Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-08-04 16:43:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,597 Commits 44 Branches 351 Tags
Commit Graph

1468 Commits

Author SHA1 Message Date
Ben Alex
ae9e7733db Fix broken tests. 2005-09-18 22:38:05 +00:00
Mark St. Godard
9d359780d9 finish user context switch event publishing 2005-09-03 20:24:35 +00:00
Mark St. Godard
20ebb668a6 Added event for user context switching and updated switch user filter 2005-08-25 02:59:19 +00:00
Mark St. Godard
ec5e39c2e8 Initial checkin of user security context switching (see SEC-15). This is the first cut of the SwitchUserProcessingFilter that handles switching to a target uesr and exiting back to the original user. Note: This is going to be used for the common use-case of an Administrator 'switching' to another user (i.e. ROLE_ADMIN -> ROLE_USER). This is the initial cut of a Unix 'su' for Acegi managed web applications. 2005-08-04 05:49:12 +00:00
Scott McCrory
f5975dcf30 Whoops, almost forgot to remove System.out debug lines :-/ 2005-07-26 00:55:53 +00:00
Scott McCrory
891cd7380c Mirrored Ben's FilterChainProxy.java 1.5 spelling fix to its corresponding test class, which depended on equality of the exception message. All JUnit tests pass now. 2005-07-26 00:50:43 +00:00
Ben Alex
f625d06cd9 Avoid expense of HttpSession when working with anonymous users. 2005-07-23 09:52:42 +00:00
Ray Krueger
4b98d357ff SecureContextLoginModuleTest has been renamed to ...Tests as per Acegi project. 
SecureContextLoginModule now throws a LoginException if there is no authentication present, if the ignoreMissingAuthentication option is true, the login() method will simply return false.
 2005-07-22 04:35:31 +00:00
Luke Taylor
c89d4a8add Added trimming of whitespace to tokens and use of Springs StringUtils.hasText() to check for content in the string passed to setAsText. 2005-07-21 22:55:27 +00:00
Marc-Antoine Garrigue
3287439421 Initial commit for captcha adapter 2005-07-19 12:35:50 +00:00
Luke Taylor
74588c8e53 Move acegifier code from core. 2005-07-16 19:35:30 +00:00
Luke Taylor
ab065923d4 Correct doctype for generated web.xml files and add declaration to test file. 2005-07-09 23:32:08 +00:00
Luke Taylor
22a28f3b39 Separate InMemoryResource class for use in Acegifier web application. 2005-07-09 21:37:50 +00:00
Luke Taylor
f1656ee7fd Tidying: removed unused intermediate variable. 2005-07-08 21:10:26 +00:00
Luke Taylor
d13faf0815 Renaming and refactoring of web.xml converter. 2005-06-30 21:23:50 +00:00
Ben Alex
ef8281f534 HttpSessionContextIntegrationFilter elegantly handles IOExceptions and ServletExceptions within filter chain (see http://opensource.atlassian.com/projects/spring/browse/SEC-20). 2005-06-27 02:55:01 +00:00
Luke Taylor
25fa471779 First version of web.xml to acegi translator 2005-06-26 17:30:36 +00:00
Ben Alex
c0f1d4e19d Remove getters and setters from JdbcDaoImpl so IoC container cannot modify MappingSqlQuerys (thanks to David Durham for bug report). 2005-06-22 08:06:28 +00:00
Ben Alex
5f75e9bf9a Refactor Authentication.isAuthenticated() handling to be more performance (as per developer list discussion). 2005-06-22 06:30:46 +00:00
Ben Alex
e08e66dec6 Refactor SecurityContextHolder to return a SecurityContext instead of Authentication. 2005-05-08 23:42:14 +00:00
Ben Alex
6a9abe5d90 Remove ContextHolder and introduce SecurityContext. 2005-05-07 09:11:37 +00:00
Ray Krueger
47989c11bd HttpSessionEventPublisher now verifies that the ApplicationContext is not null 2005-05-02 20:31:18 +00:00
Ray Krueger
54ccbf5617 The SecurityEnforcementFilter was forced to catch Throwable by the FilterInvocation.invoke(...) method. Therefore it was wrapping the throwable in ServletException, which left it wrapping SevletException and IOException in ServletException. 2005-04-29 02:53:02 +00:00
Ray Krueger
2c23c75f91 SecureContextLoginModule as requested from list with Test 2005-04-27 04:47:41 +00:00
Ray Krueger
6f286e2054 AuthorityGranter.grant now returns a java.util.Set of role names, instead of a single role name 2005-04-27 03:39:06 +00:00
Luke Taylor
c29a5731be Moved credential expiry checking after password check. If the wrong password is presented, BadCredentialsException will now be thrown even if the password has expired. 2005-04-25 23:11:12 +00:00
Ben Alex
4e1649c2b7 Fix NullPointerException caused by unit tests. 2005-04-20 12:39:14 +00:00
Luke Taylor
ee32874308 Added X509 EhCache tests and fixed glaring bug in X509 EhCache implementation. 2005-04-17 22:18:01 +00:00
Ray Krueger
ec80ae22c1 Templated out event publishing. Added getApplicationContext(). Fixed javadoc formatting 2005-04-17 14:13:13 +00:00
Luke Taylor
3d4f8eed31 Refactoring to use Spring mock web classes. 2005-04-11 01:07:04 +00:00
Luke Taylor
d6f2b136ec Refactored to use Spring mock classes. 2005-04-09 23:37:18 +00:00
Luke Taylor
458a2c9e39 Refactored to use Spring mock classes. 2005-04-09 23:24:22 +00:00
Luke Taylor
021abb7369 Added check for "path parameters" to ensure the filterProcessesUrl matches rewritten URLs with a jsessionid included. Refactored property checking to use Spring Assert class. 2005-04-09 22:50:06 +00:00
Luke Taylor
eaa5feb5f8 Refactored to use Spring mock objects for HttpRequest etc. 2005-04-09 21:48:47 +00:00
Ray Krueger
9649003d57 AbstractProcessingFilter no longer uses a set*FailureUrl approach for every exception, it now uses a properties object that maps authenticationExceptions to failure urls 2005-03-28 17:42:21 +00:00
Ben Alex
798ebb1a3d Correct NullPointerException as fixture missing an ApplicationContext and attempting to publish an event. 2005-03-27 08:40:09 +00:00
Ray Krueger
10c1926385 Added the ConcurrentSessionViolationEvent that will be published by the ConcurrentSessionControllerImpl before throwing the ConcurrentSessionViolationException 2005-03-25 00:53:46 +00:00
Ben Alex
9f66c0eae9 Update to current Spring JAR dependencies. 2005-03-22 11:17:22 +00:00
Ben Alex
c936801842 DigestProcessingFilter now provides userCache getter and setter. 2005-03-21 08:03:11 +00:00
Ben Alex
0530351f0d Provide toString() method on User. 2005-03-21 05:33:51 +00:00
Ben Alex
a2b9da7e22 StringSplitUtils.split() ignored delimiter argument. 2005-03-21 05:14:48 +00:00
Ben Alex
6f31ecb04b UserDetails now indicates locked accounts. 2005-03-21 03:22:59 +00:00
Luke Taylor
918fc7c15a License header added. 2005-03-18 01:00:36 +00:00
Luke Taylor
2a6c68deb6 Entry point tests 2005-03-18 00:52:23 +00:00
Luke Taylor
8592e3bcbf Added tearDown method which resets the Context to null 2005-03-18 00:45:48 +00:00
Luke Taylor
04366d2b12 Corrected Javadoc 2005-03-18 00:33:30 +00:00
Ben Alex
748f427a80 Prove SecureContextImpl.equals works as we want it to, in light of HttpSessionContextIntegrationFilter's attempts to avoid unnecessary HttpSession creation. 2005-03-17 23:35:29 +00:00
Ben Alex
52c42a7a40 Corrected Authz parsing of whitespace in GrantedAuthoritys. Contributed by Francois Beausoleil. 2005-03-14 06:09:33 +00:00
Ray Krueger
632617f693 Test that the ConcurrentSessioncontrollerImpl implements ApplicationListener. This is critical and was left out once. 2005-03-13 22:35:17 +00:00
Ray Krueger
169449bf24 In response to: http://forum.springframework.org/viewtopic.php?t=3874 
JaasAuthenticationProvider now checks that the java.security.auth.login.config is null before attempting to use it.

Also, The loginConfig resource is attempted as a file first as spaces in the path name can cause FileNotFoundExceptions for URLs
 2005-03-13 22:26:56 +00:00