Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-13 15:42:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,727 Commits 44 Branches 345 Tags
Commit Graph

4727 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
b1a6a574ac Merge pull request #159 from ractive/3.1.x 
SEC-2812: Fix german translations
 2015-01-14 16:29:47 -06:00
james
979badd550 SEC-2812: Fix german translations 2015-01-12 13:51:33 +01:00
Spring Buildmaster
2263a545ea Next development version 2014-08-15 11:39:31 -07:00
Rob Winch
0d86164a49 SEC-2547: Update to cas-client-core-3.3.3 2014-08-15 12:49:13 -05:00
Rob Winch
b78bd897cd SEC-2688: CAS Proxy Ticket Authentication uses Service for host & port 2014-07-24 16:56:58 -05:00
Rob Winch
055eb72d60 Remove explict LDAP dir for integration tests 2014-06-18 09:50:17 -05:00
Rob Winch
f4914b2271 Remove ApacheDSContainer import 2014-06-18 09:43:35 -05:00
Rob Winch
541aee8e3e SEC-2449: <ldap-server> default port should fallback to dynamic value 2014-06-18 09:34:49 -05:00
Rob Winch
a6cab1be74 SEC-2606: ApacheDSServerIntegrationTests scan for available port 2014-06-12 12:28:40 -05:00
Rob Winch
bbfcab0c81 SEC-2607: CAS Server logouts out synchronously 2014-06-12 12:28:40 -05:00
Spring Buildmaster
6e431e7d16 Next development version 2014-03-10 14:26:38 -07:00
Rob Winch
2eec67fe73 SEC-2507: Fix test imports 2014-03-10 15:09:36 -05:00
Rob Winch
88559882e9 SEC-2500: Prevent anonymous bind for ActiveDirectoryLdapAuthenticator 2014-03-10 14:43:59 -05:00
Rob Winch
9270845a21 SEC-2507: WebExpressionVoter.supports support subclasses of FilterInvocation 2014-03-10 14:43:56 -05:00
Spring Buildmaster
1d53dc5e5c Next development version 2014-02-19 07:12:15 -08:00
Rob Winch
ac6cf5396a SEC-2468: JdbcUserDetailsManager#createNewAuthentication uses null credentials 2014-02-14 17:00:07 -06:00
james
5a2e99c940 SEC-2467: Fix Small errors in itest-web's jsps 2014-01-28 16:09:09 -06:00
Rob Winch
6f3c6f9b5b SEC-2447: JdbcMutableAclServiceTests should invoke aclCache.clearCache() 2013-12-14 10:20:31 -06:00
Rob Winch
1feb38048b Update to Gradle 1.9 
Necessary to work with the latest Bamboo and Artifactory Gradle updates
 2013-12-05 09:08:26 -06:00
Rob Winch
905c59f599 SEC-2313: Gradle javadoc hotfix 2013-09-11 15:42:53 -07:00
Rob Winch
241e984ea4 SEC-2171: Include Information about pooling in Spring LDAP documentation 2013-08-25 11:31:05 -05:00
Rob Winch
8053cb0de7 SEC-2103: Fix tests to verify debug logging instead of info 2013-08-25 10:05:48 -05:00
Rob Winch
889bba1d67 SEC-2103: Change log of no results to debug 2013-08-24 23:40:48 -05:00
Rob Winch
f9fd448d88 SEC-2139: named-security-filter are all defined and ordered correctly 2013-08-24 15:20:23 -05:00
Rob Winch
7bf6046408 SEC-2108: Fix typo in ldap section of manual 2013-08-24 15:20:23 -05:00
Guillaume Smet
5dfeea7631 SEC-2245: Cast to interface instead of implementation 
Makes our life easier when we want to override the
MethodSecurityExpressionRoot.
 2013-08-05 17:06:09 -05:00
Luke Taylor
f42720b1b6 SEC-2175: Correct XSD docs on auto-config. 2013-06-09 14:46:56 +01:00
Rob Winch
113e28a148 Update to next dev version - 3.1.5.CI-SNAPSHOT 2013-04-29 08:47:30 -05:00
Spring Buildmaster
de6bcb80b9 [artifactory-release] Next development version 2013-04-27 13:05:38 -07:00
Rob Winch
102da87080 Disable artifactoryPublish for projects without artifacts 2013-04-27 13:56:12 -05:00
Rob Winch
f1ae9da55e Remove ApacheDSContainerTests successfulStartupAndShutdown since it was commented out 2013-04-25 11:17:21 -05:00
Rob Winch
94e2e0c65e SEC-2161: <ldap-server> creates unique dir for embedded LDAP 2013-04-25 11:17:21 -05:00
Rob Winch
fa3a30cc20 SEC-2162: ApacheDSContainer throws RuntimeException on failure to start 2013-04-25 11:17:21 -05:00
Rob Winch
ee6e6ceafb SEC-2133: Update doc from ChannelAuthenticationFilter to ChannelProcessingFilter 2013-04-25 08:51:51 -05:00
Rob Winch
095594daea SEC-2147: Deprecate .encoding.PasswordEncoding 2013-04-25 08:49:33 -05:00
Rob Winch
e9215c4dc3 SEC-2087: GlobalMethodSecurityBeanDefinitionParser uses AuthenticationManager to create AuthenticationManagerDelegator 2013-04-24 17:30:51 -05:00
@fbiville
0d70c703df SEC-2138: Fix code snippet in Hierarchical Roles section 
The bean definition of RoleHierarchyVoter was syntactically incorrect.
 2013-02-26 09:47:02 -06:00
Rob Winch
73710bf7b8 Add CONTRIBUTING.md 2013-02-25 17:14:21 -06:00
Jean-Pierre Bergamin
ca5501eb31 SEC-2118: Fixing spring and aspectj OSGi version ranges [3.2, 3.2) -> [3.2, 3.3) 2013-02-25 17:10:07 -06:00
Rob Winch
c703806fa2 Revert "SEC-2078: AbstractPreAuthenticatedProcessingFilter requriesAuthentication support for non-String Principals" 
This reverts commit 3fe7791266321f6f4f22ef8b4cd049ec5045f773.
 2012-12-06 16:16:50 -06:00
Rob Winch
67eb9821f3 Revert "SEC-2078: Updated Javadoc to reflect that updates to Principal will also trigger reauthentication" 
This reverts commit ece4a0f0674f93dc9f24c17ede30017b28f8ba45.
 2012-12-06 16:16:33 -06:00
Rob Winch
7b93ffd5d4 SEC-2078: Updated Javadoc to reflect that updates to Principal will also trigger reauthentication 2012-12-06 09:05:21 -06:00
Rob Winch
5fa252b848 SEC-2078: AbstractPreAuthenticatedProcessingFilter requriesAuthentication support for non-String Principals 
Previously, if the Principal returned by getPreAuthenticatedPrincipal was not a String,
it prevented requiresAuthentication from detecting when the Principal was the same.
This caused the need to authenticate the user for every request even when the Principal
did not change.

Now requiresAuthentication will check to see if the result of
getPreAuthenticatedPrincipal is equal to the current Authentication.getPrincipal().
 2012-12-04 13:04:41 -06:00
Rob Winch
87c3c7edb9 Use AspectJMethodSecurityInterceptor in reference 
Change reference to use AspectJMethodSecurityInterceptor instead of
undefined AspectJSecurityInterceptor.
 2012-12-04 10:07:30 -06:00
Rob Winch
7f342f3321 SEC-2074: Update reference to use <method-security-metadata-source> 2012-12-04 10:07:30 -06:00
Rob Winch
2f6325f651 SEC-2084: AntPathRequestMatcher and RegexpRequestMatcher support request.getMethod() 
Previously a NullPointerException would occur if an HttpServletRequest.getMethod()
returned null.

Now AntPathRequestMatcher and RegexpRequestMatcher will handle if the
HttpServletRequest.getMethod() returns null. While under normal circumstances,
it is unlikely for the method to be null this can occur when using
DefaultWebInvocationPrivilegeEvaluator.isAllowed(String, Authentication).
 2012-12-03 15:08:37 -06:00
Rob Winch
e3f53908af SEC-2072: <security:anonymous> granted-authority supports multiple authorities again 2012-11-02 16:23:37 -05:00
Rob Winch
4d1127106b Add 3.1.x suffix to eclipse projects 2012-11-02 10:00:45 -05:00
Rob Winch
c0dfb70ca0 Added generatePom task 
This can be used to generate the pom.xml for adding the Spring Security
snapshot jars as a Maven Dependency to another project. For example,
if mywebapp requires the Spring Security 3.1.4.CI-SNAPSHOT jars one
could generate the pom.xml files and then use that to convert the project
into a valid Maven project within the IDE. Then the SNAPSHOT dependendies
could be added to mywebapp. This prevents the need to install the SNAPSHOT
dependencies in the local Maven repository.
 2012-11-01 15:18:10 -05:00
Rob Winch
78cbdd2c93 Reserve Server Ports in integrationTests 
Previously the build would look up a server port dynamically, but since
it closed the port immediately it may not be reserved by the time jetty
started up.

We now reserve the port and do not close it till just before Jetty starts.
While there is still a race condition, it is much smaller window of time
than it was previously.
 2012-11-01 11:14:50 -05:00