1ed643ca1f
SEC-1998: Provide integration with WebAsyncManager#startCallableProcessing
...
Support integration of the Spring SecurityContext on Callable's used with
WebAsyncManager by registering SecurityContextCallableProcessingInterceptor.
2012-11-28 17:56:03 -06:00
f38df99730
SEC-2045: AbstractAuthorizeTag supports custom WebInvocationPrivilegeEvaluator
2012-10-04 11:34:36 -05:00
f441c352f6
Clean up warnings in AccessControlListTagTests
2012-08-02 09:49:19 -05:00
4b86d49a9a
SEC-2023: AccessControlListTag again supports bitmasks
...
Spring Security 3.1 has a regression i the AccessControlListTag
which should support using the bitmask in hasPermission.
Now hasPermission supports bit masks again.
2012-08-02 09:48:01 -05:00
b481a6c1ad
SEC-2022: AccessControlListTag again supports , separated list of permissions
...
Spring Security 3.0.x allowed developers to pass in a , separated list of permissions.
However, this functionality was accidentally removed in SEC-1560.
The AcessControlListTag now splits the permissions using , as a delimiter
which fixes this passivity issue.
2012-08-02 09:47:48 -05:00
b626a63b85
Suppress warnings in AbstractAuthorizeTag and AuthorizeTagCustomGrantedAuthorityTests
2012-04-22 21:54:44 -05:00
d57f1d56d5
SEC-1900: AbstractAuthorizeTag now compares using getAuthority()
...
This avoids backwards compatibility issues with other GrantedAuthority
implementations.
2012-04-22 21:54:43 -05:00
8ca2927761
Renamed **/Test.java to **/Tests.java to better follow conventions
2011-12-28 17:39:29 -06:00
178765cf83
SEC-1836: Forgot taglib comment update.
2011-11-01 00:19:37 +00:00
fc399af136
SEC-1836: use GET as the default method with authorize tag.
2011-10-31 23:23:37 +00:00
503ac9ae7c
SEC-1798: Remove internal evaluation of EL in JSP tag implementations.
2011-08-12 19:44:27 +01:00
74daa68691
SEC-1796: Check for annotated annotations at class/interface level. Previously only the specific security annotation was checked for. By delegating to Spring's AnnotationUtils, custom annotations carrying the security annotation are also detected.
2011-08-12 14:29:55 +01:00
63f160dc72
SEC-1749: Add support for PageContext lookup of objects and use of PermissionEvaluator when using web access expressions.
2011-05-19 15:27:35 +01:00
ce19b470e2
SEC-1560: Change AccessControlListTag to use PermissionEvaluator rather than explicit ACL classes.
2011-05-17 22:55:20 +01:00
ccc548b9e4
Fixing bundlor warnings.
2011-03-08 16:20:37 +00:00
94b7868039
SEC-1675: Add missing body-content elements to tag descriptor and update it to use 2.0 tag library schema.
2011-02-14 21:17:16 +00:00
b0df1bd1b0
SEC-1673: Use a map to store the range values use in the bundlor templates.
2011-02-07 16:06:23 +00:00
00200cecbc
SEC-1494: Added system property "spring.security.disableUISecurity" which will prevent authorize tags from hiding content. By default, the property will also cause the area that would normally be hidden to be decorated with a <span class="securityHiddenUI"> tag, thus allowing the area to be rendered with some distinguishing css (e.g. a different background colour).
2011-01-25 13:16:46 +00:00
85d685f7d3
SEC-1611: Make access attribute in authorize tag a runtime expression
2010-12-14 16:55:34 +00:00
4a40d80da1
SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority.
...
It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
2010-12-03 16:41:46 +00:00
4ad0652787
Removed array of authorities constructor from TestingAuthenticationToken and RunAsUserToken.
2010-12-01 20:52:37 +00:00
ca679e1479
Reformatting.
2010-12-01 20:52:37 +00:00
1c8d28501c
SEC-1550: Convert signatures to use Collection<? extends GrantedAuthority> where appropriate.
2010-11-03 13:48:59 +00:00
21ed5feb8d
SEC-1600: Added Implementation-Version and Implementation-Title to manifest templates and checking of version numbers in namespace config module and core. Config checks the version of core it is running against and core checks the Spring version, reporting any mismatches or situations where the app is running with less than the recommended Spring version.
2010-10-27 13:25:40 +01:00
bd84a2bfa1
SWC-1552 Update .tld in integration test to match change in taglib.
2010-10-26 14:00:45 +01:00
70600a0277
SEC-1552 Refactor AuthorizeTag and LegacyAuthorize tag to make them independent of JSP tag rendering.
2010-10-26 12:33:51 +01:00
af56f4844d
SEC-1562: Created SecurityExpressionHandler interface and AbstractSecurityExpressionHandler.
2010-09-07 19:46:45 +01:00
f4d57ab5e8
SEC-1456: Remove maven poms as we are now using gradle for the build.
2010-08-30 19:02:19 +01:00
3c02989d67
Removal of jmock test dependency and upgrading of mockito version to 1.8.5. Minor adjustments to other build deps and configurations (e.g. prevent groovy from being used as a transitive dep, since we only use it for tests).
2010-08-18 02:32:43 +01:00
85c4c91e0e
IDEA inspection refactorings.
2010-08-05 23:28:07 +01:00
36e0fb6d91
SEC-1518: Fix element ordering in security.tld
2010-07-21 16:16:15 +01:00
a681dee0e1
Minor sample build changes. JSTL dependency update.
2010-07-20 23:45:20 +01:00
b3aad4cf19
Javadoc fixes.
2010-05-06 20:02:08 +01:00
dada047e04
SEC-1456: Set rtexprvalue=true for "url" attribute in access tag to allow dynamic values (such as URL of current page).
2010-04-21 17:31:44 +01:00
bf91f2ca67
SEC-524: Added "var" attribute to authorize and accesscontrollist JSP tags.
...
Allows the result of the boolean condition granting/denying access to be stored in the page context for later use, without having to duplicate the tag.
2010-03-24 18:35:17 +00:00
f3264ba9ab
Addition of commons-logging exclusions and adjustments to pom generation.
2010-03-07 21:58:25 +00:00
b64a3fa725
Hans Dockter's refactoring of gradle build, plus simplification of docbook plugin.
2010-03-05 23:23:43 +00:00
0551dd89ac
SEC-1420: Add htmlEscape attribute to authentication JSP tag.
...
This allows HTML escaping to be disabled if required.
2010-03-04 00:47:22 +00:00
f3f84da625
Increase upper bounds of Spring and Spring Security versions in bundlor templates to 3.2.0.
2010-02-21 23:25:36 +00:00
2ee7696bf4
Update version number to 3.1.0.CI-SNAPSHOT.
2010-02-19 17:35:19 +00:00
44f45d21f0
3.0.2 release. Update version in build files.
2010-02-19 01:22:21 +00:00
c12c43da9e
Javadoc fixes.
2010-02-14 23:27:09 +00:00
36612377e2
Replace package.html with package-info.java files, creating new ones where missing and updating outdated contents.
2010-02-14 23:23:23 +00:00
51dfc0fb39
Set versions to 3.0.2-CI-SNAPSHOT, post release.
2010-01-15 18:15:19 +00:00
05634f97dc
Updated version numbers for 3.0.1 release.
2010-01-15 18:04:28 +00:00
fa42d9d5ec
Fix taglibs template.mf
...
Was missing sub-packages of org.sfw.security.acls.
2010-01-12 00:33:20 +00:00
b323098167
Added gradle build files for taglibs, tutorial, contacts and openid.
...
Changed build file names to match module names (by manipulating the project objects in the settings.gradle file).
2010-01-10 23:31:23 +00:00
052537c8b0
Removing $Id$ markers and stripping trailing whitespace from the codebase.
2010-01-08 21:05:13 +00:00
893f212fa5
Tidying
2010-01-02 19:53:19 +00:00
115d5b84ff
[maven-release-plugin] prepare for next development iteration
2009-12-22 22:20:01 +00:00
Rob Winch
Rob Winch
Christian Hilmersson
Luke Taylor
Rossen Stoyanchev
Hans Dockter