Tag: 3.2.3.RELEASE

1.0.x

2.0.x

3.0.x

3.1.x

3.2.x

4.0.x

4.1.x

4.2.x

5.0.x

5.1.x

5.2.x

5.3.x

5.4.x

5.5.x

5.6.x

5.7.x

5.8.x

5.8.x_update-antora-ui-spring

6.0.x

6.1.x

6.2.x

6.2.x_update-antora-ui-spring

6.3.x

6.3.x_update-antora-ui-spring

6.4.x

6.5.x

7.0.x

dependabot/gradle/main/io.spring.nullability-io.spring.nullability.gradle.plugin-0.0.10

dependabot/gradle/main/org.springframework.data-spring-data-bom-2025.1.0-SNAPSHOT

dependabot/gradle/main/tools.jackson-jackson-bom-3.0.4

dependabot/npm_and_yarn/javascript/lodash-4.17.23

dependencies-typo-6.5.x

dependencies-typo-main

docs-build

finalize

gh-16886

gh-pages

kotlin22

main

wrapperbot/spring-security/gradle-wrapper-8.10

wrapperbot/spring-security/gradle-wrapper-8.10.1

wrapperbot/spring-security/gradle-wrapper-8.10.2

wrapperbot/spring-security/gradle-wrapper-8.11

wrapperbot/spring-security/gradle-wrapper-8.11.1

wrapperbot/spring-security/gradle-wrapper-8.12

wrapperbot/spring-security/gradle-wrapper-8.12.1

wrapperbot/spring-security/gradle-wrapper-8.13

wrapperbot/spring-security/gradle-wrapper-8.14

wrapperbot/spring-security/gradle-wrapper-8.9

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

2.0.0

2.0.0.M1

2.0.0.M2

2.0.0.RC1

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5.RELEASE

2.0.6.RELEASE

2.0.7.RELEASE

2.0.8.RELEASE

2.5.0.M1

3.0.0.M1

3.0.0.M2

3.0.0.RC1

3.0.0.RC2

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.0.8.RELEASE

3.1.0.M1

3.1.0.M2

3.1.0.RC1

3.1.0.RC2

3.1.0.RC3

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.1.5.RELEASE

3.1.6.RELEASE

3.1.7.RELEASE

3.2.0.M1

3.2.0.M2

3.2.0.RC1

3.2.0.RC2

3.2.0.RELEASE

3.2.1.RELEASE

3.2.10.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

4.0.0.M1

4.0.0.M2

4.0.0.RC1

4.0.0.RC2

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.1.0.RC1

4.1.0.RC2

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.2.0.M1

4.2.0.RC1

4.2.0.RELEASE

4.2.1.RELEASE

4.2.10.RELEASE

4.2.11.RELEASE

4.2.12.RELEASE

4.2.13.RELEASE

4.2.14.RELEASE

4.2.15.RELEASE

4.2.16.RELEASE

4.2.17.RELEASE

4.2.18.RELEASE

4.2.19.RELEASE

4.2.2.RELEASE

4.2.20.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

5.0.0.M1

5.0.0.M2

5.0.0.M3

5.0.0.M4

5.0.0.M5

5.0.0.RC1

5.0.0.RELEASE

5.0.1.RELEASE

5.0.10.RELEASE

5.0.11.RELEASE

5.0.12.RELEASE

5.0.13.RELEASE

5.0.14.RELEASE

5.0.15.RELEASE

5.0.16.RELEASE

5.0.17.RELEASE

5.0.18.RELEASE

5.0.19.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE

5.0.5.RELEASE

5.0.6.RELEASE

5.0.7.RELEASE

5.0.8.RELEASE

5.0.9.RELEASE

5.1.0.M1

5.1.0.M2

5.1.0.RC1

5.1.0.RC2

5.1.0.RELEASE

5.1.1.RELEASE

5.1.10.RELEASE

5.1.11.RELEASE

5.1.12.RELEASE

5.1.13.RELEASE

5.1.2.RELEASE

5.1.3.RELEASE

5.1.4.RELEASE

5.1.5.RELEASE

5.1.6.RELEASE

5.1.7.RELEASE

5.1.8.RELEASE

5.1.9.RELEASE

5.2.0.M1

5.2.0.M2

5.2.0.M3

5.2.0.M4

5.2.0.RC1

5.2.0.RELEASE

5.2.1.RELEASE

5.2.10.RELEASE

5.2.11.RELEASE

5.2.12.RELEASE

5.2.13.RELEASE

5.2.14.RELEASE

5.2.15.RELEASE

5.2.2.RELEASE

5.2.3.RELEASE

5.2.4.RELEASE

5.2.5.RELEASE

5.2.6.RELEASE

5.2.7.RELEASE

5.2.8.RELEASE

5.2.9.RELEASE

5.3.0.M1

5.3.0.RC1

5.3.0.RELEASE

5.3.1.RELEASE

5.3.10.RELEASE

5.3.11.RELEASE

5.3.12.RELEASE

5.3.13.RELEASE

5.3.2.RELEASE

5.3.3.RELEASE

5.3.4.RELEASE

5.3.5.RELEASE

5.3.6.RELEASE

5.3.7.RELEASE

5.3.8.RELEASE

5.3.9.RELEASE

5.4.0

5.4.0-M1

5.4.0-M2

5.4.0-RC1

5.4.1

5.4.10

5.4.11

5.4.2

5.4.3

5.4.4

5.4.5

5.4.6

5.4.7

5.4.8

5.4.9

5.5.0

5.5.0-M1

5.5.0-M2

5.5.0-M3

5.5.0-RC1

5.5.0-RC2

5.5.1

5.5.2

5.5.3

5.5.4

5.5.5

5.5.6

5.5.7

5.5.8

5.6.0

5.6.0-M1

5.6.0-M2

5.6.0-M3

5.6.0-RC1

5.6.1

5.6.10

5.6.11

5.6.12

5.6.2

5.6.3

5.6.4

5.6.5

5.6.6

5.6.7

5.6.8

5.6.9

5.7.0

5.7.0-M1

5.7.0-M2

5.7.0-M3

5.7.0-RC1

5.7.1

5.7.10

5.7.11

5.7.12

5.7.13

5.7.14

5.7.2

5.7.3

5.7.4

5.7.5

5.7.6

5.7.7

5.7.8

5.7.9

5.8.0

5.8.0-M1

5.8.0-M2

5.8.0-M3

5.8.0-RC1

5.8.1

5.8.10

5.8.11

5.8.12

5.8.13

5.8.14

5.8.15

5.8.16

5.8.2

5.8.3

5.8.4

5.8.5

5.8.6

5.8.7

5.8.8

5.8.9

6.0.0

6.0.0-M1

6.0.0-M2

6.0.0-M3

6.0.0-M4

6.0.0-M5

6.0.0-M6

6.0.0-M7

6.0.0-RC1

6.0.0-RC2

6.0.1

6.0.2

6.0.3

6.0.4

6.0.5

6.0.6

6.0.7

6.0.8

6.1.0

6.1.0-M1

6.1.0-M2

6.1.0-RC1

6.1.1

6.1.2

6.1.3

6.1.4

6.1.5

6.1.6

6.1.7

6.1.8

6.1.9

6.2.0

6.2.0-M1

6.2.0-M2

6.2.0-M3

6.2.0-RC1

6.2.0-RC2

6.2.1

6.2.2

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.3.0

6.3.0-M1

6.3.0-M2

6.3.0-M3

6.3.0-RC1

6.3.1

6.3.10

6.3.2

6.3.3

6.3.4

6.3.5

6.3.6

6.3.7

6.3.8

6.3.9

6.4.0

6.4.0-M1

6.4.0-M2

6.4.0-M3

6.4.0-M4

6.4.0-RC1

6.4.1

6.4.10

6.4.11

6.4.12

6.4.13

6.4.2

6.4.3

6.4.4

6.4.5

6.4.6

6.4.7

6.4.8

6.4.9

6.5.0

6.5.0-M1

6.5.0-M2

6.5.0-M3

6.5.0-RC1

6.5.1

6.5.2

6.5.3

6.5.4

6.5.5

6.5.6

6.5.7

7.0.0

7.0.0-M1

7.0.0-M2

7.0.0-M3

7.0.0-RC1

7.0.0-RC2

7.0.0-RC3

7.0.1

7.0.2

7.1.0-M1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '3.2.3.RELEASE'

${ noResults }

Commit Graph

66 Commits (3.2.3.RELEASE)

Author	SHA1	Message	Date
Rob Winch	2cad2f401b	SEC-2325: Polish CSRF Tag support ... - Rename csrfField to csrfInput - Make AbstractCsrfTag package scope - rename FormFieldTag to CsrfInputTag - rename MetaTagsTag to CsrfMetaTagsTag - removed whitespace from tag output so output is minimized & improving browser performance - Update @since - changed test names to be more meaningful	12 years ago
beamerblvd	3048e2c6e7	SEC-2325 Added JSP tags for CSRF meta tags and form fields	12 years ago
Rob Winch	d33b9e2854	SEC-2324: Update Spring Security tld version	13 years ago
Rob Winch	f38df99730	SEC-2045: AbstractAuthorizeTag supports custom WebInvocationPrivilegeEvaluator	13 years ago
Rob Winch	f441c352f6	Clean up warnings in AccessControlListTagTests	14 years ago
Rob Winch	4b86d49a9a	SEC-2023: AccessControlListTag again supports bitmasks ... Spring Security 3.1 has a regression i the AccessControlListTag which should support using the bitmask in hasPermission. Now hasPermission supports bit masks again.	14 years ago
Rob Winch	b481a6c1ad	SEC-2022: AccessControlListTag again supports , separated list of permissions ... Spring Security 3.0.x allowed developers to pass in a , separated list of permissions. However, this functionality was accidentally removed in SEC-1560. The AcessControlListTag now splits the permissions using , as a delimiter which fixes this passivity issue.	14 years ago
Rob Winch	b626a63b85	Suppress warnings in AbstractAuthorizeTag and AuthorizeTagCustomGrantedAuthorityTests	14 years ago
Christian Hilmersson	d57f1d56d5	SEC-1900: AbstractAuthorizeTag now compares using getAuthority() ... This avoids backwards compatibility issues with other GrantedAuthority implementations.	14 years ago
Rob Winch	8ca2927761	Renamed **/Test.java to **/Tests.java to better follow conventions	14 years ago
Luke Taylor	178765cf83	SEC-1836: Forgot taglib comment update.	14 years ago
Luke Taylor	fc399af136	SEC-1836: use GET as the default method with authorize tag.	14 years ago
Luke Taylor	503ac9ae7c	SEC-1798: Remove internal evaluation of EL in JSP tag implementations.	15 years ago
Luke Taylor	74daa68691	SEC-1796: Check for annotated annotations at class/interface level. Previously only the specific security annotation was checked for. By delegating to Spring's AnnotationUtils, custom annotations carrying the security annotation are also detected.	15 years ago
Luke Taylor	63f160dc72	SEC-1749: Add support for PageContext lookup of objects and use of PermissionEvaluator when using web access expressions.	15 years ago
Luke Taylor	ce19b470e2	SEC-1560: Change AccessControlListTag to use PermissionEvaluator rather than explicit ACL classes.	15 years ago
Luke Taylor	94b7868039	SEC-1675: Add missing body-content elements to tag descriptor and update it to use 2.0 tag library schema.	15 years ago
Luke Taylor	00200cecbc	SEC-1494: Added system property "spring.security.disableUISecurity" which will prevent authorize tags from hiding content. By default, the property will also cause the area that would normally be hidden to be decorated with a <span class="securityHiddenUI"> tag, thus allowing the area to be rendered with some distinguishing css (e.g. a different background colour).	15 years ago
Luke Taylor	85d685f7d3	SEC-1611: Make access attribute in authorize tag a runtime expression	15 years ago
Luke Taylor	4a40d80da1	SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority. ... It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.	15 years ago
Luke Taylor	4ad0652787	Removed array of authorities constructor from TestingAuthenticationToken and RunAsUserToken.	15 years ago
Luke Taylor	ca679e1479	Reformatting.	15 years ago
Luke Taylor	1c8d28501c	SEC-1550: Convert signatures to use Collection<? extends GrantedAuthority> where appropriate.	15 years ago
Rossen Stoyanchev	bd84a2bfa1	SWC-1552 Update .tld in integration test to match change in taglib.	15 years ago
Rossen Stoyanchev	70600a0277	SEC-1552 Refactor AuthorizeTag and LegacyAuthorize tag to make them independent of JSP tag rendering.	15 years ago
Luke Taylor	af56f4844d	SEC-1562: Created SecurityExpressionHandler interface and AbstractSecurityExpressionHandler.	16 years ago
Luke Taylor	3c02989d67	Removal of jmock test dependency and upgrading of mockito version to 1.8.5. Minor adjustments to other build deps and configurations (e.g. prevent groovy from being used as a transitive dep, since we only use it for tests).	16 years ago
Luke Taylor	85c4c91e0e	IDEA inspection refactorings.	16 years ago
Luke Taylor	36e0fb6d91	SEC-1518: Fix element ordering in security.tld	16 years ago
Luke Taylor	b3aad4cf19	Javadoc fixes.	16 years ago
Luke Taylor	dada047e04	SEC-1456: Set rtexprvalue=true for "url" attribute in access tag to allow dynamic values (such as URL of current page).	16 years ago
Luke Taylor	bf91f2ca67	SEC-524: Added "var" attribute to authorize and accesscontrollist JSP tags. ... Allows the result of the boolean condition granting/denying access to be stored in the page context for later use, without having to duplicate the tag.	16 years ago
Luke Taylor	0551dd89ac	SEC-1420: Add htmlEscape attribute to authentication JSP tag. ... This allows HTML escaping to be disabled if required.	16 years ago
Luke Taylor	c12c43da9e	Javadoc fixes.	16 years ago
Luke Taylor	36612377e2	Replace package.html with package-info.java files, creating new ones where missing and updating outdated contents.	16 years ago
Luke Taylor	052537c8b0	Removing $Id$ markers and stripping trailing whitespace from the codebase.	16 years ago
Luke Taylor	893f212fa5	Tidying	16 years ago
Luke Taylor	3a24ddfb43	Corrected description in tld file for accescontrollist tag, removing reference to outdated class.	16 years ago
Luke Taylor	cad32ffe39	SEC-1325: Tighten up Authentication interface contract to disallow null authorities. Modified internals of AbstractAuthenticationToken to use an empty list instead of null. Clarified Javadoc. removed unnecessary null checks in classes which use the interface.	16 years ago
Luke Taylor	2b99c6331e	Javadoc.	17 years ago
Luke Taylor	9374bddceb	Added test class for AccessControlListTag.	17 years ago
Luke Taylor	937e370fb4	SEC-1022: Minor reformatting.	17 years ago
Luke Taylor	3f70d79df5	SEC-1022: Remove use of static methods/initializers in Acl Permissions. Converted PermissionFactory to a strategy which is used to convert integers and names to Permission instances.	17 years ago
Luke Taylor	731402e9f5	SEC-525: [PATCH] Add AccessCheckerTag based on URL resource access permissions. Added functionality to "authorize" tag to allow evaluation of whether a particual url is accessible to the user. Uses a WebInvocationPrivilegeEvaluator registered in the application context.	17 years ago
Luke Taylor	b531a81176	SEC-1246: Introduce EL-based authorization tag. Added optional access expression to authorize tag.	17 years ago
Luke Taylor	5605386a30	SEC-1132: Restructuring of ACL packages	17 years ago
Luke Taylor	e94baf38b3	Tidying up to remove warnings (generics, use of deprecated test classes etc).	17 years ago
Luke Taylor	1454cbb78e	SEC-1132: Moved TextUtils to web module and StringSplit utils into Digest authentication package (as they aren't used elsewhere).	17 years ago
Luke Taylor	93bdcccaee	SEC-1132: Moved userdetails into core and added core/authority sub-package	17 years ago
Luke Taylor	ca7d055c2b	SEC-1132: Created core and authentication packages within core module.	17 years ago