a74077f9b1
SEC-1490: Minor changes to GAE sample. Simplification of redirect to registration page (only needs to be done after authentication).
16 years ago
e659e15f90
Tidying.
16 years ago
2afccfc633
Remove commons-logging dependency properly and switch tutorial sample to logback/slf4j.
16 years ago
a681dee0e1
Minor sample build changes. JSTL dependency update.
16 years ago
e5a302b5c4
SEC-1490: Correct loggedout URL.
16 years ago
5d35919ca3
SEC-1490: Code for GAE Sample webapp
16 years ago
c1c8fd1874
SEC-1171: Changed attribute name/value from secured="false" to security="none" to allow future extension by adding extra options (e.g. contextOnly to provide security context information during the request).
16 years ago
565ef7383d
SEC-1513
...
upgraded to latest version of cas client
16 years ago
026517f674
Removal of deprecated methods and classes.
16 years ago
5939f17708
Fix openid sample configuration.
16 years ago
6a37e4be86
Fix OpenID sample to use new syntax for excluding requests.
16 years ago
efb600166a
SEC-1488: Remove commons-logging dependencies from maven poms.
16 years ago
080430150a
SEC-187: Refactoring contact Dao to use JdbcTemplate, and removing unused query objects (which have been there since 2004!)
16 years ago
64d59e1d32
Some extra FAQs and added comment to samples runall.sh script to explain that it's for dev only.
16 years ago
a421370a3d
SEC-1465: Change DelegatingMethodSecurityMetadataSource to use constructor injection to get round the problem of it being invoked before it has been initialized properly. Also changed the contacts tests to use the same app context and loading order as the actual webapp, to give better reassurance that the app will run successfully.
16 years ago
def5f88c8c
SEC-1431: Added openid-selector to openid sample, plus AX configuration for myopenid.com.
16 years ago
2f025fba6c
SEC-1460: Added AxFetchListFactory which matches OpenID identifiers to lists of attributes to use in a fetch-request.
...
This allows different configurations to be used based on the identity-provider (google, yahoo etc). The default implementation iterates through a map of regex patterns to attribute lists. The namespace has also been extended to support this facility, with the "identifier-match" attribute being added to the attribute-exchange element. Multiple attribute-exchange elements can now be defined, each matching a different identifier.
16 years ago
ee1fd1bc50
SEC-1431: Modify OpenID sample to use a custom UserDetailsService which allows any user to authenticate, allocating them a standard role and "registers" their ID in a map, allowing it to be retrieved in subsequent logins.
16 years ago
12a6ae2ffa
SEC-1232: Add config dependency to maven build for aspectj sample.
16 years ago
a3ef8255d8
SEC-1232: GlobalMethodSecurityBeanDefinitionParser support for mode='aspectj'
...
Also added this syntax to the aspectj sample.
16 years ago
d334f6fa09
Latest gradle syntax updates.
16 years ago
55de2cfcb1
SEC-1262: Added new (replacement) AspectJ interceptor which wraps the JoinPoint in a MethodInvocation adapter to provide compatibility with classes which only support MethodInvocation instances.
...
Also deprecated the existing AspectJ interceptors. This will also allow future simplification of the AbstractMethodSecurityMetadataSource, as it no longer needs to support JoinPoints.
16 years ago
f3264ba9ab
Addition of commons-logging exclusions and adjustments to pom generation.
16 years ago
b147652193
Make hsqldb a testRuntime/runtime dependency.
16 years ago
5aae545949
SEC-1232: Re-enable aspects module and aspectj sample in maven build.
16 years ago
e2a8f81ae8
Update aspectj version in sample to 1.6.8
16 years ago
b37d2ed978
SEC-593: Added PermissionCacheOptimizer strategy interface and implementation in Acl module.
...
This is used by DefaultMethodSecurityExpressionHandler to allow permissions to be cached before repeatedly evaluating an expression for a collection of domain objects.
16 years ago
2ee7696bf4
Update version number to 3.1.0.CI-SNAPSHOT.
16 years ago
44f45d21f0
3.0.2 release. Update version in build files.
16 years ago
2f40088fe7
Change spring-aop dep to compile scope in contacts sample
16 years ago
15c309a2ed
Add spring-aop to acl and contacts compile dependencies following changes for SEC-1390.
...
AopInfrastructureBean interface is now required.
16 years ago
0974e21fb6
SEC-1379: Added creation of a session if session timeout is detected (requested session ID is invalid).
...
This prevents problems with repeated detection of the same invalid session when the redirected request comes in.
16 years ago
a5dde8b28f
Updated doc on invalid session detection.
...
Invalid session URL must typically be omitted from the filter chain to prevent an infinite loop.
16 years ago
51dfc0fb39
Set versions to 3.0.2-CI-SNAPSHOT, post release.
16 years ago
05634f97dc
Updated version numbers for 3.0.1 release.
16 years ago
b323098167
Added gradle build files for taglibs, tutorial, contacts and openid.
...
Changed build file names to match module names (by manipulating the project objects in the settings.gradle file).
16 years ago
e211f9b35f
SEC-1349: Allow configuration of OpenID with parameters which should be transferred to the return_to URL.
...
The OpenIDAuthenticationFilter now has a returnToUrlParameters property (a Set). If this is set, the named parameters will be copied from the incoming submitted request to the return_to URL. If not set, it defaults to the "parameter" property of the AbstractRememberMeServices of the parent class. If remember-me is not in use, it defaults to the empty set.
Enabled remember-me in the OpenID sample.
16 years ago
052537c8b0
Removing $Id$ markers and stripping trailing whitespace from the codebase.
16 years ago
be72ed1350
Remove commented out beans from contacts sample app context.
...
These were left when the app was updated to use Spring MVC @Controller syntax and scanning.
16 years ago
893f212fa5
Tidying
16 years ago
115d5b84ff
[maven-release-plugin] prepare for next development iteration
16 years ago
6c6ef08353
[maven-release-plugin] prepare release spring-security-3.0.0.RELEASE
16 years ago
a7770a64d3
Update cas server version in runall.sh
16 years ago
aad7d01c84
Updated CAS server version for sample use to 3.3.5
16 years ago
fcce29f8df
SEC-1326: Updating dependencies to match Spring versions. Removing unused deps.
16 years ago
aeed49393c
Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting).
16 years ago
fac07ba8ff
Schema updates to Spring 3.0
16 years ago
85a58fd473
SEC-1331: Modify namespace to allow omission of user passwords in user-service element and generate random ones internally, preventing authentication against the data..
16 years ago
520e733cb2
[maven-release-plugin] prepare for next development iteration
16 years ago
f2cf17bd49
[maven-release-plugin] prepare release spring-security-3.0.0.RC2
16 years ago
Luke Taylor
Scott Battaglia