SEC-2783: XML Configuration Defaults Should Match JavaConfig
* j_username -> username * j_password -> password * j_spring_security_check -> login * j_spring_cas_security_check -> login/cas * j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor * j_spring_openid_security_login -> login/openid * j_spring_security_switch_user -> login/impersonate * j_spring_security_exit_user -> logout/impersonate * login_error -> error * use-expressions=true by default
This commit is contained in:
@@ -18,7 +18,7 @@
|
||||
<http pattern="/static/**" security="none"/>
|
||||
<http pattern="/loggedout.jsp" security="none"/>
|
||||
|
||||
<http use-expressions="true">
|
||||
<http>
|
||||
<intercept-url pattern="/secure/extreme/**" access="hasRole('supervisor')"/>
|
||||
<intercept-url pattern="/secure/**" access="isAuthenticated()" />
|
||||
<!--
|
||||
|
||||
@@ -47,7 +47,7 @@ Anyone can view this page, but posting to an Account requires login and must be
|
||||
</c:forEach>
|
||||
</table>
|
||||
|
||||
<p><a href="j_spring_security_logout">Logout</a></p>
|
||||
<p><a href="logout">Logout</a></p>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
@@ -19,7 +19,7 @@ This is a protected page. You can only see me if you are a supervisor.
|
||||
</authz:authorize>
|
||||
|
||||
<p><a href="../../">Home</a></p>
|
||||
<p><a href="../../j_spring_security_logout">Logout</a></p>
|
||||
<p><a href="../../logout">Logout</a></p>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
@@ -43,7 +43,7 @@ or if you've authenticated this session.
|
||||
|
||||
|
||||
<p><a href="../">Home</a></p>
|
||||
<p><a href="../j_spring_security_logout">Logout</a></p>
|
||||
<p><a href="../logout">Logout</a></p>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
Reference in New Issue
Block a user