Permalink
Browse files

SEC-1148: Simple classname mapping from 2.0 to 3.0

  • Loading branch information...
1 parent 2d1a5db commit 48dcc211e97c3580c6a3a564532f6bd0a0500e97 @tekul tekul committed Dec 2, 2009
@@ -0,0 +1,57 @@
+Class Mapping from 2.0.x to 3.0.x
+------------------------------------
+
+Approximate mapping of classes which have new names, or new implementations in 3.0. These may not be a
+straightforward replacement, but the listed classes and interfaces from 3.0 will give some indication of where to
+look in the APIs when upgrading.
+
+AbstractProcessingFilter, AbstractAuthenticationProcessingFilter
+AbstractFallbackMethodDefinitionSource, AbstractFallbackMethodSecurityMetadataSource
+AnonymousProcessingFilter, AnonymousAuthenticationFilter
+AuthenticationFailureConcurrentLoginEvent
+AuthenticationProcessingFilter, UsernamePasswordAuthenticationFilter
+AuthenticationProcessingFilterEntryPoint, LoginUrlAuthenticationEntryPoint
+
+BasicProcessingFilter, BasicAuthenticationFilter
+BasicProcessingFilterEntryPoint, BasicAuthenticationEntryPoint
+
+CasProcessingFilter, CasAuthenticationFilter
+CasProcessingFilterEntryPoint, CasAuthenticationEntryPoint
+ConcurrentSessionController, ConcurrentSessionControlStrategy (Now implemented through the SessionManagementFilter)
+ConfigAttributeDefinition, Collection<ConfigAttribute>
+
+DefaultFilterInvocationDefinitionSource, DefaultFilterInvocationSecurityMetadataSource
+DigestProcessingFilter, DigestAuthenticationFilter
+DigestProcessingFilterEntryPoint, DigestAuthenticationEntryPoint
+
+FilterInvocationDefinitionSource, FilterInvocationSecurityMetadataSource
+
+HttpSessionContextIntegrationFilter, SecurityContextPersistenceFilter (see also SecurityContextRepository)
+
+Jsr250MethodDefinitionSource, Jsr250MethodSecurityMetadataSource
+
+MapBasedMethodDefinitionSource, MapBasedMethodSecurityMetadataSource
+MethodDefinitionAttributes
+MethodDefinitionSource, MethodSecurityMetadataSource
+MethodDefinitionSourceAdvisor, MethodSecurityMetadataSourceAdvisor
+MethodDefinitionSourceEditor, MethodSecurityMetadataSourceEditor
+
+ObjectDefinitionSource SecurityMetadataSource
+OpenIDAuthenticationProcessingFilter, OpenIDAuthenticationFilter
+
+RedirectUtils, DefaultRedirectStrategy
+RememberMeProcessingFilter, RememberMeAuthenticationFilter
+RequestHeaderPreAuthenticatedProcessingFilter, RequestHeaderAuthenticationFilter
+
+SecuredMethodDefinitionSource, SecuredAnnotationSecurityMetadataSource
+SessionFixationProtectionFilter, SessionManagementFilter (See also SessionAuthenticationStrategy, SessionFixationProtectionStrategy)
+SpringSecurityContextSource, LdapContextSource (from Spring LDAP 1.3, which introduced the ability to bind as a specific user)
+SwitchUserFilter, SwitchUserProcessingFilter
+
+TargetUrlResolver, AuthenticationSuccessHandler (see also AuthenticationFailureHandler)
+TargetUrlResolverImpl, SavedRequestAwareAuthenticationSuccessHandler (see also SimpleUrlAuthenticationSuccessHandler)
+
+WASSecurityHelper, DefaultWASUsernameAndGroupsExtractor
+
+X509PreAuthenticatedProcessingFilter, X509AuthenticationFilter
+
@@ -11,7 +11,12 @@
xlink:href="#ns-config">introductory chapter</link> on namespace configuration, as this is
intended as a supplement to the information there. Using a good quality XML editor while editing
a configuration based on the schema is recommended as this will provide contextual information
- on which elements and attributes are available as well as comments explaining their purpose. </para>
+ on which elements and attributes are available as well as comments explaining their purpose. The
+ namespace is captured in <link xlink:href="http://www.relaxng.org/">RELAX NG</link> Compact
+ format and later converted into an XSD schema. If you are familiar with this format, you may
+ wish to examine the <link
+ xlink:href="https://src.springsource.org/svn/spring-security/trunk/config/src/main/resources/org/springframework/security/config/spring-security-3.0.rnc"
+ >schema file</link>.</para>
<section xml:id="nsa-http">
<title>Web Application Security - the <literal>&lt;http&gt;</literal> Element</title>
<para> The <literal>&lt;http&gt;</literal> element encapsulates the security configuration for
@@ -488,8 +493,8 @@
configuration as web security, but this can be overridden as explained above <xref
xlink:href="#nsa-access-decision-manager-ref"/>, using the same attribute. </para>
<section>
- <title>The <literal>secured-annotations</literal> and
- <literal>jsr250-annotations</literal> Attributes</title>
+ <title>The <literal>secured-annotations</literal> and <literal>jsr250-annotations</literal>
+ Attributes</title>
<para> Setting these to "true" will enable support for Spring Security's own
<literal>@Secured</literal> annotations and JSR-250 annotations, respectively. They are
both disabled by default. Use of JSR-250 annotations also adds a
@@ -164,13 +164,13 @@
</section>
<section xml:id="history">
<title>History</title>
- <para>Spring Security began in late 2003 as "The Acegi Security System for Spring". A
- question was posed on the Spring Developers' mailing list asking whether there had been
- any consideration given to a Spring-based security implementation. At the time the
- Spring community was relatively small (especially by today's size!), and indeed Spring
- itself had only existed as a SourceForge project from early 2003. The response to the
- question was that it was a worthwhile area, although a lack of time currently prevented
- its exploration.</para>
+ <para>Spring Security began in late 2003 as <quote>The Acegi Security System for
+ Spring</quote>. A question was posed on the Spring Developers' mailing list asking
+ whether there had been any consideration given to a Spring-based security
+ implementation. At the time the Spring community was relatively small (especially
+ compared with the size today!), and indeed Spring itself had only existed as a
+ SourceForge project from early 2003. The response to the question was that it was a
+ worthwhile area, although a lack of time currently prevented its exploration.</para>
<para>With that in mind, a simple security implementation was built and not released. A few
weeks later another member of the Spring community inquired about security, and at the
time this code was offered to them. Several other requests followed, and by January 2004

0 comments on commit 48dcc21

Please sign in to comment.