Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

SEC-1148: Simple classname mapping from 2.0 to 3.0

  • Loading branch information...
commit 48dcc211e97c3580c6a3a564532f6bd0a0500e97 1 parent 2d1a5db
@tekul tekul authored
View
57 class_mapping_from_2.0.x.txt
@@ -0,0 +1,57 @@
+Class Mapping from 2.0.x to 3.0.x
+------------------------------------
+
+Approximate mapping of classes which have new names, or new implementations in 3.0. These may not be a
+straightforward replacement, but the listed classes and interfaces from 3.0 will give some indication of where to
+look in the APIs when upgrading.
+
+AbstractProcessingFilter, AbstractAuthenticationProcessingFilter
+AbstractFallbackMethodDefinitionSource, AbstractFallbackMethodSecurityMetadataSource
+AnonymousProcessingFilter, AnonymousAuthenticationFilter
+AuthenticationFailureConcurrentLoginEvent
+AuthenticationProcessingFilter, UsernamePasswordAuthenticationFilter
+AuthenticationProcessingFilterEntryPoint, LoginUrlAuthenticationEntryPoint
+
+BasicProcessingFilter, BasicAuthenticationFilter
+BasicProcessingFilterEntryPoint, BasicAuthenticationEntryPoint
+
+CasProcessingFilter, CasAuthenticationFilter
+CasProcessingFilterEntryPoint, CasAuthenticationEntryPoint
+ConcurrentSessionController, ConcurrentSessionControlStrategy (Now implemented through the SessionManagementFilter)
+ConfigAttributeDefinition, Collection<ConfigAttribute>
+
+DefaultFilterInvocationDefinitionSource, DefaultFilterInvocationSecurityMetadataSource
+DigestProcessingFilter, DigestAuthenticationFilter
+DigestProcessingFilterEntryPoint, DigestAuthenticationEntryPoint
+
+FilterInvocationDefinitionSource, FilterInvocationSecurityMetadataSource
+
+HttpSessionContextIntegrationFilter, SecurityContextPersistenceFilter (see also SecurityContextRepository)
+
+Jsr250MethodDefinitionSource, Jsr250MethodSecurityMetadataSource
+
+MapBasedMethodDefinitionSource, MapBasedMethodSecurityMetadataSource
+MethodDefinitionAttributes
+MethodDefinitionSource, MethodSecurityMetadataSource
+MethodDefinitionSourceAdvisor, MethodSecurityMetadataSourceAdvisor
+MethodDefinitionSourceEditor, MethodSecurityMetadataSourceEditor
+
+ObjectDefinitionSource SecurityMetadataSource
+OpenIDAuthenticationProcessingFilter, OpenIDAuthenticationFilter
+
+RedirectUtils, DefaultRedirectStrategy
+RememberMeProcessingFilter, RememberMeAuthenticationFilter
+RequestHeaderPreAuthenticatedProcessingFilter, RequestHeaderAuthenticationFilter
+
+SecuredMethodDefinitionSource, SecuredAnnotationSecurityMetadataSource
+SessionFixationProtectionFilter, SessionManagementFilter (See also SessionAuthenticationStrategy, SessionFixationProtectionStrategy)
+SpringSecurityContextSource, LdapContextSource (from Spring LDAP 1.3, which introduced the ability to bind as a specific user)
+SwitchUserFilter, SwitchUserProcessingFilter
+
+TargetUrlResolver, AuthenticationSuccessHandler (see also AuthenticationFailureHandler)
+TargetUrlResolverImpl, SavedRequestAwareAuthenticationSuccessHandler (see also SimpleUrlAuthenticationSuccessHandler)
+
+WASSecurityHelper, DefaultWASUsernameAndGroupsExtractor
+
+X509PreAuthenticatedProcessingFilter, X509AuthenticationFilter
+
View
11 docs/manual/src/docbook/appendix-namespace.xml
@@ -11,7 +11,12 @@
xlink:href="#ns-config">introductory chapter</link> on namespace configuration, as this is
intended as a supplement to the information there. Using a good quality XML editor while editing
a configuration based on the schema is recommended as this will provide contextual information
- on which elements and attributes are available as well as comments explaining their purpose. </para>
+ on which elements and attributes are available as well as comments explaining their purpose. The
+ namespace is captured in <link xlink:href="http://www.relaxng.org/">RELAX NG</link> Compact
+ format and later converted into an XSD schema. If you are familiar with this format, you may
+ wish to examine the <link
+ xlink:href="https://src.springsource.org/svn/spring-security/trunk/config/src/main/resources/org/springframework/security/config/spring-security-3.0.rnc"
+ >schema file</link>.</para>
<section xml:id="nsa-http">
<title>Web Application Security - the <literal>&lt;http&gt;</literal> Element</title>
<para> The <literal>&lt;http&gt;</literal> element encapsulates the security configuration for
@@ -488,8 +493,8 @@
configuration as web security, but this can be overridden as explained above <xref
xlink:href="#nsa-access-decision-manager-ref"/>, using the same attribute. </para>
<section>
- <title>The <literal>secured-annotations</literal> and
- <literal>jsr250-annotations</literal> Attributes</title>
+ <title>The <literal>secured-annotations</literal> and <literal>jsr250-annotations</literal>
+ Attributes</title>
<para> Setting these to "true" will enable support for Spring Security's own
<literal>@Secured</literal> annotations and JSR-250 annotations, respectively. They are
both disabled by default. Use of JSR-250 annotations also adds a
View
14 docs/manual/src/docbook/introduction.xml
@@ -164,13 +164,13 @@
</section>
<section xml:id="history">
<title>History</title>
- <para>Spring Security began in late 2003 as "The Acegi Security System for Spring". A
- question was posed on the Spring Developers' mailing list asking whether there had been
- any consideration given to a Spring-based security implementation. At the time the
- Spring community was relatively small (especially by today's size!), and indeed Spring
- itself had only existed as a SourceForge project from early 2003. The response to the
- question was that it was a worthwhile area, although a lack of time currently prevented
- its exploration.</para>
+ <para>Spring Security began in late 2003 as <quote>The Acegi Security System for
+ Spring</quote>. A question was posed on the Spring Developers' mailing list asking
+ whether there had been any consideration given to a Spring-based security
+ implementation. At the time the Spring community was relatively small (especially
+ compared with the size today!), and indeed Spring itself had only existed as a
+ SourceForge project from early 2003. The response to the question was that it was a
+ worthwhile area, although a lack of time currently prevented its exploration.</para>
<para>With that in mind, a simple security implementation was built and not released. A few
weeks later another member of the Spring community inquired about security, and at the
time this code was offered to them. Several other requests followed, and by January 2004
Please sign in to comment.
Something went wrong with that request. Please try again.