Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-23 22:03:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,116 Commits 54 Branches 379 Tags
2.0.x
Commit Graph

67 Commits

Author SHA1 Message Date
Luke Taylor 4f6b4e4bfd Make sample login pages use c:out for data output 2008-05-15 12:48:13 +00:00
Luke Taylor fc498954c6 Updated sample context files to point at 2.0.1 schema 2008-05-01 17:51:48 +00:00
Luke Taylor 882509fb2a Renamed context file 2008-04-24 00:27:37 +00:00
Luke Taylor eba18675fc Removed old acegi file from tutorial sample as it's causing confusion with users. 2008-04-23 21:08:41 +00:00
Luke Taylor 80cd7f4acc Removed accidental commit of tutorial context file 2008-04-23 13:13:56 +00:00
Luke Taylor 0cf745b85f Updated clean plugin to 2.2 2008-04-22 21:59:40 +00:00
Luke Taylor c7f182309f Removed excess config from tutorial sample file 2008-04-12 17:17:46 +00:00
Ben Alex f7ae69880c Minor tweaking so the tutorial is a little more illustrative of the present namespace capabilities. 2008-04-01 17:15:31 +00:00
Ben Alex 1490fe0b0a Various fine-tuning so people can see AspectJ expressions and a simple, minimal configuration. 2008-03-28 00:47:08 +00:00
Ben Alex 595a14dbd5 Sample should permit people to anonymously call all methods except post(Account). 2008-03-28 00:44:42 +00:00
Luke Taylor ef5b3e2f9c SEC-733: Changed names of <global-method-security> attributes as discussed with Ben and updated sample to reflect the changes. Also changed explicit instantiation of Jsr250 and Secured annotation MethodDefinitionSource beans in GlobalMethodSecurityBDP into bean definitions to make more tooling friendly. 2008-03-26 21:48:24 +00:00
Luke Taylor 743d72ca7b Added log4j support to tutorial app 2008-03-26 15:27:09 +00:00
Ben Alex 0860333a3f SEC-733: AspectJ Pointcut Expression Parsing support. 2008-03-25 08:28:53 +00:00
Luke Taylor 114969f7f7 SEC-706: Removed LDAP dependencies from tutorial app, since we now have a separate sample 2008-03-17 14:06:13 +00:00
Luke Taylor 8c00bb1537 SEC-674: Updated samples to work with new module layout. Changed taglib build to copy tld file to META-INF directory. 
Also standardized JSTL version to 1.1.0 (impl 1.1.2), moving deps to root sample pom.
 2008-02-22 16:21:37 +00:00
Luke Taylor be62979a01 Switch JSTL back to 1.1.2. 2008-02-15 12:15:20 +00:00
Luke Taylor 10ab4136d1 SEC-309: Patch for Authentication tag to use property of authentication object, rather than invoking an operation on the principal. Allows use of nested properties. 2008-02-09 13:41:05 +00:00
Luke Taylor adba67326f Removed accidentally committed version of tutorial app context file. 2008-02-04 21:27:35 +00:00
Luke Taylor 84c7ac5e57 SEC-664: Removed validateUserDetails method from AbstractRememberMeServices, wrapped the UserDetailsService in a status-checking one and added a catch block for AccountStatusExceptions. Also some minor tidying up of other remember-me classes. 2008-02-04 21:26:07 +00:00
Luke Taylor df1def412e Changed to using new alias for security filter chain in samples. 2008-02-01 14:28:04 +00:00
Luke Taylor 5738a51040 SEC-651: Support for ldap-user-service bean. 2008-01-28 00:47:34 +00:00
Luke Taylor acf5601714 SEC-645: Reimplementation of X509 provider and namespace implementation. 2008-01-27 22:45:44 +00:00
Luke Taylor 82940db6c8 SEC-648: Added custom-authentication-provider support. 2008-01-27 13:31:34 +00:00
Luke Taylor b85f76e6c1 Added SSL support to the tutorial app Jetty plugin configuration and added a requirement for SSL on the "extremely secure" page. 2008-01-24 16:30:06 +00:00
Luke Taylor 342677fabc Removed auto-config from tutorial sample and added commented out ldap support. Updated ldif file to match sample users. 2008-01-23 22:21:39 +00:00
Luke Taylor 462b4b450f Added use of authz tag to tutorial. Upgraded to use webapp 2.4 xsd. Changed JSTL dependency to 1.2 2008-01-18 18:17:09 +00:00
Luke Taylor 46c99d1991 Converted tutorial context file to match namespace changes. 2007-12-23 16:36:44 +00:00
Luke Taylor e65cb9b472 Made group names singular and added "teller" role. 2007-12-14 20:41:33 +00:00
Ben Alex 09f68400ec Add <intercept-methods> to example, but it is disabled in favour of @Secured annotation. Still, we include it so people can have a play around and switch between the two syntaxes easily in demos etc. 2007-12-14 19:56:31 +00:00
Ben Alex 55e4568003 Throw an exception instead of sending back a HTTP error code. This is necessary so any demonstration of upgrading from Servlet Spec authorization to Spring Security authorization, as the latter's ExceptionTranslationFilter expects specific exceptions to be thrown if you wish to commence the authentication process. 2007-12-14 19:44:50 +00:00
Luke Taylor 2e4773525b Updated tutorial to allow authentication against ldap provider using <ldap /> namespace element. 2007-12-14 19:18:18 +00:00
Ben Alex f4c3e701d5 Enhance sample to show method authorization. 2007-12-14 02:27:48 +00:00
Ben Alex 77d286c36f Enhance tutorial to also demonstrate Spring Security method 
authorization, and add a services layer accordingly.
 2007-12-14 02:26:27 +00:00
Ben Alex fa510b3187 Modify attribute names to use "ref" instead of "id", plus use a hyphen 
as an attribute value separator rather than a colon. This was changed 
for compatibility with other components in the Spring Portfolio. tests 
pass.
 2007-12-13 20:19:56 +00:00
Ben Alex 1cae1719bc Fix bean referencing error. 2007-12-11 19:18:44 +00:00
Ben Alex 2655955a40 Add MethodSecurityInterceptor, to more accurately reflect the capabilities offered by auto-config="true". 2007-12-11 19:14:34 +00:00
Ben Alex 1bbe6ca456 Proper comparison with auto-configure="true". 2007-12-11 16:44:24 +00:00
Ben Alex 4770c29094 Use hyphens in attribute names, and not Camel Case. This is to maintain 
consistency with the rest of Spring Portfolio. Camel Case was preserved 
for attribute values, consistent with Spring Portfolio usage such as 
autowiring modes (byName, byType etc).
 2007-12-09 03:42:20 +00:00
Ben Alex 85085abf9e Add namespace support for Servlet API integration. 2007-12-04 12:23:41 +00:00
Ben Alex a205f95c19 No need for an access denied page. 2007-12-04 11:24:54 +00:00
Ben Alex 8c3cc5c67b Add hash code support. 2007-12-04 11:21:39 +00:00
Ben Alex 8e7c540b16 General refactorings and improvements to namespace support, including 
autoDetect="true" attribute for <http> element.
 2007-12-04 10:35:08 +00:00
Ben Alex 2441ab6d9a Move "realm" attribute to be on <http> element rather than <http-basic>. 
This faciltiates reuse with other mechanisms (like Digest) whilst also 
moving towards the <http-auto-configure> element (which benefits from 
having shared configuration in <http> as opposed to mechanism-specific 
elements).
 2007-12-04 08:02:40 +00:00
Ben Alex 0b0b174eda Support <repository> and JbcUserDetailsManager. 2007-12-04 05:27:17 +00:00
Ben Alex 53fca59301 Add namespace support for anonymous requests. Remove unnecessary files from tutorial sample. 2007-12-03 08:07:10 +00:00
Ben Alex 7aa28ea742 SEC-614: Use DelegatingFilterProxy instead of FilterToBeanProxy. 2007-12-03 06:31:03 +00:00
Ben Alex 47229be5cb Make samples and tests use username "rod". 2007-12-03 02:56:52 +00:00
Luke Taylor 843a20e691 Changed default namespace in config files to "security" for clarity. 2007-11-29 13:14:15 +00:00
Luke Taylor 9f2bc9a842 SEC-582: Namespace configuration implementation for remember-me support. 2007-11-06 23:20:25 +00:00
Luke Taylor d3b165749f SEC-583: Implementation of namespace config for concurrent session support. 
Also some minor adjustments to ordering of different http features in schema.
 2007-10-27 00:28:24 +00:00