837ecd85ec
SEC-576: Tidied up code, added preauth sample demo app.
18 years ago
06f3bcbf6a
Converted all namespace attributes which refer to bean IDs to use "-ref" suffix (or "ref").
18 years ago
7d88ee8c48
Formatted ACL SQL for readability.
18 years ago
462b4b450f
Added use of authz tag to tutorial. Upgraded to use webapp 2.4 xsd. Changed JSTL dependency to 1.2
18 years ago
10ec13e4e2
[maven-release-plugin] prepare for next development iteration
18 years ago
2c5090da90
[maven-release-plugin] prepare release release_2_0_M1
18 years ago
09242ec66d
[maven-release-plugin] rollback the release of release_2_0_M1
18 years ago
42dcccd1b7
[maven-release-plugin] prepare release release_2_0_M1
18 years ago
aafbb5bb67
[maven-release-plugin] rollback the release of release_2_0_M1
18 years ago
425508d70d
[maven-release-plugin] prepare release release_2_0_M1
18 years ago
0b1e17f69a
[maven-release-plugin] rollback the release of release_2_0_M1
18 years ago
07aa0c6880
[maven-release-plugin] prepare release release_2_0_M1
18 years ago
7583aca3eb
Configured contacts app to use namespaces. Removed ldap, cas, x509 files to avoid confusion. Ldap and CAS will be better served by new samples.
18 years ago
b91e82d91c
Changed _authenticationManager -> authenticationManager to get contact app tests passing again.
18 years ago
5f1eea42fc
Moved configuration of security interceptors with access and authentication manangers from post processing stage to bean creation stage.
18 years ago
46c99d1991
Converted tutorial context file to match namespace changes.
18 years ago
e65cb9b472
Made group names singular and added "teller" role.
18 years ago
09f68400ec
Add <intercept-methods> to example, but it is disabled in favour of @Secured annotation. Still, we include it so people can have a play around and switch between the two syntaxes easily in demos etc.
18 years ago
55e4568003
Throw an exception instead of sending back a HTTP error code. This is necessary so any demonstration of upgrading from Servlet Spec authorization to Spring Security authorization, as the latter's ExceptionTranslationFilter expects specific exceptions to be thrown if you wish to commence the authentication process.
18 years ago
2e4773525b
Updated tutorial to allow authentication against ldap provider using <ldap /> namespace element.
18 years ago
d90ff50686
Use Java 5 to illustrate annotation support.
18 years ago
b1bc39a0df
Provide some shell scripts that help with demos. These assume the application is deployed to http://localhost:8080/spring-security-samples-tutorial .
18 years ago
f4c3e701d5
Enhance sample to show method authorization.
18 years ago
77d286c36f
Enhance tutorial to also demonstrate Spring Security method
...
authorization, and add a services layer accordingly.
18 years ago
fa510b3187
Modify attribute names to use "ref" instead of "id", plus use a hyphen
...
as an attribute value separator rather than a colon. This was changed
for compatibility with other components in the Spring Portfolio. tests
pass.
18 years ago
1cae1719bc
Fix bean referencing error.
18 years ago
2655955a40
Add MethodSecurityInterceptor, to more accurately reflect the capabilities offered by auto-config="true".
18 years ago
1bbe6ca456
Proper comparison with auto-configure="true".
18 years ago
5e0cb21c8d
SEC-619: Added test class for LdapUserDetailsService. The LdapAuthoritiesPopulator interface and also implementations have been moved to the org.springframework.security.ldap package since they are now used by both the ldap provider and the user service.
18 years ago
4770c29094
Use hyphens in attribute names, and not Camel Case. This is to maintain
...
consistency with the rest of Spring Portfolio. Camel Case was preserved
for attribute values, consistent with Spring Portfolio usage such as
autowiring modes (byName, byType etc).
18 years ago
85085abf9e
Add namespace support for Servlet API integration.
18 years ago
a205f95c19
No need for an access denied page.
18 years ago
8c3cc5c67b
Add hash code support.
18 years ago
8e7c540b16
General refactorings and improvements to namespace support, including
...
autoDetect="true" attribute for <http> element.
18 years ago
2441ab6d9a
Move "realm" attribute to be on <http> element rather than <http-basic>.
...
This faciltiates reuse with other mechanisms (like Digest) whilst also
moving towards the <http-auto-configure> element (which benefits from
having shared configuration in <http> as opposed to mechanism-specific
elements).
18 years ago
0b0b174eda
Support <repository> and JbcUserDetailsManager.
18 years ago
53fca59301
Add namespace support for anonymous requests. Remove unnecessary files from tutorial sample.
18 years ago
cb765bc34b
SEC-615: Automatically focus on login name HTML element on page load.
18 years ago
7aa28ea742
SEC-614: Use DelegatingFilterProxy instead of FilterToBeanProxy.
18 years ago
3e48b52cdf
Make name consistent with other MVN modules.
18 years ago
1694242855
Make project name consistent with other MVN modules.
18 years ago
56edae4f14
Make DMS Sample work post-Spring Security 2 refactor.
18 years ago
b44b748452
Make DMS Sample work post-Spring Security 2 refactor.
18 years ago
47229be5cb
Make samples and tests use username "rod".
18 years ago
3123d24337
SEC-613: Rename tag libraries.
18 years ago
38284a1117
Corrections to product name.
18 years ago
843a20e691
Changed default namespace in config files to "security" for clarity.
18 years ago
9e2f372bad
SEC-607: Deprecated InitialDirContextFactory and replaced it with SpringSecurityContextSource.
...
Also some refactoring of LdapUserDetailsManager to use a strategy for creating DNs from usernames.
18 years ago
9f2bc9a842
SEC-582: Namespace configuration implementation for remember-me support.
18 years ago
d3b165749f
SEC-583: Implementation of namespace config for concurrent session support.
...
Also some minor adjustments to ordering of different http features in schema.
18 years ago
Luke Taylor
Ben Alex