a3e0475998
SEC-2325 Added JSP tags for CSRF meta tags and form fields
2014-03-07 15:28:48 -06:00
26cee61b98
SEC-2335 Added ACL schema files for MySQL, SQL Server, Oracle
2014-03-07 15:28:45 -06:00
56bb331760
SEC-2514: Fix typo in hellomvc.asc
...
packags -> packages
2014-03-07 10:27:23 -06:00
1d6536fa71
SEC-2512: Fix typo in reference`
...
udates -> updates
2014-03-06 22:22:34 -06:00
4a1a2dfed4
Update min Spring version of 4.0.2.REELASE
2014-02-19 11:16:57 -06:00
6c35c33abe
SEC-2447: Fix AuthenticationManagerBuilder ordering issues
2014-02-09 21:17:51 -06:00
b5f5665ea6
SEC-2463: CSRF documentation includes EnableWebMvcSecurity
2014-01-29 09:28:51 -06:00
3b05fd6fed
SEC-2466: Add link to MultipartFilter in CSRF multipart section
2014-01-28 22:04:35 -06:00
4c84805ac9
SEC-2466: CSRF MutipartFilter doc now uses <url-pattern>
2014-01-28 16:51:05 -06:00
f09ce267b3
Polish MVC doc
2013-12-16 12:30:25 -06:00
374aceed2b
Polish form.asc
2013-12-16 11:13:23 -06:00
df703e0189
Polish hellomvc.asc
2013-12-16 10:39:18 -06:00
8c580dc170
SEC-2444: Polish Thymeleaf for samples
2013-12-16 09:51:00 -06:00
5205bf57c6
SEC-2453: Create 403 CSRF FAQ Entry
2013-12-16 09:02:02 -06:00
b7041ed00e
SEC-2436: Add @EnableWebMvcSecurity
2013-12-14 14:40:01 -06:00
4708287ad3
SEC-2444: Convert Java Config samples to thymeleaf and tiles
2013-12-13 15:47:28 -06:00
0d12397662
SEC-2385: Polish Gradle Spring 4 usage doc
2013-12-12 08:20:37 -06:00
035067caf4
SEC-2385: Polish Gradle Spring 4 usage doc
2013-12-11 08:08:51 -06:00
548ed4e14a
Update samples to declare repository already added
2013-12-06 14:46:52 -06:00
feeb380b51
Polish Guides
2013-12-06 11:12:07 -06:00
ec524da6cb
SEC-2416: Fix Hello MVC guide
2013-12-05 15:47:38 -06:00
fc6fc19eed
Fix guides
2013-12-05 13:16:59 -06:00
74a6303b6f
SEC-2385: Document how to use with Spring 4
2013-12-04 12:38:45 -06:00
4308e72573
Polish CSRF log in caveat with link
2013-12-03 09:27:49 -06:00
b8cc42e3a3
SEC-2426: Add CSRF and logout with non-post example
2013-12-03 09:07:54 -06:00
ab08d99a52
SEC-2421: Remove filterProcessUrl from UsernamePasswordAuthenticationFilter doc
2013-12-02 16:47:57 -06:00
135df149a3
SEC-2423: Document differences between defaults in Java & XML Config
2013-12-02 16:37:52 -06:00
0b996c669f
SEC-2424: Document ObjectPostProcessor
2013-12-02 10:17:08 -06:00
5a59c74d02
SEC-2327: Document SecurityExpressionRoot
2013-11-20 16:59:05 -06:00
4944e602cb
SEC-2402: Reference cleanup
...
* Fix link rendering in CSRF section
* Remove static from MultiHttpSecurityConfig sample
* Decrease indention since can render w/ PDF now
* Remove invalid characters
2013-11-15 10:50:08 -06:00
f1f3acdf75
Fix guides spec
2013-11-01 14:21:37 -05:00
c135179029
Update to latest Asciidoctor version
...
We will temporarily remove PDF support until the plugin supports it.
2013-10-30 16:56:00 -05:00
cf3e2f2c6a
Fix guide index's link to custom form
2013-10-30 16:19:51 -05:00
17b9f33351
SEC-2378: Fix CSRF MultipartFilter doc typo
2013-10-29 13:07:10 -05:00
5427da6b27
Move reference to htmlsingle to match standard Spring reference layout
2013-10-29 12:56:29 -05:00
78f85cc129
SEC-2349: Number the reference
2013-10-23 17:46:57 -05:00
85ec2429d9
SEC-2349: Externalize FAQ
2013-10-23 17:43:32 -05:00
355f884d22
SEC-2093: Document what is new in Spring Security 3.2
2013-10-18 16:39:01 -05:00
4a24c81147
SEC-2299: Document @AuthenticationPrincipal
2013-10-18 15:46:29 -05:00
a3009e303b
SEC-2299: Document Web MVC integration
2013-10-18 11:23:58 -05:00
6ea95cc3a3
SEC-2094: Document Concurrency Support
2013-10-18 09:50:49 -05:00
348e3a22b6
SEC-2365: registerAuthentication->configure
2013-10-16 13:59:56 -05:00
db3c626ac9
SEC-2281: Document Java Configuration
2013-10-16 10:44:35 -05:00
e3f58fd9d3
Polish guide
2013-10-16 10:44:16 -05:00
bbefc62a87
Fix Security Header's link to HttpServletResponse.setHeader
2013-10-15 16:56:44 -05:00
730dcffe6d
Fix crossrefs in footnotes
2013-10-15 16:50:26 -05:00
bf3b5459cd
Fix Authors of manual
2013-10-15 16:22:27 -05:00
0978c12c47
SEC-2361: Java Config Sampels use @Autowired AuthenticationManagerBuilder
2013-10-15 12:35:32 -05:00
51171efa7a
SEC-2357: Move *RequestMatcher to .matcher package
2013-10-14 11:55:56 -05:00
14b9050616
SEC-2357: Move *RequestMatchers to .matchers package
2013-10-14 10:36:31 -05:00
d28058303b
SEC-2349: Move FAQ into reference
2013-10-03 21:28:55 -05:00
4b43cf3f50
SEC-2349: Convert Reference to Asciidoctor
2013-10-03 14:15:09 -05:00
df5e034fc3
SEC-2282: Polish CSRF Documentation
2013-09-27 17:14:21 -05:00
8087cde628
SEC-2331: Include Expires: 0 in xsd and appendix
2013-09-27 17:10:42 -05:00
8fed90c26c
SEC-2282: Add links for AccessDeniedHandler in CSRF doc
2013-09-27 16:44:34 -05:00
3e95f1c12e
SEC-2282: Polish CSRF Documentation
2013-09-27 16:41:06 -05:00
ee33a6deeb
SEC-2285: Headers doc explicitly state default headers
2013-09-27 16:29:10 -05:00
17efd25717
SEC-2331: Include Expires: 0 in security headers documentation
2013-09-27 16:13:40 -05:00
06a0ec1a9f
SEC-2285: Polish Security Headers Documentation
...
Explain why (passivity) XML Namespace doesn't enable security headers by
default.
2013-09-27 16:13:18 -05:00
9bb283044f
SEC-2282: Polish CSRF Documentation
...
Explain why (passivity) XML Namespace doesn't enable csrf protection by
default.
2013-09-27 16:06:25 -05:00
a09756745f
SEC-2151: Support binding method arguments with Annotations
...
This allow utilizing method arguments for method access control on
interfaces prior to JDK 8.
2013-09-27 11:18:37 -05:00
1f3b812a66
SEC-2282: Polish CSRF Documentation
2013-09-26 08:58:39 -05:00
ef7cc40389
SEC-2282: Polish CSRF Documentation
2013-09-25 17:30:50 -05:00
d16106ef56
SEC-2309: Document CSRF multipart/form-data
2013-09-25 15:14:32 -05:00
e5804d323b
SEC-2256: Fix intercept-url doc precidence statement
...
Previously the documentation incorrectly stated "If a request matches
multiple patterns, the method-specific match will take precedence
regardless of ordering."
This has now been removed and InterceptUrlConfigTests was added previously
to ensure this was true.
2013-09-13 22:02:52 -07:00
f6587c8697
SEC-2312: Update javadoc link to Spring 3.2.x
2013-09-13 15:34:30 -07:00
98fe2322cd
SEC-2095: Fix Servlet API doc ids
2013-08-30 13:10:32 -05:00
fc16450344
Demonstrate rest.js CSRF support in reference docs
...
rest.js 0.9.4 added support for applying the CSRF header and token to
Ajax requests.
2013-08-30 12:21:32 -05:00
246c632f3a
SEC-2095: Document Servlet API support
2013-08-30 12:20:35 -05:00
86340b8016
SEC-2283: Polish headers doc
2013-08-29 13:47:54 -05:00
d89cf6db29
SEC-2283: Update headers documentation and tests
2013-08-28 12:35:40 -05:00
4761614c9f
SEC-2291: Fix internal links within reference
...
Instead of using xlink:href="# use linkend="
2013-08-28 09:12:27 -05:00
69aac09e1d
SEC-2285: Added headers to to reference
2013-08-28 08:58:45 -05:00
9483226d02
SEC-2282: Polish CSRF doc
2013-08-27 17:16:32 -05:00
98bdd32ca0
SEC-2282: Add CSRF documentation to the reference manual
2013-08-25 19:00:04 -05:00
18bd82e7d4
SEC-2131: Update doc to state session authentication sends 401 if no page
2013-08-25 11:37:23 -05:00
cd7055f725
SEC-2171: Include Information about pooling in Spring LDAP documentation
2013-08-25 11:27:50 -05:00
7f2308f46c
SEC-2146: Document AspectJ does not inherit annotations
2013-08-25 11:06:36 -05:00
03b235295e
SEC-2270: Remove duplicate version from guides index
2013-08-23 14:13:12 -05:00
efa9f4db93
SEC-2108: Fix typo in ldap section of manual
2013-08-23 14:09:58 -05:00
e8788f2657
SEC-2269: Fix markup for CSRF link
2013-08-21 10:08:39 -05:00
17c2a18fee
SEC-2269: Fix CSRF link in appendix
2013-08-21 10:01:19 -05:00
a3a432f7b6
SEC-2269: Fix additional links
2013-08-20 14:02:33 -05:00
3b2156969d
SEC-2269: Fix headers link
2013-08-20 10:06:00 -05:00
f707101fdb
SEC-2269: Fix headers documentation
2013-08-20 10:03:31 -05:00
eb95c500f5
Remove dockbook-reference from guides
2013-08-20 10:02:55 -05:00
658a93178c
SEC-2252: Add custom form guide
2013-08-19 15:22:04 -05:00
51b9c4a19a
Hide logout in main.jsp if not logged in
2013-08-17 14:38:39 -05:00
e9bb9e766e
SEC-1574: Add CSRF Support
2013-08-15 14:49:21 -05:00
5f35d9e3ec
SEC-2135: Document HttpServletRequest.changeSessionId() support
2013-08-15 13:59:16 -05:00
485676be8c
SEC-2251: Polish Hello World guides
...
* Correct how to add username and logout to mvc
* Externalize :revnumber:
2013-08-15 12:50:40 -05:00
13da42ca1b
SEC-2137: Allow disabling session fixation and enable concurrency control
2013-08-15 12:50:40 -05:00
e0cb931f69
SEC-2251: Create Hello World Java Configuration guides
2013-08-08 14:34:50 -05:00
333a7291a4
SEC-2242: Fixed typo in technical overview
...
Changed "source source" to "source"
2013-08-01 13:02:56 -05:00
e242aeff3e
SEC-2230: Polish and clickjacking demo
2013-08-01 10:19:36 -05:00
283c906215
SEC-2230: Fix reference PDF
2013-07-31 12:22:41 -05:00
988e97e366
SEC-2230: Polish headers reference
2013-07-31 10:39:52 -05:00
c85328c5d1
SEC-2230: HTTP Strict Transport Security (HSTS)Add support for Strict
...
This is a distinct filter as apposed to reusing StaticHeaderWriter
since the specification specifies that the "Strict-Transport-Security"
header should only be set on secure requests. It would not make sense to
require DelegatingRequestMatcherHeaderWriter since this requirement is
in the specification.
2013-07-31 10:39:52 -05:00
8013cd54d6
SEC-2230: Added Cache Control support
2013-07-31 10:39:45 -05:00
7b164bb5e1
SEC-2230: Polish pull request
2013-07-26 14:19:53 -05:00
beamerblvd
John Tims
Manimaran Selvan
Rob Winch
Scott Andrews
Asaf David