SEC-2783: XML Configuration Defaults Should Match JavaConfig

* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
This commit is contained in:
Rob Winch
2014-12-05 09:52:29 -06:00
parent b56e5edbbd
commit c67ff42b8a
125 changed files with 8122 additions and 395 deletions

View File

@@ -18,7 +18,7 @@
<http pattern="/static/**" security="none"/>
<http pattern="/loggedout.jsp" security="none"/>
<http use-expressions="true">
<http>
<intercept-url pattern="/secure/extreme/**" access="hasRole('supervisor')"/>
<intercept-url pattern="/secure/**" access="isAuthenticated()" />
<!--

View File

@@ -47,7 +47,7 @@ Anyone can view this page, but posting to an Account requires login and must be
</c:forEach>
</table>
<p><a href="j_spring_security_logout">Logout</a></p>
<p><a href="logout">Logout</a></p>
</div>
</body>
</html>

View File

@@ -19,7 +19,7 @@ This is a protected page. You can only see me if you are a supervisor.
</authz:authorize>
<p><a href="../../">Home</a></p>
<p><a href="../../j_spring_security_logout">Logout</a></p>
<p><a href="../../logout">Logout</a></p>
</div>
</body>
</html>

View File

@@ -43,7 +43,7 @@ or if you've authenticated this session.
<p><a href="../">Home</a></p>
<p><a href="../j_spring_security_logout">Logout</a></p>
<p><a href="../logout">Logout</a></p>
</div>
</body>
</html>