GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Spring Security
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4185 Commits
54 Branches
344 Tags
121 MiB
 
 
 
 
Tree: 0fd2c48dfb
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0fd2c48dfb'
${ noResults }
Luke Taylor 0fd2c48dfb
SEC-1584: Additional integration tests. 		15 years ago
acl SEC-1456: Remove maven poms as we are now using gradle for the build. 16 years ago
aspects SEC-1562: Created SecurityExpressionHandler interface and AbstractSecurityExpressionHandler. 16 years ago
buildSrc Improve entry of username and password for scp upload. 15 years ago
cas SEC-1456: Remove maven poms as we are now using gradle for the build. 16 years ago
config SEC-1584: Addition of HttpFirewall strategy to FilterChainProxy to reject un-normalized requests and wrap the incoming request object before processing by the security filter chain to provide a more consistent representation of paths than is guaranteed by the servlet spec. The wrapper strips path parameters from pathInfo and servletPath to provide consistency of URL matching across servlet containers and protect against bypassing security constraints by the malicious addition of such parameters to the URL. The paths are canonicalized further by replacing of multiple sequences of "/" characters with a single "/". 15 years ago
core Import cleaning and suppression of deprecation warnings. 15 years ago
docs SEC-1585: changed spring-beans-3.1.xsd to spring-beans-3.0.xsd 15 years ago
gradle Make sure ApacheDS work directory is set correctly for separate LDAP test task in config module. 15 years ago
itest SEC-1584: Additional integration tests. 15 years ago
ldap Make sure ApacheDS work directory is set correctly for separate LDAP test task in config module. 15 years ago
openid SEC-1456: Remove maven poms as we are now using gradle for the build. 16 years ago
samples SEC-1544: Update the tutorial sample to attempt to delete the JSESSIONID cookie on logout. 15 years ago
sandbox SEC-1456: Remove maven poms as we are now using gradle for the build. 16 years ago
taglibs SWC-1552 Update .tld in integration test to match change in taglib. 15 years ago
web SEC-1584: Addition of HttpFirewall strategy to FilterChainProxy to reject un-normalized requests and wrap the incoming request object before processing by the security filter chain to provide a more consistent representation of paths than is guaranteed by the servlet spec. The wrapper strips path parameters from pathInfo and servletPath to provide consistency of URL matching across servlet containers and protect against bypassing security constraints by the malicious addition of such parameters to the URL. The paths are canonicalized further by replacing of multiple sequences of "/" characters with a single "/". 15 years ago
.gitignore SEC-1584: Addition of HttpFirewall strategy to FilterChainProxy to reject un-normalized requests and wrap the incoming request object before processing by the security filter chain to provide a more consistent representation of paths than is guaranteed by the servlet spec. The wrapper strips path parameters from pathInfo and servletPath to provide consistency of URL matching across servlet containers and protect against bypassing security constraints by the malicious addition of such parameters to the URL. The paths are canonicalized further by replacing of multiple sequences of "/" characters with a single "/". 15 years ago
build.gradle Minor tweaking of IDEA deps. 16 years ago
class_mapping_from_2.0.x.txt SEC-1148: Simple classname mapping from 2.0 to 3.0 16 years ago
gradlew Added gradle wrapper support. 16 years ago
gradlew.bat Added gradle wrapper support. 16 years ago
license.txt Change to Apache License version 2.0. 22 years ago
notice.txt Broaden list of names used and correct URL. 18 years ago
readme.txt Bringing readme file up to date. 16 years ago
settings.gradle SEC-1564: JAAS Configuration can now be injected into DefaultJaasAuthenticationProvider 16 years ago

readme.txt 

===============================================================================
                    SPRING SECURITY - README FILE
===============================================================================

-------------------------------------------------------------------------------
OVERVIEW
-------------------------------------------------------------------------------

Spring Security provides security services for the Spring Framework
(http://www.springframework.org). Spring Security 3.1 requires Spring 3.0.3 as
a minimum and also requires Java 5.

For a detailed list of features and access to the latest release, please visit
http://www.springframework.org/projects/.

Spring Security is released under an Apache 2.0 license. See the accompanying
license.txt file.

-------------------------------------------------------------------------------
BUILDING
-------------------------------------------------------------------------------

Please read the "Building from Source" page at
http://static.springframework.org/spring-security/site/.

-------------------------------------------------------------------------------
DOCUMENTATION
-------------------------------------------------------------------------------

Be sure to read the Reference Guide  (docs/reference/html/springsecurity.html).
Extensive JavaDoc for the Spring Security code is also available (in docs/apidocs).
Both can also be found on the website.

-------------------------------------------------------------------------------
QUICK START
-------------------------------------------------------------------------------

We recommend you visit http://static.springframework.org/spring-security/site and
read the "Getting Started" page.

-------------------------------------------------------------------------------
MAVEN REPOSITORY DOWNLOADS
-------------------------------------------------------------------------------

Release jars for the project are available from the central maven repository

http://repo1.maven.org/maven2/org/springframework/security/

Note that milestone releases and snapshots are not uploaded to the central
repository, but can be obtained from the Spring milestone repository, using the
maven repository http://maven.springframework.org/snapshot/. You can't browse this
URL directly, but there is a separate browser interface. Check the downloads page
for more information
http://static.springsource.org/spring-security/site/downloads.html


-------------------------------------------------------------------------------
OBTAINING SUPPORT
-------------------------------------------------------------------------------

There are two types of support available, commercial and community. For
commercial support, please contact SpringSource. SpringSource employ the
people who wrote Spring Security, and lead the development of the project:

  http://www.springsource.com

For peer help and assistance, please use the Spring Security forum
located at the Spring Community's forum site:

  http://forum.springframework.org

Links to the forums, and other useful resources are
available from the web site.