migrated to:
https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ ([https](https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ ) result 200).
* http://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html with 2 occurrences migrated to:
https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html ([https](https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html ) result 200).
* http://jquery.com/ with 1 occurrences migrated to:
https://jquery.com/ ([https](https://jquery.com/ ) result 200).
* http://knockoutjs.com/ with 1 occurrences migrated to:
https://knockoutjs.com/ ([https](https://knockoutjs.com/ ) result 200).
* http://marketplace.eclipse.org/content/anyedit-tools with 1 occurrences migrated to:
https://marketplace.eclipse.org/content/anyedit-tools ([https](https://marketplace.eclipse.org/content/anyedit-tools ) result 200).
* http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html with 1 occurrences migrated to:
https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html ([https](https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html ) result 200).
* http://openid.net with 1 occurrences migrated to:
https://openid.net ([https](https://openid.net ) result 200).
* http://openid.net/ with 1 occurrences migrated to:
https://openid.net/ ([https](https://openid.net/ ) result 200).
* http://openid.net/certification/ with 4 occurrences migrated to:
https://openid.net/certification/ ([https](https://openid.net/certification/ ) result 200).
* http://openid.net/connect/ with 4 occurrences migrated to:
https://openid.net/connect/ ([https](https://openid.net/connect/ ) result 200).
* http://openid.net/specs/openid-attribute-exchange-1_0.html with 3 occurrences migrated to:
https://openid.net/specs/openid-attribute-exchange-1_0.html ([https](https://openid.net/specs/openid-attribute-exchange-1_0.html ) result 200).
* http://openid.net/specs/openid-connect-core-1_0.html with 50 occurrences migrated to:
https://openid.net/specs/openid-connect-core-1_0.html ([https](https://openid.net/specs/openid-connect-core-1_0.html ) result 200).
* http://openid.net/specs/openid-connect-session-1_0.html with 2 occurrences migrated to:
https://openid.net/specs/openid-connect-session-1_0.html ([https](https://openid.net/specs/openid-connect-session-1_0.html ) result 200).
* http://sizzlejs.com/ with 2 occurrences migrated to:
https://sizzlejs.com/ ([https](https://sizzlejs.com/ ) result 200).
* http://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time with 1 occurrences migrated to:
https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time ([https](https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time ) result 200).
* http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/ (301) with 1 occurrences migrated to:
https://spring.io/blog/2010/03/06/behind-the-spring-security-namespace/ ([https](https://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/ ) result 200).
* http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ (301) with 1 occurrences migrated to:
https://spring.io/blog/2010/08/02/spring-security-in-google-app-engine/ ([https](https://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ ) result 200).
* http://spring.io/projects with 1 occurrences migrated to:
https://spring.io/projects ([https](https://spring.io/projects ) result 200).
* http://spring.io/services with 1 occurrences migrated to:
https://spring.io/services ([https](https://spring.io/services ) result 200).
* http://stackoverflow.com/questions/tagged/spring-security with 1 occurrences migrated to:
https://stackoverflow.com/questions/tagged/spring-security ([https](https://stackoverflow.com/questions/tagged/spring-security ) result 200).
* http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html with 2 occurrences migrated to:
https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html ([https](https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html ) result 200).
* http://tools.ietf.org/html/rfc6797 with 15 occurrences migrated to:
https://tools.ietf.org/html/rfc6797 ([https](https://tools.ietf.org/html/rfc6797 ) result 200).
* http://tools.ietf.org/html/rfc7469 with 18 occurrences migrated to:
https://tools.ietf.org/html/rfc7469 ([https](https://tools.ietf.org/html/rfc7469 ) result 200).
* http://vimeo.com/34436402 with 1 occurrences migrated to:
https://vimeo.com/34436402 ([https](https://vimeo.com/34436402 ) result 200).
* http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ with 1 occurrences migrated to:
https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ ([https](https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ ) result 200).
* http://www.ja-sig.org/cas (301) with 1 occurrences migrated to:
https://www.apereo.org ([https](https://www.ja-sig.org/cas ) result 200).
* http://ehcache.sourceforge.net (301) with 2 occurrences migrated to:
https://www.ehcache.org/ ([https](https://ehcache.sourceforge.net ) result 200).
* http://www.html5rocks.com/en/tutorials/security/content-security-policy/ with 2 occurrences migrated to:
https://www.html5rocks.com/en/tutorials/security/content-security-policy/ ([https](https://www.html5rocks.com/en/tutorials/security/content-security-policy/ ) result 200).
* http://www.ietf.org/rfc/rfc2396.txt with 3 occurrences migrated to:
https://www.ietf.org/rfc/rfc2396.txt ([https](https://www.ietf.org/rfc/rfc2396.txt ) result 200).
* http://www.ietf.org/rfc/rfc2617.txt with 1 occurrences migrated to:
https://www.ietf.org/rfc/rfc2617.txt ([https](https://www.ietf.org/rfc/rfc2617.txt ) result 200).
* http://www.liquibase.org/ with 1 occurrences migrated to:
https://www.liquibase.org/ ([https](https://www.liquibase.org/ ) result 200).
* http://www.openbsd.org/papers/bcrypt-paper.ps with 1 occurrences migrated to:
https://www.openbsd.org/papers/bcrypt-paper.ps ([https](https://www.openbsd.org/papers/bcrypt-paper.ps ) result 200).
* http://www.springframework.org/schema/aop/spring-aop-2.5.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop-2.5.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-2.5.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-2.5.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-2.5.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-2.5.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 2 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-2.5.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-2.5.xsd ([https](https://www.springframework.org/schema/context/spring-context-2.5.xsd ) result 200).
* http://www.springframework.org/schema/mvc/spring-mvc.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd ) result 200).
* http://www.springframework.org/schema/security/spring-security.xsd with 3 occurrences migrated to:
https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd ) result 200).
* http://www.springframework.org/schema/websocket/spring-websocket.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd ) result 200).
* http://www.test.com with 9 occurrences migrated to:
https://www.test.com ([https](https://www.test.com ) result 200).
* http://www.thymeleaf.org with 25 occurrences migrated to:
https://www.thymeleaf.org ([https](https://www.thymeleaf.org ) result 200).
* http://www.thymeleaf.org/ with 3 occurrences migrated to:
https://www.thymeleaf.org/ ([https](https://www.thymeleaf.org/ ) result 200).
* http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd with 1 occurrences migrated to:
https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd ([https](https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd ) result 200).
* http://www.thymeleaf.org/whatsnew21.html with 1 occurrences migrated to:
https://www.thymeleaf.org/whatsnew21.html ([https](https://www.thymeleaf.org/whatsnew21.html ) result 200).
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html with 2 occurrences migrated to:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html ) result 200).
* http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html with 1 occurrences migrated to:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html ) result 200).
* http://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html with 1 occurrences migrated to:
https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html ([https](https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html ) result 200).
* http://www.w3.org/TR/2011/REC-css3-selectors-20110929/ with 2 occurrences migrated to:
https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ ([https](https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ ) result 200).
* http://www.w3.org/TR/CSS21/syndata.html with 1 occurrences migrated to:
https://www.w3.org/TR/CSS21/syndata.html ([https](https://www.w3.org/TR/CSS21/syndata.html ) result 200).
* http://www.w3.org/TR/selectors/ with 3 occurrences migrated to:
https://www.w3.org/TR/selectors/ ([https](https://www.w3.org/TR/selectors/ ) result 200).
* http://www.youtube.com/watch?v=3mk0RySeNsU with 2 occurrences migrated to:
https://www.youtube.com/watch?v=3mk0RySeNsU ([https](https://www.youtube.com/watch?v=3mk0RySeNsU ) result 200).
* http://api.jquery.com/jQuery.browser with 1 occurrences migrated to:
https://api.jquery.com/jQuery.browser ([https](https://api.jquery.com/jQuery.browser ) result 301).
* http://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx with 1 occurrences migrated to:
https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx ) result 301).
* http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx with 2 occurrences migrated to:
https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx ) result 301).
* http://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx with 2 occurrences migrated to:
https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx ([https](https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx ) result 301).
* http://code.google.com/p/openid-selector/ with 3 occurrences migrated to:
https://code.google.com/p/openid-selector/ ([https](https://code.google.com/p/openid-selector/ ) result 301).
* http://contributor-covenant.org with 1 occurrences migrated to:
https://contributor-covenant.org ([https](https://contributor-covenant.org ) result 301).
* http://contributor-covenant.org/version/1/3/0/ with 1 occurrences migrated to:
https://contributor-covenant.org/version/1/3/0/ ([https](https://contributor-covenant.org/version/1/3/0/ ) result 301).
* http://dev.w3.org/csswg/cssom/ with 1 occurrences migrated to:
https://dev.w3.org/csswg/cssom/ ([https](https://dev.w3.org/csswg/cssom/ ) result 301).
* http://docs.spring.io with 1 occurrences migrated to:
https://docs.spring.io ([https](https://docs.spring.io ) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html with 1 occurrences migrated to:
https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html ) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html with 7 occurrences migrated to:
https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html ) result 301).
* http://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971 (301) with 1 occurrences migrated to:
https://forum.spring.io/showthread.php?102783-How-to-use-hasIpAddress&p=343971 ([https](https://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971 ) result 301).
* http://help.github.com/set-up-git-redirect with 1 occurrences migrated to:
https://help.github.com/set-up-git-redirect ([https](https://help.github.com/set-up-git-redirect ) result 301).
* http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ with 1 occurrences migrated to:
https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ ([https](https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ ) result 301).
* http://jquery.org/license with 1 occurrences migrated to:
https://jquery.org/license ([https](https://jquery.org/license ) result 301).
* http://msdn.microsoft.com/en-us/library/dd565647 with 4 occurrences migrated to:
https://msdn.microsoft.com/en-us/library/dd565647 ([https](https://msdn.microsoft.com/en-us/library/dd565647 ) result 301).
* http://msdn.microsoft.com/en-us/library/ie/gg622941 with 5 occurrences migrated to:
https://msdn.microsoft.com/en-us/library/ie/gg622941 ([https](https://msdn.microsoft.com/en-us/library/ie/gg622941 ) result 301).
* http://openid.net/get/ with 2 occurrences migrated to:
https://openid.net/get/ ([https](https://openid.net/get/ ) result 301).
* http://openid.net/what/ with 2 occurrences migrated to:
https://openid.net/what/ ([https](https://openid.net/what/ ) result 301).
* http://technorati.com/people/technorati/ with 2 occurrences migrated to:
https://technorati.com/people/technorati/ ([https](https://technorati.com/people/technorati/ ) result 301).
* http://twitter.github.com/bootstrap/javascript.html with 13 occurrences migrated to:
https://twitter.github.com/bootstrap/javascript.html ([https](https://twitter.github.com/bootstrap/javascript.html ) result 301).
* http://www.jasig.org/cas with 1 occurrences migrated to:
https://www.jasig.org/cas ([https](https://www.jasig.org/cas ) result 301).
* http://www.modernizr.com/ with 1 occurrences migrated to:
https://www.modernizr.com/ ([https](https://www.modernizr.com/ ) result 301).
* http://www.opensource.org/licenses/mit-license.php with 1 occurrences migrated to:
https://www.opensource.org/licenses/mit-license.php ([https](https://www.opensource.org/licenses/mit-license.php ) result 301).
* http://www.oracle.com/technetwork/java/javase/downloads with 1 occurrences migrated to:
https://www.oracle.com/technetwork/java/javase/downloads ([https](https://www.oracle.com/technetwork/java/javase/downloads ) result 301).
* http://www.springframework.org/security with 1 occurrences migrated to:
https://www.springframework.org/security ([https](https://www.springframework.org/security ) result 301).
* http://www.springsource.com/ with 2 occurrences migrated to:
https://www.springsource.com/ ([https](https://www.springsource.com/ ) result 301).
* http://www.springsource.org with 1 occurrences migrated to:
https://www.springsource.org ([https](https://www.springsource.org ) result 301).
* http://www.springsource.org/sts with 1 occurrences migrated to:
https://www.springsource.org/sts ([https](https://www.springsource.org/sts ) result 301).
* http://www.thoughtcrime.org/software/sslstrip/ with 1 occurrences migrated to:
https://www.thoughtcrime.org/software/sslstrip/ ([https](https://www.thoughtcrime.org/software/sslstrip/ ) result 301).
* http://www.w3.org/TR/css3-selectors/ with 2 occurrences migrated to:
https://www.w3.org/TR/css3-selectors/ ([https](https://www.w3.org/TR/css3-selectors/ ) result 301).
* http://www.w3.org/TR/css3-syntax/ with 1 occurrences migrated to:
https://www.w3.org/TR/css3-syntax/ ([https](https://www.w3.org/TR/css3-syntax/ ) result 301).
* http://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to:
https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ ) result 302).
* http://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html with 1 occurrences migrated to:
https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html ([https](https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html ) result 302).
* http://example2.com with 3 occurrences migrated to:
https://example2.com ([https](https://example2.com ) result 302).
* http://flickr.com/ with 2 occurrences migrated to:
https://flickr.com/ ([https](https://flickr.com/ ) result 302).
* http://git-scm.com/book/cs/ch7-3.html with 1 occurrences migrated to:
https://git-scm.com/book/cs/ch7-3.html ([https](https://git-scm.com/book/cs/ch7-3.html ) result 302).
* http://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd with 1 occurrences migrated to:
https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd ([https](https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html with 4 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html ) result 302).
* http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html ([https](https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html with 2 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html with 1 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html with 2 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html ) result 302).
* http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html with 3 occurrences migrated to:
https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html ([https](https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html ) result 302).
* http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd with 1 occurrences migrated to:
https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd ([https](https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 1 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ) result 302).
* http://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx with 1 occurrences migrated to:
https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx ([https](https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx ) result 302).
* http://spring.io/spring-security with 1 occurrences migrated to:
https://spring.io/spring-security ([https](https://spring.io/spring-security ) result 302).
* http://spring.io/spring-security/ with 2 occurrences migrated to:
https://spring.io/spring-security/ ([https](https://spring.io/spring-security/ ) result 302).
* http://spring.io/tools/sts with 1 occurrences migrated to:
https://spring.io/tools/sts ([https](https://spring.io/tools/sts ) result 302).
* http://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt with 2 occurrences migrated to:
https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt ([https](https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt ) result 302).
* http://webauth.stanford.edu/manual/mod/mod_webauth.html with 1 occurrences migrated to:
https://webauth.stanford.edu/manual/mod/mod_webauth.html ([https](https://webauth.stanford.edu/manual/mod/mod_webauth.html ) result 302).
* http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context with 1 occurrences migrated to:
https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context ([https](https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context ) result 302).
* http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt with 1 occurrences migrated to:
https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt ([https](https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt ) result 302).
# Ignored
These URLs were intentionally ignored.
* http://java.sun.com/JSP/Page with 14 occurrences
* http://java.sun.com/jsp/jstl/core with 31 occurrences
* http://java.sun.com/jsp/jstl/fmt with 6 occurrences
* http://java.sun.com/jsp/jstl/functions with 1 occurrences
* http://java.sun.com/jstl/core with 1 occurrences
* http://java.sun.com/xml/ns/j2ee with 2 occurrences
* http://java.sun.com/xml/ns/javaee with 6 occurrences
* http://localhost with 20 occurrences
* http://localhost/ with 6 occurrences
* http://localhost/Test</value></property> with 1 occurrences
* http://localhost/appcontext/page with 1 occurrences
* http://localhost/authenticated with 1 occurrences
* http://localhost/authentication/login with 2 occurrences
* http://localhost/authorize/oauth2/code/registration-id with 3 occurrences
* http://localhost/authorize/oauth2/implicit/registration-3 with 1 occurrences
* http://localhost/callback/client-1 with 1 occurrences
* http://localhost/callback/client-1?error=invalid_grant with 1 occurrences
* http://localhost/client-1 with 9 occurrences
* http://localhost/cookie with 1 occurrences
* http://localhost/cookie/delete with 1 occurrences
* http://localhost/custom-login with 1 occurrences
* http://localhost/custom-logout with 1 occurrences
* http://localhost/form-page with 1 occurrences
* http://localhost/iss with 1 occurrences
* http://localhost/issuer with 2 occurrences
* http://localhost/login with 38 occurrences
* http://localhost/login/oauth2/code/ with 4 occurrences
* http://localhost/login/oauth2/code/pkce-client-registration-id& with 1 occurrences
* http://localhost/login/oauth2/code/registration-id with 3 occurrences
* http://localhost/login/oauth2/code/registration-id& with 2 occurrences
* http://localhost/login/oauth2/code/registration-id-2 with 2 occurrences
* http://localhost/login/openid with 1 occurrences
* http://localhost/login2 with 1 occurrences
* http://localhost/loginPage with 2 occurrences
* http://localhost/logout with 1 occurrences
* http://localhost/messages with 4 occurrences
* http://localhost/oauth2/authorization/google with 1 occurrences
* http://localhost/openid-page with 1 occurrences
* http://localhost/saved-request with 1 occurrences
* http://localhost/secured with 2 occurrences
* http://localhost/signin with 1 occurrences
* http://localhost/some-url with 1 occurrences
* http://localhost/tosave with 1 occurrences
* http://localhost/user with 1 occurrences
* http://localhost:123456 with 3 occurrences
* http://localhost:1280/certs with 1 occurrences
* http://localhost:314 with 1 occurrences
* http://localhost:4080 with 1 occurrences
* http://localhost:543 with 1 occurrences
* http://localhost:8080 with 16 occurrences
* http://localhost:8080/ with 4 occurrences
* http://localhost:8080/SomeService with 1 occurrences
* http://localhost:8080/contacts with 1 occurrences
* http://localhost:8080/login/oauth2/code with 1 occurrences
* http://localhost:8080/login/oauth2/code/client-id with 2 occurrences
* http://localhost:8080/login/oauth2/code/facebook with 2 occurrences
* http://localhost:8080/login/oauth2/code/github with 2 occurrences
* http://localhost:8080/login/oauth2/code/google with 4 occurrences
* http://localhost:8080/login/oauth2/code/okta with 2 occurrences
* http://localhost:8080/path/page.html?query=string with 1 occurrences
* http://localhost:8080/sample/ with 15 occurrences
* http://localhost:8080/secure with 1 occurrences
* http://localhost:8080/spring-security-samples-tutorial/listAccounts.html with 4 occurrences
* http://localhost:8080/spring-security-samples-tutorial/post.html?id=1 with 4 occurrences
* http://localhost:9080/protected with 2 occurrences
* http://localhost:9080/secured with 1 occurrences
* http://localhost:9080/unsecured with 1 occurrences
* http://localhost:9080/user with 1 occurrences
* http://test.com with 1 occurrences
* http://test.foobar.com with 1 occurrences
* http://testopenid.com?openid.return_to= with 1 occurrences
* http://www.springframework.org/schema/aop with 2 occurrences
* http://www.springframework.org/schema/beans with 8 occurrences
* http://www.springframework.org/schema/context with 2 occurrences
* http://www.springframework.org/schema/mvc with 2 occurrences
* http://www.springframework.org/schema/security with 45 occurrences
* http://www.springframework.org/schema/security/spring-security- with 1 occurrences
* http://www.springframework.org/schema/websocket with 2 occurrences
* http://www.springframework.org/security/tags with 17 occurrences
* http://www.springframework.org/tags with 12 occurrences
* http://www.springframework.org/tags/form with 14 occurrences
* http://www.w3.org/1999/XSL/Transform with 1 occurrences
* http://www.w3.org/1999/xhtml with 26 occurrences
* http://www.w3.org/2001/XMLSchema with 15 occurrences
* http://www.w3.org/2001/XMLSchema-datatypes with 8 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 9 occurrences
2019-03-19 23:53:23 -05:00
2bf126f4cf
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# HTTP URLs that Could Not Be Fixed
These URLs were unable to be fixed. Please review them to see if they can be manually resolved.
* http://luke.taylor.openid.cn/ (200) with 1 occurrences could not be migrated:
([https](https://luke.taylor.openid.cn/ ) result SSLHandshakeException).
# Fixed URLs
## Fixed But Review Recommended
These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended.
* http://axschema.org/contact/email (UnknownHostException) with 2 occurrences migrated to:
https://axschema.org/contact/email ([https](https://axschema.org/contact/email ) result UnknownHostException).
* http://axschema.org/namePerson (UnknownHostException) with 1 occurrences migrated to:
https://axschema.org/namePerson ([https](https://axschema.org/namePerson ) result UnknownHostException).
* http://axschema.org/namePerson/first (UnknownHostException) with 1 occurrences migrated to:
https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first ) result UnknownHostException).
* http://axschema.org/namePerson/last (UnknownHostException) with 1 occurrences migrated to:
https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last ) result UnknownHostException).
* http://luke.taylor.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
https://luke.taylor.myopenid.com/ ([https](https://luke.taylor.myopenid.com/ ) result UnknownHostException).
* http://schema.openid.net/contact/email (UnknownHostException) with 2 occurrences migrated to:
https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email ) result UnknownHostException).
* http://schema.openid.net/namePerson (UnknownHostException) with 1 occurrences migrated to:
https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson ) result UnknownHostException).
* http://schema.openid.net/namePerson/friendly (UnknownHostException) with 1 occurrences migrated to:
https://schema.openid.net/namePerson/friendly ([https](https://schema.openid.net/namePerson/friendly ) result UnknownHostException).
* http://somehost/someUrl (UnknownHostException) with 1 occurrences migrated to:
https://somehost/someUrl ([https](https://somehost/someUrl ) result UnknownHostException).
* http://spring.security.test.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to:
https://spring.security.test.myopenid.com/ ([https](https://spring.security.test.myopenid.com/ ) result UnknownHostException).
* http://example.net/pkp-report (404) with 1 occurrences migrated to:
https://example.net/pkp-report ([https](https://example.net/pkp-report ) result 404).
* http://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng (404) with 1 occurrences migrated to:
https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng ([https](https://www.oasis-open.org/docbook/xml/5.0/rng/docbook.rng ) result 404).
* http://www.puppycrawl.com/dtds/configuration_1_3.dtd (404) with 1 occurrences migrated to:
https://www.puppycrawl.com/dtds/configuration_1_3.dtd ([https](https://www.puppycrawl.com/dtds/configuration_1_3.dtd ) result 404).
* http://www.puppycrawl.com/dtds/suppressions_1_1.dtd (404) with 1 occurrences migrated to:
https://www.puppycrawl.com/dtds/suppressions_1_1.dtd ([https](https://www.puppycrawl.com/dtds/suppressions_1_1.dtd ) result 404).
* http://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller (404) with 1 occurrences migrated to:
https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller ([https](https://www.se-radio.net/transcript-82-organization-large-code-bases-juergen-hoeller ) result 404).
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://raykrueger.blogspot.com/ with 1 occurrences migrated to:
https://raykrueger.blogspot.com/ ([https](https://raykrueger.blogspot.com/ ) result 200).
* http://www.infoq.com/presentations/code-organization-large-projects with 1 occurrences migrated to:
https://www.infoq.com/presentations/code-organization-large-projects ([https](https://www.infoq.com/presentations/code-organization-large-projects ) result 200).
* http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd with 1 occurrences migrated to:
https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd ([https](https://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd ) result 200).
* http://www.springframework.org/dtd/spring-beans.dtd with 4 occurrences migrated to:
https://www.springframework.org/dtd/spring-beans.dtd ([https](https://www.springframework.org/dtd/spring-beans.dtd ) result 200).
* http://www.springframework.org/schema/aop/spring-aop-3.0.xsd with 5 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop-3.0.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.0.xsd ) result 200).
* http://www.springframework.org/schema/aop/spring-aop-3.2.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop-3.2.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-3.2.xsd ) result 200).
* http://www.springframework.org/schema/aop/spring-aop.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/aop/spring-aop.xsd ([https](https://www.springframework.org/schema/aop/spring-aop.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 20 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans-3.1.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans-3.1.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.1.xsd ) result 200).
* http://www.springframework.org/schema/beans/spring-beans.xsd with 267 occurrences migrated to:
https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-3.0.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-3.0.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.0.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-3.1.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-3.1.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.1.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context-3.2.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context-3.2.xsd ([https](https://www.springframework.org/schema/context/spring-context-3.2.xsd ) result 200).
* http://www.springframework.org/schema/context/spring-context.xsd with 6 occurrences migrated to:
https://www.springframework.org/schema/context/spring-context.xsd ([https](https://www.springframework.org/schema/context/spring-context.xsd ) result 200).
* http://www.springframework.org/schema/data/jpa/spring-jpa.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/data/jpa/spring-jpa.xsd ([https](https://www.springframework.org/schema/data/jpa/spring-jpa.xsd ) result 200).
* http://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd ([https](https://www.springframework.org/schema/jdbc/spring-jdbc-3.1.xsd ) result 200).
* http://www.springframework.org/schema/mvc/spring-mvc.xsd with 10 occurrences migrated to:
https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd ) result 200).
* http://www.springframework.org/schema/security/spring-security-2.0.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/security/spring-security-2.0.xsd ([https](https://www.springframework.org/schema/security/spring-security-2.0.xsd ) result 200).
* http://www.springframework.org/schema/security/spring-security.xsd with 266 occurrences migrated to:
https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd ) result 200).
* http://www.springframework.org/schema/tx/spring-tx-3.0.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/tx/spring-tx-3.0.xsd ([https](https://www.springframework.org/schema/tx/spring-tx-3.0.xsd ) result 200).
* http://www.springframework.org/schema/tx/spring-tx.xsd with 3 occurrences migrated to:
https://www.springframework.org/schema/tx/spring-tx.xsd ([https](https://www.springframework.org/schema/tx/spring-tx.xsd ) result 200).
* http://www.springframework.org/schema/util/spring-util-3.0.xsd with 3 occurrences migrated to:
https://www.springframework.org/schema/util/spring-util-3.0.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.0.xsd ) result 200).
* http://www.springframework.org/schema/util/spring-util-3.1.xsd with 1 occurrences migrated to:
https://www.springframework.org/schema/util/spring-util-3.1.xsd ([https](https://www.springframework.org/schema/util/spring-util-3.1.xsd ) result 200).
* http://www.springframework.org/schema/util/spring-util.xsd with 4 occurrences migrated to:
https://www.springframework.org/schema/util/spring-util.xsd ([https](https://www.springframework.org/schema/util/spring-util.xsd ) result 200).
* http://www.springframework.org/schema/websocket/spring-websocket.xsd with 6 occurrences migrated to:
https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd ) result 200).
* http://www.headwaysoftware.com with 1 occurrences migrated to:
https://www.headwaysoftware.com ([https](https://www.headwaysoftware.com ) result 301).
* http://java.sun.com/dtd/web-app_2_3.dtd with 2 occurrences migrated to:
https://java.sun.com/dtd/web-app_2_3.dtd ([https](https://java.sun.com/dtd/web-app_2_3.dtd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 10 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ) result 302).
* http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to:
https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ) result 302).
# Ignored
These URLs were intentionally ignored.
* http://appengine.google.com/ns/1.0 with 1 occurrences
* http://docbook.org/ns/docbook with 1 occurrences
* http://jakarta.apache.org/log4j/ with 1 occurrences
* http://java.sun.com/xml/ns/javaee with 22 occurrences
* http://www.springframework.org/schema/aop with 14 occurrences
* http://www.springframework.org/schema/beans with 576 occurrences
* http://www.springframework.org/schema/c with 6 occurrences
* http://www.springframework.org/schema/context with 18 occurrences
* http://www.springframework.org/schema/data/jpa with 2 occurrences
* http://www.springframework.org/schema/jdbc with 2 occurrences
* http://www.springframework.org/schema/mvc with 20 occurrences
* http://www.springframework.org/schema/p with 10 occurrences
* http://www.springframework.org/schema/security with 534 occurrences
* http://www.springframework.org/schema/tx with 10 occurrences
* http://www.springframework.org/schema/util with 16 occurrences
* http://www.springframework.org/schema/websocket with 12 occurrences
* http://www.w3.org/1999/xlink with 1 occurrences
* http://www.w3.org/2001/XMLSchema-instance with 299 occurrences
2019-03-19 17:33:29 -05:00
b93528138e
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# Fixed URLs
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://www.apache.org/licenses/ with 1 occurrences migrated to:
https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/ ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 2691 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0 ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 2 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html ) result 200).
2019-03-14 15:46:20 -05:00
82d527ed42
Add Support for Clear Site Data on Logout
...
Added an implementation of HeaderWriter for Clear-Site-Data HTTP
response header as welll as an implementation of LogoutHanlder
that accepts an implementation of HeaderWriter to write headers.
- Added ClearSiteDataHeaderWriter and HeaderWriterLogoutHandler
that implements HeaderWriter and LogoutHandler respectively
- Added unit tests for both implementations's behaviours
- Integration tests for HeaderWriterLogoutHandler that uses
ClearSiteDataHeaderWriter
- Updated the documentation to include link to
HeaderWriterLogoutHandler
Fixes gh-4187
2019-02-28 11:01:08 -07:00
0c2a7e03f7
Update resource-server.adoc
...
Fix typo in the code sample
2019-02-11 12:27:28 -07:00
a7a9271313
Client OAuth2 properties to use scope not scopes
...
OAuth2ClientProperties.Registration (which captures .properties and
.yml for OAuth2 Client) has a member `scope` but not `scopes`. Samples
and documentation were using `scopes` and have now been updated to use
`scope`.
Fixes gh-6510
2019-02-08 11:54:18 -05:00
c4b17475d9
Improve LDAP snippet formatting
...
Issue: gh-6486
2019-01-28 14:25:27 -07:00
5abe6ca718
Missing spring: prefix on jwk-set-uri example
2019-01-25 08:31:13 -06:00
95ff451193
Fix formatting in Implicit OAuth2AuthorizedClient section
2019-01-18 10:24:01 -07:00
b7ed919cee
Add preload support to Strict-Transport-Security
...
1. Preload support in Servlet Security(XML & Java)
2. Preload support in Reactive Security
3. Test for preload support in Servlet Security
4. Test for preload support in Reactive Security
Fixes: gh-6312
2019-01-16 11:10:06 -06:00
0656d2bc05
cconfigured -> configured
2019-01-08 13:18:14 -06:00
cb0ea0241b
Spring Security provides a DelegatingSecurityContextRunnable
...
abstraction for Runnable that can be used for async and
scheduled tasks. The primary contract for task scheduling is
TaskScheduler and there's no such wrapper available at the moment.
The new DelegatingSecurityContextTaskScheduler class implements
TaskScheduler interface.
Fixes gh-6043
2018-12-17 14:30:55 -06:00
f808740c57
Update reference manual to use NimbusJwtDecoder
...
Fixes gh-6188
2018-11-30 06:53:35 -05:00
b2c2f84f00
Fix Typo in Reference Docs
...
Fixes gh-6076
2018-11-14 11:36:27 -06:00
ac026e23fe
Updated Spring Boot version from 2.1.0.M4 to 2.1.0.RELEASE
2018-11-14 10:51:38 -06:00
11b6b63364
Docs: Fix Maven Property example `spring-security.version`
2018-11-13 15:08:00 -06:00
2769b7ffb0
Leave Issuer As String - Documentation
...
Update documentation that indicated the iss claim is proactively
coerced into a URL.
Issue: gh-6073
2018-11-13 12:40:41 -07:00
78e27ca17f
Update Reactive Resource Server Docs
...
Resource Server documentation for both Servlet and Reactive now have a
similar feel and offer deeper exposure to common use cases.
Fixes: gh-6054
2018-11-07 12:05:21 -07:00
605469db06
Clarify default OAuth 2.0 login page requirements
...
Fixes gh-5996
2018-10-22 09:20:49 -04:00
e26bb2b326
Update x509.adoc
...
Added Escaping for Adoc
2018-10-17 14:56:45 -05:00
88f8bfeb57
Polish docs for WebClient OAuth2 Servlet Setup
2018-10-15 09:44:22 -04:00
26fcde6f8e
Document new features for OAuth Client
...
Fixes gh-5832
2018-10-12 19:24:02 -04:00
e8045838e3
Fix minor typo in secure-objects.adoc
2018-10-10 10:43:34 -05:00
2307b01a7a
Resource Server Docs - Servlet
...
Fixes: gh-5912
2018-10-05 15:46:37 -06:00
cbb25f7b87
Polish Getting Spring Security Reference
...
Fixes: gh-5921
2018-10-04 17:27:09 -05:00
d4c50a8fb8
Replace Section Links in What's New
...
Fixes: gh-5857
2018-09-20 07:50:30 -06:00
dcbf762a0b
WebClient OAuth2 Support for defaultClientRegistrationId
...
Fixes: gh-5872
2018-09-19 11:47:04 -05:00
f48055ce47
Polish Section Link in What's New
2018-09-19 10:20:42 -06:00
ece5de3f99
Polish What's New
...
Issue: gh-5857
2018-09-19 09:45:13 -05:00
62db88ce6a
Add WebFlux CORS Reference
...
Fixes: gh-5870
2018-09-18 21:24:36 -05:00
501c008526
Add WebFlux Redirect to HTTPS Reference
...
Fixes: gh-5869
2018-09-18 21:12:37 -05:00
db9248e05a
Polish WebFlux HTTP Headers Reference
...
Issue: gh-5868
2018-09-18 20:30:45 -05:00
7b7f579746
What's New Links to WebFlux sections
...
Issue: gh-5857
2018-09-18 17:23:03 -05:00
54d07b6b8b
Add WebFlux HTTP Headers Reference
...
Fixes: gh-5868
2018-09-18 17:09:41 -05:00
a7f94b2188
Separate Servlet and WebFlux Feature Lists
...
Issue: gh-5857
2018-09-18 12:05:20 -06:00
2a83e34db5
Remove NOTE bookmarks
...
Originally, there were two references to "[[NOTE]]" which was
confusing since Asciidoc can't have two bookmarks of the same name.
Changed these to "[NOTE]" so they would display the "note" component
in the docs.
Issue: gh-5866
2018-09-18 12:05:19 -06:00
87243ea453
Add WebFlux Resource Server Reference
...
Fixes: gh-5866
2018-09-18 10:58:56 -05:00
83af2df131
Add WebFlux @RegisteredOAuth2AuthorizedClient Reference
...
Fixes: gh-5864
2018-09-18 10:25:06 -05:00
1e1b8ab3e7
Add WebFlux OAuth2 Client Reference
...
Fixes: gh- 5865
2018-09-18 10:24:59 -05:00
a44d07ecf4
Fix OAuth2 Login Reference Format
...
Issue: gh-5836
2018-09-18 09:42:09 -05:00
3ecefab957
Add WebFlux OAuth2 Login Reference
...
Fixes: gh-5863
2018-09-18 09:41:45 -05:00
735d755bb1
Add WebClient OAuth2 Documentation
...
Fixes: gh-5859
2018-09-17 22:26:33 -05:00
26afc18b66
What's New in Spring Security 5.1
...
An initial skeleton pointing to the various sections of Spring
Security that received an update in Spring Security 5.1
Issue: gh-5857
2018-09-17 16:37:47 -06:00
5b8d66e911
Extract Preface
...
Issue: gh-5836
2018-09-12 17:04:41 -05:00
57359058dd
Separate Servlet and WebFlux
...
Fixes: gh-5836
2018-09-12 16:48:41 -05:00
3f3a3e8351
Fix convention
2018-09-11 13:57:23 -05:00
439538477a
Add missing space in namespace.adoc
2018-08-27 10:43:53 -05:00
cbd28cfd1e
Polish Reference Documentation
2018-08-18 20:39:18 -05:00
329bde0db1
Update database-schema.adoc
2018-08-18 20:21:35 -05:00
b192bf54f7
Update database-schema.adoc
2018-08-18 20:21:35 -05:00
594cacb0d6
Add SQL for Oracle at section USERS and revise ACL
...
I feel very painful when using SQL script for Oracle database. I set datatype, number(18), number(38) is too big, all character is uppercase (because Oracle database is case-insensitive). ACL's SQL script has script for Oracle database, but section USERS, AUTHORITIES has not SQL scrip for Oracle database, therefore I add more.
2018-08-18 20:21:35 -05:00
7f04d8d893
Polish Reference Documentation
...
- Improve emphasis
- Fix formatting
- Update to Spring Framework 5
- Bom -> BOM
Fixes: gh-5695
2018-08-18 20:09:31 -05:00
1d8db1085a
Polish Reference Documentation
...
- Fix Broken Link
- Update docs to state Spring Security 5 instead of Spring Security 4
Fixes: gh-5694
2018-08-18 20:05:44 -05:00
c6ea447cc0
Add support for Feature-Policy security header
2018-08-16 09:31:02 -05:00
9c478257d4
Fix the broken link in the WebSocket documentation
...
Changeset 46bb855#4094 ) removed websocket chat
sample in favor of spring-session one. This commit
updates spring-security documentation link to
point to the up-to-date sample location
2018-08-16 09:14:24 -05:00
fe17c71775
Mention spring-security-data dependency for Spring Data in doc
...
Closes #5556
2018-07-31 09:56:57 -05:00
7e52fe67f4
Fixed document error
2018-07-19 09:35:16 -06:00
1137f3b46d
Add cross references to ReactorContextTestExecutionListener
...
Fixes: gh-5418
2018-06-11 17:13:24 -05:00
81e19ad85e
Move oauth2 samples under boot directory
...
Issue gh-5397
2018-06-06 09:37:36 -04:00
de95583509
Move oauth2login samples under oauth2 directory
...
Fixes gh-5397
2018-05-30 12:16:05 -04:00
73345e7434
Add Cross Site Tracing (XST) & HTTP Method Tampering Protection
...
Fixes: gh-5377
2018-05-24 09:35:40 -05:00
4bfce2a591
Fixed typo in acl database schema appendix.
...
Fixes gh-5204
2018-05-07 16:44:32 -05:00
fddc28ba3b
Fixed typo in CSRF documentation.
...
Fixes gh-4792
2018-05-07 16:44:32 -05:00
2a0f529ee4
Use spring-projects for organization in GitHub URLs
2018-05-04 21:01:39 -05:00
44b22e7208
Fix 'attributes' deprecation warning in spring-security-docs-guides
2018-05-04 14:12:14 -05:00
f8247fa346
Remove Default URLs and Parameters Commentary
...
This paragraph was originally there to explain why Spring Security was
moving from the old default URLs and parameters to new ones.
Now that the defaults are the same in XML and well as Java Config, the
explanation is now no longer relevant.
Fixes: gh-5242
2018-04-19 08:53:23 -06:00
526e0fdd4f
Add OAuth2 Client HandlerMethodArgumentResolver
...
Fixes gh-4651
2018-04-02 12:13:52 -04:00
6e5105f899
Extract appendix subsections
...
Issue: gh-2567
2018-03-09 16:34:46 -06:00
40bb73124c
Move data to data/index
...
Issue: gh-2567
2018-03-09 16:34:42 -06:00
780e6aefd2
Extract additional-topics subsections
...
Issue: gh-2567
2018-03-09 16:34:38 -06:00
35345fac70
Extract authorization subsections
...
Issue: gh-2567
2018-03-09 16:34:35 -06:00
8cf51032e0
Extract Subsections of Web
...
Issue: gh-2567
2018-03-09 16:34:31 -06:00
ae9075c023
Extract test subsections
...
Issue: gh-2567
2018-03-09 16:34:30 -06:00
cf4272ff64
Extract architecture subsections
...
Issue: gh-2567
2018-03-09 16:34:24 -06:00
4152530e69
Fix new lines
...
Issue: gh-2567
2018-03-09 16:34:20 -06:00
73cec43842
Extract subsections for preface
...
Issue: gh-2567
2018-03-09 16:34:12 -06:00
86465026a1
Extract top level section of reference
...
Issue: gh-2567
2018-03-09 16:33:54 -06:00
e799f13ae2
Consistent new lines in referenche
...
Issue: gh-2567
2018-03-09 16:33:54 -06:00
d21338d212
Support errorOnInvalidType for Reactive AuthenticationPrincipal
...
Fixes: gh-5096
2018-03-09 12:05:55 -06:00
a2073b2b91
Support BeanResolver for Reactive AuthenticationPrincipal
...
Fixes: gh-4326
2018-03-09 12:05:55 -06:00
d816af2337
Add BadCredentials Jackson Support to What's New
...
Issue: gh-5087
2018-03-09 12:05:55 -06:00
7fafd899ee
Add Reactive WithUserDetails to What's new
...
Issue: gh-4888
2018-03-09 12:05:55 -06:00
abae2f3e87
Allow WithSecurityContextTestExecutionListener to execute after @Before
...
Fixes: gh-2935
2018-03-08 14:13:07 -06:00
210a510bba
Use HttpFirewall Bean
...
Fixes: gh-5022
2018-02-15 17:18:28 -06:00
6f48afbfe6
Format HttpFirewall Reference
...
Put each sentence on a newline.
Issue: gh-5022
2018-02-15 17:18:28 -06:00
964a14b224
Document Reactive Method security requires Publisher return types
...
Fixes: gh-4988
2018-02-07 16:43:18 -06:00
4fbfb710f5
fix typo in documentation: index.adoc
...
1) for more on information on how the Spring Security `AuthenticationManager` is -> for more information on how the Spring Security `AuthenticationManager` is`
2) all the sames things -> all the same things
2018-02-07 10:48:00 -06:00
e1a8d250de
Add authenticated().withAuthentication(Consumer<Authentication>)
...
This allows arbitrary assertions of the authenticated user
Fixes: gh-4996
2018-02-02 16:56:45 -06:00
cd88c739e0
Add Guides to docsZip
...
Fixes: gh-4327
2018-01-30 15:35:30 -06:00
84679a5d64
Polish #4904 Support GrantedAuthoritiesMapper @Bean for oauth2Login
2018-01-23 12:14:57 -05:00
65c3862da9
Password Troubleshooting Reference Fix
...
Correct the package to NoOpPasswordEncoder within the reference
Fixes: gh-4965
2018-01-18 08:25:52 -06:00
450600cbb8
Polish reference
2018-01-12 09:17:05 -06:00
0991f31613
Document exchange password for short term credential
...
Fixes gh-4959
2018-01-12 09:15:35 -06:00
aa900065b8
Document OAuth2UserService delegation-based strategy for authorities mapping
...
Fixes gh-4909
2018-01-11 10:07:58 -05:00
f3830eec7d
Rename userDetailsRepository to userDetailsService
2018-01-10 16:04:48 -06:00
00e8795adc
Update What's New
2017-11-27 11:50:37 -06:00
cd1a02225b
Document PasswordEncoder
2017-11-27 11:42:56 -06:00
690e22778a
Polish Docs
2017-11-27 11:42:56 -06:00
4f85f3a12f
Polish - Editing pass for OAuth 2.0 Login ref doc
2017-11-22 10:44:50 -05:00
3eb66f37e0
Editing pass for OAuth 2.0 Login ref doc
...
Fixes gh-4850
2017-11-21 22:01:15 -05:00
94a8d9b116
Add OAuth 2.0 Login in reference doc
...
Fixes gh-4849
2017-11-17 11:37:56 -05:00
9e22190198
Remove duplicate eruby option in asciidoctor task
2017-11-16 11:19:20 -06:00
82adf744f5
Polish Docs
2017-10-31 10:27:34 -05:00
e95430fa36
Polish Reactive Method Security reference
...
Issue gh-4757
2017-10-30 16:27:50 -05:00
d664ff2e26
Lookup HandlerMappingIntrospector from Bean
2017-10-30 16:27:50 -05:00
8e6c726fb2
Add WebFlux to What's New 5.0
...
Fixes gh-4757
2017-10-30 15:29:13 -05:00
5280ac40e9
WebMvcConfigurerAdapter->WebMvcConfigurer
...
Fixes gh-4612
2017-10-30 01:30:08 -05:00
a558d408a3
Minor typos PreAuthenticatedAuthenticationProvider
2017-10-29 22:12:04 -05:00
a139a0052d
Fix Typo in Reference Docs
2017-10-29 22:09:46 -05:00
6decf1c8ef
Allow use of non-numeric (e.g. UUID) values for ObjectIdentity.getIdentifier()
...
Prior to this commit, the ObjectIdentity id had to be a number. This
commit allows for domain objects to use UUIDs as their identifier. The
fully qualified class name of the identifier type can be specified
in the acl_object_identity table and a ConversionService can be provided
to BasicLookupStrategy to convert from String to the actual identifier
type.
There are the following other changes:
- BasicLookupStrategy has a new property, aclClassIdSupported, which
is used to retrieve the new column from the database. This preserves
backwards-compatibility, as it is false by default.
- JdbcMutableAclService has the same property, aclClassIdSupported,
which is needed to modify the insert statement to write to the
new column. Defaults to false for backwards-compatibility.
- Tests have been updated to verify both the existing functionality
for backwards-compatibility and the new functionality.
Fixes gh-1224
2017-10-29 21:29:12 -05:00
b91aa19b35
Doc DelegatingPasswordEncoder is default
...
Fixes gh-gh-2775
2017-10-24 07:56:28 -05:00
cdc992b132
Remove SaltSource
...
Fixes gh-4681
2017-10-24 07:56:28 -05:00
6a3e981c80
Remove BaseDigestPasswordEncoder from core
...
Issue: gh-4674
2017-10-24 07:55:40 -05:00
53cb6c17e4
gh-4482 - Updating docs for `ConcurrentSessionFilter` configuration example
2017-10-12 07:41:11 -05:00
9833f0090d
Update to remove extra Header
...
Update to remove extra Ldap Authentication Section Header
2017-10-06 17:07:08 -05:00
9e719bc313
Drop the `aopalliance:aopalliance` dependency
...
As of Spring 4.3 RC1 the `org.aopalliance` interfaces are once again bundled
with `spring-aop` [1]. Moreover, all modules with a dependency on
`aopalliance:aopalliance` directly or indirectly also depend on `spring-aop`.
This change drops the `aopalliance:aopalliance` dependency in all places it's
declared. Where applicable an explicit dependency on `spring-aop` was added in
its place. (This dependency was already present in most places; in one case the
module didn't require `aopalliance:aopalliance` in the first place.)
The documentation is updated accordingly.
[1] https://jira.spring.io/browse/SPR-13984
2017-09-22 11:11:04 -05:00
3f58822d4d
Fix MyCustomDsl Reference
...
Fixes gh-4340
2017-09-18 16:07:29 -05:00
dbda7e35a4
Update index.adoc - add missing callout
...
To fix WARNING: index.adoc: line 988: no callouts refer to list item 1
2017-06-15 12:49:20 -05:00
221d4f8fb1
Document WebFlux What Is New
...
Issue gh-4325
2017-05-10 00:28:16 -05:00
829c386756
Add support for OAuth 2.0 Login
...
Fixes gh-3907
2017-04-28 10:58:59 -04:00
dd6fc48dd8
Standardize Build
...
The build now uses spring build conventions to simplify the build
Fixes gh-4284
2017-04-21 10:55:05 -05:00
d59f128210
Fix asciidoc in manual
...
Fixes gh-4301
2017-04-21 10:50:30 -05:00
49719480a8
Fix configuration-source-ref doc
...
Fixes gh-4200
2017-03-02 00:25:51 -06:00
f99fe36e02
Refer to SimpleGrantedAuthority instead of GrantedAuthorityImpl
...
GrantedAuthorityImpl has been replaced a couple of years ago with
SimpleGrantedAuthority and this commit fixes the documentation items
which weren’t updated to reflect this change.
Fixes gh-4163.
2017-03-02 00:09:14 -06:00
72d08a2a5f
Fix index.adoc typo
2017-03-01 23:45:50 -06:00
aa5df61eff
Fix index.adoc typo
2016-12-21 10:19:51 -06:00
6df5b76f24
Fix test.adoc typo
2016-12-21 10:19:51 -06:00
c8ed130008
Fix websocket.adoc typo
2016-12-21 10:19:51 -06:00
f94399cff9
Polish
2016-11-17 09:49:41 -06:00
94fb1893de
fix typo "RemoteIpValve"
2016-11-16 14:13:53 -06:00
fd9f57eb5f
Update What's New changelogs
2016-11-09 17:00:09 -06:00
f0a9421aa4
SecurityJacksonModules->SecurityJackson2Modules
...
Fixes gh-4121
2016-11-09 16:42:41 -06:00
14a656186d
Polish Referrer Header Policy Docs
...
Previously, the Referrer Header Policy was accidentally placed within
the CSP section.
Move Referrer Header Polich outside of the CSP section.
Issue gh-4110
2016-11-09 13:15:06 -06:00
2a197c72eb
Fix typos in the reference
...
Fix typos in the reference documentation
Fixes gh-4113
2016-11-09 10:05:27 -06:00
ab5af87953
Add Referrer Policy to What's New
2016-11-08 16:14:20 -06:00
23294c4c57
Add Referrer-Policy header support
...
Fixes gh-4110
2016-11-08 13:21:35 -06:00
eb2870bf82
Polishing doc in What's New in Spring Security 4.2
2016-11-08 11:19:51 -06:00
cf3d6e7167
Fix Small Typo
...
propoerty->property
2016-10-31 11:31:52 -05:00
8ca4b55d32
Update What's New Section of Reference
...
Fixes gh-4109
2016-10-25 15:03:59 -05:00
f432c04111
Create UserBuilder
...
This commit creates a UserBuilder and updates samples to use it. We do not
leverate it for JdbcUserDetailsManager because it requires the schema to
be created which is difficult with a single bean definition and
unpredicatble ordering. For this, it is still advised to use
AuthenticationManagerBuilder
Fixes gh-4095
2016-10-21 16:42:03 -05:00
94e580fe64
Add Support for Custom Default Configuration in Web Security
...
Fixes gh-4102
2016-10-19 16:15:56 -05:00
af9139b613
Add intercept-url@request-matcher-ref
...
Fixes gh-4097
2016-10-18 22:27:31 -05:00
f019ea89e7
Remove unused lowercase-comparisons from XSD
...
Fixes gh-3932
2016-10-18 22:27:28 -05:00
aaa9708b95
Add BeanResolver to AuthenticationPrincipalArgumentResolver
...
Previously @AuthenticationPrincipal's expression attribute didn't support
bean references because the BeanResolver was not set on the SpEL context.
This commit adds a BeanResolver and ensures that the configuration
sets a BeanResolver.
Fixes gh-3949
2016-10-18 19:45:54 -05:00
df9e6c973c
linked to java configuration sample applications
...
removed outdated description and linked directly to java configuration sample applications
2016-10-17 21:12:17 -05:00
1da9c06f3b
Fix Reference (test.adoc) Typo
...
@SpringExecutionListeners -> @SpringTestExecutionListeners
2016-10-17 21:11:19 -05:00
0c35209d77
Document Proxy Server
...
Issue gh-4076
2016-10-17 21:07:57 -05:00
5e35e37a2b
Update to Thymeleaf 3.0.2 and remove tiles
...
Spring 5 removed support for Tiles 2 and Thymeleaf does not support
Tiles 3 yet. This commit updates to Thymeleaf 3.0.2 and uses
Thymeleaf's build in layout support.
Issue gh-4080
2016-10-17 17:00:17 -05:00
0b1e3b4e4a
Fix Reference Typo
...
unlimitted->unlimited
2016-09-23 16:45:08 -05:00
6b4a52715b
Fix Typo in Reference
2016-09-23 14:57:52 -05:00
c0f5aaee78
Adds What's New Spring Security 4.2
...
Fixes gh-4070
2016-09-23 13:02:27 -05:00
d8690a59e2
Fix ??? in reference
2016-09-19 16:29:46 -05:00
7f54c8b8b4
Fix link to CSP in Reference Doc
...
Previously the link in the reference from x-frame-options to the
content security policy section was broken.
This commit fixes the link.
Issue gh-4063
2016-09-19 10:21:04 -05:00
12173c04ee
Fix Typo in Reference Docs
...
Word substitution, it's foolproof, not full proof :-)
Fixes gh-4063
2016-09-19 10:11:16 -05:00
b88418b94a
Configuration of session management strategies
...
This commit adds an ExpiredSessionStrategy for the ConcurrentSessionFilter
analogous to the InvalidSessionStrategy for the SessionManagementFilter. It also
adds a configuration option for both the InvalidSessionStrategy and
ExpiredSessionStrategy to the XML namespace and Java configuration.
Fixes gh-3794
Fixes gh-3795
2016-09-15 11:10:17 -05:00
37c6605062
Add explanation for DelegatingAuthenticationFailureHandler ( #207 )
2016-09-02 13:27:23 -05:00
2deb722a1f
JavaDoc links in 5.5 Handling Logouts fixed ( #3993 )
...
Fixes gh-3992
2016-08-15 10:13:36 -05:00
fe117bc445
[minor] fix grammar error ( #4013 )
...
add space: that"collects" -> that "collects"
2016-08-15 09:42:36 -05:00
3befb1c8a6
MvcRequestMatcher servletPath / JavaConfig
...
Issue: gh-3987
2016-08-09 16:29:30 -05:00
0b14664a8c
Fix typos in reference ( #3979 )
2016-07-19 15:42:23 -05:00
69306a8b46
Fix typo ( #3968 )
...
Fixes typo `advantadge`
2016-07-13 12:37:26 -05:00
310bb39a0d
Fix typo
2016-07-06 16:22:33 -05:00
e4c13e3c0e
Add MvcRequestMatcher
...
Fixes gh-3964
2016-07-06 15:47:23 -05:00
13bc70f693
Add CorsFilter support
2016-07-05 14:28:04 -05:00
dd9b59ba31
Document Digest is insecure
...
Fixes gh-3894
2016-06-20 14:10:36 -05:00
9fa2c64737
Documentation SecurityConfig->WebSecurityConfig
...
Rename SecurityConfig to WebSecurityConfig in the documentation.
Fixes gh-153
2016-06-17 16:55:46 -05:00
208f898403
Improve csrf login caveats
...
Add a suggestion to retrieve a fresh csrf token right before the
form submission in order to avoid problems with invalid csrf tokens
due session timeouts.
Fixes gh-3925
2016-06-13 16:26:16 +01:00
8aea83011d
Docs: Remove broken link
...
I think the originally intended destination no longer exists in the
documentation.
2016-05-28 21:09:15 -04:00
fd65652bbe
Docs: Fix broken link to security database schema
2016-05-28 21:09:15 -04:00
38e9f6a851
Docs: Fix broken link to csrfInput tag info
...
ID names are case sensitive.
2016-05-28 21:09:15 -04:00
cdb04c50e8
Docs: Fix broken link to websocket security info
2016-05-28 21:09:15 -04:00
057ea4fb17
Docs: Make 'Getting Started' a level 1 section heading
...
This fixes the following build error:
asciidoctor: ERROR: index.adoc: line 26: invalid part, must have at least one
section (e.g., chapter, appendix, etc.)
2016-05-28 21:09:01 -04:00
503828c994
Add FAQ for JSP taglib & method security
...
Updated FAQ to clarify how the url attribute of the authorize tag
interacts with method security
2016-05-23 08:39:54 -05:00
ea2b5dd412
Fix wrong class name reference in the docs
...
In the documentation, there was a reference to a class called CsrfTokenResolver
and it should CsrfTokenArgumentResolver
Fixes gh-3890
2016-05-18 20:26:20 +01:00
f363c62afd
Document spring-security-test dependency
...
Fixes gh-3873
2016-05-16 10:56:50 -04:00
66980e827c
Add Spring Boot Hello World guide
...
Add Spring Boot Hello World Guide
Fixes gh-3866
2016-05-13 14:05:29 -05:00
ede521dc8d
authorizeUrls -> authorizeRequests
...
Replace remaining authorizeUrls with authorizeRequests
Fixes gh-3875
2016-05-09 10:34:36 -05:00
d4218c70f1
Update CookieCsrfTokenRepository docs to cookiHttpOnly=false
...
Currently CookieCsrfTokenRepository does not specify that the httpOnly
flag needs set to false. We should update the reference to include this
setting (and a comment about it) since it states that the settings will
work with AngularJS.
This commit updates the documentation and provides a convenience factory
method to create a CookieCsrfTokenRepository with cookiHttpOnly=false
Fixes gh-3865
2016-05-06 16:28:04 -04:00
447fb70f1d
Add Hello World Xml guide
...
Issue gh-3850
2016-05-04 21:05:31 -04:00
9745de9510
Add @AuthenticationPrincipal expression
...
It is now possible to provide a SpEL expression for
@AuthenticationPrincipal. This allows invoking custom logic including
methods on the principal object.
Fixes gh-3859
2016-05-03 18:08:52 -04:00
eaf8729941
Fixes RC1/RC2 URLs
...
Fixes gh-3838
2016-04-22 13:45:21 -04:00
85786824af
Fix logout url in doc
...
The default for logout is to redirect to `/login?logout`
Fixes gh-251
2016-04-21 14:25:44 -04:00
4ee46a5f58
Add What's new in 4.1 RC2
...
Add What's new in 4.1 RC2
Fixes gh-3830
2016-04-20 19:26:54 -05:00
933a7e8363
Remove duplicate words
...
Fixes gh-3826
2016-04-18 23:21:20 -05:00
81c9fa805f
Fix AuthenticationPrincipalArgumentResolver xml doc
...
Fixes gh-3771
2016-04-15 16:06:17 -05:00
2ef3da1b47
Documents the new @AuthenticationPrincipal in more detail.
...
Fixes gh-3771
2016-04-13 12:27:23 -04:00
95a3e30d9f
Polish Pbkdf2PasswordEncoder
...
Fixes gh-2158
Fixes gh-51
2016-04-12 17:16:38 -05:00
d3a9cc6eae
Add CsrfTokenRepository ( #3805 )
...
* Create LazyCsrfTokenRepository
Fixes gh-3790
* Add CookieCsrfTokenRepository
Fixes gh-3009
2016-04-12 17:26:53 -04:00
1d271184c9
Fix Documentation Formatting
...
Fix corrupted character and add formatting per the duplicated text
block
Fixes gh-193
2016-04-12 13:07:07 -05:00
8f7cf28435
Fix typos in documentation
...
Fixes gh-196
Fixes gh-3109
2016-04-12 12:59:21 -05:00
fe94d654ed
Fix typos ( #228 )
2016-04-12 11:11:51 -05:00
849c62b870
Disables doclint in Java 8 to prevent build error from javadoc task.
...
Fixes gh-3767
2016-04-11 18:19:30 -04:00
945a21a3fb
Use xml / javaconfig folders for samples
...
Fixes gh-3752
2016-04-11 09:47:06 -05:00
9c3db557dd
Add missing # in SpEL expression doc
...
SpEL variables can be referenced in the expression using the syntax
23.2.2 Path Variables in Web Security Expressions.
Fixes gh-3781
2016-04-01 10:21:17 -05:00
9e5cdbd133
Includes a reference to the https://report-uri.io/ service in the CSP and HPKP documentation.
...
Fixes gh-3772
2016-03-30 12:12:43 -04:00
b3d26ed5d6
Add changelog in What's New
...
Issue gh-3768
2016-03-22 22:40:58 -05:00
bf9a837b9a
Polish What's New
...
Issue gh-3768
2016-03-22 22:37:52 -05:00
40b7fa5b72
Update Issues Link
...
Issue gh-3333
2016-03-22 22:37:52 -05:00
3e47531b19
Polish CSP reference
...
Issue gh-3763
2016-03-22 22:37:51 -05:00
e04f685747
Fix Typo in @WithUserDetails reference
...
Issue gh-3346
2016-03-22 22:37:41 -05:00
2f7f2ff589
Adds support for Content Security Policy
...
Fixes gh-2342
2016-03-22 21:59:13 -05:00
4cb9b202f8
Remove subversion from reference
...
Fixes gh-3766
2016-03-22 16:37:39 -05:00
683d751902
Polish What's New
...
Fixes gh-3768
2016-03-22 16:33:25 -05:00
4b650dc58d
Allow AuthenticationProvider Bean in Java Config
...
This commit adds support for defaulting java configuration's
authentication by providing an AuthenticationProvider Bean.
Fixes gh-3091
2016-03-22 16:17:25 -05:00
988b54ec3d
Remove invalid ` from docs
...
Fixes gh-3751
2016-03-15 14:38:23 -05:00
134a0a7f96
Move FAQ to appendix
...
Fixes gh-3761
2016-03-15 14:37:35 -05:00
1382bd728b
Clean up Javadoc log levels
...
Issue gh-3757
2016-03-15 08:37:01 -05:00
e33e21fe6b
Add Forward after authentication attempt config support
...
Fixes gh-3728
2016-03-11 10:49:30 -06:00
dbf73c4692
Update spring-security-config module description
...
Include Java Configuration in the description.
Fixes gh-3298
2016-03-10 10:45:15 -06:00
835ac0a217
Add @WithUserDetails userDetailsServiceBeanName
...
Fixes gh-3346
2016-03-09 15:59:23 -06:00
dd8ba8c07e
Fix formatting error in documentation
...
Fixes gh-3279
2016-03-09 15:00:52 -06:00
db81977a1a
Polish HPKP
...
* Javadoc polish
* Whitespace cleanup
Issue gh-3706
2016-03-03 15:11:40 -06:00
331c7e91b7
HTTP Public Key Pinning
...
HTTP Public Key Pinning (HPKP) is a security mechanism which allows HTTPS websites
to resist impersonation by attackers using mis-issued or otherwise fraudulent certificates.
(For example, sometimes attackers can compromise certificate authorities,
and then can mis-issue certificates for a web origin.)
The HTTPS web server serves a list of public key hashes, and on subsequent connections
clients expect that server to use 1 or more of those public keys in its certificate chain.
This commit will add this new functionality.
Fixes gh-3706
2016-03-03 14:21:46 -06:00
004bb8e577
Fix ` in documentation
...
There were a few rendering issues within the documentation
associated with `
This commit fixes those rendering issues
Fixes gh-3699
2016-02-12 08:22:55 -06:00
83992a7a27
fix typo in doc
2016-01-05 14:12:04 +01:00
1f32e96d31
SEC-3181: Fixed reference formatting
...
The code ticks was broken.
2015-12-21 17:23:16 -06:00
b7360a803d
SEC-3152: Add @Retention to @WithMock documentation
2015-11-12 16:21:12 -06:00
5c36c9f659
SEC-3151 Polishing reference document (springsoruce -> spring, etc..)
2015-11-12 16:04:01 -06:00
c93d6bc823
SEC-3120: Remove .and() from httpStrictTransportSecurity() doc
2015-10-30 09:11:47 -05:00
0981cd975f
SEC-3120: Reference hsts() -> httpStrictTransportSecurity()
2015-10-29 15:07:44 -05:00
861ec76991
SEC-3133: Correct test doc username parameter
2015-10-26 12:59:44 -05:00
8858419696
SEC-3052: Doc DEFAULT_MATCHER->DEFAULT_CSRF_MATCHER
2015-10-21 16:22:37 -05:00
777431758d
Fix reference to Null Object pattern in the manual
2015-09-24 16:53:35 +03:00
09c4765191
Fix reference to Spring Security version in the manual
2015-09-07 00:44:16 -05:00
bac980cbcb
SEC-2868: Simplify custom UserDetailsService Java Config
...
Exposing a UserDetailsService as a bean is now all that is necessary
for Java based configuration. Additionally, an optional PasswordEncoder
bean can be used to configure password encoding.
2015-08-27 20:41:15 -05:00
35393098f8
SEC-3094: Add @WithAnonymousUser & anonymous() MockMvcRequestPostProcessor
2015-08-27 15:17:44 -05:00
6b05b298ff
SEC-2059: Support Path Variables in Web Expressions
2015-08-20 17:11:01 -05:00
327695ab0c
SEC-3084: Doc SecurityContextRequestPostProcessorSupport & SecurityContextHolder
2015-08-20 09:30:24 -05:00
cbed1d75ee
SEC-3076: Add Method Level Security Meta Annotations
2015-08-19 16:07:03 -05:00
7708129aad
SEC-3080: Remove invalid characters from reference
2015-08-19 16:06:56 -05:00
567c51e109
SEC-3074: Add Test Meta Annotation Support
2015-08-19 16:05:54 -05:00
dab4cf18b8
SEC-3032: Correct documented logout-success-url default
2015-07-22 13:48:07 -05:00
a50d297f3a
SEC-2953: Add index-docinfo.xml
...
This removes the "please define title in your docbook file"
2015-07-21 11:48:44 -05:00
abc445d5a7
SEC-2965: Polish
2015-07-16 15:52:00 -05:00
518a1c3c08
SEC-2965: Fix invalid formatted links in reference documentation
2015-07-16 15:27:04 -05:00
1ca5946d74
SEC-3003: Document invalid intercept-url attributes for filter-security-metadata-source
2015-07-16 15:03:51 -05:00
2d448658cd
SEC-3042: Add SecurityTestExecutionListeners
2015-07-16 13:51:37 -05:00
0e36f85dab
SEC-3019: Java Config for Http Basic supports Rememberme
2015-07-16 11:12:44 -05:00
b96cee7950
SEC-2984: WithMockUser authorities doc
2015-07-16 08:48:53 -05:00
64938ebcfc
SEC-2996: Suport configuring SecurityExpressionHandler<Message<Object>>
2015-07-13 22:45:35 -05:00
a46ad0f446
SEC-2951: Polish
2015-04-30 09:52:52 -05:00
013177c644
SEC-2951: Document Logouthandler and LogoutSuccesshandler
...
Jira: https://jira.spring.io/browse/SEC-2951
2015-04-30 09:37:17 -05:00
600927def6
SEC-2952: Document Spring Security leveraging WebMvcConfigurerAdapter
2015-04-29 10:18:02 -05:00
1087d19346
SEC-2933: Update ProviderManager reference XML to use constructor
2015-04-20 15:57:04 -05:00
67762321f8
SEC-2920: Fix tickets resolved link in reference
2015-04-20 15:14:40 -05:00
c94a5cf8e2
SEC-2916: disable-url-rewriting=true by default
2015-03-25 13:14:15 -05:00
0a2e496a84
SEC-2915: groovy/gradle spaces->tabs
2015-03-25 13:08:59 -05:00
cf9f58a4ac
SEC-2915: XML spaces->tabs
2015-03-25 13:08:52 -05:00
8105b05dd0
SEC-2782: Migrate guide links include "current" in URL
2015-03-23 09:33:00 -05:00
b262c198d8
SEC-2782: Polish Migrating from 3 to 4 Guide
2015-03-20 14:14:55 -05:00
a18fa3f1db
saving updates to migrate
2015-03-16 12:32:58 -05:00
1da1b8b12f
SEC-2892: Added Guides Back to dist
2015-03-11 13:29:18 -05:00
9169186d48
SEC-2889: Update documentation to use sameOriginDisabled
2015-03-10 14:48:19 -05:00
5e2720723a
SEC-2884: Fix WebSocket reference link text
2015-03-10 10:51:53 -05:00
dea5723ecc
SEC-2782: Finish Migration Guide from 3.x to 4.x
2015-03-09 17:09:00 -05:00
9b4cbff58c
SEC-2782: Additional Updates to Migration Guide from 3.x to 4.x
2015-03-06 17:10:06 -06:00
ff4e9e6ad4
SEC-2782: Started Migration Guide from 3.x to 4.x
2015-02-27 16:18:18 -06:00
ff5a176675
trivial docs fixed a few typos and grammatical errors
...
I have signed and agree to the terms of the SpringSource Individual Contributor License Agreement.
2015-02-25 00:04:15 -06:00
4ca99ef88c
SEC-2877: Fix doc typo in index.adoc
...
Replace "a`" with "a `"
2015-02-24 22:28:07 -06:00
5f57e5b0c3
SEC-2873: Remember Me XML Configuration Defaults Should Match Java Config
2015-02-24 20:49:56 -06:00
67cd8465c3
SEC-2826: Add remember-me-cookie attribute in xml namespace
2015-02-24 17:54:54 -06:00
9ffd5db466
SEC-2584: Add What's New in 4.0
2015-02-24 16:14:15 -06:00
bfa12ade40
SEC-2870: Add Spring Data Documentation
2015-02-24 16:14:08 -06:00
37740cd020
SEC-2861: Add WebSocket Documentation & Sample
2015-02-24 10:29:47 -06:00
b9563f6102
SEC-2830: Cleanup disabling Same Origin SockJS
...
- Defaults for properties false
- Add XML Namespace support
2015-02-24 10:28:33 -06:00
b9e2a57131
SEC-2854: Add intercept-message@message-type
2015-02-20 11:43:16 -06:00
fea03536d6
SEC-2853: Rename WebSocket XML Namespace elements
2015-02-20 11:43:15 -06:00
6a8475adbb
SEC-2830: Provide Same Origin support for SockJS
2015-02-18 11:21:02 -06:00
a27c33754c
SEC-2859: Add CsrfTokenArgumentResolver
2015-02-18 10:51:30 -06:00
c4fe630f8e
SEC-2846: Security HTTP Response Headers Configuration Cleanup
2015-02-10 10:36:00 -06:00
6627f76df7
SEC-2758: Make ROLE_ consistent
2015-01-29 17:08:43 -06:00
081f84844c
SEC-2777: Fix <header> attributes in doc
2015-01-20 16:28:02 -06:00
c30c97005b
SEC-2572: Document Spring Test
2015-01-20 16:20:14 -06:00
aab0eea9cf
SEC-2800 Documentation typo in class name
2014-12-22 19:22:26 -05:00
d5ff80011b
Polish Documentation
2014-12-11 20:36:55 -06:00
1677836d53
SEC-2790: Deprecate @EnableWebMvcConfig
2014-12-10 21:10:27 -06:00
3171cc4364
SEC-2788: Add @Configuration as meta annotation to @Enable* annotations
2014-12-10 21:10:15 -06:00
c67ff42b8a
SEC-2783: XML Configuration Defaults Should Match JavaConfig
...
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
2014-12-08 15:09:15 -06:00
5f5e7e7265
SEC-2785: Reference outputs PDF, Html Multi, & epub
2014-12-08 13:29:15 -06:00
87a52ffbfd
SEC-2784: Update to Gradle 2.2.1
2014-12-08 13:29:07 -06:00
6e204fff72
SEC-2781: Remove deprecations
2014-12-04 15:28:40 -06:00
2cb2657f5b
SEC-2702: Clean WebSocket Namespace documentation
2014-11-25 12:27:29 -06:00
3c487c0348
SEC-2348: Update doc headers enabled by default with XML
2014-11-21 21:55:03 -06:00
4392205f63
SEC-2347: CSRF Enabled by default w/ XML Config
2014-11-21 21:32:56 -06:00
eedbf44235
SEC-2348: Security HTTP Response Headers enabled by default w/ XML
2014-11-21 16:06:29 -06:00
4dcc89fab0
SEC-2674: Documentation refers to httpStrictTransportSecurity() instead of hsts()
2014-11-19 13:31:09 -06:00
55d6d5a86a
SEC-2615: accesscontrollist tag hasPermission performs OR not AND
...
In 3.1 the accesscontrollist tag began performing an and on the
permissions. This may have been accidental, but I think that it is more
intuitive & secure for it to behave this way. When compared to hasAnyRole
and hasRoles the hasPermission tag implies it is an and. If users end up
needing OR support, then the authorize tag can be used along with the
hasPermission expression. For example:
<sec:authorize access="hasPermission(#domain, 'read') or hasPermission(#domain, 'write') ">
In general, the authorize tag should be preferred as it is the more
powerful way of performing authorization checks.
2014-11-18 16:59:46 -06:00
e7edb77cae
SEC-2716: Fix doc spelling of AbstractPreAuthenticatedProcessingFilter
2014-09-16 10:56:52 -05:00
bd322542ca
Fixed broken url to Clickjacking description.
2014-08-20 10:11:21 +04:00
934937d9c1
SEC-2688: CAS Proxy Ticket Authentication uses Service for host & port
2014-08-15 16:41:33 -05:00
b97b84063a
SEC-2665: Fix samples/ldap-jc link in reference
2014-07-21 14:20:14 -05:00
d9efd08bfd
SEC-2577: Add missing whitespace in reference
2014-04-28 16:24:48 -05:00
5b216bd0b2
Revert "SEC-2547: Consistent CAS client version"
...
This reverts commit f6cc9d87d5
2014-04-15 10:36:37 -05:00
f6cc9d87d5
SEC-2547: Consistent CAS client version
2014-04-14 22:48:55 -05:00
8e31b66f06
SEC-2556: Fix @Import example in manual
2014-04-14 22:39:37 -05:00
71ba977dad
Fix package name in manual code
2014-03-27 13:08:23 +00:00
32d3e29c65
SEC-2325: Polish CSRF Tag support
...
- Rename csrfField to csrfInput
- Make AbstractCsrfTag package scope
- rename FormFieldTag to CsrfInputTag
- rename MetaTagsTag to CsrfMetaTagsTag
- removed whitespace from tag output so output is
minimized & improving browser performance
- Update @since
- changed test names to be more meaningful
2014-03-07 15:28:52 -06:00
a3e0475998
SEC-2325 Added JSP tags for CSRF meta tags and form fields
2014-03-07 15:28:48 -06:00
26cee61b98
SEC-2335 Added ACL schema files for MySQL, SQL Server, Oracle
2014-03-07 15:28:45 -06:00
56bb331760
SEC-2514: Fix typo in hellomvc.asc
...
packags -> packages
2014-03-07 10:27:23 -06:00
1d6536fa71
SEC-2512: Fix typo in reference`
...
udates -> updates
2014-03-06 22:22:34 -06:00
4a1a2dfed4
Update min Spring version of 4.0.2.REELASE
2014-02-19 11:16:57 -06:00
6c35c33abe
SEC-2447: Fix AuthenticationManagerBuilder ordering issues
2014-02-09 21:17:51 -06:00
b5f5665ea6
SEC-2463: CSRF documentation includes EnableWebMvcSecurity
2014-01-29 09:28:51 -06:00
3b05fd6fed
SEC-2466: Add link to MultipartFilter in CSRF multipart section
2014-01-28 22:04:35 -06:00
4c84805ac9
SEC-2466: CSRF MutipartFilter doc now uses <url-pattern>
2014-01-28 16:51:05 -06:00
f09ce267b3
Polish MVC doc
2013-12-16 12:30:25 -06:00
374aceed2b
Polish form.asc
2013-12-16 11:13:23 -06:00
df703e0189
Polish hellomvc.asc
2013-12-16 10:39:18 -06:00
8c580dc170
SEC-2444: Polish Thymeleaf for samples
2013-12-16 09:51:00 -06:00
5205bf57c6
SEC-2453: Create 403 CSRF FAQ Entry
2013-12-16 09:02:02 -06:00
b7041ed00e
SEC-2436: Add @EnableWebMvcSecurity
2013-12-14 14:40:01 -06:00
4708287ad3
SEC-2444: Convert Java Config samples to thymeleaf and tiles
2013-12-13 15:47:28 -06:00
0d12397662
SEC-2385: Polish Gradle Spring 4 usage doc
2013-12-12 08:20:37 -06:00
035067caf4
SEC-2385: Polish Gradle Spring 4 usage doc
2013-12-11 08:08:51 -06:00
548ed4e14a
Update samples to declare repository already added
2013-12-06 14:46:52 -06:00
feeb380b51
Polish Guides
2013-12-06 11:12:07 -06:00
ec524da6cb
SEC-2416: Fix Hello MVC guide
2013-12-05 15:47:38 -06:00
fc6fc19eed
Fix guides
2013-12-05 13:16:59 -06:00
74a6303b6f
SEC-2385: Document how to use with Spring 4
2013-12-04 12:38:45 -06:00
4308e72573
Polish CSRF log in caveat with link
2013-12-03 09:27:49 -06:00
b8cc42e3a3
SEC-2426: Add CSRF and logout with non-post example
2013-12-03 09:07:54 -06:00
ab08d99a52
SEC-2421: Remove filterProcessUrl from UsernamePasswordAuthenticationFilter doc
2013-12-02 16:47:57 -06:00
135df149a3
SEC-2423: Document differences between defaults in Java & XML Config
2013-12-02 16:37:52 -06:00
0b996c669f
SEC-2424: Document ObjectPostProcessor
2013-12-02 10:17:08 -06:00
5a59c74d02
SEC-2327: Document SecurityExpressionRoot
2013-11-20 16:59:05 -06:00
4944e602cb
SEC-2402: Reference cleanup
...
* Fix link rendering in CSRF section
* Remove static from MultiHttpSecurityConfig sample
* Decrease indention since can render w/ PDF now
* Remove invalid characters
2013-11-15 10:50:08 -06:00
f1f3acdf75
Fix guides spec
2013-11-01 14:21:37 -05:00
c135179029
Update to latest Asciidoctor version
...
We will temporarily remove PDF support until the plugin supports it.
2013-10-30 16:56:00 -05:00
cf3e2f2c6a
Fix guide index's link to custom form
2013-10-30 16:19:51 -05:00
17b9f33351
SEC-2378: Fix CSRF MultipartFilter doc typo
2013-10-29 13:07:10 -05:00
5427da6b27
Move reference to htmlsingle to match standard Spring reference layout
2013-10-29 12:56:29 -05:00
78f85cc129
SEC-2349: Number the reference
2013-10-23 17:46:57 -05:00
85ec2429d9
SEC-2349: Externalize FAQ
2013-10-23 17:43:32 -05:00
355f884d22
SEC-2093: Document what is new in Spring Security 3.2
2013-10-18 16:39:01 -05:00
4a24c81147
SEC-2299: Document @AuthenticationPrincipal
2013-10-18 15:46:29 -05:00
a3009e303b
SEC-2299: Document Web MVC integration
2013-10-18 11:23:58 -05:00
6ea95cc3a3
SEC-2094: Document Concurrency Support
2013-10-18 09:50:49 -05:00
348e3a22b6
SEC-2365: registerAuthentication->configure
2013-10-16 13:59:56 -05:00
db3c626ac9
SEC-2281: Document Java Configuration
2013-10-16 10:44:35 -05:00
e3f58fd9d3
Polish guide
2013-10-16 10:44:16 -05:00
bbefc62a87
Fix Security Header's link to HttpServletResponse.setHeader
2013-10-15 16:56:44 -05:00
730dcffe6d
Fix crossrefs in footnotes
2013-10-15 16:50:26 -05:00
bf3b5459cd
Fix Authors of manual
2013-10-15 16:22:27 -05:00
0978c12c47
SEC-2361: Java Config Sampels use @Autowired AuthenticationManagerBuilder
2013-10-15 12:35:32 -05:00
51171efa7a
SEC-2357: Move *RequestMatcher to .matcher package
2013-10-14 11:55:56 -05:00
14b9050616
SEC-2357: Move *RequestMatchers to .matchers package
2013-10-14 10:36:31 -05:00
d28058303b
SEC-2349: Move FAQ into reference
2013-10-03 21:28:55 -05:00
4b43cf3f50
SEC-2349: Convert Reference to Asciidoctor
2013-10-03 14:15:09 -05:00
df5e034fc3
SEC-2282: Polish CSRF Documentation
2013-09-27 17:14:21 -05:00
8087cde628
SEC-2331: Include Expires: 0 in xsd and appendix
2013-09-27 17:10:42 -05:00
8fed90c26c
SEC-2282: Add links for AccessDeniedHandler in CSRF doc
2013-09-27 16:44:34 -05:00
3e95f1c12e
SEC-2282: Polish CSRF Documentation
2013-09-27 16:41:06 -05:00
ee33a6deeb
SEC-2285: Headers doc explicitly state default headers
2013-09-27 16:29:10 -05:00
17efd25717
SEC-2331: Include Expires: 0 in security headers documentation
2013-09-27 16:13:40 -05:00
06a0ec1a9f
SEC-2285: Polish Security Headers Documentation
...
Explain why (passivity) XML Namespace doesn't enable security headers by
default.
2013-09-27 16:13:18 -05:00
9bb283044f
SEC-2282: Polish CSRF Documentation
...
Explain why (passivity) XML Namespace doesn't enable csrf protection by
default.
2013-09-27 16:06:25 -05:00
a09756745f
SEC-2151: Support binding method arguments with Annotations
...
This allow utilizing method arguments for method access control on
interfaces prior to JDK 8.
2013-09-27 11:18:37 -05:00
1f3b812a66
SEC-2282: Polish CSRF Documentation
2013-09-26 08:58:39 -05:00
ef7cc40389
SEC-2282: Polish CSRF Documentation
2013-09-25 17:30:50 -05:00
d16106ef56
SEC-2309: Document CSRF multipart/form-data
2013-09-25 15:14:32 -05:00
e5804d323b
SEC-2256: Fix intercept-url doc precidence statement
...
Previously the documentation incorrectly stated "If a request matches
multiple patterns, the method-specific match will take precedence
regardless of ordering."
This has now been removed and InterceptUrlConfigTests was added previously
to ensure this was true.
2013-09-13 22:02:52 -07:00
f6587c8697
SEC-2312: Update javadoc link to Spring 3.2.x
2013-09-13 15:34:30 -07:00
98fe2322cd
SEC-2095: Fix Servlet API doc ids
2013-08-30 13:10:32 -05:00
fc16450344
Demonstrate rest.js CSRF support in reference docs
...
rest.js 0.9.4 added support for applying the CSRF header and token to
Ajax requests.
2013-08-30 12:21:32 -05:00
246c632f3a
SEC-2095: Document Servlet API support
2013-08-30 12:20:35 -05:00
86340b8016
SEC-2283: Polish headers doc
2013-08-29 13:47:54 -05:00
d89cf6db29
SEC-2283: Update headers documentation and tests
2013-08-28 12:35:40 -05:00
4761614c9f
SEC-2291: Fix internal links within reference
...
Instead of using xlink:href="# use linkend="
2013-08-28 09:12:27 -05:00
69aac09e1d
SEC-2285: Added headers to to reference
2013-08-28 08:58:45 -05:00
9483226d02
SEC-2282: Polish CSRF doc
2013-08-27 17:16:32 -05:00
98bdd32ca0
SEC-2282: Add CSRF documentation to the reference manual
2013-08-25 19:00:04 -05:00
18bd82e7d4
SEC-2131: Update doc to state session authentication sends 401 if no page
2013-08-25 11:37:23 -05:00
cd7055f725
SEC-2171: Include Information about pooling in Spring LDAP documentation
2013-08-25 11:27:50 -05:00
7f2308f46c
SEC-2146: Document AspectJ does not inherit annotations
2013-08-25 11:06:36 -05:00
03b235295e
SEC-2270: Remove duplicate version from guides index
2013-08-23 14:13:12 -05:00
efa9f4db93
SEC-2108: Fix typo in ldap section of manual
2013-08-23 14:09:58 -05:00
e8788f2657
SEC-2269: Fix markup for CSRF link
2013-08-21 10:08:39 -05:00
17c2a18fee
SEC-2269: Fix CSRF link in appendix
2013-08-21 10:01:19 -05:00
a3a432f7b6
SEC-2269: Fix additional links
2013-08-20 14:02:33 -05:00
3b2156969d
SEC-2269: Fix headers link
2013-08-20 10:06:00 -05:00
f707101fdb
SEC-2269: Fix headers documentation
2013-08-20 10:03:31 -05:00
eb95c500f5
Remove dockbook-reference from guides
2013-08-20 10:02:55 -05:00
658a93178c
SEC-2252: Add custom form guide
2013-08-19 15:22:04 -05:00
51b9c4a19a
Hide logout in main.jsp if not logged in
2013-08-17 14:38:39 -05:00
e9bb9e766e
SEC-1574: Add CSRF Support
2013-08-15 14:49:21 -05:00
5f35d9e3ec
SEC-2135: Document HttpServletRequest.changeSessionId() support
2013-08-15 13:59:16 -05:00
485676be8c
SEC-2251: Polish Hello World guides
...
* Correct how to add username and logout to mvc
* Externalize :revnumber:
2013-08-15 12:50:40 -05:00
13da42ca1b
SEC-2137: Allow disabling session fixation and enable concurrency control
2013-08-15 12:50:40 -05:00
e0cb931f69
SEC-2251: Create Hello World Java Configuration guides
2013-08-08 14:34:50 -05:00
333a7291a4
SEC-2242: Fixed typo in technical overview
...
Changed "source source" to "source"
2013-08-01 13:02:56 -05:00
e242aeff3e
SEC-2230: Polish and clickjacking demo
2013-08-01 10:19:36 -05:00
283c906215
SEC-2230: Fix reference PDF
2013-07-31 12:22:41 -05:00
988e97e366
SEC-2230: Polish headers reference
2013-07-31 10:39:52 -05:00
c85328c5d1
SEC-2230: HTTP Strict Transport Security (HSTS)Add support for Strict
...
This is a distinct filter as apposed to reusing StaticHeaderWriter
since the specification specifies that the "Strict-Transport-Security"
header should only be set on secure requests. It would not make sense to
require DelegatingRequestMatcherHeaderWriter since this requirement is
in the specification.
2013-07-31 10:39:52 -05:00
8013cd54d6
SEC-2230: Added Cache Control support
2013-07-31 10:39:45 -05:00
7b164bb5e1
SEC-2230: Polish pull request
2013-07-26 14:19:53 -05:00
8acd205486
SEC-2232: HeaderFactory to HeaderWriter
2013-07-26 09:01:12 -05:00
fd754c5cab
SEC-2098, SEC-2099: Fix build
...
- hf.doFilter is missing FilterChain argument
- response.headers does not contain the exact values for the headers so
should not be used for comparison (note it is a private member so this
is acceptable)
- hf does not need non-null check when hf.doFilter is invoked
- some of the configurations are no longer valid (i.e. ALLOW-FROM
requires strategy)
- Some error messages needed updated (some could still use improvement)
- No validation for missing header name or value
- rebased off master / merged
- nsa=frame-options-strategy id should use - not =
- FramewOptionsHeaderFactory did not produce "ALLOW-FROM " prefix of origin
- remove @Override on interface overrides to work with JDK5
2013-07-25 16:23:25 -05:00
d0b40cd2ae
- Created HeaderFactory abstraction
...
- Implemented different ALLOW-FROM strategies as specified in the proposal.
Conflicts:
config/src/main/java/org/springframework/security/config/http/HeadersBeanDefinitionParser.java
config/src/test/groovy/org/springframework/security/config/http/HttpHeadersConfigTests.groovy
2013-07-25 16:22:43 -05:00
a63baa8391
SEC-2098, SEC-2099: Polishing
2013-07-25 16:22:43 -05:00
0adf5aea91
SEC-2098, SEC-2099: Created HeadersFilter
...
Created HeadersFilter for setting security headers added including a
bean definition parser for easy configuration of the headers. Enables
easy configuration for the X-Frame-Options, X-XSS-Protection and
X-Content-Type-Options headers. Also allows for additional headers to
be added.
2013-07-25 16:22:43 -05:00
955a60cf49
SEC-2208: Use std docbook plugin and workspace cleanup
2013-07-16 15:15:47 -05:00
d8727638ab
SEC-1785: Remove auto-config from manual.
...
Changed the namespace doc to use an explicit form-login
and logout element and avoid mention of auto-config or its
effects. This makes the intro shorter and simpler.
2013-05-18 21:25:11 +01:00
d6524feb62
SEC-2122: Change doc to prioritize bcrypt use
2013-05-17 18:42:47 +01:00
c0921b9ede
SEC-2133: Update doc from ChannelAuthenticationFilter to ChannelProcessingFilter
2013-04-25 08:56:47 -05:00
6ebb9abfb7
Fix HttpSessionEventPublisher package name in FAQ.
2013-04-06 14:53:53 +01:00
5eb5c91d86
SEC-2119: Rename rememberme-parameter to remember-me-parameter
...
This change extends pull request https://github.com/SpringSource/spring-security/pull/26
and its subsequent changes by renaming the attribute name 'rememberme-parameter' to
'remember-me-parameter'.
The spelling including the additional hyphen in 'remember-me-parameter' is more consistent
with the default spelling of the 'remember-me' functionality.
2013-03-05 14:47:25 -06:00
b014020955
SEC-2119: Polish remember-me@rememberme-parameter
...
- Change form-parameter to rememerme-parameter
- Use rnc file for generating the xsd
- Add test for deafult value of rememberme parameter
2013-03-01 17:03:09 -06:00
9eb34fe51c
SEC-2119: Add a 'form-parameter' attribute to <remember-me>
...
This change extends the namespace configuration of <remember-me>
with a 'form-parameter' attribute. The introduced attribute sets
the 'parameter' property of AbstractRememberMeServices.
This enables overriding the default value of
'_spring_security_remember_me' using the namespace configuration.
2013-03-01 17:03:02 -06:00
e8661913d1
SEC-2119: Update to 3.2 schema and use default schema version when available
2013-03-01 16:29:27 -06:00
83f1d76c16
SEC-2138: Fix code snippet in Hierarchical Roles section
...
The bean definition of RoleHierarchyVoter was syntactically incorrect.
2013-02-26 09:48:59 -06:00
5ba31dfd56
Use AspectJMethodSecurityInterceptor in reference
...
Change reference to use AspectJMethodSecurityInterceptor instead of
undefined AspectJSecurityInterceptor.
2012-12-04 10:06:27 -06:00
373fe3a9f1
SEC-2074: Update reference to use <method-security-metadata-source>
2012-12-04 10:05:22 -06:00
6cea2694dc
SEC-2069: Update doc to use FilterInvocationSecurityMetadataSource
2012-10-22 14:24:05 -05:00
4f741bc914
SEC-2057: ConcurrentSessionFilter is now after SecurityContextPersistenceFilter
...
Previously, ConcurrentSessionFilter was placed after SecurityContextPersistenceFilter
which meant that the SecurityContextHolder was empty when ConcurrentSessionFilter was
invoked. This caused the Authentication to be null when performing a logout. It also
caused complications with LogoutHandler implementations that would be accessing the
SecurityContextHolder and potentially clear it out expecting that
SecurityContextPersistenceFilter would then clear the SecurityContextRepository.
The ConcurrentSessionFilter is now positioned after the
SecurityContextPersistenceFilter to ensure that the SecurityContextHolder is populated
and cleared out appropriately.
2012-10-03 09:27:24 -05:00
8ad0e0e8e8
SEC-1995: Use Gradle Artifactory integration for releases
2012-08-09 14:20:57 -05:00
095dcb3a74
SEC-2010: Include missing <value> tag in Hierarchical Roles section of the reference
2012-07-19 10:18:12 -05:00
b196d70f99
SEC-1905: Added para tag to the digest encoded password footnote
2012-07-11 13:12:57 -05:00
bfd09f7603
SEC-1905: Added footnote to password encoding for digest authentication
...
Technically digest authentication can allow for encoded passwords, but
it needs to be in the correct format. This update adds a footnote to clarify this.
Previously the documentation stated that passwords must be in clear text.
2012-07-11 13:00:06 -05:00
3e4da4f60f
Updated to next snapshot version
2012-07-06 11:28:21 -05:00
f46a5bab40
Set to 3.1.1 Release
2012-07-06 10:32:55 -05:00
Josh Cummings
Angel Aguilera
Hideaki Matsunami
Rob Winch
Eleftheria Stein
Eddú Meléndez
kostya05983
Simeon Macke
George Sofianos
Behrang
Luca Graf
David Lozano Jarque
Kirill Gavrilov
Alexey Nesterov
Tadaya Tsuyukubo
Kyle Anderson
Denis Babochenko
Ruslan Stelmachenko
Joe Grandja
Spring Operator
Rafiullah Hamedy
RusZh
Stephen Doxsee
Bryan Kelly
Andy Wilkinson
Ankur Pathak
Rafael Renan Pacheco
Richard Valdivieso
Dongmin Shin
Rafael Dominguez
Gunnar Hillert
Vedran Pavic
sunflower-seed
Thomas Jensen
Jisoo Youn
Jason Zhekov
Do Nhu Vy
fdesu
Johnny Lim
Henry Lin
Robert Roth
Rissy Lin
Jay Bryant
Arend v. Reinersdorff
Paul Wheeler
Hanson, Tristan
Robby Pond
Stephan Schroevers
stonio
Rob Winch
pkovacs
Artyom Kosykh
Dapeng
Kazuki Shimizu
Joe
Paul Samsotha
Fred Cooke
Marten Deinum
Marek Jeszka
qwazer
Artur Owczarek
Shannon Carey
Pedro Vilaça
Ryan W. Moore
David Kane
Joe Grandja
Patrick Cornelißen
Wim Deblauwe
Art O Cathain
Soeun Park
Kamill Sokol
Shazin Sadakath
Martin Macko
Tim Ysewyn
drdamour
Zied Zaïem
Juzer Ali
Alex Derkach
Dan Dowma
Eugene Wolfson
Christopher Pelloux
Bloshchetsov Andrey Evgenyevich
Alexander Grüneberg
Hans-Joachim Kliemeck
Grzegorz Rożniecki
Luke Taylor
Rob Winch
beamerblvd
John Tims
Manimaran Selvan
Scott Andrews
Asaf David
Oliver Becker
@fbiville