Compare commits
34 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 7be99ff7fa | |||
| 0e9d9da46b | |||
| a3a78e50cb | |||
| 8c8f499a69 | |||
| 80ca441e88 | |||
| cfd576316f | |||
| 409a74330e | |||
| 87247318f2 | |||
| dbf883ba98 | |||
| 675ac80926 | |||
| 5f6e3855f1 | |||
| 19f88e9179 | |||
| cf9b6bc0de | |||
| fc67550ff2 | |||
| af2a431f23 | |||
| 8d9b06afb4 | |||
| 0ecdd0e856 | |||
| edd2751ff1 | |||
| 8663ac4173 | |||
| 72213b5c69 | |||
| 2bbe70501b | |||
| da606d50c0 | |||
| d648a56e16 | |||
| 9c39a0e83e | |||
| c8692b6d0b | |||
| 45bbabd485 | |||
| 43fbeab106 | |||
| b719e0fbcc | |||
| 09bf290583 | |||
| 9a6f026dff | |||
| 269127c2c6 | |||
| 7074daac0e | |||
| 69446ab80f | |||
| 48bc0ad5f9 |
+3
-9
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-acl</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-acl</name>
|
||||
<description>spring-security-acl</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>aopalliance</groupId>
|
||||
@@ -46,7 +40,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -151,7 +145,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+3
-9
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-aspects</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-aspects</name>
|
||||
<description>spring-security-aspects</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,17 +30,11 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -130,7 +124,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+10
-5
@@ -25,7 +25,7 @@ allprojects {
|
||||
|
||||
ext.releaseBuild = version.endsWith('RELEASE')
|
||||
ext.snapshotBuild = version.endsWith('SNAPSHOT')
|
||||
ext.springVersion = '4.1.6.RELEASE'
|
||||
ext.springVersion = '4.2.5.RELEASE'
|
||||
ext.springLdapVersion = '2.0.2.RELEASE'
|
||||
|
||||
group = 'org.springframework.security'
|
||||
@@ -99,7 +99,7 @@ configure(coreModuleProjects) {
|
||||
apply plugin: 'emma'
|
||||
apply plugin: 'spring-io'
|
||||
|
||||
ext.springIoVersion = project.hasProperty('platformVersion') ? platformVersion : 'latest.integration'
|
||||
ext.springIoVersion = project.hasProperty('platformVersion') ? platformVersion : '2.0.1.RELEASE'
|
||||
|
||||
configurations {
|
||||
jacoco //Configuration Group used by Sonar to provide Code Coverage using JaCoCo
|
||||
@@ -135,7 +135,7 @@ task coreBuild {
|
||||
// Task for creating the distro zip
|
||||
|
||||
task dist(type: Zip) {
|
||||
dependsOn subprojects*.tasks*.matching { task -> task.name == 'assemble' || task.name.endsWith('Zip') || task.name.endsWith('generatePom') }
|
||||
dependsOn { subprojects*.tasks*.matching { task -> task.name.endsWith('generatePom') } }
|
||||
classifier = 'dist'
|
||||
|
||||
evaluationDependsOn(':docs')
|
||||
@@ -145,14 +145,19 @@ task dist(type: Zip) {
|
||||
into(zipRootDir) {
|
||||
from(rootDir) {
|
||||
include '*.adoc'
|
||||
include '*.txt'
|
||||
}
|
||||
into('docs') {
|
||||
with(project(':docs').apiSpec)
|
||||
with(project(':docs:manual').spec)
|
||||
with(project(':docs:guides').spec)
|
||||
}
|
||||
into('dist') {
|
||||
from coreModuleProjects.collect {project -> project.libsDir }
|
||||
project.coreModuleProjects*.tasks*.withType(AbstractArchiveTask).flatten().each{ archiveTask ->
|
||||
if(archiveTask!=dist){
|
||||
into("$zipRootDir/dist") {
|
||||
from archiveTask.outputs.files
|
||||
}
|
||||
}
|
||||
}
|
||||
sampleProjects.each { project->
|
||||
into("$zipRootDir/samples/$project.name") {
|
||||
|
||||
+4
-10
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-cas</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-cas</name>
|
||||
<description>spring-security-cas</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.jasig.cas.client</groupId>
|
||||
@@ -46,13 +40,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -142,7 +136,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+9
-15
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-config</name>
|
||||
<description>spring-security-config</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>aopalliance</groupId>
|
||||
@@ -46,7 +40,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -92,28 +86,28 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-ldap</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-messaging</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-openid</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
@@ -366,13 +360,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-aspects</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-cas</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -396,7 +390,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+7
-2
@@ -55,6 +55,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
|
||||
private final Log logger = LogFactory.getLog(getClass());
|
||||
|
||||
private final LinkedHashMap<Class<? extends SecurityConfigurer<O, B>>, List<SecurityConfigurer<O, B>>> configurers = new LinkedHashMap<Class<? extends SecurityConfigurer<O, B>>, List<SecurityConfigurer<O, B>>>();
|
||||
private final List<SecurityConfigurer<O, B>> configurersAddedInInitializing = new ArrayList<SecurityConfigurer<O, B>>();
|
||||
|
||||
private final Map<Class<Object>, Object> sharedObjects = new HashMap<Class<Object>, Object>();
|
||||
|
||||
@@ -126,9 +127,9 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
|
||||
@SuppressWarnings("unchecked")
|
||||
public <C extends SecurityConfigurerAdapter<O, B>> C apply(C configurer)
|
||||
throws Exception {
|
||||
add(configurer);
|
||||
configurer.addObjectPostProcessor(objectPostProcessor);
|
||||
configurer.setBuilder((B) this);
|
||||
add(configurer);
|
||||
return configurer;
|
||||
}
|
||||
|
||||
@@ -202,7 +203,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
|
||||
configs.add(configurer);
|
||||
this.configurers.put(clazz, configs);
|
||||
if (buildState.isInitializing()) {
|
||||
configurer.init((B) this);
|
||||
this.configurersAddedInInitializing.add(configurer);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -368,6 +369,10 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
|
||||
for (SecurityConfigurer<O, B> configurer : configurers) {
|
||||
configurer.init((B) this);
|
||||
}
|
||||
|
||||
for (SecurityConfigurer<O, B> configurer : configurersAddedInInitializing) {
|
||||
configurer.init((B) this);
|
||||
}
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
|
||||
+16
-1
@@ -25,6 +25,7 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RegexRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
import org.springframework.util.ObjectUtils;
|
||||
|
||||
/**
|
||||
* A base class for registering {@link RequestMatcher}'s. For example, it might allow for
|
||||
@@ -48,6 +49,20 @@ public abstract class AbstractRequestMatcherRegistry<C> {
|
||||
return requestMatchers(ANY_REQUEST);
|
||||
}
|
||||
|
||||
/**
|
||||
* Maps a {@link List} of
|
||||
* {@link org.springframework.security.web.util.matcher.AntPathRequestMatcher}
|
||||
* instances.
|
||||
*
|
||||
* @param method the {@link HttpMethod} to use for any
|
||||
* {@link HttpMethod}.
|
||||
*
|
||||
* @return the object that is chained after creating the {@link RequestMatcher}
|
||||
*/
|
||||
public C antMatchers(HttpMethod method) {
|
||||
return antMatchers(method, new String[] { "/**" });
|
||||
}
|
||||
|
||||
/**
|
||||
* Maps a {@link List} of
|
||||
* {@link org.springframework.security.web.util.matcher.AntPathRequestMatcher}
|
||||
@@ -55,7 +70,7 @@ public abstract class AbstractRequestMatcherRegistry<C> {
|
||||
*
|
||||
* @param method the {@link HttpMethod} to use or {@code null} for any
|
||||
* {@link HttpMethod}.
|
||||
* @param antPatterns the ant patterns to create
|
||||
* @param antPatterns the ant patterns to create. If {@code null} or empty, then matches on nothing.
|
||||
* {@link org.springframework.security.web.util.matcher.AntPathRequestMatcher} from
|
||||
*
|
||||
* @return the object that is chained after creating the {@link RequestMatcher}
|
||||
|
||||
-13
@@ -1,13 +0,0 @@
|
||||
package org.springframework.security.config.annotation.web.configuration;
|
||||
|
||||
import org.springframework.context.annotation.Conditional;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
* @since 4.0
|
||||
*/
|
||||
@Conditional(OnMissingBeanCondition.class)
|
||||
@interface ConditionalOnMissingBean {
|
||||
|
||||
Class<?> value();
|
||||
}
|
||||
-40
@@ -1,40 +0,0 @@
|
||||
/*
|
||||
* Copyright 2002-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||
* use this file except in compliance with the License. You may obtain a copy of
|
||||
* the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
* License for the specific language governing permissions and limitations under
|
||||
* the License.
|
||||
*/
|
||||
package org.springframework.security.config.annotation.web.configuration;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
import org.springframework.context.annotation.ConditionContext;
|
||||
import org.springframework.context.annotation.ConfigurationCondition;
|
||||
import org.springframework.core.type.AnnotatedTypeMetadata;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*/
|
||||
class OnMissingBeanCondition implements ConfigurationCondition {
|
||||
public ConfigurationPhase getConfigurationPhase() {
|
||||
return ConfigurationPhase.REGISTER_BEAN;
|
||||
}
|
||||
|
||||
public boolean matches(ConditionContext context, AnnotatedTypeMetadata metadata) {
|
||||
Map<String, Object> attrs = metadata
|
||||
.getAnnotationAttributes(ConditionalOnMissingBean.class.getName());
|
||||
|
||||
Class<?> type = (Class<?>) attrs.get("value");
|
||||
final Map<String, ?> beans = context.getBeanFactory().getBeansOfType(type);
|
||||
return beans.isEmpty();
|
||||
}
|
||||
}
|
||||
-1
@@ -47,7 +47,6 @@ class WebMvcSecurityConfiguration extends WebMvcConfigurerAdapter {
|
||||
argumentResolvers.add(new CsrfTokenArgumentResolver());
|
||||
}
|
||||
|
||||
@ConditionalOnMissingBean(RequestDataValueProcessor.class)
|
||||
@Bean
|
||||
public RequestDataValueProcessor requestDataValueProcessor() {
|
||||
return new CsrfRequestDataValueProcessor();
|
||||
|
||||
+12
@@ -23,6 +23,7 @@ import javax.servlet.http.HttpSession;
|
||||
import org.springframework.security.config.annotation.SecurityConfigurer;
|
||||
import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.authentication.logout.CookieClearingLogoutHandler;
|
||||
import org.springframework.security.web.authentication.logout.LogoutFilter;
|
||||
import org.springframework.security.web.authentication.logout.LogoutHandler;
|
||||
@@ -88,6 +89,17 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>> extends
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Specifies if {@link SecurityContextLogoutHandler} should clear the {@link Authentication} at the time of logout.
|
||||
* @param clearAuthentication true {@link SecurityContextLogoutHandler} should clear the {@link Authentication} (default), or false otherwise.
|
||||
* @return the {@link LogoutConfigurer} for further customization
|
||||
*/
|
||||
public LogoutConfigurer<H> clearAuthentication(boolean clearAuthentication) {
|
||||
contextLogoutHandler.setClearAuthentication(clearAuthentication);
|
||||
return this;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Configures {@link SecurityContextLogoutHandler} to invalidate the
|
||||
* {@link HttpSession} at the time of logout.
|
||||
|
||||
+4
-3
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2012 the original author or authors.
|
||||
* Copyright 2002-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -33,6 +33,7 @@ import org.w3c.dom.Element;
|
||||
* @author Luke Taylor
|
||||
* @author Ben Alex
|
||||
* @author Rob Winch
|
||||
* @author Kazuki Shimizu
|
||||
*/
|
||||
public class FormLoginBeanDefinitionParser {
|
||||
protected final Log logger = LogFactory.getLog(getClass());
|
||||
@@ -209,9 +210,9 @@ public class FormLoginBeanDefinitionParser {
|
||||
BeanDefinitionBuilder failureHandler = BeanDefinitionBuilder
|
||||
.rootBeanDefinition(SimpleUrlAuthenticationFailureHandler.class);
|
||||
if (!StringUtils.hasText(authenticationFailureUrl)) {
|
||||
// Fall back to redisplaying the custom login page, if one was specified.
|
||||
// Fall back to re-displaying the custom login page, if one was specified.
|
||||
if (StringUtils.hasText(loginPage)) {
|
||||
authenticationFailureUrl = loginPage;
|
||||
authenticationFailureUrl = loginPage + "?" + DefaultLoginPageGeneratingFilter.ERROR_PARAMETER_NAME;
|
||||
}
|
||||
else {
|
||||
authenticationFailureUrl = DEF_FORM_LOGIN_AUTHENTICATION_FAILURE_URL;
|
||||
|
||||
+14
@@ -144,4 +144,18 @@ class FormLoginConfigTests extends AbstractHttpConfigTests {
|
||||
HttpServletResponse.SC_FORBIDDEN | false
|
||||
HttpServletResponse.SC_MOVED_TEMPORARILY | true
|
||||
}
|
||||
|
||||
def 'SEC-3147: authentication-failure-url should be contained "error" parameter if login-page="/login"'() {
|
||||
xml.http {
|
||||
'form-login'('login-page':'/login')
|
||||
}
|
||||
createAppContext()
|
||||
|
||||
def apf = getFilter(UsernamePasswordAuthenticationFilter.class);
|
||||
|
||||
expect:
|
||||
apf.failureHandler.defaultFailureUrl == '/login?error'
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
+100
@@ -0,0 +1,100 @@
|
||||
/*
|
||||
* Copyright 2002-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.config.annotation.web.configurers;
|
||||
|
||||
import static org.fest.assertions.Assertions.assertThat;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.junit.After;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.mock.web.MockFilterChain;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
public class AuthorizeRequestsTests {
|
||||
AnnotationConfigWebApplicationContext context;
|
||||
|
||||
MockHttpServletRequest request;
|
||||
MockHttpServletResponse response;
|
||||
MockFilterChain chain;
|
||||
|
||||
@Autowired
|
||||
FilterChainProxy springSecurityFilterChain;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
request = new MockHttpServletRequest();
|
||||
response = new MockHttpServletResponse();
|
||||
chain = new MockFilterChain();
|
||||
}
|
||||
|
||||
@After
|
||||
public void cleanup() {
|
||||
if(context != null) {
|
||||
context.close();
|
||||
}
|
||||
}
|
||||
|
||||
// SEC-3135
|
||||
@Test
|
||||
public void antMatchersMethodAndNoPatterns() throws Exception {
|
||||
loadConfig(AntMatchersNoPatternsConfig.class);
|
||||
request.setMethod("POST");
|
||||
|
||||
springSecurityFilterChain.doFilter(request, response, chain);
|
||||
|
||||
assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_FORBIDDEN);
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
@Configuration
|
||||
static class AntMatchersNoPatternsConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers(HttpMethod.POST).denyAll();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth
|
||||
.inMemoryAuthentication();
|
||||
}
|
||||
}
|
||||
|
||||
public void loadConfig(Class<?>... configs) {
|
||||
context = new AnnotationConfigWebApplicationContext();
|
||||
context.register(configs);
|
||||
context.refresh();
|
||||
|
||||
context.getAutowireCapableBeanFactory().autowireBean(this);
|
||||
}
|
||||
}
|
||||
+2
@@ -24,6 +24,7 @@ import org.springframework.context.ConfigurableApplicationContext;
|
||||
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Primary;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
@@ -78,6 +79,7 @@ public class CsrfConfigurerNoWebMvcTests {
|
||||
@EnableWebSecurity
|
||||
static class EnableWebOverrideRequestDataConfig {
|
||||
@Bean
|
||||
@Primary
|
||||
public RequestDataValueProcessor requestDataValueProcessor() {
|
||||
return mock(RequestDataValueProcessor.class);
|
||||
}
|
||||
|
||||
+136
@@ -0,0 +1,136 @@
|
||||
/*
|
||||
* Copyright 2002-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.config.annotation.web.configurers;
|
||||
|
||||
import static org.fest.assertions.Assertions.assertThat;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.junit.After;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.mock.web.MockFilterChain;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
public class HttpSecurityAntMatchersTests {
|
||||
AnnotationConfigWebApplicationContext context;
|
||||
|
||||
MockHttpServletRequest request;
|
||||
MockHttpServletResponse response;
|
||||
MockFilterChain chain;
|
||||
|
||||
@Autowired
|
||||
FilterChainProxy springSecurityFilterChain;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
request = new MockHttpServletRequest();
|
||||
response = new MockHttpServletResponse();
|
||||
chain = new MockFilterChain();
|
||||
}
|
||||
|
||||
@After
|
||||
public void cleanup() {
|
||||
if(context != null) {
|
||||
context.close();
|
||||
}
|
||||
}
|
||||
|
||||
// SEC-3135
|
||||
@Test
|
||||
public void antMatchersMethodAndNoPatterns() throws Exception {
|
||||
loadConfig(AntMatchersNoPatternsConfig.class);
|
||||
request.setMethod("POST");
|
||||
|
||||
springSecurityFilterChain.doFilter(request, response, chain);
|
||||
|
||||
assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_FORBIDDEN);
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
@Configuration
|
||||
static class AntMatchersNoPatternsConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.requestMatchers()
|
||||
.antMatchers(HttpMethod.POST)
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.anyRequest().denyAll();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth
|
||||
.inMemoryAuthentication();
|
||||
}
|
||||
}
|
||||
|
||||
// SEC-3135
|
||||
@Test
|
||||
public void antMatchersMethodAndEmptyPatterns() throws Exception {
|
||||
loadConfig(AntMatchersEmptyPatternsConfig.class);
|
||||
request.setMethod("POST");
|
||||
|
||||
springSecurityFilterChain.doFilter(request, response, chain);
|
||||
|
||||
assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_OK);
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
@Configuration
|
||||
static class AntMatchersEmptyPatternsConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.requestMatchers()
|
||||
.antMatchers("/never/")
|
||||
.antMatchers(HttpMethod.POST, new String[0])
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.anyRequest().denyAll();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth
|
||||
.inMemoryAuthentication();
|
||||
}
|
||||
}
|
||||
|
||||
public void loadConfig(Class<?>... configs) {
|
||||
context = new AnnotationConfigWebApplicationContext();
|
||||
context.register(configs);
|
||||
context.refresh();
|
||||
|
||||
context.getAutowireCapableBeanFactory().autowireBean(this);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
+112
@@ -0,0 +1,112 @@
|
||||
/*
|
||||
* Copyright 2002-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.config.annotation.web.configurers;
|
||||
|
||||
import static org.fest.assertions.Assertions.assertThat;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.junit.After;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.mock.web.MockFilterChain;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
|
||||
import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
public class HttpSecurityLogoutTests {
|
||||
AnnotationConfigWebApplicationContext context;
|
||||
|
||||
MockHttpServletRequest request;
|
||||
MockHttpServletResponse response;
|
||||
MockFilterChain chain;
|
||||
|
||||
@Autowired
|
||||
FilterChainProxy springSecurityFilterChain;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
request = new MockHttpServletRequest();
|
||||
response = new MockHttpServletResponse();
|
||||
chain = new MockFilterChain();
|
||||
}
|
||||
|
||||
@After
|
||||
public void cleanup() {
|
||||
if(context != null) {
|
||||
context.close();
|
||||
}
|
||||
}
|
||||
|
||||
// SEC-2848
|
||||
@Test
|
||||
public void clearAuthenticationFalse() throws Exception {
|
||||
loadConfig(ClearAuthenticationFalseConfig.class);
|
||||
|
||||
SecurityContext currentContext = SecurityContextHolder.createEmptyContext();
|
||||
currentContext.setAuthentication(new TestingAuthenticationToken("user", "password","ROLE_USER"));
|
||||
|
||||
request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, currentContext);
|
||||
request.setMethod("POST");
|
||||
request.setServletPath("/logout");
|
||||
|
||||
springSecurityFilterChain.doFilter(request, response, chain);
|
||||
|
||||
assertThat(currentContext.getAuthentication()).isNotNull();
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
@Configuration
|
||||
static class ClearAuthenticationFalseConfig extends WebSecurityConfigurerAdapter {
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.csrf().disable()
|
||||
.logout()
|
||||
.clearAuthentication(false);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth
|
||||
.inMemoryAuthentication();
|
||||
}
|
||||
}
|
||||
|
||||
public void loadConfig(Class<?>... configs) {
|
||||
context = new AnnotationConfigWebApplicationContext();
|
||||
context.register(configs);
|
||||
context.refresh();
|
||||
|
||||
context.getAutowireCapableBeanFactory().autowireBean(this);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
+67
@@ -0,0 +1,67 @@
|
||||
/*
|
||||
* Copyright 2002-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.config.http.customconfigurer;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer;
|
||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
public class CustomConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain,HttpSecurity> {
|
||||
|
||||
@Value("${permitAllPattern}")
|
||||
private String permitAllPattern;
|
||||
|
||||
private String loginPage = "/login";
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.security.config.annotation.SecurityConfigurerAdapter#init(org.springframework.security.config.annotation.SecurityBuilder)
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
@Override
|
||||
public void init(HttpSecurity http) throws Exception {
|
||||
// autowire this bean
|
||||
ApplicationContext context = http.getSharedObject(ApplicationContext.class);
|
||||
context.getAutowireCapableBeanFactory().autowireBean(this);
|
||||
|
||||
http
|
||||
.authorizeRequests()
|
||||
.antMatchers(permitAllPattern).permitAll()
|
||||
.anyRequest().authenticated();
|
||||
|
||||
if(http.getConfigurer(FormLoginConfigurer.class) == null) {
|
||||
// only apply if formLogin() was not invoked by the user
|
||||
http
|
||||
.formLogin()
|
||||
.loginPage(loginPage);
|
||||
}
|
||||
}
|
||||
|
||||
public CustomConfigurer loginPage(String loginPage) {
|
||||
this.loginPage = loginPage;
|
||||
return this;
|
||||
}
|
||||
|
||||
public static CustomConfigurer customConfigurer() {
|
||||
return new CustomConfigurer();
|
||||
}
|
||||
}
|
||||
+164
@@ -0,0 +1,164 @@
|
||||
/*
|
||||
* Copyright 2002-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.config.http.customconfigurer;
|
||||
|
||||
import static org.fest.assertions.Assertions.assertThat;
|
||||
import static org.springframework.security.config.http.customconfigurer.CustomConfigurer.customConfigurer;
|
||||
|
||||
import java.util.Properties;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.junit.After;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer;
|
||||
import org.springframework.context.ConfigurableApplicationContext;
|
||||
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.mock.web.MockFilterChain;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.web.FilterChainProxy;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
public class CustomHttpSecurityConfigurerTests {
|
||||
@Autowired
|
||||
ConfigurableApplicationContext context;
|
||||
|
||||
@Autowired
|
||||
FilterChainProxy springSecurityFilterChain;
|
||||
|
||||
MockHttpServletRequest request;
|
||||
MockHttpServletResponse response;
|
||||
MockFilterChain chain;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
request = new MockHttpServletRequest();
|
||||
response = new MockHttpServletResponse();
|
||||
chain = new MockFilterChain();
|
||||
request.setMethod("GET");
|
||||
}
|
||||
|
||||
@After
|
||||
public void cleanup() {
|
||||
if(context != null) {
|
||||
context.close();
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void customConfiguerPermitAll() throws Exception {
|
||||
loadContext(Config.class);
|
||||
|
||||
request.setPathInfo("/public/something");
|
||||
|
||||
springSecurityFilterChain.doFilter(request, response, chain);
|
||||
|
||||
assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_OK);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void customConfiguerFormLogin() throws Exception {
|
||||
loadContext(Config.class);
|
||||
request.setPathInfo("/requires-authentication");
|
||||
|
||||
springSecurityFilterChain.doFilter(request, response, chain);
|
||||
|
||||
assertThat(response.getRedirectedUrl()).endsWith("/custom");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void customConfiguerCustomizeDisablesCsrf() throws Exception {
|
||||
loadContext(ConfigCustomize.class);
|
||||
request.setPathInfo("/public/something");
|
||||
request.setMethod("POST");
|
||||
|
||||
springSecurityFilterChain.doFilter(request, response, chain);
|
||||
|
||||
assertThat(response.getStatus()).isEqualTo(HttpServletResponse.SC_OK);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void customConfiguerCustomizeFormLogin() throws Exception {
|
||||
loadContext(ConfigCustomize.class);
|
||||
request.setPathInfo("/requires-authentication");
|
||||
|
||||
springSecurityFilterChain.doFilter(request, response, chain);
|
||||
|
||||
assertThat(response.getRedirectedUrl()).endsWith("/other");
|
||||
}
|
||||
|
||||
private void loadContext(Class<?> clazz) {
|
||||
AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext(clazz);
|
||||
context.getAutowireCapableBeanFactory().autowireBean(this);
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
static class Config extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.apply(customConfigurer())
|
||||
.loginPage("/custom");
|
||||
}
|
||||
|
||||
@Bean
|
||||
public static PropertyPlaceholderConfigurer propertyPlaceholderConfigurer() {
|
||||
// Typically externalize this as a properties file
|
||||
Properties properties = new Properties();
|
||||
properties.setProperty("permitAllPattern", "/public/**");
|
||||
|
||||
PropertyPlaceholderConfigurer propertyPlaceholderConfigurer = new PropertyPlaceholderConfigurer();
|
||||
propertyPlaceholderConfigurer.setProperties(properties);
|
||||
return propertyPlaceholderConfigurer;
|
||||
}
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
static class ConfigCustomize extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.apply(customConfigurer())
|
||||
.and()
|
||||
.csrf().disable()
|
||||
.formLogin()
|
||||
.loginPage("/other");
|
||||
}
|
||||
|
||||
@Bean
|
||||
public static PropertyPlaceholderConfigurer propertyPlaceholderConfigurer() {
|
||||
// Typically externalize this as a properties file
|
||||
Properties properties = new Properties();
|
||||
properties.setProperty("permitAllPattern", "/public/**");
|
||||
|
||||
PropertyPlaceholderConfigurer propertyPlaceholderConfigurer = new PropertyPlaceholderConfigurer();
|
||||
propertyPlaceholderConfigurer.setProperties(properties);
|
||||
return propertyPlaceholderConfigurer;
|
||||
}
|
||||
}
|
||||
}
|
||||
+2
-8
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-core</name>
|
||||
<description>spring-security-core</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>aopalliance</groupId>
|
||||
@@ -275,7 +269,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -95,6 +95,9 @@ public class RoleVoter implements AccessDecisionVoter<Object> {
|
||||
|
||||
public int vote(Authentication authentication, Object object,
|
||||
Collection<ConfigAttribute> attributes) {
|
||||
if(authentication == null) {
|
||||
return ACCESS_DENIED;
|
||||
}
|
||||
int result = ACCESS_ABSTAIN;
|
||||
Collection<? extends GrantedAuthority> authorities = extractAuthorities(authentication);
|
||||
|
||||
|
||||
+23
-31
@@ -25,10 +25,8 @@ import org.springframework.util.Assert;
|
||||
* then removing the {@link SecurityContext} after the delegate has completed.
|
||||
* </p>
|
||||
* <p>
|
||||
* By default the {@link SecurityContext} is only setup if {@link #call()} is
|
||||
* invoked on a separate {@link Thread} than the
|
||||
* {@link DelegatingSecurityContextCallable} was created on. This can be
|
||||
* overridden by setting {@link #setEnableOnOriginalThread(boolean)} to true.
|
||||
* If there is a {@link SecurityContext} that already exists, it will be
|
||||
* restored after the {@link #call()} method is invoked.
|
||||
* </p>
|
||||
*
|
||||
* @author Rob Winch
|
||||
@@ -38,11 +36,18 @@ public final class DelegatingSecurityContextCallable<V> implements Callable<V> {
|
||||
|
||||
private final Callable<V> delegate;
|
||||
|
||||
private final SecurityContext securityContext;
|
||||
|
||||
private final Thread originalThread;
|
||||
/**
|
||||
* The {@link SecurityContext} that the delegate {@link Callable} will be
|
||||
* ran as.
|
||||
*/
|
||||
private final SecurityContext delegateSecurityContext;
|
||||
|
||||
private boolean enableOnOriginalThread;
|
||||
/**
|
||||
* The {@link SecurityContext} that was on the {@link SecurityContextHolder}
|
||||
* prior to being set to the delegateSecurityContext.
|
||||
*/
|
||||
private SecurityContext originalSecurityContext;
|
||||
|
||||
/**
|
||||
* Creates a new {@link DelegatingSecurityContextCallable} with a specific
|
||||
@@ -57,8 +62,7 @@ public final class DelegatingSecurityContextCallable<V> implements Callable<V> {
|
||||
Assert.notNull(delegate, "delegate cannot be null");
|
||||
Assert.notNull(securityContext, "securityContext cannot be null");
|
||||
this.delegate = delegate;
|
||||
this.securityContext = securityContext;
|
||||
this.originalThread = Thread.currentThread();
|
||||
this.delegateSecurityContext = securityContext;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -71,33 +75,21 @@ public final class DelegatingSecurityContextCallable<V> implements Callable<V> {
|
||||
this(delegate, SecurityContextHolder.getContext());
|
||||
}
|
||||
|
||||
/**
|
||||
* Determines if the SecurityContext should be transfered if {@link #call()}
|
||||
* is invoked on the same {@link Thread} the
|
||||
* {@link DelegatingSecurityContextCallable} was created on.
|
||||
*
|
||||
* @param enableOnOriginalThread
|
||||
* if false (default), will only transfer the
|
||||
* {@link SecurityContext} if {@link #call()} is invoked on a
|
||||
* different {@link Thread} than the
|
||||
* {@link DelegatingSecurityContextCallable} was created on.
|
||||
*
|
||||
* @since 4.0.2
|
||||
*/
|
||||
public void setEnableOnOriginalThread(boolean enableOnOriginalThread) {
|
||||
this.enableOnOriginalThread = enableOnOriginalThread;
|
||||
}
|
||||
|
||||
public V call() throws Exception {
|
||||
if(!enableOnOriginalThread && originalThread == Thread.currentThread()) {
|
||||
return delegate.call();
|
||||
}
|
||||
this.originalSecurityContext = SecurityContextHolder.getContext();
|
||||
|
||||
try {
|
||||
SecurityContextHolder.setContext(securityContext);
|
||||
SecurityContextHolder.setContext(delegateSecurityContext);
|
||||
return delegate.call();
|
||||
}
|
||||
finally {
|
||||
SecurityContextHolder.clearContext();
|
||||
SecurityContext emptyContext = SecurityContextHolder.createEmptyContext();
|
||||
if(emptyContext.equals(originalSecurityContext)) {
|
||||
SecurityContextHolder.clearContext();
|
||||
} else {
|
||||
SecurityContextHolder.setContext(originalSecurityContext);
|
||||
}
|
||||
this.originalSecurityContext = null;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
+23
-32
@@ -23,10 +23,8 @@ import org.springframework.util.Assert;
|
||||
* {@link SecurityContext} after the delegate has completed.
|
||||
* </p>
|
||||
* <p>
|
||||
* By default the {@link SecurityContext} is only setup if {@link #run()} is
|
||||
* invoked on a separate {@link Thread} than the
|
||||
* {@link DelegatingSecurityContextRunnable} was created on. This can be
|
||||
* overridden by setting {@link #setEnableOnOriginalThread(boolean)} to true.
|
||||
* If there is a {@link SecurityContext} that already exists, it will be
|
||||
* restored after the {@link #run()} method is invoked.
|
||||
* </p>
|
||||
*
|
||||
* @author Rob Winch
|
||||
@@ -36,11 +34,17 @@ public final class DelegatingSecurityContextRunnable implements Runnable {
|
||||
|
||||
private final Runnable delegate;
|
||||
|
||||
private final SecurityContext securityContext;
|
||||
/**
|
||||
* The {@link SecurityContext} that the delegate {@link Runnable} will be
|
||||
* ran as.
|
||||
*/
|
||||
private final SecurityContext delegateSecurityContext;
|
||||
|
||||
private final Thread originalThread;
|
||||
|
||||
private boolean enableOnOriginalThread;
|
||||
/**
|
||||
* The {@link SecurityContext} that was on the {@link SecurityContextHolder}
|
||||
* prior to being set to the delegateSecurityContext.
|
||||
*/
|
||||
private SecurityContext originalSecurityContext;
|
||||
|
||||
/**
|
||||
* Creates a new {@link DelegatingSecurityContextRunnable} with a specific
|
||||
@@ -55,8 +59,7 @@ public final class DelegatingSecurityContextRunnable implements Runnable {
|
||||
Assert.notNull(delegate, "delegate cannot be null");
|
||||
Assert.notNull(securityContext, "securityContext cannot be null");
|
||||
this.delegate = delegate;
|
||||
this.securityContext = securityContext;
|
||||
this.originalThread = Thread.currentThread();
|
||||
this.delegateSecurityContext = securityContext;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -69,33 +72,21 @@ public final class DelegatingSecurityContextRunnable implements Runnable {
|
||||
this(delegate, SecurityContextHolder.getContext());
|
||||
}
|
||||
|
||||
/**
|
||||
* Determines if the SecurityContext should be transfered if {@link #run()}
|
||||
* is invoked on the same {@link Thread} the
|
||||
* {@link DelegatingSecurityContextCallable} was created on.
|
||||
*
|
||||
* @param enableOnOriginalThread
|
||||
* if false (default), will only transfer the
|
||||
* {@link SecurityContext} if {@link #run()} is invoked on a
|
||||
* different {@link Thread} than the
|
||||
* {@link DelegatingSecurityContextCallable} was created on.
|
||||
* @since 4.0.2
|
||||
*/
|
||||
public void setEnableOnOriginalThread(boolean enableOnOriginalThread) {
|
||||
this.enableOnOriginalThread = enableOnOriginalThread;
|
||||
}
|
||||
|
||||
public void run() {
|
||||
if(!enableOnOriginalThread && originalThread == Thread.currentThread()) {
|
||||
delegate.run();
|
||||
return;
|
||||
}
|
||||
this.originalSecurityContext = SecurityContextHolder.getContext();
|
||||
|
||||
try {
|
||||
SecurityContextHolder.setContext(securityContext);
|
||||
SecurityContextHolder.setContext(delegateSecurityContext);
|
||||
delegate.run();
|
||||
}
|
||||
finally {
|
||||
SecurityContextHolder.clearContext();
|
||||
SecurityContext emptyContext = SecurityContextHolder.createEmptyContext();
|
||||
if(emptyContext.equals(originalSecurityContext)) {
|
||||
SecurityContextHolder.clearContext();
|
||||
} else {
|
||||
SecurityContextHolder.setContext(originalSecurityContext);
|
||||
}
|
||||
this.originalSecurityContext = null;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -24,7 +24,7 @@ public class SpringSecurityCoreVersion {
|
||||
*/
|
||||
public static final long SERIAL_VERSION_UID = 400L;
|
||||
|
||||
static final String MIN_SPRING_VERSION = "4.1.6.RELEASE";
|
||||
static final String MIN_SPRING_VERSION = "4.2.5.RELEASE";
|
||||
|
||||
static {
|
||||
performVersionChecks();
|
||||
|
||||
@@ -4,48 +4,48 @@
|
||||
# Translation by Valentin Crettaz (valentin.crettaz@consulthys.com)
|
||||
AbstractAccessDecisionManager.accessDenied=Acc\u00E8s refus\u00E9
|
||||
AbstractLdapAuthenticationProvider.emptyPassword=Le mot de passe est obligatoire
|
||||
AbstractSecurityInterceptor.authenticationNotFound=Aucun objet Authentication n'a \u00E9t\u00E9 trouv\u00E9 dans le SecurityContext
|
||||
AbstractSecurityInterceptor.authenticationNotFound=Aucun objet Authentication n''a \u00E9t\u00E9 trouv\u00E9 dans le SecurityContext
|
||||
AbstractUserDetailsAuthenticationProvider.badCredentials=Les identifications sont erron\u00E9es
|
||||
AbstractUserDetailsAuthenticationProvider.credentialsExpired=Les identifications de l'utilisateur ont expir\u00E9
|
||||
AbstractUserDetailsAuthenticationProvider.credentialsExpired=Les identifications de l''utilisateur ont expir\u00E9
|
||||
AbstractUserDetailsAuthenticationProvider.disabled=Le compte utilisateur est d\u00E9sactiv\u00E9
|
||||
AbstractUserDetailsAuthenticationProvider.expired=Le compte utilisateur a expir\u00E9
|
||||
AbstractUserDetailsAuthenticationProvider.locked=Le compte utilisateur est bloqu\u00E9
|
||||
AbstractUserDetailsAuthenticationProvider.onlySupports=Seul UsernamePasswordAuthenticationToken est pris en charge
|
||||
AccountStatusUserDetailsChecker.credentialsExpired=Les identifications de l'utilisateur ont expir\u00E9
|
||||
AccountStatusUserDetailsChecker.credentialsExpired=Les identifications de l''utilisateur ont expir\u00E9
|
||||
AccountStatusUserDetailsChecker.disabled=Le compte utilisateur est d\u00E9sactiv\u00E9
|
||||
AccountStatusUserDetailsChecker.expired=Le compte utilisateur a expir\u00E9
|
||||
AccountStatusUserDetailsChecker.locked=Le compte utilisateur est bloqu\u00E9
|
||||
AclEntryAfterInvocationProvider.noPermission=L'authentification {0} n'a AUCUNE permission pour l'objet de domaine {1}
|
||||
AnonymousAuthenticationProvider.incorrectKey=L'AnonymousAuthenticationToken pr\u00E9sent\u00E9 ne contient pas la cl\u00E9 attendue
|
||||
AclEntryAfterInvocationProvider.noPermission=L''authentification {0} n''a AUCUNE permission pour l''objet de domaine {1}
|
||||
AnonymousAuthenticationProvider.incorrectKey=L''AnonymousAuthenticationToken pr\u00E9sent\u00E9 ne contient pas la cl\u00E9 attendue
|
||||
BindAuthenticator.badCredentials=Les identifications sont erron\u00E9es
|
||||
BindAuthenticator.emptyPassword=Le mot de passe est obligatoire
|
||||
CasAuthenticationProvider.incorrectKey=Le CasAuthenticationToken pr\u00E9sent\u00E9 ne contient pas la cl\u00E9 attendue
|
||||
CasAuthenticationProvider.noServiceTicket=Echec d'obtention d'un ticket CAS \u00E0 valider
|
||||
CasAuthenticationProvider.noServiceTicket=Echec d''obtention d''un ticket CAS \u00E0 valider
|
||||
ConcurrentSessionControlStrategy.exceededAllowed=Le maximum de {0} sessions a \u00E9t\u00E9 d\u00E9pass\u00E9 pour cet utilisateur
|
||||
DigestAuthenticationFilter.incorrectRealm=Le nom de domaine de la r\u00E9ponse {0} ne correspond pas au nom de domaine du syst\u00E8me {1}
|
||||
DigestAuthenticationFilter.incorrectResponse=R\u00E9ponse incorrecte
|
||||
DigestAuthenticationFilter.missingAuth=Une valeur obligatoire manque au condens\u00E9 pour 'auth' QOP; re\u00E7u l'ent\u00EAte {0}
|
||||
DigestAuthenticationFilter.missingMandatory=Une valeur obligatoire manque au condens\u00E9; re\u00E7u l'ent\u00EAte {0}
|
||||
DigestAuthenticationFilter.missingAuth=Une valeur obligatoire manque au condens\u00E9 pour ''auth'' QOP; re\u00E7u l''ent\u00EAte {0}
|
||||
DigestAuthenticationFilter.missingMandatory=Une valeur obligatoire manque au condens\u00E9; re\u00E7u l''ent\u00EAte {0}
|
||||
DigestAuthenticationFilter.nonceCompromised=Le jeton nonce est compromis {0}
|
||||
DigestAuthenticationFilter.nonceEncoding=Le nonce n'est pas encod\u00E9 en Base64; re\u00E7u le nonce {0}
|
||||
DigestAuthenticationFilter.nonceEncoding=Le nonce n''est pas encod\u00E9 en Base64; re\u00E7u le nonce {0}
|
||||
DigestAuthenticationFilter.nonceExpired=Le nonce a expir\u00E9
|
||||
DigestAuthenticationFilter.nonceNotNumeric=Le jeton nonce aurait d\u00FB g\u00E9n\u00E9rer d'abord un jeton num\u00E9rique, mais \u00E9tait {0}
|
||||
DigestAuthenticationFilter.nonceNotNumeric=Le jeton nonce aurait d\u00FB g\u00E9n\u00E9rer d''abord un jeton num\u00E9rique, mais \u00E9tait {0}
|
||||
DigestAuthenticationFilter.nonceNotTwoTokens=Le nonce aurait d\u00FB g\u00E9n\u00E9rer deux jetons, mais \u00E9tait {0}
|
||||
DigestAuthenticationFilter.usernameNotFound=Le nom d'utilisateur {0} n'a pas \u00E9t\u00E9 trouv\u00E9
|
||||
JdbcDaoImpl.noAuthority=Le compte utilisateur {0} n'a pas de permission
|
||||
JdbcDaoImpl.notFound=Le nom d'utilisateur {0} n'a pas \u00E9t\u00E9 trouv\u00E9
|
||||
DigestAuthenticationFilter.usernameNotFound=Le nom d''utilisateur {0} n''a pas \u00E9t\u00E9 trouv\u00E9
|
||||
JdbcDaoImpl.noAuthority=Le compte utilisateur {0} n''a pas de permission
|
||||
JdbcDaoImpl.notFound=Le nom d''utilisateur {0} n''a pas \u00E9t\u00E9 trouv\u00E9
|
||||
LdapAuthenticationProvider.badCredentials=Les identifications sont erron\u00E9es
|
||||
LdapAuthenticationProvider.credentialsExpired=Les identifications de l'utilisateur ont expir\u00E9
|
||||
LdapAuthenticationProvider.credentialsExpired=Les identifications de l''utilisateur ont expir\u00E9
|
||||
LdapAuthenticationProvider.disabled=Le compte utilisateur est d\u00E9sactiv\u00E9
|
||||
LdapAuthenticationProvider.expired=Le compte utilisateur a expir\u00E9
|
||||
LdapAuthenticationProvider.locked=Le compte utilisateur est bloqu\u00E9
|
||||
LdapAuthenticationProvider.emptyUsername=Le nom d'utilisateur est obligatoire
|
||||
LdapAuthenticationProvider.emptyUsername=Le nom d''utilisateur est obligatoire
|
||||
LdapAuthenticationProvider.onlySupports=Seul UsernamePasswordAuthenticationToken est pris en charge
|
||||
PasswordComparisonAuthenticator.badCredentials=Les identifications sont erron\u00E9es
|
||||
PersistentTokenBasedRememberMeServices.cookieStolen=Invalid remember-me token (Series/token) mismatch. Implies previous cookie theft attack.
|
||||
ProviderManager.providerNotFound=Aucun AuthenticationProvider n'a \u00E9t\u00E9 trouv\u00E9 pour {0}
|
||||
ProviderManager.providerNotFound=Aucun AuthenticationProvider n''a \u00E9t\u00E9 trouv\u00E9 pour {0}
|
||||
RememberMeAuthenticationProvider.incorrectKey=Le RememberMeAuthenticationToken pr\u00E9sent\u00E9 ne contient pas la cl\u00E9 attendue
|
||||
RunAsImplAuthenticationProvider.incorrectKey=Le RunAsUserToken pr\u00E9sent\u00E9 ne contient pas la cl\u00E9 attendue
|
||||
SubjectDnX509PrincipalExtractor.noMatching=Aucun motif concordant n'a \u00E9t\u00E9 trouv\u00E9 dans le subjectDN\: {0}
|
||||
SwitchUserFilter.noCurrentUser=Aucun utilisateur n'est associ\u00E9 \u00E0 la requ\u00EAte en cours
|
||||
SwitchUserFilter.noOriginalAuthentication=L'objet Authentication original n'a pas \u00E9t\u00E9 trouv\u00E9
|
||||
SubjectDnX509PrincipalExtractor.noMatching=Aucun motif concordant n''a \u00E9t\u00E9 trouv\u00E9 dans le subjectDN\: {0}
|
||||
SwitchUserFilter.noCurrentUser=Aucun utilisateur n''est associ\u00E9 \u00E0 la requ\u00EAte en cours
|
||||
SwitchUserFilter.noOriginalAuthentication=L''objet Authentication original n''a pas \u00E9t\u00E9 trouv\u00E9
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package org.springframework.security.access.vote;
|
||||
|
||||
import static org.fest.assertions.Assertions.assertThat;
|
||||
import static org.junit.Assert.*;
|
||||
|
||||
import org.junit.Test;
|
||||
@@ -22,4 +23,13 @@ public class RoleVoterTests {
|
||||
assertEquals(AccessDecisionVoter.ACCESS_GRANTED,
|
||||
voter.vote(userAB, this, SecurityConfig.createList("A", "C")));
|
||||
}
|
||||
|
||||
// SEC-3128
|
||||
@Test
|
||||
public void nullAuthenticationDenies() {
|
||||
RoleVoter voter = new RoleVoter();
|
||||
voter.setRolePrefix("");
|
||||
Authentication notAuthenitcated = null;
|
||||
assertThat(voter.vote(notAuthenitcated, this, SecurityConfig.createList("A"))).isEqualTo(AccessDecisionVoter.ACCESS_DENIED);
|
||||
}
|
||||
}
|
||||
|
||||
+6
-10
@@ -50,9 +50,12 @@ public class DelegatingSecurityContextCallableTests {
|
||||
|
||||
private ExecutorService executor;
|
||||
|
||||
private SecurityContext originalSecurityContext;
|
||||
|
||||
@Before
|
||||
@SuppressWarnings("serial")
|
||||
public void setUp() throws Exception {
|
||||
originalSecurityContext = SecurityContextHolder.createEmptyContext();
|
||||
when(delegate.call()).thenAnswer(new Returns(callableResult) {
|
||||
@Override
|
||||
public Object answer(InvocationOnMock invocation) throws Throwable {
|
||||
@@ -111,17 +114,10 @@ public class DelegatingSecurityContextCallableTests {
|
||||
// SEC-3031
|
||||
@Test
|
||||
public void callOnSameThread() throws Exception {
|
||||
originalSecurityContext = securityContext;
|
||||
SecurityContextHolder.setContext(originalSecurityContext);
|
||||
callable = new DelegatingSecurityContextCallable<Object>(delegate,
|
||||
securityContext);
|
||||
securityContext = SecurityContextHolder.createEmptyContext();
|
||||
assertWrapped(callable.call());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void callOnSameThreadExplicitlyEnabled() throws Exception {
|
||||
DelegatingSecurityContextCallable<Object> callable = new DelegatingSecurityContextCallable<Object>(delegate,
|
||||
securityContext);
|
||||
callable.setEnableOnOriginalThread(true);
|
||||
assertWrapped(callable.call());
|
||||
}
|
||||
|
||||
@@ -170,6 +166,6 @@ public class DelegatingSecurityContextCallableTests {
|
||||
private void assertWrapped(Object callableResult) throws Exception {
|
||||
verify(delegate).call();
|
||||
assertThat(SecurityContextHolder.getContext()).isEqualTo(
|
||||
SecurityContextHolder.createEmptyContext());
|
||||
originalSecurityContext);
|
||||
}
|
||||
}
|
||||
+6
-11
@@ -51,8 +51,11 @@ public class DelegatingSecurityContextRunnableTests {
|
||||
|
||||
private ExecutorService executor;
|
||||
|
||||
private SecurityContext originalSecurityContext;
|
||||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
originalSecurityContext = SecurityContextHolder.createEmptyContext();
|
||||
doAnswer(new Answer<Object>() {
|
||||
public Object answer(InvocationOnMock invocation) throws Throwable {
|
||||
assertThat(SecurityContextHolder.getContext()).isEqualTo(securityContext);
|
||||
@@ -110,19 +113,11 @@ public class DelegatingSecurityContextRunnableTests {
|
||||
// SEC-3031
|
||||
@Test
|
||||
public void callOnSameThread() throws Exception {
|
||||
originalSecurityContext = securityContext;
|
||||
SecurityContextHolder.setContext(originalSecurityContext);
|
||||
executor = synchronousExecutor();
|
||||
runnable = new DelegatingSecurityContextRunnable(delegate,
|
||||
securityContext);
|
||||
securityContext = SecurityContextHolder.createEmptyContext();
|
||||
assertWrapped(runnable);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void callOnSameThreadExplicitlyEnabled() throws Exception {
|
||||
executor = synchronousExecutor();
|
||||
DelegatingSecurityContextRunnable runnable = new DelegatingSecurityContextRunnable(delegate,
|
||||
securityContext);
|
||||
runnable.setEnableOnOriginalThread(true);
|
||||
assertWrapped(runnable);
|
||||
}
|
||||
|
||||
@@ -167,7 +162,7 @@ public class DelegatingSecurityContextRunnableTests {
|
||||
submit.get();
|
||||
verify(delegate).run();
|
||||
assertThat(SecurityContextHolder.getContext()).isEqualTo(
|
||||
SecurityContextHolder.createEmptyContext());
|
||||
originalSecurityContext);
|
||||
}
|
||||
|
||||
private static ExecutorService synchronousExecutor() {
|
||||
|
||||
+2
-8
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-crypto</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-crypto</name>
|
||||
<description>spring-security-crypto</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>commons-logging</groupId>
|
||||
@@ -85,7 +79,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -17,7 +17,6 @@ package org.springframework.security.crypto.password;
|
||||
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.NoSuchProviderException;
|
||||
|
||||
/**
|
||||
* Helper for working with the MessageDigest API.
|
||||
@@ -30,7 +29,7 @@ import java.security.NoSuchProviderException;
|
||||
*/
|
||||
final class Digester {
|
||||
|
||||
private final MessageDigest messageDigest;
|
||||
private final String algorithm;
|
||||
|
||||
private final int iterations;
|
||||
|
||||
@@ -40,22 +39,26 @@ final class Digester {
|
||||
* @param iterations the number of times to apply the digest algorithm to the input
|
||||
*/
|
||||
public Digester(String algorithm, int iterations) {
|
||||
try {
|
||||
messageDigest = MessageDigest.getInstance(algorithm);
|
||||
}
|
||||
catch (NoSuchAlgorithmException e) {
|
||||
throw new IllegalStateException("No such hashing algorithm", e);
|
||||
}
|
||||
|
||||
// eagerly validate the algorithm
|
||||
createDigest(algorithm);
|
||||
this.algorithm = algorithm;
|
||||
this.iterations = iterations;
|
||||
}
|
||||
|
||||
public byte[] digest(byte[] value) {
|
||||
synchronized (messageDigest) {
|
||||
for (int i = 0; i < iterations; i++) {
|
||||
value = messageDigest.digest(value);
|
||||
}
|
||||
return value;
|
||||
MessageDigest messageDigest = createDigest(algorithm);
|
||||
for (int i = 0; i < iterations; i++) {
|
||||
value = messageDigest.digest(value);
|
||||
}
|
||||
return value;
|
||||
}
|
||||
|
||||
private static MessageDigest createDigest(String algorithm) {
|
||||
try {
|
||||
return MessageDigest.getInstance(algorithm);
|
||||
}
|
||||
catch (NoSuchAlgorithmException e) {
|
||||
throw new IllegalStateException("No such hashing algorithm", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
+3
-9
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-data</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-data</name>
|
||||
<description>spring-security-data</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.data</groupId>
|
||||
@@ -46,7 +40,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -108,7 +102,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -188,6 +188,7 @@ For example, we might create an annotation named `@WithMockCustomUser` as shown
|
||||
|
||||
[source,java]
|
||||
----
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@WithSecurityContext(factory = WithMockCustomUserSecurityContextFactory.class)
|
||||
public @interface WithMockCustomUser {
|
||||
|
||||
@@ -506,7 +507,7 @@ For example, this is the above request modified to include the username on the H
|
||||
[source,java]
|
||||
----
|
||||
mvc
|
||||
.perform(formLogin("/auth").user("a","admin").password("p","pass"))
|
||||
.perform(formLogin("/auth").user("u","admin").password("p","pass"))
|
||||
----
|
||||
|
||||
[[test-logout]]
|
||||
|
||||
@@ -388,7 +388,7 @@ For example:
|
||||
|
||||
<b:bean id="csrfMatcher"
|
||||
class="AndRequestMatcher">
|
||||
<b:constructor-arg value="#{T(org.springframework.security.web.csrf.CsrfFilter).DEFAULT_MATCHER}"/>
|
||||
<b:constructor-arg value="#{T(org.springframework.security.web.csrf.CsrfFilter).DEFAULT_CSRF_MATCHER}"/>
|
||||
<b:constructor-arg>
|
||||
<b:bean class="org.springframework.security.web.util.matcher.NegatedRequestMatcher">
|
||||
<b:bean class="org.springframework.security.web.util.matcher.AntPathRequestMatcher">
|
||||
|
||||
@@ -3510,18 +3510,16 @@ You can easily do this with the following Java Configuration:
|
||||
----
|
||||
@EnableWebSecurity
|
||||
public class WebSecurityConfig extends
|
||||
WebSecurityConfigurerAdapter {
|
||||
WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
// ...
|
||||
.headers()
|
||||
.frameOptions()
|
||||
.sameOrigin()
|
||||
.and()
|
||||
.hsts().disable();
|
||||
}
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http
|
||||
// ...
|
||||
.headers()
|
||||
.frameOptions().sameOrigin()
|
||||
.httpStrictTransportSecurity().disable();
|
||||
}
|
||||
}
|
||||
----
|
||||
|
||||
|
||||
+1
-1
@@ -1 +1 @@
|
||||
version=4.0.3.CI-SNAPSHOT
|
||||
version=4.0.5.CI-SNAPSHOT
|
||||
|
||||
@@ -143,7 +143,6 @@ task springSnapshotTest(type: Test) {
|
||||
junitXml.destination = project.file("$buildDir/reports/spring-snapshot-tests/")
|
||||
}
|
||||
}
|
||||
check.dependsOn springSnapshotTest
|
||||
|
||||
dependencies {
|
||||
optional "commons-logging:commons-logging:$commonsLoggingVersion"
|
||||
|
||||
+5
-11
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>itest-context</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>itest-context</name>
|
||||
<description>itest-context</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>aopalliance</groupId>
|
||||
@@ -52,7 +46,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -127,13 +121,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -152,7 +146,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+7
-13
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>itest-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>itest-web</name>
|
||||
<description>itest-web</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
@@ -145,31 +139,31 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-ldap</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -200,7 +194,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+3
-9
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-ldap</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-ldap</name>
|
||||
<description>spring-security-ldap</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.ldap</groupId>
|
||||
@@ -68,7 +62,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -200,7 +194,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+4
-10
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-messaging</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-messaging</name>
|
||||
<description>spring-security-messaging</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>aopalliance</groupId>
|
||||
@@ -46,7 +40,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -97,7 +91,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
@@ -232,7 +226,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+4
-10
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-openid</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-openid</name>
|
||||
<description>spring-security-openid</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.google.inject</groupId>
|
||||
@@ -58,13 +52,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -164,7 +158,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+3
-9
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-remoting</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-remoting</name>
|
||||
<description>spring-security-remoting</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>aopalliance</groupId>
|
||||
@@ -46,7 +40,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -123,7 +117,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-aspectj-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-samples-aspectj-jc</name>
|
||||
<description>spring-security-samples-aspectj-jc</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,23 +30,17 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -66,7 +60,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-aspects</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -110,7 +104,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-aspectj-xml</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-samples-aspectj-xml</name>
|
||||
<description>spring-security-samples-aspectj-xml</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,17 +30,11 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -60,13 +54,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-aspects</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -110,7 +104,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-cassample-xml</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-cassample-xml</name>
|
||||
<description>spring-security-samples-cassample-xml</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.jasig.cas.client</groupId>
|
||||
@@ -47,13 +41,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-cas</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -90,13 +84,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -193,7 +187,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-casserver</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-casserver</name>
|
||||
<description>spring-security-samples-casserver</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>commons-logging</groupId>
|
||||
@@ -86,7 +80,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+6
-12
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-chat-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-chat-jc</name>
|
||||
<description>spring-security-samples-chat-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
@@ -125,25 +119,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-data</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-messaging</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -239,7 +233,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-concurrency-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-concurrency-jc</name>
|
||||
<description>spring-security-samples-concurrency-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -83,25 +77,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -186,7 +180,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-contacts-xml</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-contacts-xml</name>
|
||||
<description>spring-security-samples-contacts-xml</description>
|
||||
@@ -31,23 +31,17 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-acl</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -137,19 +131,19 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -234,7 +228,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+4
-10
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-data-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-samples-data-jc</name>
|
||||
<description>spring-security-samples-data-jc</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.validation</groupId>
|
||||
@@ -76,13 +70,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-data</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -133,7 +127,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+5
-11
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-dms-xml</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-samples-dms-xml</name>
|
||||
<description>spring-security-samples-dms-xml</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,23 +30,17 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-acl</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -87,7 +81,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -141,7 +135,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+6
-12
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-form-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-form-jc</name>
|
||||
<description>spring-security-samples-form-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -83,25 +77,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -234,7 +228,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+6
-12
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-gae-xml</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-gae-xml</name>
|
||||
<description>spring-security-samples-gae-xml</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.google.appengine</groupId>
|
||||
@@ -65,13 +59,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -139,13 +133,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -201,7 +195,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-hellojs-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-hellojs-jc</name>
|
||||
<description>spring-security-samples-hellojs-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
@@ -89,25 +83,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -192,7 +186,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-hellomvc-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-hellomvc-jc</name>
|
||||
<description>spring-security-samples-hellomvc-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -83,25 +77,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -178,7 +172,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-test</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -192,7 +186,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-helloworld-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-helloworld-jc</name>
|
||||
<description>spring-security-samples-helloworld-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -59,13 +53,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -170,7 +164,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-helloworld-xml</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-helloworld-xml</name>
|
||||
<description>spring-security-samples-helloworld-xml</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -59,13 +53,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -170,7 +164,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-inmemory-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-inmemory-jc</name>
|
||||
<description>spring-security-samples-inmemory-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -83,25 +77,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -178,7 +172,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-test</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -192,7 +186,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-insecure</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-insecure</name>
|
||||
<description>spring-security-samples-insecure</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -158,7 +152,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-insecuremvc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-insecuremvc</name>
|
||||
<description>spring-security-samples-insecuremvc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -83,7 +77,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -168,7 +162,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-jaas-xml</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-jaas-xml</name>
|
||||
<description>spring-security-samples-jaas-xml</description>
|
||||
@@ -31,17 +31,11 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -99,19 +93,19 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -196,7 +190,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+6
-12
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-jdbc-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-jdbc-jc</name>
|
||||
<description>spring-security-samples-jdbc-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -83,25 +77,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -234,7 +228,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+7
-13
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-ldap-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-ldap-jc</name>
|
||||
<description>spring-security-samples-ldap-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -119,31 +113,31 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-ldap</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -276,7 +270,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-ldap-xml</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-ldap-xml</name>
|
||||
<description>spring-security-samples-ldap-xml</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -53,7 +47,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -120,19 +114,19 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-ldap</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -212,7 +206,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-samples-messages-jc</name>
|
||||
<description>spring-security-samples-messages-jc</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.validation</groupId>
|
||||
@@ -88,13 +82,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -208,7 +202,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-openid-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-openid-jc</name>
|
||||
<description>spring-security-samples-openid-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -83,31 +77,31 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-openid</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -198,7 +192,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-openid-xml</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-openid-xml</name>
|
||||
<description>spring-security-samples-openid-xml</description>
|
||||
@@ -31,23 +31,17 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-openid</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -95,13 +89,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -133,7 +127,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-preauth-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-preauth-jc</name>
|
||||
<description>spring-security-samples-preauth-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -83,25 +77,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -186,7 +180,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-preauth-xml</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-preauth-xml</name>
|
||||
<description>spring-security-samples-preauth-xml</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>commons-logging</groupId>
|
||||
@@ -66,13 +60,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -104,7 +98,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-rememberme-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-rememberme-jc</name>
|
||||
<description>spring-security-samples-rememberme-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -83,25 +77,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -186,7 +180,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-servletapi-xml</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-servletapi-xml</name>
|
||||
<description>spring-security-samples-servletapi-xml</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -47,13 +41,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -110,13 +104,13 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -153,7 +147,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-tutorial-xml</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-tutorial-xml</name>
|
||||
<description>spring-security-samples-tutorial-xml</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.slf4j</groupId>
|
||||
@@ -47,7 +41,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -111,19 +105,19 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -155,7 +149,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+6
-12
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-x509-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<packaging>war</packaging>
|
||||
<name>spring-security-samples-x509-jc</name>
|
||||
<description>spring-security-samples-x509-jc</description>
|
||||
@@ -31,12 +31,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp.jstl</groupId>
|
||||
@@ -83,25 +77,25 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-samples-messages-jc</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -186,7 +180,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+5
-11
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-taglibs</name>
|
||||
<description>spring-security-taglibs</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,29 +30,23 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-acl</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -187,7 +181,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+3
-4
@@ -37,6 +37,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.WebAttributes;
|
||||
import org.springframework.security.web.access.WebInvocationPrivilegeEvaluator;
|
||||
import org.springframework.security.web.context.support.SecurityWebApplicationContextUtils;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.context.support.WebApplicationContextUtils;
|
||||
|
||||
@@ -201,8 +202,7 @@ public abstract class AbstractAuthorizeTag {
|
||||
@SuppressWarnings({ "unchecked", "rawtypes" })
|
||||
private SecurityExpressionHandler<FilterInvocation> getExpressionHandler()
|
||||
throws IOException {
|
||||
ApplicationContext appContext = WebApplicationContextUtils
|
||||
.getRequiredWebApplicationContext(getServletContext());
|
||||
ApplicationContext appContext = SecurityWebApplicationContextUtils.findRequiredWebApplicationContext(getServletContext());
|
||||
Map<String, SecurityExpressionHandler> handlers = appContext
|
||||
.getBeansOfType(SecurityExpressionHandler.class);
|
||||
|
||||
@@ -225,8 +225,7 @@ public abstract class AbstractAuthorizeTag {
|
||||
return privEvaluatorFromRequest;
|
||||
}
|
||||
|
||||
ApplicationContext ctx = WebApplicationContextUtils
|
||||
.getRequiredWebApplicationContext(getServletContext());
|
||||
ApplicationContext ctx = SecurityWebApplicationContextUtils.findRequiredWebApplicationContext(getServletContext());
|
||||
Map<String, WebInvocationPrivilegeEvaluator> wipes = ctx
|
||||
.getBeansOfType(WebInvocationPrivilegeEvaluator.class);
|
||||
|
||||
|
||||
+12
-9
@@ -14,6 +14,16 @@
|
||||
*/
|
||||
package org.springframework.security.taglibs.authz;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.jsp.JspException;
|
||||
import javax.servlet.jsp.PageContext;
|
||||
import javax.servlet.jsp.tagext.Tag;
|
||||
import javax.servlet.jsp.tagext.TagSupport;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
@@ -21,15 +31,9 @@ import org.springframework.security.access.PermissionEvaluator;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.taglibs.TagLibConfig;
|
||||
import org.springframework.security.web.context.support.SecurityWebApplicationContextUtils;
|
||||
import org.springframework.web.context.support.WebApplicationContextUtils;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.jsp.JspException;
|
||||
import javax.servlet.jsp.PageContext;
|
||||
import javax.servlet.jsp.tagext.Tag;
|
||||
import javax.servlet.jsp.tagext.TagSupport;
|
||||
import java.util.*;
|
||||
|
||||
/**
|
||||
* An implementation of {@link Tag} that allows its body through if all authorizations are
|
||||
* granted to the request's principal.
|
||||
@@ -142,8 +146,7 @@ public class AccessControlListTag extends TagSupport {
|
||||
protected ApplicationContext getContext(PageContext pageContext) {
|
||||
ServletContext servletContext = pageContext.getServletContext();
|
||||
|
||||
return WebApplicationContextUtils
|
||||
.getRequiredWebApplicationContext(servletContext);
|
||||
return SecurityWebApplicationContextUtils.findRequiredWebApplicationContext(servletContext);
|
||||
}
|
||||
|
||||
public Object getDomainObject() {
|
||||
|
||||
+35
@@ -12,12 +12,16 @@
|
||||
*/
|
||||
package org.springframework.security.taglibs.authz;
|
||||
|
||||
import static org.fest.assertions.Assertions.*;
|
||||
|
||||
import static org.mockito.Matchers.any;
|
||||
import static org.mockito.Matchers.eq;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.when;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Collections;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.ServletRequest;
|
||||
@@ -29,10 +33,14 @@ import org.junit.Test;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.mock.web.MockServletContext;
|
||||
import org.springframework.security.access.expression.SecurityExpressionHandler;
|
||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.WebAttributes;
|
||||
import org.springframework.security.web.access.WebInvocationPrivilegeEvaluator;
|
||||
import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
|
||||
import org.springframework.web.context.WebApplicationContext;
|
||||
|
||||
/**
|
||||
*
|
||||
@@ -71,6 +79,33 @@ public class AbstractAuthorizeTagTests {
|
||||
verify(expected).isAllowed(eq(""), eq(uri), eq("GET"), any(Authentication.class));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void privilegeEvaluatorFromChildContext() throws IOException {
|
||||
String uri = "/something";
|
||||
WebInvocationPrivilegeEvaluator expected = mock(WebInvocationPrivilegeEvaluator.class);
|
||||
tag.setUrl(uri);
|
||||
WebApplicationContext wac = mock(WebApplicationContext.class);
|
||||
when(wac.getBeansOfType(WebInvocationPrivilegeEvaluator.class)).thenReturn(Collections.singletonMap("wipe", expected));
|
||||
servletContext.setAttribute("org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher", wac);
|
||||
|
||||
tag.authorizeUsingUrlCheck();
|
||||
|
||||
verify(expected).isAllowed(eq(""), eq(uri), eq("GET"), any(Authentication.class));
|
||||
}
|
||||
|
||||
@Test
|
||||
@SuppressWarnings("rawtypes")
|
||||
public void expressionFromChildContext() throws IOException {
|
||||
SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("user", "pass","USER"));
|
||||
DefaultWebSecurityExpressionHandler expected = new DefaultWebSecurityExpressionHandler();
|
||||
tag.setAccess("permitAll");
|
||||
WebApplicationContext wac = mock(WebApplicationContext.class);
|
||||
when(wac.getBeansOfType(SecurityExpressionHandler.class)).thenReturn(Collections.<String,SecurityExpressionHandler>singletonMap("wipe", expected));
|
||||
servletContext.setAttribute("org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher", wac);
|
||||
|
||||
assertThat(tag.authorize()).isTrue();
|
||||
}
|
||||
|
||||
private class AuthzTag extends AbstractAuthorizeTag {
|
||||
|
||||
@Override
|
||||
|
||||
+22
@@ -26,6 +26,7 @@ import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.context.WebApplicationContext;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.jsp.tagext.Tag;
|
||||
import java.util.*;
|
||||
|
||||
@@ -83,6 +84,27 @@ public class AccessControlListTagTests {
|
||||
assertTrue((Boolean) pageContext.getAttribute("allowed"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void childContext() throws Exception {
|
||||
ServletContext servletContext = pageContext.getServletContext();
|
||||
WebApplicationContext wac = (WebApplicationContext) servletContext
|
||||
.getAttribute(WebApplicationContext.ROOT_WEB_APPLICATION_CONTEXT_ATTRIBUTE);
|
||||
servletContext.removeAttribute(WebApplicationContext.ROOT_WEB_APPLICATION_CONTEXT_ATTRIBUTE);
|
||||
servletContext.setAttribute("org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher", wac);
|
||||
|
||||
Object domainObject = new Object();
|
||||
when(pe.hasPermission(bob, domainObject, "READ")).thenReturn(true);
|
||||
|
||||
tag.setDomainObject(domainObject);
|
||||
tag.setHasPermission("READ");
|
||||
tag.setVar("allowed");
|
||||
assertSame(domainObject, tag.getDomainObject());
|
||||
assertEquals("READ", tag.getHasPermission());
|
||||
|
||||
assertEquals(Tag.EVAL_BODY_INCLUDE, tag.doStartTag());
|
||||
assertTrue((Boolean) pageContext.getAttribute("allowed"));
|
||||
}
|
||||
|
||||
// SEC-2022
|
||||
@Test
|
||||
public void multiHasPermissionsAreSplit() throws Exception {
|
||||
|
||||
+5
-11
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-test</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-test</name>
|
||||
<description>spring-security-test</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,23 +30,17 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -75,7 +69,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
@@ -168,7 +162,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
+1
-1
@@ -103,7 +103,7 @@ public class Sec2935Tests {
|
||||
.andExpect(authenticated().withUsername("user"));
|
||||
}
|
||||
|
||||
@Ignore
|
||||
// SEC-2941
|
||||
@Test
|
||||
public void defaultRequest() throws Exception {
|
||||
mvc = MockMvcBuilders.webAppContextSetup(context)
|
||||
|
||||
+3
-9
@@ -3,7 +3,7 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-web</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<name>spring-security-web</name>
|
||||
<description>spring-security-web</description>
|
||||
<url>http://spring.io/spring-security</url>
|
||||
@@ -30,12 +30,6 @@
|
||||
<developerConnection>scm:git:git://github.com/spring-projects/spring-security</developerConnection>
|
||||
<url>https://github.com/spring-projects/spring-security</url>
|
||||
</scm>
|
||||
<repositories>
|
||||
<repository>
|
||||
<id>spring-snasphot</id>
|
||||
<url>https://repo.spring.io/snapshot</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>aopalliance</groupId>
|
||||
@@ -46,7 +40,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-core</artifactId>
|
||||
<version>4.0.3.CI-SNAPSHOT</version>
|
||||
<version>4.0.4.RELEASE</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -236,7 +230,7 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework</groupId>
|
||||
<artifactId>spring-framework-bom</artifactId>
|
||||
<version>4.1.6.RELEASE</version>
|
||||
<version>4.2.5.RELEASE</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
|
||||
@@ -41,7 +41,7 @@ import java.util.*;
|
||||
* version 2.0, you shouldn't need to explicitly configure a {@code FilterChainProxy} bean
|
||||
* in your application context unless you need very fine control over the filter chain
|
||||
* contents. Most cases should be adequately covered by the default
|
||||
* {@code <security:http />} namespace configuration options.
|
||||
* {@code <security:http />} namespace configuration options.
|
||||
* <p>
|
||||
* The {@code FilterChainProxy} is linked into the servlet container filter chain by
|
||||
* adding a standard Spring {@link DelegatingFilterProxy} declaration in the application
|
||||
@@ -54,7 +54,7 @@ import java.util.*;
|
||||
* and a list of filters which should be applied to matching requests. Most applications
|
||||
* will only contain a single filter chain, and if you are using the namespace, you don't
|
||||
* have to set the chains explicitly. If you require finer-grained control, you can make
|
||||
* use of the {@code <filter-chain>} namespace element. This defines a URI pattern
|
||||
* use of the {@code <filter-chain>} namespace element. This defines a URI pattern
|
||||
* and the list of filters (as comma-separated bean names) which should be applied to
|
||||
* requests which match the pattern. An example configuration might look like this:
|
||||
*
|
||||
|
||||
+1
-1
@@ -43,7 +43,7 @@ import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
* <p>
|
||||
* The most common method creating an instance is using the Spring Security namespace. For
|
||||
* example, the {@code pattern} and {@code access} attributes of the
|
||||
* {@code <intercept-url>} elements defined as children of the {@code <http>}
|
||||
* {@code <intercept-url>} elements defined as children of the {@code <http>}
|
||||
* element are combined to build the instance used by the
|
||||
* {@code FilterSecurityInterceptor}.
|
||||
*
|
||||
|
||||
+5
-2
@@ -38,6 +38,7 @@ import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.SpringSecurityMessageSource;
|
||||
import org.springframework.security.crypto.codec.Base64;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.UserCache;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
@@ -224,8 +225,10 @@ public class DigestAuthenticationFilter extends GenericFilterBean implements
|
||||
+ "' with response: '" + digestAuth.getResponse() + "'");
|
||||
}
|
||||
|
||||
SecurityContextHolder.getContext().setAuthentication(
|
||||
createSuccessfulAuthentication(request, user));
|
||||
Authentication authentication = createSuccessfulAuthentication(request, user);
|
||||
SecurityContext context = SecurityContextHolder.createEmptyContext();
|
||||
context.setAuthentication(authentication);
|
||||
SecurityContextHolder.setContext(context);
|
||||
|
||||
chain.doFilter(request, response);
|
||||
}
|
||||
|
||||
+1
-1
@@ -337,7 +337,7 @@ public class HttpSessionSecurityContextRepository implements SecurityContextRepo
|
||||
logger.debug("SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.");
|
||||
}
|
||||
|
||||
if (httpSession != null && !contextObject.equals(contextBeforeExecution)) {
|
||||
if (httpSession != null && authBeforeExecution != null) {
|
||||
// SEC-1587 A non-anonymous context may still be in the session
|
||||
// SEC-1735 remove if the contextBeforeExecution was not anonymous
|
||||
httpSession.removeAttribute(springSecurityContextKey);
|
||||
|
||||
-2
@@ -207,8 +207,6 @@ abstract class OnCommittedResponseWrapper extends HttpServletResponseWrapper {
|
||||
if(!disableOnCommitted) {
|
||||
onResponseCommitted();
|
||||
disableOnResponseCommitted();
|
||||
} else if(logger.isDebugEnabled()){
|
||||
logger.debug("Skip invoking on");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
+76
@@ -0,0 +1,76 @@
|
||||
/*
|
||||
* Copyright 2002-2015 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.web.context.support;
|
||||
|
||||
import java.util.Enumeration;
|
||||
import javax.servlet.ServletContext;
|
||||
|
||||
import org.springframework.web.context.WebApplicationContext;
|
||||
import org.springframework.web.context.support.WebApplicationContextUtils;
|
||||
|
||||
/**
|
||||
* Spring Security extension to Spring's {@link WebApplicationContextUtils}.
|
||||
*
|
||||
* @author Rob Winch
|
||||
*/
|
||||
public abstract class SecurityWebApplicationContextUtils extends WebApplicationContextUtils {
|
||||
|
||||
/**
|
||||
* Find a unique {@code WebApplicationContext} for this web app: either the
|
||||
* root web app context (preferred) or a unique {@code WebApplicationContext}
|
||||
* among the registered {@code ServletContext} attributes (typically coming
|
||||
* from a single {@code DispatcherServlet} in the current web application).
|
||||
* <p>Note that {@code DispatcherServlet}'s exposure of its context can be
|
||||
* controlled through its {@code publishContext} property, which is {@code true}
|
||||
* by default but can be selectively switched to only publish a single context
|
||||
* despite multiple {@code DispatcherServlet} registrations in the web app.
|
||||
* @param servletContext ServletContext to find the web application context for
|
||||
* @return the desired WebApplicationContext for this web app
|
||||
* @see #getWebApplicationContext(ServletContext)
|
||||
* @see ServletContext#getAttributeNames()
|
||||
* @throws IllegalStateException if no WebApplicationContext can be found
|
||||
*/
|
||||
public static WebApplicationContext findRequiredWebApplicationContext(ServletContext servletContext) {
|
||||
WebApplicationContext wac = _findWebApplicationContext(servletContext);
|
||||
if (wac == null) {
|
||||
throw new IllegalStateException("No WebApplicationContext found: no ContextLoaderListener registered?");
|
||||
}
|
||||
return wac;
|
||||
}
|
||||
|
||||
/**
|
||||
* Copy of {@link #findWebApplicationContext(ServletContext)} for compatibility with spring framework 4.1.x.
|
||||
* @see #findWebApplicationContext(ServletContext)
|
||||
*/
|
||||
private static WebApplicationContext _findWebApplicationContext(ServletContext sc) {
|
||||
WebApplicationContext wac = getWebApplicationContext(sc);
|
||||
if (wac == null) {
|
||||
Enumeration<String> attrNames = sc.getAttributeNames();
|
||||
while (attrNames.hasMoreElements()) {
|
||||
String attrName = attrNames.nextElement();
|
||||
Object attrValue = sc.getAttribute(attrName);
|
||||
if (attrValue instanceof WebApplicationContext) {
|
||||
if (wac != null) {
|
||||
throw new IllegalStateException("No unique WebApplicationContext found: more than one " +
|
||||
"DispatcherServlet registered with publishContext=true?");
|
||||
}
|
||||
wac = (WebApplicationContext) attrValue;
|
||||
}
|
||||
}
|
||||
}
|
||||
return wac;
|
||||
}
|
||||
}
|
||||
+1
-2
@@ -62,8 +62,7 @@ public class DefaultSavedRequest implements SavedRequest {
|
||||
private final ArrayList<Locale> locales = new ArrayList<Locale>();
|
||||
private final Map<String, List<String>> headers = new TreeMap<String, List<String>>(
|
||||
String.CASE_INSENSITIVE_ORDER);
|
||||
private final Map<String, String[]> parameters = new TreeMap<String, String[]>(
|
||||
String.CASE_INSENSITIVE_ORDER);
|
||||
private final Map<String, String[]> parameters = new TreeMap<String, String[]>();
|
||||
private final String contextPath;
|
||||
private final String method;
|
||||
private final String pathInfo;
|
||||
|
||||
+3
-4
@@ -19,7 +19,7 @@ import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import org.springframework.context.ApplicationContext;
|
||||
|
||||
import org.springframework.security.web.context.support.SecurityWebApplicationContextUtils;
|
||||
import org.springframework.web.context.support.WebApplicationContextUtils;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
@@ -28,7 +28,7 @@ import javax.servlet.http.HttpSessionListener;
|
||||
|
||||
/**
|
||||
* Declared in web.xml as
|
||||
*
|
||||
*
|
||||
* <pre>
|
||||
* <listener>
|
||||
* <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
|
||||
@@ -53,8 +53,7 @@ public class HttpSessionEventPublisher implements HttpSessionListener {
|
||||
// ========================================================================================================
|
||||
|
||||
ApplicationContext getContext(ServletContext servletContext) {
|
||||
return WebApplicationContextUtils
|
||||
.getRequiredWebApplicationContext(servletContext);
|
||||
return SecurityWebApplicationContextUtils.findRequiredWebApplicationContext(servletContext);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
+37
-3
@@ -15,11 +15,20 @@
|
||||
|
||||
package org.springframework.security.web.authentication.www;
|
||||
|
||||
import static org.junit.Assert.*;
|
||||
import static org.mockito.Mockito.*;
|
||||
import static org.fest.assertions.Assertions.*;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertNull;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.times;
|
||||
import static org.mockito.Mockito.verify;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.*;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.servlet.Filter;
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
@@ -32,7 +41,9 @@ import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
@@ -473,4 +484,27 @@ public class DigestAuthenticationFilterTests {
|
||||
assertNull(SecurityContextHolder.getContext().getAuthentication());
|
||||
assertEquals(401, response.getStatus());
|
||||
}
|
||||
|
||||
// SEC-3108
|
||||
@Test
|
||||
public void authenticationCreatesEmptyContext() throws Exception {
|
||||
SecurityContext existingContext = SecurityContextHolder.createEmptyContext();
|
||||
TestingAuthenticationToken existingAuthentication = new TestingAuthenticationToken("existingauthenitcated", "pass", "ROLE_USER");
|
||||
existingContext.setAuthentication(existingAuthentication);
|
||||
|
||||
SecurityContextHolder.setContext(existingContext);
|
||||
|
||||
String responseDigest = DigestAuthUtils.generateDigest(false, USERNAME, REALM,
|
||||
PASSWORD, "GET", REQUEST_URI, QOP, NONCE, NC, CNONCE);
|
||||
|
||||
request.addHeader(
|
||||
"Authorization",
|
||||
createAuthorizationHeader(USERNAME, REALM, NONCE, REQUEST_URI,
|
||||
responseDigest, QOP, NC, CNONCE));
|
||||
|
||||
filter.setCreateAuthenticatedToken(true);
|
||||
executeFilterInContainerSimulator(filter, request, true);
|
||||
|
||||
assertThat(existingAuthentication).isSameAs(existingContext.getAuthentication());
|
||||
}
|
||||
}
|
||||
|
||||
+19
-1
@@ -501,6 +501,24 @@ public class HttpSessionSecurityContextRepositoryTests {
|
||||
request.getSession().getAttribute(SPRING_SECURITY_CONTEXT_KEY));
|
||||
}
|
||||
|
||||
// SEC-3070
|
||||
@Test
|
||||
public void logoutInvalidateSessionFalseFails() throws Exception {
|
||||
HttpSessionSecurityContextRepository repo = new HttpSessionSecurityContextRepository();
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
SecurityContext ctxInSession = SecurityContextHolder.createEmptyContext();
|
||||
ctxInSession.setAuthentication(testToken);
|
||||
request.getSession().setAttribute(SPRING_SECURITY_CONTEXT_KEY, ctxInSession);
|
||||
|
||||
HttpRequestResponseHolder holder = new HttpRequestResponseHolder(request, new MockHttpServletResponse());
|
||||
repo.loadContext(holder);
|
||||
|
||||
ctxInSession.setAuthentication(null);
|
||||
repo.saveContext(ctxInSession, holder.getRequest(), holder.getResponse());
|
||||
|
||||
assertNull(request.getSession().getAttribute(SPRING_SECURITY_CONTEXT_KEY));
|
||||
}
|
||||
|
||||
@Test
|
||||
@SuppressWarnings("deprecation")
|
||||
public void sessionDisableUrlRewritingPreventsSessionIdBeingWrittenToUrl()
|
||||
@@ -600,4 +618,4 @@ public class HttpSessionSecurityContextRepositoryTests {
|
||||
|
||||
repo.saveContext(context, request, response);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
+5
-3
@@ -32,13 +32,15 @@ public class DefaultSavedRequestTests {
|
||||
assertTrue(saved.getHeaderValues("if-none-match").isEmpty());
|
||||
}
|
||||
|
||||
// TODO: Why are parameters case insensitive. I think this is a mistake
|
||||
// SEC-3082
|
||||
@Test
|
||||
public void parametersAreCaseInsensitive() throws Exception {
|
||||
public void parametersAreCaseSensitive() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest();
|
||||
request.addParameter("ThisIsATest", "Hi mom");
|
||||
request.addParameter("AnotHerTest", "Hi dad");
|
||||
request.addParameter("thisisatest", "Hi mom");
|
||||
DefaultSavedRequest saved = new DefaultSavedRequest(request,
|
||||
new MockPortResolver(8080, 8443));
|
||||
assertEquals("Hi mom", saved.getParameterValues("thisisatest")[0]);
|
||||
assertNull(saved.getParameterValues("anothertest"));
|
||||
}
|
||||
}
|
||||
|
||||
+3
-3
@@ -319,7 +319,7 @@ public class SecurityContextHolderAwareRequestFilterTests {
|
||||
verify(asyncContext).start(runnableCaptor.capture());
|
||||
DelegatingSecurityContextRunnable wrappedRunnable = (DelegatingSecurityContextRunnable) runnableCaptor
|
||||
.getValue();
|
||||
assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, SecurityContext.class))
|
||||
assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, "delegateSecurityContext"))
|
||||
.isEqualTo(context);
|
||||
assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, "delegate"))
|
||||
.isEqualTo(runnable);
|
||||
@@ -346,7 +346,7 @@ public class SecurityContextHolderAwareRequestFilterTests {
|
||||
verify(asyncContext).start(runnableCaptor.capture());
|
||||
DelegatingSecurityContextRunnable wrappedRunnable = (DelegatingSecurityContextRunnable) runnableCaptor
|
||||
.getValue();
|
||||
assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, SecurityContext.class))
|
||||
assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, "delegateSecurityContext"))
|
||||
.isEqualTo(context);
|
||||
assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, "delegate"))
|
||||
.isEqualTo(runnable);
|
||||
@@ -373,7 +373,7 @@ public class SecurityContextHolderAwareRequestFilterTests {
|
||||
verify(asyncContext).start(runnableCaptor.capture());
|
||||
DelegatingSecurityContextRunnable wrappedRunnable = (DelegatingSecurityContextRunnable) runnableCaptor
|
||||
.getValue();
|
||||
assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, SecurityContext.class))
|
||||
assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, "delegateSecurityContext"))
|
||||
.isEqualTo(context);
|
||||
assertThat(WhiteboxImpl.getInternalState(wrappedRunnable, "delegate"))
|
||||
.isEqualTo(runnable);
|
||||
|
||||
+36
@@ -73,6 +73,42 @@ public class HttpSessionEventPublisherTests {
|
||||
assertEquals(session, listener.getDestroyedEvent().getSession());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void publishedEventIsReceivedbyListenerChildContext() {
|
||||
HttpSessionEventPublisher publisher = new HttpSessionEventPublisher();
|
||||
|
||||
StaticWebApplicationContext context = new StaticWebApplicationContext();
|
||||
|
||||
MockServletContext servletContext = new MockServletContext();
|
||||
servletContext.setAttribute(
|
||||
"org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher",
|
||||
context);
|
||||
|
||||
context.setServletContext(servletContext);
|
||||
context.registerSingleton("listener", MockApplicationListener.class, null);
|
||||
context.refresh();
|
||||
|
||||
MockHttpSession session = new MockHttpSession(servletContext);
|
||||
MockApplicationListener listener = (MockApplicationListener) context
|
||||
.getBean("listener");
|
||||
|
||||
HttpSessionEvent event = new HttpSessionEvent(session);
|
||||
|
||||
publisher.sessionCreated(event);
|
||||
|
||||
assertNotNull(listener.getCreatedEvent());
|
||||
assertNull(listener.getDestroyedEvent());
|
||||
assertEquals(session, listener.getCreatedEvent().getSession());
|
||||
|
||||
listener.setCreatedEvent(null);
|
||||
listener.setDestroyedEvent(null);
|
||||
|
||||
publisher.sessionDestroyed(event);
|
||||
assertNotNull(listener.getDestroyedEvent());
|
||||
assertNull(listener.getCreatedEvent());
|
||||
assertEquals(session, listener.getDestroyedEvent().getSession());
|
||||
}
|
||||
|
||||
// SEC-2599
|
||||
@Test(expected = IllegalStateException.class)
|
||||
public void sessionCreatedNullApplicationContext() {
|
||||
|
||||
Reference in New Issue
Block a user