Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,701 Commits 29 Branches 320 Tags 104 MiB
Commit Graph

262 Commits

Author SHA1 Message Date
Rob Winch 5ba31dfd56 Use AspectJMethodSecurityInterceptor in reference 
Change reference to use AspectJMethodSecurityInterceptor instead of
undefined AspectJSecurityInterceptor.
 2012-12-04 10:06:27 -06:00
Rob Winch 373fe3a9f1 SEC-2074: Update reference to use <method-security-metadata-source> 2012-12-04 10:05:22 -06:00
Rob Winch 6cea2694dc SEC-2069: Update doc to use FilterInvocationSecurityMetadataSource 2012-10-22 14:24:05 -05:00
Rob Winch 4f741bc914 SEC-2057: ConcurrentSessionFilter is now after SecurityContextPersistenceFilter 
Previously, ConcurrentSessionFilter was placed after SecurityContextPersistenceFilter
which meant that the SecurityContextHolder was empty when ConcurrentSessionFilter was
invoked. This caused the Authentication to be null when performing a logout. It also
caused complications with LogoutHandler implementations that would be accessing the
SecurityContextHolder and potentially clear it out expecting that
SecurityContextPersistenceFilter would then clear the SecurityContextRepository.

The ConcurrentSessionFilter is now positioned after the
SecurityContextPersistenceFilter to ensure that the SecurityContextHolder is populated
and cleared out appropriately.
 2012-10-03 09:27:24 -05:00
Rob Winch 8ad0e0e8e8 SEC-1995: Use Gradle Artifactory integration for releases 2012-08-09 14:20:57 -05:00
Rob Winch 095dcb3a74 SEC-2010: Include missing <value> tag in Hierarchical Roles section of the reference 2012-07-19 10:18:12 -05:00
Rob Winch b196d70f99 SEC-1905: Added para tag to the digest encoded password footnote 2012-07-11 13:12:57 -05:00
Rob Winch bfd09f7603 SEC-1905: Added footnote to password encoding for digest authentication 
Technically digest authentication can allow for encoded passwords, but
it needs to be in the correct format. This update adds a footnote to clarify this.

Previously the documentation stated that passwords must be in clear text.
 2012-07-11 13:00:06 -05:00
Rob Winch 3e4da4f60f Updated to next snapshot version 2012-07-06 11:28:21 -05:00
Rob Winch f46a5bab40 Set to 3.1.1 Release 2012-07-06 10:32:55 -05:00
Rob Winch a2452ab514 SEC-1906: Update to Gradle 1.0 2012-07-05 12:41:56 -05:00
Rob Winch 18230259b8 SEC-1985: Removed WebSecurityExpessionHandler from reference 2012-06-28 11:35:07 -05:00
Rob Winch 954ba57cf2 SEC-1970: Cleanup of pre authentication documentation 
* Removed custom-authentication-provider from documentation
* Rephrased to make the pre authentication documentation a little more concise
* Removed nested () within text (not code)
* Removed user which should have been use
 2012-06-15 14:44:16 -05:00
Rob Winch ca741ab18f SEC-1943: Corrected namespace doc to state SecurityContextHolderAwareRequestFilter instead of SecurityContextHolderAwareFilter 2012-03-20 19:18:26 -05:00
Luke Taylor 2434564d6c SEC-1904: Fixed LDAP object class name in docs. 2012-02-01 14:37:32 +00:00
Luke Taylor b493afa18c SEC-1888: Improving the doc on (not) using multiple annotation types in the same class. 2012-01-31 19:05:43 +00:00
Luke Taylor 9b423a7726 Set 3.1.0 release version. 2011-12-05 23:42:39 +00:00
Rob Winch 53483df1f5 SEC-1678: Added What's new section to reference 2011-11-18 13:52:37 -06:00
Rob Winch 041cb1dcc3 SEC-1858: Included the updates for logout-success-url documentation 2011-11-18 11:22:22 -06:00
Rob Winch f88b6f75ff SEC-1858: Overhall the namespace appendix of the reference to include missing elements and attributes 2011-11-11 09:00:53 -05:00
Rob Winch 2fd0a65049 SEC-1839: Updated preauth example to use </security:authentication-manager> instead of </security-authentication-manager> 2011-10-18 19:18:56 -05:00
Luke Taylor 503ac9ae7c SEC-1798: Remove internal evaluation of EL in JSP tag implementations. 2011-08-12 19:44:27 +01:00
Luke Taylor a1c714cff4 SEC-1754: Added an InvalidSessionStrategy to allow SessionManagementFilter to delegate out the behaviour when an invalid session identifier is submitted. 2011-07-14 16:43:02 +01:00
Luke Taylor ac3d8b25f2 Expand LDAP authentication FAQ with information about bind authentication and unreadable password attributes. 2011-07-14 13:13:39 +01:00
Luke Taylor d5946b81b4 Added FAQ on how to add ApacheDS entries to pom. 2011-07-13 17:50:29 +01:00
Florian Fankhauser 2e83d98c8f SEC-1776: Corrected typo in manual 2011-07-09 19:24:12 -05:00
Luke Taylor 2861a951aa Minor FAQ update on version info. 2011-06-17 11:45:56 +01:00
Luke Taylor ecfffaaa3f Make aspectj dependencies optional throughout and spring-jdbc/tx optional in core poms. Reduces exclusions required in third-party poms (e.g. spring-social). 2011-06-09 22:57:49 +01:00
Luke Taylor 132163ec2e Add FAQ on accessing password from a UserDetailsService. 2011-05-26 18:38:45 +01:00
Luke Taylor b53d430798 Doc update to reflect change in cas integration module name since 3.0. 2011-05-23 21:29:40 +01:00
Luke Taylor 3541099634 Correct typo in FAQ. 2011-05-17 18:23:48 +01:00
Luke Taylor 295ea27526 SEC-1743: Separate remoting from core into separate module. 2011-05-16 00:19:30 +01:00
Luke Taylor 6e91786f92 SEC-1734: AbstractRememberMeServices will now default to using a secure cookie if the connection is secure. The behaviour can be overridden by setting the useSecureCookie property in which case the cookie will either always be secure (true) or never (false). 2011-05-09 13:36:23 +01:00
Rob Winch bd74185e41 SEC-1729: Updated openid module and sample to openid4java 0.9.6 and httpclient 4.1.1 2011-04-26 23:39:51 -05:00
Luke Taylor e473897fd9 SEC-1181: Add docs for ActiveDirectoryLdapAuthenticationProvider. Minor fix to initialization checks. 2011-04-26 18:39:01 +01:00
Luke Taylor c4a1ce9f1a SEC-1725: Update docs to remove references to filter-chain-map. 2011-04-25 23:38:44 +01:00
Rob Winch f28a09dfa4 Formatting changes to CAS documentation 2011-04-17 18:17:16 -05:00
Rob Winch 01fb4bdb6d SEC-1718: Update documentation and sample application to demonstrate how to use a PGT to authenticate to stateless services using a PT 2011-04-17 18:17:14 -05:00
Rob Winch 11331d34d9 SEC-1717: Document how to perform Single Logout with CAS and added integration test for sample application to test Single Logout 2011-04-17 18:14:16 -05:00
Rob Winch 04f1df2a1b SEC-965: Updated CAS documentation to describe authenticating proxy tickets 2011-04-17 18:14:16 -05:00
Luke Taylor 74b0c1780e SEC-1707: Added metadata-source-ref attribute to namespace appendix. 2011-04-05 15:25:49 +01:00
Rob Winch 79e17e22bc SEC-1703: Updated namespace for intercept-url 2011-03-29 21:58:29 -05:00
Rob Winch d9d5ee1114 SEC-1703: Updated cas custom-filter@ref to match example bean id and custom-filter@position to be CAS_FILTER 2011-03-29 20:13:07 -05:00
Luke Taylor 9c88576992 Added extra FAQ on "Bad Credentials" message and on testing LDAP authentication. Minor mods to LDAP doc. 2011-03-29 15:30:08 +01:00
Rob Winch 236efadfb7 SEC-1698: Update documentation to use correct package for RequestHeaderAuthenticationFilter 2011-03-16 23:53:29 -05:00
Luke Taylor 1dc309b041 SEC-1689: Minor doc updates related to use of password encoding and the crypto package. 2011-03-17 01:45:19 +00:00
Luke Taylor 3a3b2df1c5 Minor rewording of "child web context" FAQ. 2011-03-13 20:45:22 +00:00
Luke Taylor a25d131f21 Some doc clarifications on the use of UserDetailService vs AuthenticationProvider. 2011-03-10 16:12:16 +00:00
Luke Taylor b26f2309f4 Add paragraph to manual database appendix to clarify that the standard schema is completely optional if you aren't using JdbcDaoImpl. 2011-03-10 13:41:44 +00:00
Luke Taylor 9cf8ba02ba Adding some extra section IDs in namespace appendix to provide bookmarkable URLs. 2011-03-10 13:15:58 +00:00