Tree: ec46b7dbe1

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

7.0.x

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.10

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependabot/gradle/main/tools.jackson-jackson-bom-3.0.4

dependabot/npm_and_yarn/javascript/lodash-4.17.23

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

7.1.0-M1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from 'ec46b7dbe1'

${ noResults }

Commit Graph

87 Commits (ec46b7dbe1d48ef8cd4dc730369bb97dfdf2823c)

Author	SHA1	Message	Date
Joe Grandja	5b023d0abc	Fix Security version tests -> 5.1	8 years ago
Johnny Lim	57353d18e5	Use diamond type	8 years ago
Johnny Lim	b6895e6359	Apply Checkstyle WhitespaceAfterCheck module	8 years ago
Johnny Lim	d900f2a623	Remove unused imports ... This commit also adds UnusedImportsCheck Checkstyle module.	8 years ago
Rob Winch	23f56f568c	Update MockitJunitRunner import ... Issue: gh-4608	8 years ago
Rob Winch	445834784a	Update to Mockito 2.10.0 ... Issue: gh-4608	8 years ago
Rob Winch	e16b8e7976	Fix logback-test.xml	9 years ago
Rob Winch	4f265c8fbc	Update taglib version	9 years ago
Rob Winch	b4ab0483b1	Update version to 4.2.0.BUILD-SNAPSHOT	10 years ago
Eddú Meléndez	a2ead4cf7a	Polish ... Fixes gh-3892	10 years ago
Rob Winch	f221920a19	Clean up code to conform to basic checkstyle ... Issue gh-3746	10 years ago
Billy Korando	71d4ce96ad	Convert to assertj ... Fixes gh-3175	10 years ago
Rob Winch	bb600a473e	Start AssertJ Migration ... Issue gh-3175	10 years ago
Rob Winch	8b641e5f79	SEC-2190: Support WebApplicationContext in ServletContext attribute	10 years ago
Rob Winch	26ab012b57	Start 4.1.0	11 years ago
Thomas Darimont	ad1d858e2b	SEC-3056 - Fix JavaDoc errors. ... Fixed JavaDoc errors accross multiple modules in order to make javadoc happy with Java 8.	11 years ago
Rob Winch	ae6af5d73c	SEC-2915: Updated Java Code Formatting	11 years ago
Rob Winch	0a2e496a84	SEC-2915: groovy/gradle spaces->tabs	11 years ago
Rob Winch	6e204fff72	SEC-2781: Remove deprecations	11 years ago
Rob Winch	55d6d5a86a	SEC-2615: accesscontrollist tag hasPermission performs OR not AND ... In 3.1 the accesscontrollist tag began performing an and on the permissions. This may have been accidental, but I think that it is more intuitive & secure for it to behave this way. When compared to hasAnyRole and hasRoles the hasPermission tag implies it is an and. If users end up needing OR support, then the authorize tag can be used along with the hasPermission expression. For example: <sec:authorize access="hasPermission(#domain, 'read') or hasPermission(#domain, 'write') "> In general, the authorize tag should be preferred as it is the more powerful way of performing authorization checks.	11 years ago
Rob Winch	32d3e29c65	SEC-2325: Polish CSRF Tag support ... - Rename csrfField to csrfInput - Make AbstractCsrfTag package scope - rename FormFieldTag to CsrfInputTag - rename MetaTagsTag to CsrfMetaTagsTag - removed whitespace from tag output so output is minimized & improving browser performance - Update @since - changed test names to be more meaningful	12 years ago
beamerblvd	a3e0475998	SEC-2325 Added JSP tags for CSRF meta tags and form fields	12 years ago
Rob Winch	6dfdb10e31	Fix move to 4.0	12 years ago
Rob Winch	d33b9e2854	SEC-2324: Update Spring Security tld version	13 years ago
Rob Winch	f38df99730	SEC-2045: AbstractAuthorizeTag supports custom WebInvocationPrivilegeEvaluator	13 years ago
Rob Winch	f441c352f6	Clean up warnings in AccessControlListTagTests	14 years ago
Rob Winch	4b86d49a9a	SEC-2023: AccessControlListTag again supports bitmasks ... Spring Security 3.1 has a regression i the AccessControlListTag which should support using the bitmask in hasPermission. Now hasPermission supports bit masks again.	14 years ago
Rob Winch	b481a6c1ad	SEC-2022: AccessControlListTag again supports , separated list of permissions ... Spring Security 3.0.x allowed developers to pass in a , separated list of permissions. However, this functionality was accidentally removed in SEC-1560. The AcessControlListTag now splits the permissions using , as a delimiter which fixes this passivity issue.	14 years ago
Rob Winch	b626a63b85	Suppress warnings in AbstractAuthorizeTag and AuthorizeTagCustomGrantedAuthorityTests	14 years ago
Christian Hilmersson	d57f1d56d5	SEC-1900: AbstractAuthorizeTag now compares using getAuthority() ... This avoids backwards compatibility issues with other GrantedAuthority implementations.	14 years ago
Rob Winch	8ca2927761	Renamed **/Test.java to **/Tests.java to better follow conventions	14 years ago
Luke Taylor	178765cf83	SEC-1836: Forgot taglib comment update.	14 years ago
Luke Taylor	fc399af136	SEC-1836: use GET as the default method with authorize tag.	14 years ago
Luke Taylor	503ac9ae7c	SEC-1798: Remove internal evaluation of EL in JSP tag implementations.	15 years ago
Luke Taylor	74daa68691	SEC-1796: Check for annotated annotations at class/interface level. Previously only the specific security annotation was checked for. By delegating to Spring's AnnotationUtils, custom annotations carrying the security annotation are also detected.	15 years ago
Luke Taylor	63f160dc72	SEC-1749: Add support for PageContext lookup of objects and use of PermissionEvaluator when using web access expressions.	15 years ago
Luke Taylor	ce19b470e2	SEC-1560: Change AccessControlListTag to use PermissionEvaluator rather than explicit ACL classes.	15 years ago
Luke Taylor	94b7868039	SEC-1675: Add missing body-content elements to tag descriptor and update it to use 2.0 tag library schema.	15 years ago
Luke Taylor	00200cecbc	SEC-1494: Added system property "spring.security.disableUISecurity" which will prevent authorize tags from hiding content. By default, the property will also cause the area that would normally be hidden to be decorated with a <span class="securityHiddenUI"> tag, thus allowing the area to be rendered with some distinguishing css (e.g. a different background colour).	15 years ago
Luke Taylor	85d685f7d3	SEC-1611: Make access attribute in authorize tag a runtime expression	15 years ago
Luke Taylor	4a40d80da1	SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority. ... It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.	15 years ago
Luke Taylor	4ad0652787	Removed array of authorities constructor from TestingAuthenticationToken and RunAsUserToken.	15 years ago
Luke Taylor	ca679e1479	Reformatting.	15 years ago
Luke Taylor	1c8d28501c	SEC-1550: Convert signatures to use Collection<? extends GrantedAuthority> where appropriate.	15 years ago
Rossen Stoyanchev	bd84a2bfa1	SWC-1552 Update .tld in integration test to match change in taglib.	15 years ago
Rossen Stoyanchev	70600a0277	SEC-1552 Refactor AuthorizeTag and LegacyAuthorize tag to make them independent of JSP tag rendering.	15 years ago
Luke Taylor	af56f4844d	SEC-1562: Created SecurityExpressionHandler interface and AbstractSecurityExpressionHandler.	16 years ago
Luke Taylor	3c02989d67	Removal of jmock test dependency and upgrading of mockito version to 1.8.5. Minor adjustments to other build deps and configurations (e.g. prevent groovy from being used as a transitive dep, since we only use it for tests).	16 years ago
Luke Taylor	85c4c91e0e	IDEA inspection refactorings.	16 years ago
Luke Taylor	36e0fb6d91	SEC-1518: Fix element ordering in security.tld	16 years ago