spring-security

Spring Security

framework java security spring spring-framework

Go to file

Luke Taylor fc00d7ef1d Move the unix scripts for the tutorial sample into a subdirectory		2010-11-12 15:19:46 +00:00
acl	SEC-1550: Convert signatures to use Collection<? extends GrantedAuthority> where appropriate.	2010-11-03 13:48:59 +00:00
aspects	SEC-1600: Added Implementation-Version and Implementation-Title to manifest templates and checking of version numbers in namespace config module and core. Config checks the version of core it is running against and core checks the Spring version, reporting any mismatches or situations where the app is running with less than the recommended Spring version.	2010-10-27 13:25:40 +01:00
buildSrc	SEC-1619: Added check in GAE sample for change of Google user while still logged into the app.	2010-11-10 15:37:42 +00:00
cas	SEC-1600: Added Implementation-Version and Implementation-Title to manifest templates and checking of version numbers in namespace config module and core. Config checks the version of core it is running against and core checks the Spring version, reporting any mismatches or situations where the app is running with less than the recommended Spring version.	2010-10-27 13:25:40 +01:00
config	SEC-1593: Added tests to try to reproduce issue.	2010-11-03 19:37:25 +00:00
core	SEC-1550: Additional signature change (in AnonymousAuthenticationToken)	2010-11-09 13:48:57 +00:00
docs	SEC-1613: Corrected preauth docs.	2010-11-04 14:32:06 +00:00
gradle	Updated to Spring 3.0.5	2010-10-27 13:25:40 +01:00
itest	Updated integration tests to detect case reported as SPR-7563.	2010-11-02 20:35:24 +00:00
ldap	SEC-1550: Additional signature change (in LdapUserDetailsManager.removeAuthorities())	2010-11-08 15:14:30 +00:00
openid	SEC-1595: Added extra constructor to OpenID4JavaConsumer which takes a ConsumerManager to allow a version compatible with GAE to be injected.	2010-11-02 20:19:16 +00:00
samples	Move the unix scripts for the tutorial sample into a subdirectory	2010-11-12 15:19:46 +00:00
sandbox	SEC-1456: Remove maven poms as we are now using gradle for the build.	2010-08-30 19:02:19 +01:00
taglibs	SEC-1550: Convert signatures to use Collection<? extends GrantedAuthority> where appropriate.	2010-11-03 13:48:59 +00:00
web	SEC-1587: Add explicit call to removeAttribute() to remove the context from the session if the current context is empty or anonymous.	2010-11-09 13:55:45 +00:00
.gitignore	SEC-1584: Addition of HttpFirewall strategy to FilterChainProxy to reject un-normalized requests and wrap the incoming request object before processing by the security filter chain to provide a more consistent representation of paths than is guaranteed by the servlet spec. The wrapper strips path parameters from pathInfo and servletPath to provide consistency of URL matching across servlet containers and protect against bypassing security constraints by the malicious addition of such parameters to the URL. The paths are canonicalized further by replacing of multiple sequences of "/" characters with a single "/".	2010-10-27 13:25:39 +01:00
build.gradle	Minor tweaking of IDEA deps.	2010-08-24 22:36:42 +01:00
class_mapping_from_2.0.x.txt	SEC-1148: Simple classname mapping from 2.0 to 3.0	2009-12-02 22:44:30 +00:00
gradlew	Added gradle wrapper support.	2010-08-04 21:35:57 +01:00
gradlew.bat	Added gradle wrapper support.	2010-08-04 21:35:57 +01:00
license.txt	Change to Apache License version 2.0.	2004-03-23 04:44:48 +00:00
notice.txt	Broaden list of names used and correct URL.	2007-12-03 04:39:17 +00:00
readme.txt	Bringing readme file up to date.	2010-08-22 12:44:15 +01:00
settings.gradle	SEC-1564: JAAS Configuration can now be injected into DefaultJaasAuthenticationProvider	2010-09-10 20:17:22 -05:00

readme.txt

===============================================================================
                    SPRING SECURITY - README FILE
===============================================================================

-------------------------------------------------------------------------------
OVERVIEW
-------------------------------------------------------------------------------

Spring Security provides security services for the Spring Framework
(http://www.springframework.org). Spring Security 3.1 requires Spring 3.0.3 as
a minimum and also requires Java 5.

For a detailed list of features and access to the latest release, please visit
http://www.springframework.org/projects/.

Spring Security is released under an Apache 2.0 license. See the accompanying
license.txt file.

-------------------------------------------------------------------------------
BUILDING
-------------------------------------------------------------------------------

Please read the "Building from Source" page at
http://static.springframework.org/spring-security/site/.

-------------------------------------------------------------------------------
DOCUMENTATION
-------------------------------------------------------------------------------

Be sure to read the Reference Guide  (docs/reference/html/springsecurity.html).
Extensive JavaDoc for the Spring Security code is also available (in docs/apidocs).
Both can also be found on the website.

-------------------------------------------------------------------------------
QUICK START
-------------------------------------------------------------------------------

We recommend you visit http://static.springframework.org/spring-security/site and
read the "Getting Started" page.

-------------------------------------------------------------------------------
MAVEN REPOSITORY DOWNLOADS
-------------------------------------------------------------------------------

Release jars for the project are available from the central maven repository

http://repo1.maven.org/maven2/org/springframework/security/

Note that milestone releases and snapshots are not uploaded to the central
repository, but can be obtained from the Spring milestone repository, using the
maven repository http://maven.springframework.org/snapshot/. You can't browse this
URL directly, but there is a separate browser interface. Check the downloads page
for more information
http://static.springsource.org/spring-security/site/downloads.html


-------------------------------------------------------------------------------
OBTAINING SUPPORT
-------------------------------------------------------------------------------

There are two types of support available, commercial and community. For
commercial support, please contact SpringSource. SpringSource employ the
people who wrote Spring Security, and lead the development of the project:

  http://www.springsource.com

For peer help and assistance, please use the Spring Security forum
located at the Spring Community's forum site:

  http://forum.springframework.org

Links to the forums, and other useful resources are
available from the web site.