ec8b48150d
SEC-2474: Update poms
2014-02-07 17:01:11 -06:00
8d8475deb1
SEC-2455: form-login@login-processing-url & logout@logout-url use matchers
...
Remove the deprecation warnings of using setFilterProcessingUrl by invoking
the matcher methods instead.
2014-01-29 15:35:18 -06:00
1f833b0d6b
Add ExpressionUrlAuthorizationCOnfigurer tests
...
- Demo custom expression root
- Demo @Bean in expression example
2014-01-23 11:21:21 -06:00
994117ad75
SEC-2436: Fix CsrfConfigurerNoWebMvcTests
2013-12-14 14:48:47 -06:00
b7041ed00e
SEC-2436: Add @EnableWebMvcSecurity
2013-12-14 14:40:01 -06:00
053c890a69
SEC-2450: WebSecurityConfigurerAdapter have default Order of 100
2013-12-14 13:00:48 -06:00
2df5541905
SEC-2448: Update to HSQL 2.3.1
2013-12-14 10:19:06 -06:00
04fac30d75
SEC-2449: <ldap-server> default port should fallback to dynamic value
2013-12-14 10:19:06 -06:00
54ffa28bde
remove apacheDSWorkDir since custom tmp dir is created
2013-12-13 16:38:35 -06:00
a34178bc40
SEC-2434: Update to Spring 3.2.6 and Spring 4.0 GA
2013-12-12 08:16:59 -06:00
aaa7cec32e
SEC-2326: CsrfRequestDataValueProcessor implements RequestDataValueProcessor
...
Previously there was unecessary complexity in CsrfRequestDataValueProcessor
due to the non-passive changes in RequestDataValueProcessor. Now it simply
implements the interface with the methods for both versions of the interface.
This works since linking happens at runtime.
2013-12-12 08:07:22 -06:00
7f714ebb23
SEC-2422: Session timeout detection with CSRF protection
2013-12-11 17:38:17 -06:00
00d668dc5c
SEC-2431: UrlAuthorizationConfigurer missing <HttpSecurity> in doc
2013-12-11 11:07:05 -06:00
4460e84b29
Updates to pom.xml author and repo
2013-12-09 08:57:30 -06:00
8e8bdad8e6
SEC-2386: Remove stack for AuthenticationManagerBuilder with no authenticationProviders
2013-12-04 15:53:32 -06:00
f2fdc9d1f5
SEC-2425: Add Test for EnableGlobalMethodSecurity works on parent config
2013-12-04 14:54:56 -06:00
595b16d836
SEC-2377: Fix tests
2013-12-03 11:48:25 -06:00
2a632a061e
SEC-2377: Hhandle EnableWebSecurity in both child & parent ApplicationContext
2013-12-03 10:45:25 -06:00
0b996c669f
SEC-2424: Document ObjectPostProcessor
2013-12-02 10:17:08 -06:00
13c5af5b91
SEC-2407: Better error message for missing securityFilterChainBuilders
2013-11-26 10:12:55 -06:00
c7b93e6cee
SEC-2404: Fix CSRF config tests
2013-11-21 15:35:26 -06:00
9dbe30c81d
SEC-2165: remember-me@token-validity-seconds can be parameterized
2013-11-15 14:58:53 -06:00
afddb5eb39
SEC-2373: Update XSD doc to state security="none"
2013-11-15 13:50:49 -06:00
6382b6341a
SEC-2355: Add test to validate intercept-url PATCH works
2013-11-15 11:57:47 -06:00
85cd5627b6
SEC-2355: Add PATCH to intercept-url xsd
2013-11-15 11:46:34 -06:00
2c8946c406
Next development version
2013-11-01 14:20:55 -05:00
9c703a3051
Release version 3.2.0.RC2
2013-11-01 14:20:49 -05:00
dc317b3602
WebSecurityConfigurerAdapter implements WebSecurityConfigurer
2013-11-01 12:26:32 -05:00
cda23443ac
XsdDocumentedTests now uses asciidoc instead of asciidoctor
2013-11-01 09:32:05 -05:00
26be54653b
SEC-2382: AutowireBeanFactoryObjectPostProcessor works w/ BeanNameAutoProxyCreator
2013-10-30 11:20:42 -05:00
9e7fbf8067
SEC-2321: Refine to use X-Requested-With: XMLHttpRequest
2013-10-28 14:00:56 -05:00
5f290ba10f
SEC-2371: Remove ObjectPostProcessor.QUIESENT_POSTPROCESSOR
2013-10-18 14:31:13 -05:00
604c26eb0d
Shis simplifies the class hieararchy significantly.EC-2366: Extract AbstractRequestMatcherRegistry from AbstractRequestMatcherConfigurer
...
This simplifies the class hierarchy significantly.
2013-10-17 13:37:51 -05:00
348e3a22b6
SEC-2365: registerAuthentication->configure
2013-10-16 13:59:56 -05:00
0978c12c47
SEC-2361: Java Config Sampels use @Autowired AuthenticationManagerBuilder
2013-10-15 12:35:32 -05:00
0b0e7dbea9
SEC-2359: Merge DefaultLoginPageViewFilter w/ DefaultLoginPageGeneratingFilter
2013-10-14 15:00:24 -05:00
51171efa7a
SEC-2357: Move *RequestMatcher to .matcher package
2013-10-14 11:55:56 -05:00
14b9050616
SEC-2357: Move *RequestMatchers to .matchers package
2013-10-14 10:36:31 -05:00
f2b44e6beb
Fix javadoc whitespace issue in HttpBasicConfigurer
2013-10-11 14:53:11 -05:00
4ef0460ef6
SEC-2321: Improve Java Config defaults for JavaScript clients
2013-10-11 14:53:11 -05:00
5f10d84bf5
SEC-2303: WebSecurity sets the Bean resolver
2013-10-06 13:37:51 -05:00
dd1c2483b5
SEC-2349: Fix documentation tests
2013-10-03 17:03:17 -05:00
8087cde628
SEC-2331: Include Expires: 0 in xsd and appendix
2013-09-27 17:10:42 -05:00
17efd25717
SEC-2331: Include Expires: 0 in security headers documentation
2013-09-27 16:13:40 -05:00
614c94187e
SEC-2305: GlobalMethodSecurityConfiguration autowire PermissionEvaluator
...
If a single PermissionEvaluator bean is found the
DefaultMethodSecurityExpressionHandler is configured with the
PermissionEvaluator. If multiple PermissionEvaluator beans are found, the
beans are ignored.
2013-09-27 15:46:45 -05:00
a09756745f
SEC-2151: Support binding method arguments with Annotations
...
This allow utilizing method arguments for method access control on
interfaces prior to JDK 8.
2013-09-27 11:18:37 -05:00
cea0cf9260
SEC-2243: Remove additional Debug Filter
2013-09-26 11:38:16 -05:00
56ce7d284c
SEC-2336: WebSecurityConfigurerAdapter#registerAuthentication javadoc fixes
2013-09-26 09:08:25 -05:00
88f41cdf62
SEC-2341: Update to Gradle 1.8
...
Some dependencies were necessary to update due to issues with JUnit
integration.
2013-09-24 15:35:51 -05:00
a888ddf8b3
SEC-2307: JavaConfig RequestCache ignores favicon.ico
2013-09-24 11:30:37 -05:00
Rob Winch
Collin Peters
Spring Buildmaster