558 Commits

Author SHA1 Message Date
Spring Buildmaster
0e9d9da46b Release version 4.0.4.RELEASE 2016-02-25 14:09:54 -08:00
Rob Winch
8c8f499a69 Remove logging for "Skip invoking on" response committed
Fixes gh-3683
2016-02-25 11:00:16 -06:00
Alex Panchenko
409a74330e SEC-3158 findRequiredWebApplicationContext() compatibility with spring framework 4.1.x 2015-12-03 22:16:54 -06:00
Rob Winch
5f6e3855f1 Next Development Version 2015-10-30 16:41:18 -05:00
Spring Buildmaster
19f88e9179 Release version 4.0.3.RELEASE 2015-10-30 12:35:23 -07:00
Rob Winch
8d9b06afb4 SEC-3082: make SavedRequest parameters case sensitive 2015-10-29 16:46:33 -05:00
Rob Winch
72213b5c69 SEC-2190: Fix Javadoc 2015-10-29 11:42:03 -05:00
Rob Winch
2bbe70501b SEC-2190: Support WebApplicationContext in ServletContext attribute 2015-10-28 15:26:16 -05:00
Rob Winch
da606d50c0 SEC-3108: DigestAuthenticationFilter should use SecurityContextHolder.createEmptyContext() 2015-10-27 13:57:18 -05:00
Rob Winch
9c39a0e83e SEC-3109: Fix web tests 2015-10-26 21:31:40 -05:00
Rob Winch
69446ab80f SEC-3070: Logout invalidate-session=false and Spring Session doesn't
work
2015-10-20 15:13:01 -05:00
izeye
48bc0ad5f9 SEC-3124: Fix broken Javadoc related to < and > 2015-10-13 13:33:51 -05:00
Rob Winch
969f3a7d1b Update pom.xml to latest snapshots 2015-08-03 09:46:01 -05:00
Thomas Darimont
ad1d858e2b SEC-3056 - Fix JavaDoc errors.
Fixed JavaDoc errors accross multiple modules in order to make javadoc happy with Java 8.
2015-08-03 08:02:24 -05:00
Rob Winch
117f892c91 SEC-3031: DelegatingSecurityContext(Runnable|Callable) only modify SecurityContext on new Thread
Modifying the SecurityContext on the same Thread can cause issues. For example, with a
RejectedExecutionHandler the SecurityContext may be cleared out on the original Thread.

This change modifies both the DelegatingSecurityContextRunnable and DelegatingSecurityContextCallable to,
by default, only modify the SecurityContext if they are invoked on a new Thread. The behavior can be changed
by setting the property enableOnOrigionalThread to true.
2015-07-22 16:07:21 -05:00
Rob Winch
e8c9f75f9c Update pom.xml to latest versions 2015-07-22 12:51:04 -05:00
Rob Winch
432123daa2 SEC-2964: Fix CsrfTokenArgumentResolver Javadoc 2015-07-22 11:32:36 -05:00
Rob Winch
92ae45a04d SEC-3051: Add AbstractPreAuthenticatedProcessingFilter#principalChanged 2015-07-22 08:41:33 -05:00
Rob Winch
7c725a60e2 SEC-3047: SecurityContextHolderAwareRequestFactory update RequestFactory 2015-07-20 14:06:44 -05:00
Rob Winch
76a2fb9488 SEC-3020: SecurityContextHolderAwareRequestWrapper conditional rolePrefix
Previously SecurityContextHolderAwareRequestWrapper always prefixed with
rolePrefix. This meant the defaults would never return true for a role
that started with the prefix (i.e. ROLE_).

We no longer apply the rolePrefix if the value passed in already starts
with rolePrefix.
2015-07-16 14:49:32 -05:00
Rob Winch
08b1b56e2c SEC-2973: Add OnCommittedResponseWrapper
This ensures that Spring Session & Security's logic for performing
a save on the response being committed can easily be kept in synch.
Further this ensures that the SecurityContext is now persisted when
the response body meets the content length.
2015-07-14 14:48:41 -05:00
Rob Winch
316886affc SEC-2931: Fix CsrfFilter Javadoc 2015-07-14 13:40:59 -05:00
Rob Winch
aed288da05 Fix Spring IO Tests 2015-07-08 11:48:43 -05:00
Rob Winch
1f74ac811e Fix Spring IO Tests 2015-07-08 11:09:29 -05:00
Rob Winch
197ddb3cd1 SEC-3029: Fix Compatibility with Spring 4.2.x 2015-07-07 22:46:31 -05:00
Alex Panchenko
0a118336d4 SEC-2955: Convert to "static" for inner classes 2015-04-30 12:54:52 -05:00
Rob Winch
a67ef1c3a2 SEC-2944: Polish 2015-04-30 10:00:04 -05:00
Gunnar Hillert
3099f92154 SEC-2944 Add HttpStatusReturningLogoutSuccessHandler
* Add HttpStatusReturningLogoutSuccessHandler to provide better logout capabilities for RESTful APIs
2015-04-30 09:56:02 -05:00
Rob Winch
e08e9cda00 SEC-2851: Remove DataAccessException import from Persistent RememberMe 2015-04-21 14:57:32 -05:00
Rob Winch
09acc2b7a5 SEC-2962: SecurityContextHolderAwareRequestFilter default rolePrefix 2015-04-21 11:42:48 -05:00
Rob Winch
d5dfeeca49 SEC-2927: Update chat-jc pom so Maven Builds
Previously there were some incorrect dependency versions. This commit fixes
that.

We added dependencyManagement for Spring Framework and corrected
Thymeleaf and embedded redis versions.
2015-04-20 15:53:26 -05:00
Rob Winch
0bfbd2923a SEC-2915: Fix defaut login page tests with tabs 2015-04-17 12:13:44 -05:00
Rob Winch
4fdfb8caba SEC-2915: More Tabs -> Spaces 2015-04-17 11:34:34 -05:00
Rob Winch
db531d9100 SEC-2917: Update to Spring 4.1.6 2015-03-25 15:18:59 -05:00
Rob Winch
ae6af5d73c SEC-2915: Updated Java Code Formatting 2015-03-25 13:09:18 -05:00
Rob Winch
0a2e496a84 SEC-2915: groovy/gradle spaces->tabs 2015-03-25 13:08:59 -05:00
Rob Winch
cf9f58a4ac SEC-2915: XML spaces->tabs 2015-03-25 13:08:52 -05:00
Rob Winch
b85ad33aef SEC-2888: Polish 2015-03-13 16:10:39 -05:00
Pascal Gehl
85955015f7 SEC-2888 AntPathRequestMatcher ignores variables in pattern when pattern
finishes with /**
2015-03-13 16:03:08 -05:00
Rob Winch
e776a1fd35 SEC-2803: Add HttpStatusEntryPoint 2015-03-11 14:45:59 -05:00
Rob Winch
9d0085bb64 SEC-2882: DefaultLoginPageGeneratingFilter match on /login
Previously DefaultLoginPageGeneratingFilter would match on /**/login
which was not ideal since other parts of the application may want to
match on the URL.

Now it matches on /login.
2015-03-10 11:52:26 -05:00
Rob Winch
217152c8fd Polish Http403ForbiddenEntryPoint whitespace 2015-03-10 10:58:58 -05:00
Rob Winch
b04388ad62 SEC-2805: Remove unnecessary cast in Http403ForbiddenEntryPoint 2015-03-10 10:58:21 -05:00
Rob Winch
62d74aef3d Merge pull request #103 from bcecchinato/fix-logs
Trivial logging fix in saveContext method in HttpSessionSecurityContextRepository
2015-02-25 00:02:44 -06:00
Rob Winch
6fd45df1e4 SEC-2879: Add Test 2015-02-24 23:19:04 -06:00
Michael Cramer
8c0b16820b SEC-2879: JdbcTokenRepositoryImpl updateToken should use lastUsed arg 2015-02-24 23:18:38 -06:00
Marcin Mielnicki
9ea7372405 SEC-2878: Clean imports in UsernamePasswordAuthenticationFilter 2015-02-24 22:53:44 -06:00
Rob Winch
5f57e5b0c3 SEC-2873: Remember Me XML Configuration Defaults Should Match Java Config 2015-02-24 20:49:56 -06:00
Rob Winch
76d9ef4ec3 SEC-2872: CsrfAuthenticationStrategy Delay Saving CsrfToken 2015-02-24 17:30:57 -06:00
Rob Winch
98ae03fc40 SEC-2832: Add Tests 2015-02-24 17:30:56 -06:00