Apache/archiva-redback-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
869 Commits 18 Branches 7 Tags
Commit Graph

869 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Martin Stockhammer
6a6b7bb939 Adding token validation to interceptor 2017-02-12 20:47:14 +01:00
Martin Stockhammer
98c98b3979 Adding log statements 2017-02-12 18:44:55 +01:00
Martin Stockhammer
461b7e98f8 Adding validationToken to toString method 2017-02-12 17:12:41 +01:00
Martin Stockhammer
a6ceb38469 Using random iv vector to generate unique tokens for each login 2017-02-12 17:09:15 +01:00
Martin Stockhammer
de5816adf0 Adding validation token generator got login 2017-02-12 14:02:01 +01:00
Martin Stockhammer
e9bc481884 Adding port check for Referer header 2017-01-30 22:42:33 +01:00
Martin Stockhammer
95f1b3e430 Implementing Header verification for REST API calls 
Implementing header verification techniques mentioned in:
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Verifying_Same_Origin_with_Standard_Headers
 2017-01-30 20:37:15 +01:00
olivier lamy
d45870b377 bump spring version to 4.3.5 
Signed-off-by: olivier lamy <olamy@apache.org>
 2017-01-01 09:43:41 +01:00
olivier lamy
90d8515ff4 add used dependency spring-aop 
Signed-off-by: olivier lamy <olamy@apache.org>
 2017-01-01 09:33:48 +01:00
olivier lamy
0537b8562e get rid of all jdo jpox dependencies 
Signed-off-by: olivier lamy <olamy@apache.org>
 2016-12-31 10:21:49 +01:00
olivier lamy
effc4a280b format pom 
Signed-off-by: olivier lamy <olamy@apache.org>
 2016-12-31 10:08:30 +01:00
olivier lamy
9b2f812568 simplify pom 
Signed-off-by: olivier lamy <olamy@apache.org>
 2016-12-31 10:07:19 +01:00
Martin Stockhammer
2add792524 Set JPA as default and only database backend 
Remove JDO dependencies and set the JPA implementations as only implementation
for database backend providers. Uses the same database as JDO before.
without_jdo 		2016-12-30 15:33:17 +01:00
Martin Stockhammer
96b6771e7f Remove schema types in annotation 2016-12-28 19:52:28 +01:00
olivier lamy
09b5fab0d2 fix duplicate dependency 
Signed-off-by: olivier lamy <olamy@apache.org>
 2016-12-05 21:14:56 +11:00
Martin Stockhammer
e55262c8cc Add schema changes for compatibility with JDO implementation 2016-11-19 23:26:08 +01:00
Martin Stockhammer
7482c06fcd Fix schema settings 2016-11-16 21:07:08 +01:00
Martin Stockhammer
78e37f700a Change comments 2016-11-06 12:47:23 +01:00
Martin Stockhammer
13aa63a4e5 Add JPA Key Provider 2016-11-04 08:02:57 +01:00
Martin Stockhammer
5420374314 Override method to activate transaction handling 2016-10-25 15:55:59 +02:00
Martin Stockhammer
b6a3d01360 Add exception handler 2016-10-25 15:53:59 +02:00
Martin Stockhammer
45b429e778 Add jpa config to test spring contexts 2016-10-25 15:52:26 +02:00
Martin Stockhammer
994c7cb42f Fix maven dependencies 2016-10-21 22:09:32 +02:00
Martin Stockhammer
6f7fa90562 Add transaction annotation and dependencies 2016-10-21 20:11:47 +02:00
Martin Stockhammer
c4fc7ffc73 Adding Transaction annotation and fixing tests 2016-10-19 23:28:28 +02:00
Martin Stockhammer
a2441c5e41 Merge branch 'master' into jpa 2016-10-16 20:09:01 +02:00
Martin Stockhammer
78d822d145 Fixing validation error in unit tests 2016-10-16 17:18:42 +02:00
Martin Stockhammer
2aa6cdf6c6 Adding flag for authenticator to avoid autowiring exceptions 
Adds a isValid() method to the authenticator to avoid exceptions during
initialization.
 2016-10-16 17:18:42 +02:00
Martin Stockhammer
8fd7112762 Changing transaction handling 2016-10-14 21:39:36 +02:00
Martin Stockhammer
8d9f47436e JPA bytecode enhancement 2016-10-09 21:13:18 +02:00
Martin Stockhammer
e2581cd127 Merge branch 'validauth' into jpa 2016-10-04 20:46:28 +02:00
Martin Stockhammer
7e83bebcec Adding flag for authenticator to avoid autowiring exceptions 
Adds a isValid() method to the authenticator to avoid exceptions during
initialization.
 2016-10-03 19:36:13 +02:00
Ciprian Ciubotariu
c9ca73b94c Use NamingManager instead of LdapCtxFactory 
Fixes deprecation warnings on LdapCtxFactory
 2016-10-03 18:32:52 +03:00
Martin Stockhammer
e217190250 Adding version for dependencies 2016-10-02 20:15:49 +02:00
Martin Stockhammer
d785f13635 Adding spring context for rbac module 2016-10-02 20:15:26 +02:00
Martin Stockhammer
f8ee2af825 Adding explicit dependencies for JPA user/rbac implementations 2016-10-02 20:14:34 +02:00
Martin Stockhammer
ac89b6bb2d Adding final flag to jpa implementations 2016-10-02 20:14:10 +02:00
Martin Stockhammer
4586b826d9 Fixing path of spring context file 2016-10-02 19:25:20 +02:00
Martin Stockhammer
30c3441cd4 Adding order columns to persistence schema 2016-09-30 22:38:08 +02:00
Martin Stockhammer
f3bcedfdf8 Setting database schema names from JDO 2016-09-30 22:37:22 +02:00
Martin Stockhammer
9e09e8f0cf Removing datasource from test persistence config 2016-09-30 22:36:39 +02:00
olivier lamy
c49cb230eb unused imports 
Signed-off-by: olivier lamy <olamy@apache.org>
 2016-09-28 12:44:40 +10:00
Martin Stockhammer
62efc70bd2 Adding JPA implementation of users and rbac provider 
Uses OpenJPA
 2016-09-27 23:13:03 +02:00
olivier lamy
d17c6ffb9d use last parent snapshot 
Signed-off-by: olivier lamy <olamy@apache.org>
 2016-09-14 22:00:41 +10:00
olivier lamy
11b2cdbae0 Merge branch 'pr/10' 
[MRM-1923] merge pr
 2016-09-13 10:55:00 +10:00
olivier lamy
8e98a8aa9e Merge branch 'pr/9' 
closed #9
[MRM-1908] Logged on users can write any repository
 2016-09-13 10:49:27 +10:00
olivier lamy
87e1950057 Merge branch 'pr/7' 
close #7
 2016-09-09 21:47:52 +10:00
olivier lamy
780b1b7bb7 Merge branch 'pr/6' #6 
close #6
 2016-09-09 21:46:39 +10:00
Martin Stockhammer
5ce2714a37 Fixing bind issue with certain ldap servers, when user not found 
Subsequent calls of NamingResult#hasMoreElements returns different values in some
environments and situations.
e.g. it occured on IBM JDK 7 with Windows Active Directory LDAP when the first value of 'hasMoreElements'
was false.
The first value is cached now.
 2016-09-09 10:03:27 +02:00
Martin Stockhammer
796af57be2 Adding parameter references in authorization resource 
In certain cases the resource must be dynamically set by parameter values.
This patch allows to add a reference into the resource field of the redback
annotation '{parameterName}' that fills the resource of the permission dynamically
with the parameter value, if found.
 2016-09-09 09:40:29 +02:00