15 ani în urmă · 48dcc211e9
--- a/class_mapping_from_2.0.x.txt
+++ b/class_mapping_from_2.0.x.txt
@@ -0,0 +1,57 @@
 
															+Class Mapping from 2.0.x to 3.0.x
														
 
															+------------------------------------
														
 
															+
														
 
															+Approximate mapping of classes which have new names, or new implementations in 3.0. These may not be a 
														
 
															+straightforward replacement, but the listed classes and interfaces from 3.0 will give some indication of where to
														
 
															+look in the APIs when upgrading.
														
 
															+
														
 
															+AbstractProcessingFilter, AbstractAuthenticationProcessingFilter
														
 
															+AbstractFallbackMethodDefinitionSource, AbstractFallbackMethodSecurityMetadataSource
														
 
															+AnonymousProcessingFilter, AnonymousAuthenticationFilter
														
 
															+AuthenticationFailureConcurrentLoginEvent
														
 
															+AuthenticationProcessingFilter, UsernamePasswordAuthenticationFilter
														
 
															+AuthenticationProcessingFilterEntryPoint, LoginUrlAuthenticationEntryPoint
														
 
															+
														
 
															+BasicProcessingFilter, BasicAuthenticationFilter
														
 
															+BasicProcessingFilterEntryPoint, BasicAuthenticationEntryPoint
														
 
															+
														
 
															+CasProcessingFilter, CasAuthenticationFilter
														
 
															+CasProcessingFilterEntryPoint, CasAuthenticationEntryPoint
														
 
															+ConcurrentSessionController, ConcurrentSessionControlStrategy (Now implemented through the SessionManagementFilter)
														
 
															+ConfigAttributeDefinition, Collection<ConfigAttribute>
														
 
															+
														
 
															+DefaultFilterInvocationDefinitionSource, DefaultFilterInvocationSecurityMetadataSource
														
 
															+DigestProcessingFilter, DigestAuthenticationFilter
														
 
															+DigestProcessingFilterEntryPoint, DigestAuthenticationEntryPoint
														
 
															+
														
 
															+FilterInvocationDefinitionSource, FilterInvocationSecurityMetadataSource
														
 
															+
														
 
															+HttpSessionContextIntegrationFilter, SecurityContextPersistenceFilter (see also SecurityContextRepository)
														
 
															+
														
 
															+Jsr250MethodDefinitionSource, Jsr250MethodSecurityMetadataSource
														
 
															+
														
 
															+MapBasedMethodDefinitionSource, MapBasedMethodSecurityMetadataSource
														
 
															+MethodDefinitionAttributes
														
 
															+MethodDefinitionSource, MethodSecurityMetadataSource
														
 
															+MethodDefinitionSourceAdvisor, MethodSecurityMetadataSourceAdvisor
														
 
															+MethodDefinitionSourceEditor, MethodSecurityMetadataSourceEditor
														
 
															+
														
 
															+ObjectDefinitionSource SecurityMetadataSource
														
 
															+OpenIDAuthenticationProcessingFilter, OpenIDAuthenticationFilter
														
 
															+
														
 
															+RedirectUtils, DefaultRedirectStrategy
														
 
															+RememberMeProcessingFilter, RememberMeAuthenticationFilter
														
 
															+RequestHeaderPreAuthenticatedProcessingFilter, RequestHeaderAuthenticationFilter
														
 
															+
														
 
															+SecuredMethodDefinitionSource, SecuredAnnotationSecurityMetadataSource
														
 
															+SessionFixationProtectionFilter, SessionManagementFilter (See also SessionAuthenticationStrategy, SessionFixationProtectionStrategy)
														
 
															+SpringSecurityContextSource, LdapContextSource (from Spring LDAP 1.3, which introduced the ability to bind as a specific user)
														
 
															+SwitchUserFilter, SwitchUserProcessingFilter
														
 
															+
														
 
															+TargetUrlResolver, AuthenticationSuccessHandler (see also AuthenticationFailureHandler)
														
 
															+TargetUrlResolverImpl, SavedRequestAwareAuthenticationSuccessHandler (see also SimpleUrlAuthenticationSuccessHandler)
														
 
															+
														
 
															+WASSecurityHelper, DefaultWASUsernameAndGroupsExtractor
														
 
															+
														
 
															+X509PreAuthenticatedProcessingFilter, X509AuthenticationFilter
														
 
															+
														
--- a/docs/manual/src/docbook/appendix-namespace.xml
+++ b/docs/manual/src/docbook/appendix-namespace.xml
@@ -11,7 +11,12 @@
 
															       xlink:href="#ns-config">introductory chapter</link> on namespace configuration, as this is
														
 
															     intended as a supplement to the information there. Using a good quality XML editor while editing
														
 
															     a configuration based on the schema is recommended as this will provide contextual information
														
 
															-    on which elements and attributes are available as well as comments explaining their purpose. </para>
														
 
															+    on which elements and attributes are available as well as comments explaining their purpose. The
														
 
															+    namespace is captured in <link xlink:href="http://www.relaxng.org/">RELAX NG</link> Compact
														
 
															+    format and later converted into an XSD schema. If you are familiar with this format, you may
														
 
															+    wish to examine the <link
														
 
															+      xlink:href="https://src.springsource.org/svn/spring-security/trunk/config/src/main/resources/org/springframework/security/config/spring-security-3.0.rnc"
														
 
															+      >schema file</link>.</para>
														
 
															   <section xml:id="nsa-http">
														
 
															     <title>Web Application Security - the <literal>&lt;http&gt;</literal> Element</title>
														
 
															     <para> The <literal>&lt;http&gt;</literal> element encapsulates the security configuration for
														
@@ -488,8 +493,8 @@
 
															         configuration as web security, but this can be overridden as explained above <xref
														
 
															           xlink:href="#nsa-access-decision-manager-ref"/>, using the same attribute. </para>
														
 
															       <section>
														
 
															-        <title>The <literal>secured-annotations</literal> and
														
 
															-            <literal>jsr250-annotations</literal> Attributes</title>
														
 
															+        <title>The <literal>secured-annotations</literal> and <literal>jsr250-annotations</literal>
														
 
															+          Attributes</title>
														
 
															         <para> Setting these to "true" will enable support for Spring Security's own
														
 
															             <literal>@Secured</literal> annotations and JSR-250 annotations, respectively. They are
														
 
															           both disabled by default. Use of JSR-250 annotations also adds a
														
--- a/docs/manual/src/docbook/introduction.xml
+++ b/docs/manual/src/docbook/introduction.xml
@@ -164,13 +164,13 @@
 
															     </section>
														
 
															     <section xml:id="history">
														
 
															         <title>History</title>
														
 
															-        <para>Spring Security began in late 2003 as "The Acegi Security System for Spring". A
														
 
															-            question was posed on the Spring Developers' mailing list asking whether there had been
														
 
															-            any consideration given to a Spring-based security implementation. At the time the
														
 
															-            Spring community was relatively small (especially by today's size!), and indeed Spring
														
 
															-            itself had only existed as a SourceForge project from early 2003. The response to the
														
 
															-            question was that it was a worthwhile area, although a lack of time currently prevented
														
 
															-            its exploration.</para>
														
 
															+        <para>Spring Security began in late 2003 as <quote>The Acegi Security System for
														
 
															+                Spring</quote>. A question was posed on the Spring Developers' mailing list asking
														
 
															+            whether there had been any consideration given to a Spring-based security
														
 
															+            implementation. At the time the Spring community was relatively small (especially
														
 
															+            compared with the size today!), and indeed Spring itself had only existed as a
														
 
															+            SourceForge project from early 2003. The response to the question was that it was a
														
 
															+            worthwhile area, although a lack of time currently prevented its exploration.</para>
														
 
															         <para>With that in mind, a simple security implementation was built and not released. A few
														
 
															             weeks later another member of the Spring community inquired about security, and at the
														
 
															             time this code was offered to them. Several other requests followed, and by January 2004