Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-08-17 15:03:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,051 Commits 39 Branches 351 Tags
Commit Graph

1074 Commits

Author SHA1 Message Date
Rob Winch
62e127e978 SEC-2789: Add Default WebSecurityConfigurerAdapter 2014-12-10 21:10:26 -06:00
Rob Winch
3171cc4364 SEC-2788: Add @Configuration as meta annotation to @Enable* annotations 2014-12-10 21:10:15 -06:00
Rob Winch
11116c2b80 SEC-2787: Update Versions 2014-12-10 16:37:19 -06:00
Rob Winch
c67ff42b8a SEC-2783: XML Configuration Defaults Should Match JavaConfig 
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
 2014-12-08 15:09:15 -06:00
Rob Winch
b56e5edbbd SEC-2784: Fix build plugins 2014-12-08 14:24:34 -06:00
Rob Winch
87a52ffbfd SEC-2784: Update to Gradle 2.2.1 2014-12-08 13:29:07 -06:00
Rob Winch
6e204fff72 SEC-2781: Remove deprecations 2014-12-04 15:28:40 -06:00
Rob Winch
5bb0ce9a8f SEC-2773: Add Test for static delegatingApplicationListener 2014-12-01 12:06:09 -06:00
Oliver Gierke
0f7c2e4128 SEC-2773: Prevent premature container initialization in WebSecurityConfiguration. 
Changed the bean definition method for the DelegatingApplicationListener
to be static to avoid the need to instantiate the configuration class which
caused further premature initializations to satisfy the dependencies
expressed in setFilterChainProxySecurityConfigurer(…).
 2014-12-01 11:38:19 -06:00
Rob Winch
2cb2657f5b SEC-2702: Clean WebSocket Namespace documentation 2014-11-25 12:27:29 -06:00
Rob Winch
8ad16b01f5 SEC-2702: Add WebSocket Security XML Namespace Support 2014-11-25 09:45:32 -06:00
Rob Winch
3c487c0348 SEC-2348: Update doc headers enabled by default with XML 2014-11-21 21:55:03 -06:00
Rob Winch
4392205f63 SEC-2347: CSRF Enabled by default w/ XML Config 2014-11-21 21:32:56 -06:00
Rob Winch
eedbf44235 SEC-2348: Security HTTP Response Headers enabled by default w/ XML 2014-11-21 16:06:29 -06:00
Rob Winch
dfa17bdb98 SEC-2747: Remove spring-core dependency from spring-security-crypto 2014-11-20 16:16:22 -06:00
Rob Winch
30c5788b8b SEC-1897: Remove raw types from AbstractAccessDecisionManager 2014-11-20 15:36:53 -06:00
Rob Winch
1cca72e6d8 SEC-2749: CsrfConfigurer.requireCsrfProtectionMatcher correct null check 2014-11-20 14:40:51 -06:00
Rob Winch
05882b5f24 SEC-2574: Polish 
Handle null DelegatingApplicationListener
 2014-11-19 17:09:24 -06:00
Rob Winch
5810681b06 SEC-2574: JavaConfig default SessionRegistry processes SessionDestroyedEvents 2014-11-19 16:48:19 -06:00
Rob Winch
24dec7ec3e SEC-2737: Remove WebSocket Outbound Authorization 2014-10-10 15:56:25 -05:00
Rob Winch
5ba8f000a7 SEC-2714: Add AuthenticationPrincipal resolver for messaging support 2014-09-23 16:28:48 -05:00
Rob Winch
d2fa019fe5 SEC-2704: Separation of inbound and outbound security rules 2014-09-19 16:39:43 -05:00
Rob Winch
28446284a6 SEC-2713: Support authorization by SimpMessageType 2014-09-19 16:38:56 -05:00
Rob Winch
02c3565e22 Fix compiling in Eclipse 2014-09-16 10:18:46 -05:00
Nándor István Krácser
a932d6ecf3 Removed unnecessary params from anyRequest()'s javadoc 2014-08-20 11:24:15 +02:00
Rob Winch
b9df7ba01f SEC-2179: Allow customize PathMatcher for SimpDestinationMessageMatcher 2014-08-18 11:04:04 -05:00
Rob Winch
6321665353 SEC-2676: Update to Spring Data Evans RC1 2014-08-15 20:46:59 -05:00
Rob Winch
3f30529039 SEC-2179: Add Spring Security Messaging Support 2014-08-15 20:46:58 -05:00
Rob Winch
3187ee8bf3 SEC-2700: Register WithSecurityContextTestExecutionListener by default 2014-08-15 16:41:33 -05:00
Rob Winch
1f861f512a SEC-2676: Add SpEL Spring Security Integration 2014-07-29 20:04:37 -05:00
Rob Winch
8a2a1b7a5b SEC-2595: Polish 2014-07-25 16:27:19 -05:00
Rob Winch
b2d66e2a78 SEC-2595: @EnableGlobalMethodSecurity AspectJ fixes 2014-07-25 16:03:18 -05:00
Rob Winch
b72c1ad314 SEC-2686: Create SecurityMockMvcConfigurer 2014-07-22 15:11:37 -05:00
Rob Winch
ecb4296540 SEC-2588: Javadoc fix channelSecurity->requiresChannel 2014-07-21 14:23:40 -05:00
Mirko Zeibig
75df42cb7c SEC-2656: Fix <frame-options> with whitelist strategy 2014-06-18 09:10:28 -05:00
Rob Winch
c3d05bea62 SEC-2657: Test for multi dynamic ports for LDAP Java Config 2014-06-17 17:25:08 -05:00
Rob Winch
a3fd706335 SEC-2660: Move config integration-test *.groovy to groovy source folder 2014-06-17 17:22:42 -05:00
Rob Winch
b255478b14 SEC-2658: Java Config triggers usePasswordAttrCompare to be set 2014-06-17 17:10:16 -05:00
Rob Winch
a2b53fabce SEC-2657: LdapAuthenticationProviderConfigurer find available port 2014-06-17 16:54:42 -05:00
Rob Winch
63d1b531a1 SEC-2618: LdapAuthenticationProviderConfigurer passwordAttribute null check 
If LdapAuthenticationProviderConfigurer passwordAttribute is null, do not
set on the PasswordComparisonAuthenticator
 2014-06-17 16:51:01 -05:00
Rob Winch
e6e35932ed SEC-2603: Fix config groovy integration tests 2014-05-20 23:15:39 -05:00
Rob Winch
cbd06a4994 SEC-2472: Support LDAP crypto PasswordEncoder 2014-05-20 23:15:36 -05:00
Andy Wilkinson
d95640d3e5 SEC-2600: Remove unused import 2014-05-19 12:29:04 -05:00
Rob Winch
f73b579ad9 SEC-2543: Logout with CSRF enabled requires POST by default 2014-05-02 11:24:02 -05:00
Rob Winch
1d7402e0cd SEC-2532: Add disclaimer about jdbcAuthentication() with persistent data stores 2014-04-28 15:06:52 -05:00
Rob Winch
37bb350883 SEC-2549: Remove LazyBean marker interface 2014-04-24 14:34:35 -05:00
Rob Winch
00e1094178 Add springio-platform plugin 2014-04-23 14:35:22 -05:00
Rob Winch
ccf96a4d69 SEC-2542: Polish dependency exclusions 
This cleans up exclusions so the pom.xml are not as cluttered.
 2014-04-02 09:47:29 -05:00
Rob Winch
3118e39de8 SEC-2542: Use exclusions to remove duplicate dependencies 
A number of projects had duplicate dependencies on their classpaths
as a result of the same classes being available in more than one
artifact, each with different Maven coordinates. Typically this only
affected the tests, but meant that the actual classes that were
loaded was somewhat unpredictable and had the potential to vary
between an IDE and the command line depending on the order in which
the aritfacts appeared on the classpath. This commit adds a number of
exclusions to remove such duplicates.

In addition to the new exclusions, notable other changes are:

 - Spring Data JPA has been updated to 1.4.1. This brings its
   transitive dependency upon spring-data-commons into line with
   Spring LDAP's and prevents both spring-data-commons-core and
   spring-data-commons from being on the classpath
 - All Servlet API dependencies have been updated to use the official
   artifact with all transitive dependencies on unofficial servlet API
   artifacts being excluded.
 - In places, groovy has been replaced with groovy-all. This removes
   some duplicates caused by groovy's transitive dependencies.
 - JUnit has been updated to 4.11 which brings its transitive Hamcrest
   dependency into line with other components.

There appears to be a bug in Gradle which means that some exclusions
applied to an artifact do not work reliably. To work around this
problem it has been necessary to apply some exclusions at the
configuration level

Conflicts:
	samples/messages-jc/pom.xml
 2014-04-02 09:47:26 -05:00
Rob Winch
c411014c24 SEC-2533: Global AuthenticationManagerBuilder disables clearing child credentials 2014-03-25 13:05:44 -05:00