Spring Security
Go to file
Luke Taylor 7a0a2dace6 Revert deliberate test failure. 2011-02-25 23:55:22 +00:00
acl SEC-1673: Use a map to store the range values use in the bundlor templates. 2011-02-07 16:06:23 +00:00
aspects SEC-1673: Use a map to store the range values use in the bundlor templates. 2011-02-07 16:06:23 +00:00
buildSrc Added imgSrcPath parameter for use in docbookFopPdf task. 2010-11-24 00:28:59 +00:00
cas SEC-1673: Use a map to store the range values use in the bundlor templates. 2011-02-07 16:06:23 +00:00
config Upgrade spock and groovy versions, and make sure apacheDS work directory is set for config integrationTest task. 2011-02-14 19:03:08 +00:00
core Revert deliberate test failure. 2011-02-25 23:55:22 +00:00
crypto SEC-1666: Use constant time comparison for sensitive data. 2011-01-31 23:03:51 -06:00
docs Added JDK and Spring links to Javadoc generation task. 2011-02-08 16:43:34 +00:00
gradle SEC-1677: Split out LDAP server tests from config module. 2011-02-14 19:01:27 +00:00
itest SEC-1675: Add missing body-content elements to tag descriptor and update it to use 2.0 tag library schema. 2011-02-14 21:17:16 +00:00
ldap SEC-1677: Create integrationTest task for Java projects and make all tests in itest module run as integration tests only. 2011-02-14 15:03:15 +00:00
openid Additional tests for OpenID classes and minor refactoring of OpenID4JavaConsumer for easier testing. 2011-02-10 19:56:28 +00:00
samples SEC-1494: Updated the tutorial webapp to use CSS and make use of the securityHiddenUI element when UI security is disabled. 2011-01-25 13:16:46 +00:00
sandbox SEC-1430: Removed caching of username in session upon failed authentication. Improved Javadoc. 2010-11-26 13:58:49 +00:00
taglibs SEC-1675: Add missing body-content elements to tag descriptor and update it to use 2.0 tag library schema. 2011-02-14 21:17:16 +00:00
web SEC-1673: Use a map to store the range values use in the bundlor templates. 2011-02-07 16:06:23 +00:00
.gitignore SEC-1584: Addition of HttpFirewall strategy to FilterChainProxy to reject un-normalized requests and wrap the incoming request object before processing by the security filter chain to provide a more consistent representation of paths than is guaranteed by the servlet spec. The wrapper strips path parameters from pathInfo and servletPath to provide consistency of URL matching across servlet containers and protect against bypassing security constraints by the malicious addition of such parameters to the URL. The paths are canonicalized further by replacing of multiple sequences of "/" characters with a single "/". 2010-10-27 13:25:39 +01:00
build.gradle Reset post-release build version to snapshot. 2011-02-10 20:18:40 +00:00
class_mapping_from_2.0.x.txt SEC-1148: Simple classname mapping from 2.0 to 3.0 2009-12-02 22:44:30 +00:00
gradlew Increase max heap in gradle wrapper script. 2011-02-10 12:26:00 +00:00
gradlew.bat Added gradle wrapper support. 2010-08-04 21:35:57 +01:00
license.txt Change to Apache License version 2.0. 2004-03-23 04:44:48 +00:00
notice.txt Broaden list of names used and correct URL. 2007-12-03 04:39:17 +00:00
readme.txt Bringing readme file up to date. 2010-08-22 12:44:15 +01:00
settings.gradle SEC-1569: initial commit of spring-security-crypto module, consisting of encrypt, keygen, password, and util packages 2011-01-19 18:17:02 +00:00

readme.txt

===============================================================================
                    SPRING SECURITY - README FILE
===============================================================================

-------------------------------------------------------------------------------
OVERVIEW
-------------------------------------------------------------------------------

Spring Security provides security services for the Spring Framework
(http://www.springframework.org). Spring Security 3.1 requires Spring 3.0.3 as
a minimum and also requires Java 5.

For a detailed list of features and access to the latest release, please visit
http://www.springframework.org/projects/.

Spring Security is released under an Apache 2.0 license. See the accompanying
license.txt file.

-------------------------------------------------------------------------------
BUILDING
-------------------------------------------------------------------------------

Please read the "Building from Source" page at
http://static.springframework.org/spring-security/site/.

-------------------------------------------------------------------------------
DOCUMENTATION
-------------------------------------------------------------------------------

Be sure to read the Reference Guide  (docs/reference/html/springsecurity.html).
Extensive JavaDoc for the Spring Security code is also available (in docs/apidocs).
Both can also be found on the website.

-------------------------------------------------------------------------------
QUICK START
-------------------------------------------------------------------------------

We recommend you visit http://static.springframework.org/spring-security/site and
read the "Getting Started" page.

-------------------------------------------------------------------------------
MAVEN REPOSITORY DOWNLOADS
-------------------------------------------------------------------------------

Release jars for the project are available from the central maven repository

http://repo1.maven.org/maven2/org/springframework/security/

Note that milestone releases and snapshots are not uploaded to the central
repository, but can be obtained from the Spring milestone repository, using the
maven repository http://maven.springframework.org/snapshot/. You can't browse this
URL directly, but there is a separate browser interface. Check the downloads page
for more information
http://static.springsource.org/spring-security/site/downloads.html


-------------------------------------------------------------------------------
OBTAINING SUPPORT
-------------------------------------------------------------------------------

There are two types of support available, commercial and community. For
commercial support, please contact SpringSource. SpringSource employ the
people who wrote Spring Security, and lead the development of the project:

  http://www.springsource.com

For peer help and assistance, please use the Spring Security forum
located at the Spring Community's forum site:

  http://forum.springframework.org

Links to the forums, and other useful resources are
available from the web site.