Martin Stockhammer
e9bc481884
Adding port check for Referer header
2017-01-30 22:42:33 +01:00
Martin Stockhammer
95f1b3e430
Implementing Header verification for REST API calls
...
Implementing header verification techniques mentioned in:
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Verifying_Same_Origin_with_Standard_Headers
2017-01-30 20:37:15 +01:00
olivier lamy
d45870b377
bump spring version to 4.3.5
...
Signed-off-by: olivier lamy <olamy@apache.org>
2017-01-01 09:43:41 +01:00
olivier lamy
90d8515ff4
add used dependency spring-aop
...
Signed-off-by: olivier lamy <olamy@apache.org>
2017-01-01 09:33:48 +01:00
olivier lamy
0537b8562e
get rid of all jdo jpox dependencies
...
Signed-off-by: olivier lamy <olamy@apache.org>
2016-12-31 10:21:49 +01:00
olivier lamy
effc4a280b
format pom
...
Signed-off-by: olivier lamy <olamy@apache.org>
2016-12-31 10:08:30 +01:00
olivier lamy
9b2f812568
simplify pom
...
Signed-off-by: olivier lamy <olamy@apache.org>
2016-12-31 10:07:19 +01:00
Martin Stockhammer
2add792524
Set JPA as default and only database backend
...
Remove JDO dependencies and set the JPA implementations as only implementation
for database backend providers. Uses the same database as JDO before.
2016-12-30 15:33:17 +01:00
Martin Stockhammer
96b6771e7f
Remove schema types in annotation
2016-12-28 19:52:28 +01:00
olivier lamy
09b5fab0d2
fix duplicate dependency
...
Signed-off-by: olivier lamy <olamy@apache.org>
2016-12-05 21:14:56 +11:00
Martin Stockhammer
e55262c8cc
Add schema changes for compatibility with JDO implementation
2016-11-19 23:26:08 +01:00
Martin Stockhammer
7482c06fcd
Fix schema settings
2016-11-16 21:07:08 +01:00
Martin Stockhammer
78e37f700a
Change comments
2016-11-06 12:47:23 +01:00
Martin Stockhammer
13aa63a4e5
Add JPA Key Provider
2016-11-04 08:02:57 +01:00
Martin Stockhammer
5420374314
Override method to activate transaction handling
2016-10-25 15:55:59 +02:00
Martin Stockhammer
b6a3d01360
Add exception handler
2016-10-25 15:53:59 +02:00
Martin Stockhammer
45b429e778
Add jpa config to test spring contexts
2016-10-25 15:52:26 +02:00
Martin Stockhammer
994c7cb42f
Fix maven dependencies
2016-10-21 22:09:32 +02:00
Martin Stockhammer
6f7fa90562
Add transaction annotation and dependencies
2016-10-21 20:11:47 +02:00
Martin Stockhammer
c4fc7ffc73
Adding Transaction annotation and fixing tests
2016-10-19 23:28:28 +02:00
Martin Stockhammer
a2441c5e41
Merge branch 'master' into jpa
2016-10-16 20:09:01 +02:00
Martin Stockhammer
78d822d145
Fixing validation error in unit tests
2016-10-16 17:18:42 +02:00
Martin Stockhammer
2aa6cdf6c6
Adding flag for authenticator to avoid autowiring exceptions
...
Adds a isValid() method to the authenticator to avoid exceptions during
initialization.
2016-10-16 17:18:42 +02:00
Martin Stockhammer
8fd7112762
Changing transaction handling
2016-10-14 21:39:36 +02:00
Martin Stockhammer
8d9f47436e
JPA bytecode enhancement
2016-10-09 21:13:18 +02:00
Martin Stockhammer
e2581cd127
Merge branch 'validauth' into jpa
2016-10-04 20:46:28 +02:00
Martin Stockhammer
7e83bebcec
Adding flag for authenticator to avoid autowiring exceptions
...
Adds a isValid() method to the authenticator to avoid exceptions during
initialization.
2016-10-03 19:36:13 +02:00
Ciprian Ciubotariu
c9ca73b94c
Use NamingManager instead of LdapCtxFactory
...
Fixes deprecation warnings on LdapCtxFactory
2016-10-03 18:32:52 +03:00
Martin Stockhammer
e217190250
Adding version for dependencies
2016-10-02 20:15:49 +02:00
Martin Stockhammer
d785f13635
Adding spring context for rbac module
2016-10-02 20:15:26 +02:00
Martin Stockhammer
f8ee2af825
Adding explicit dependencies for JPA user/rbac implementations
2016-10-02 20:14:34 +02:00
Martin Stockhammer
ac89b6bb2d
Adding final flag to jpa implementations
2016-10-02 20:14:10 +02:00
Martin Stockhammer
4586b826d9
Fixing path of spring context file
2016-10-02 19:25:20 +02:00
Martin Stockhammer
30c3441cd4
Adding order columns to persistence schema
2016-09-30 22:38:08 +02:00
Martin Stockhammer
f3bcedfdf8
Setting database schema names from JDO
2016-09-30 22:37:22 +02:00
Martin Stockhammer
9e09e8f0cf
Removing datasource from test persistence config
2016-09-30 22:36:39 +02:00
olivier lamy
c49cb230eb
unused imports
...
Signed-off-by: olivier lamy <olamy@apache.org>
2016-09-28 12:44:40 +10:00
Martin Stockhammer
62efc70bd2
Adding JPA implementation of users and rbac provider
...
Uses OpenJPA
2016-09-27 23:13:03 +02:00
olivier lamy
d17c6ffb9d
use last parent snapshot
...
Signed-off-by: olivier lamy <olamy@apache.org>
2016-09-14 22:00:41 +10:00
olivier lamy
11b2cdbae0
Merge branch 'pr/10'
...
[MRM-1923] merge pr
2016-09-13 10:55:00 +10:00
olivier lamy
8e98a8aa9e
Merge branch 'pr/9'
...
closed #9
[MRM-1908] Logged on users can write any repository
2016-09-13 10:49:27 +10:00
olivier lamy
87e1950057
Merge branch 'pr/7'
...
close #7
2016-09-09 21:47:52 +10:00
olivier lamy
780b1b7bb7
Merge branch 'pr/6' #6
...
close #6
2016-09-09 21:46:39 +10:00
Martin Stockhammer
5ce2714a37
Fixing bind issue with certain ldap servers, when user not found
...
Subsequent calls of NamingResult#hasMoreElements returns different values in some
environments and situations.
e.g. it occured on IBM JDK 7 with Windows Active Directory LDAP when the first value of 'hasMoreElements'
was false.
The first value is cached now.
2016-09-09 10:03:27 +02:00
Martin Stockhammer
796af57be2
Adding parameter references in authorization resource
...
In certain cases the resource must be dynamically set by parameter values.
This patch allows to add a reference into the resource field of the redback
annotation '{parameterName}' that fills the resource of the permission dynamically
with the parameter value, if found.
2016-09-09 09:40:29 +02:00
Ciprian Ciubotariu
3ef0e5931e
Beautify case of default ldap group attribute
...
More of a style issue, since attribute descriptions are case insensitive
according to RFC4512.
2016-09-07 16:28:04 +03:00
Ciprian Ciubotariu
0dc00492ed
Ignore Netbeans artifacts
2016-09-07 00:30:14 +03:00
olivier lamy
c02519d5a6
change target back to 1.6
2016-07-20 23:54:43 +02:00
olivier lamy
e2909f2956
[MRM-1827] Redback core fail with jdk 1.7 (compiler target 1.7) use new bcel 6.0
2016-07-20 23:37:47 +02:00
olivier lamy
3d266df48d
[maven-release-plugin] prepare for next development iteration
2016-05-20 12:55:38 +10:00