13af4b95a2
Sample package name updates
17 years ago
ca7d055c2b
SEC-1132: Created core and authentication packages within core module.
17 years ago
9efb5a7007
SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet
17 years ago
bec84f874a
SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples.
17 years ago
4a41416c9b
Tidying up and removing compiler warnings.
17 years ago
cc5966bc7e
Tidying up, removing compiler warnings etc.
17 years ago
2927b8464f
SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException.
17 years ago
6ccdcec629
SEC-1033: Added web expressions to tutorial sample configuration.
17 years ago
bc6878c1c5
SEC-1044: Removed remember-me functionality from http auto-config namespace configuration. Added explicit <remember-me> elements to contacts and tutorial sample configurations.
17 years ago
7e562031cc
Better demonstrate the new EL-based "overdraft" authorization rules.
17 years ago
d6cd392a9e
Tidying up some stuff in tutorial app
17 years ago
a7d046357b
SEC-1013: Refactored out use of ConfigAttributeDefinition from remaining interfaces
17 years ago
4f6b4e4bfd
Make sample login pages use c:out for data output
18 years ago
fc498954c6
Updated sample context files to point at 2.0.1 schema
18 years ago
882509fb2a
Renamed context file
18 years ago
eba18675fc
Removed old acegi file from tutorial sample as it's causing confusion with users.
18 years ago
80cd7f4acc
Removed accidental commit of tutorial context file
18 years ago
0cf745b85f
Updated clean plugin to 2.2
18 years ago
c7f182309f
Removed excess config from tutorial sample file
18 years ago
f7ae69880c
Minor tweaking so the tutorial is a little more illustrative of the present namespace capabilities.
18 years ago
1490fe0b0a
Various fine-tuning so people can see AspectJ expressions and a simple, minimal configuration.
18 years ago
595a14dbd5
Sample should permit people to anonymously call all methods except post(Account).
18 years ago
ef5b3e2f9c
SEC-733: Changed names of <global-method-security> attributes as discussed with Ben and updated sample to reflect the changes. Also changed explicit instantiation of Jsr250 and Secured annotation MethodDefinitionSource beans in GlobalMethodSecurityBDP into bean definitions to make more tooling friendly.
18 years ago
743d72ca7b
Added log4j support to tutorial app
18 years ago
0860333a3f
SEC-733: AspectJ Pointcut Expression Parsing support.
18 years ago
114969f7f7
SEC-706: Removed LDAP dependencies from tutorial app, since we now have a separate sample
18 years ago
8c00bb1537
SEC-674: Updated samples to work with new module layout. Changed taglib build to copy tld file to META-INF directory.
...
Also standardized JSTL version to 1.1.0 (impl 1.1.2), moving deps to root sample pom.
18 years ago
be62979a01
Switch JSTL back to 1.1.2.
18 years ago
10ab4136d1
SEC-309: Patch for Authentication tag to use property of authentication object, rather than invoking an operation on the principal. Allows use of nested properties.
18 years ago
adba67326f
Removed accidentally committed version of tutorial app context file.
18 years ago
84c7ac5e57
SEC-664: Removed validateUserDetails method from AbstractRememberMeServices, wrapped the UserDetailsService in a status-checking one and added a catch block for AccountStatusExceptions. Also some minor tidying up of other remember-me classes.
18 years ago
df1def412e
Changed to using new alias for security filter chain in samples.
18 years ago
5738a51040
SEC-651: Support for ldap-user-service bean.
18 years ago
acf5601714
SEC-645: Reimplementation of X509 provider and namespace implementation.
18 years ago
82940db6c8
SEC-648: Added custom-authentication-provider support.
18 years ago
b85f76e6c1
Added SSL support to the tutorial app Jetty plugin configuration and added a requirement for SSL on the "extremely secure" page.
18 years ago
342677fabc
Removed auto-config from tutorial sample and added commented out ldap support. Updated ldif file to match sample users.
18 years ago
462b4b450f
Added use of authz tag to tutorial. Upgraded to use webapp 2.4 xsd. Changed JSTL dependency to 1.2
18 years ago
46c99d1991
Converted tutorial context file to match namespace changes.
18 years ago
e65cb9b472
Made group names singular and added "teller" role.
18 years ago
09f68400ec
Add <intercept-methods> to example, but it is disabled in favour of @Secured annotation. Still, we include it so people can have a play around and switch between the two syntaxes easily in demos etc.
18 years ago
55e4568003
Throw an exception instead of sending back a HTTP error code. This is necessary so any demonstration of upgrading from Servlet Spec authorization to Spring Security authorization, as the latter's ExceptionTranslationFilter expects specific exceptions to be thrown if you wish to commence the authentication process.
18 years ago
2e4773525b
Updated tutorial to allow authentication against ldap provider using <ldap /> namespace element.
18 years ago
f4c3e701d5
Enhance sample to show method authorization.
18 years ago
77d286c36f
Enhance tutorial to also demonstrate Spring Security method
...
authorization, and add a services layer accordingly.
18 years ago
fa510b3187
Modify attribute names to use "ref" instead of "id", plus use a hyphen
...
as an attribute value separator rather than a colon. This was changed
for compatibility with other components in the Spring Portfolio. tests
pass.
18 years ago
1cae1719bc
Fix bean referencing error.
18 years ago
2655955a40
Add MethodSecurityInterceptor, to more accurately reflect the capabilities offered by auto-config="true".
18 years ago
1bbe6ca456
Proper comparison with auto-configure="true".
18 years ago
4770c29094
Use hyphens in attribute names, and not Camel Case. This is to maintain
...
consistency with the rest of Spring Portfolio. Camel Case was preserved
for attribute values, consistent with Spring Portfolio usage such as
autowiring modes (byName, byType etc).
18 years ago
Luke Taylor
Ben Alex