14c4739605
SEC-1158: Decoupling of Pre/Post annotations implementation from Spring EL.
17 years ago
29fafbbf18
Misc tidying up of old files and refactoring of tests
17 years ago
331a04c07c
Some changes to make it easier to run the sample with the database driver as part of the jetty plugin configuration, preventing classloader leaks.
17 years ago
6d655aa514
SEC-1132: More refactoring to remove cycles ad reduce complexity metrics
17 years ago
e1bc1819da
SEC-1150: Update Contacts sample to use modernized Spring MVC controllers
17 years ago
e94baf38b3
Tidying up to remove warnings (generics, use of deprecated test classes etc).
17 years ago
21e36e0a57
Updated version number from 2.5.0-SNPSHOT to 3.0.0.CI-SNAPSHOT
17 years ago
13af4b95a2
Sample package name updates
17 years ago
ace6d225b4
SEC-1131: Correct portlet API version (again).
17 years ago
446bcb9b1d
SEC-1131: Correct portlet API version.
17 years ago
101203b44d
SEC-1132: Updates to samples to reflect ACL refactoring.
17 years ago
93bdcccaee
SEC-1132: Moved userdetails into core and added core/authority sub-package
17 years ago
c770998d92
SEC-1132: Move authoritymapping to core as it is actually used in loading authorities for a use, not in making access decisions.
17 years ago
ca7d055c2b
SEC-1132: Created core and authentication packages within core module.
17 years ago
9efb5a7007
SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet
17 years ago
7c4d54f356
SEC-1131: Applied patch for portlet upgrade
17 years ago
f746a20ab4
SEC-1132: package refactoring of non-core modules
17 years ago
bec84f874a
SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples.
17 years ago
2a9a8a41db
SEC-1125: Created separate web module spring-security-web
17 years ago
2c985a1c36
SEC-1126: separated out spring-security-config module containing namespace configuration classes and resources
17 years ago
4aff4b2350
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring
17 years ago
4aae5ec42e
SEC-1124: Refactored LDAP code into separate module
17 years ago
591681c180
Upgrade to Spring M2 and correct expression classes and pom files to match changes
17 years ago
ef3ea65fdb
Switching back to 2.5.0-SNAPSHOT after tagging M1 release
17 years ago
fc5f50501e
[maven-release-plugin] prepare release 2.5.0.M1
17 years ago
4eb4d08825
Added -o to mven:jetty-run in runall.sh to speed up script
17 years ago
d6ee9a9a93
Commented out hessian and burlap remoting beans to avoid missing class exceptions on startup
17 years ago
0ead104b86
Update CAS server information to latest version
17 years ago
65a78ce4a4
SEC-745: updated cas sample filter bean configuration
17 years ago
4a41416c9b
Tidying up and removing compiler warnings.
17 years ago
0d7002e322
SEC-1012: Extra fixes to dependent modules following changes to Acl APIs.
17 years ago
cc5966bc7e
Tidying up, removing compiler warnings etc.
17 years ago
8154161ef5
SEC-1035: Updated build to use Spring 3.0.0.M1 Release
17 years ago
7fa9a959b5
Added webAppRootKey context-param to samples to prevent conflicts when run together in Tomcat.
17 years ago
681f1ee00c
Fix duplicate logging.
17 years ago
2927b8464f
SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException.
17 years ago
df771038b4
SEC-1051: Fixed class names in dms sample app context.
17 years ago
6ccdcec629
SEC-1033: Added web expressions to tutorial sample configuration.
17 years ago
bc6878c1c5
SEC-1044: Removed remember-me functionality from http auto-config namespace configuration. Added explicit <remember-me> elements to contacts and tutorial sample configurations.
17 years ago
3cbad3ebd7
Corrected comment.
17 years ago
781b09e889
SEC-1036: Updated ldap sample pom
17 years ago
7e562031cc
Better demonstrate the new EL-based "overdraft" authorization rules.
17 years ago
f3b3004085
Removed references to Acegi in contacts sample home page
17 years ago
78065ba47c
Fixed up contacts sample: removed casfailed page, corrected debug.jsp errors and fixed incorrect bean reference in context files.
17 years ago
3261fcb174
Tidying stuff
17 years ago
464da0f0df
SEC-999: Refactored namespace to take an expression handler instead of a permission evaluator, allowig fo greater cusomtomization and for a single handler to be used in both web and method security expressions.
17 years ago
e5b1073501
SEC-1012: Added more generics and warning suppression
17 years ago
7731a3df57
Typo.
17 years ago
e11114ce77
SEC-1023: Add hasPermission() support to SecurityExpressionRoot
...
http://jira.springframework.org/browse/SEC-1023 .
hasPermission() now delegates to a PermissionEvaluator interface, with a default implementation provided by the Acl module. The contacts sample now uses expressions on the ContactManager interface. The permission-evaluator element on global-method-security can be used to set the instance to an AclPermissionEvaluator. If not set, all hasPermission() expressions will evaluate to 'false'.
17 years ago
d6cd392a9e
Tidying up some stuff in tutorial app
17 years ago
Luke Taylor
Ben Alex