Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-08 03:32:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,597 Commits 38 Branches 348 Tags
Commit Graph

2949 Commits

Author SHA1 Message Date
Luke Taylor
a38ed3cfde Added check for multiple RememberMeServices beans. 2007-12-23 00:18:14 +00:00
Luke Taylor
debfbe47cf Improvements to LDAP namespace configuration - splitting "ldap" element into ldap-server and ldap-authentication-provider. Also some minor changes to authentication-provider. 2007-12-23 00:17:37 +00:00
Luke Taylor
cf80292de3 Changes to namespace reinstating authentication-provider element in preference to "repository" to wrap convey that a user-service will be used as to authenticate against. Also introduced separate password-encoder element for use within authentication-provider. 2007-12-21 15:50:56 +00:00
Luke Taylor
70286f1197 Fixed problem caused by maven-2.0.8 change in test classpath. ldif file wasn't being loaded for tests. Default path should be "classpath*:" not "classpath:". (See discussing in Spring's PathMatchingResourcePatternResolver). 2007-12-20 20:53:26 +00:00
Luke Taylor
6e74d925fb Boosted logging to try to resolve issues on bamboo server. 2007-12-20 19:45:43 +00:00
Luke Taylor
78e376312a Added logging of working directory location. 2007-12-20 18:29:05 +00:00
Luke Taylor
85b10f79c2 Made servlet-api integration into an attribute of http, rather than a child element since it has no configuration. 2007-12-20 17:51:27 +00:00
Luke Taylor
31c09896ea Fixed problem with relative name being used in (member={0}) search in DefaultAuthoritiesPopulator. 2007-12-14 20:41:00 +00:00
Luke Taylor
1a171ea316 SEC-595: Introduced loadUserAuthorities method. This can be overridden to allow loading of authorities with the authenticated user's credentials (by setting the security context). The Ldap ContextSource used in the authorities populator would also be configured with a SpringSecurityAuthentcationSource, to make use of the information in the security context. 2007-12-14 14:13:39 +00:00
Ben Alex
fa510b3187 Modify attribute names to use "ref" instead of "id", plus use a hyphen 
as an attribute value separator rather than a colon. This was changed 
for compatibility with other components in the Spring Portfolio. tests 
pass.
 2007-12-13 20:19:56 +00:00
Luke Taylor
0f12d31d90 Corrected code for choosing entry point in namespace configuration. 2007-12-12 19:44:54 +00:00
Ben Alex
9728f48adf Convert to using AopNamespaceUtils, to avoid potentially creating 
duplicate DefaultAdvisorAutoProxyCreator bean instances.
 2007-12-11 18:46:20 +00:00
Luke Taylor
82cfa722be Upgrade Spring-LDAP to 1.2.1 version. 2007-12-11 18:08:44 +00:00
Luke Taylor
ca996de2dc Added tests for SpringSecurityAuthenticationSource. 2007-12-10 23:37:08 +00:00
Luke Taylor
894c90dadd Moved AbstractAuthenticationManagerTests into ProviderManager as tested methods have already been moved there (maven wasn't running Abstract* tests but they were actually failing). 2007-12-10 23:36:27 +00:00
Luke Taylor
32038d8b92 Tidying. 2007-12-10 19:14:17 +00:00
Luke Taylor
47dec4e597 Make getters in AbstractRememberMeServices protected rather than public 2007-12-10 16:00:49 +00:00
Luke Taylor
ee31305fd5 Deprecated InitialDirContextFactory 2007-12-10 15:29:26 +00:00
Luke Taylor
5382627d4a Added property to LdapAuthenticationProvider to allow the credentials to be set either using the submitted password (the default) or the credentials from the loaded UserDetails object (which may be null if the attribute isn't readable). 2007-12-09 23:46:28 +00:00
Luke Taylor
78529f6d28 SEC-620: AuthenticationSource implementation. 2007-12-09 23:44:15 +00:00
Luke Taylor
5e0cb21c8d SEC-619: Added test class for LdapUserDetailsService. The LdapAuthoritiesPopulator interface and also implementations have been moved to the org.springframework.security.ldap package since they are now used by both the ldap provider and the user service. 2007-12-09 18:40:28 +00:00
Ben Alex
4770c29094 Use hyphens in attribute names, and not Camel Case. This is to maintain 
consistency with the rest of Spring Portfolio. Camel Case was preserved 
for attribute values, consistent with Spring Portfolio usage such as 
autowiring modes (byName, byType etc).
 2007-12-09 03:42:20 +00:00
Luke Taylor
6ad176ce1a Tidying. 2007-12-07 17:00:40 +00:00
Luke Taylor
4984024314 SEC-618: Moved copyDetails method down to ProviderManager so that it can be called prior to checking if authentication is allowed by ConcurrentSessionController. 2007-12-07 16:26:50 +00:00
Luke Taylor
b12a4939df SEC-619: LdapUserDetailsService implementation. 2007-12-07 13:16:44 +00:00
Luke Taylor
a569ff01e2 Tidying. 2007-12-07 12:32:54 +00:00
Luke Taylor
382dc50f3c SEC-299: Change ConcurrentSessionFilter to delegate to an array of LogoutHandlers rather than invalidating an expired session directly. 2007-12-06 17:39:04 +00:00
Luke Taylor
cb980f12d5 Tidying. 2007-12-06 17:26:04 +00:00
Luke Taylor
628227f5e7 Corrected out of date comment (constructor doesn't create a session). Removed unnecessary default constructor. 2007-12-06 16:53:35 +00:00
Luke Taylor
4b8455c831 Tidying comments. 2007-12-06 16:40:16 +00:00
Luke Taylor
4c6e41af7d Tidying comments. 2007-12-06 16:33:59 +00:00
Ben Alex
c66a3ba323 @deprecate FilterToBeanProxy in favour of the simpler and Spring Core provided DelegatingFilterProxy. 2007-12-06 09:43:43 +00:00
Luke Taylor
ab23fe56ad Added log msg for loading of ldif files. 2007-12-06 00:14:25 +00:00
Luke Taylor
a1abcc39d2 SEC-513: Minor work on LDAP UserDetailsManager implementation. 2007-12-06 00:13:42 +00:00
Luke Taylor
e3432c2407 Some changes suggested by Spring LDAP guys to improve template usage. 2007-12-06 00:13:00 +00:00
Luke Taylor
4d133be0d0 Tidying. 2007-12-06 00:12:24 +00:00
Luke Taylor
3ddcc203bf LdapUserDetailsMapper now throws UnsupportedOperationException for mapUserToContext method as only subclasses of this which implement actual LDAP object classes should be used for writing to a directory. 2007-12-06 00:12:06 +00:00
Luke Taylor
22052115b6 SEC-617: Make LDAPAuthenticationProvider a standalone class. 2007-12-05 14:39:46 +00:00
Ben Alex
88ab9671c6 Correct attribute name. 2007-12-04 14:24:53 +00:00
Ben Alex
9b6c798a52 SEC-496: <annotation-driven> element. 2007-12-04 14:14:17 +00:00
Ben Alex
949205b369 Correction of equals(Object) and hashCode() methods. 2007-12-04 12:44:40 +00:00
Ben Alex
85085abf9e Add namespace support for Servlet API integration. 2007-12-04 12:23:41 +00:00
Ben Alex
8c3cc5c67b Add hash code support. 2007-12-04 11:21:39 +00:00
Ben Alex
8e7c540b16 General refactorings and improvements to namespace support, including 
autoDetect="true" attribute for <http> element.
 2007-12-04 10:35:08 +00:00
Ben Alex
2441ab6d9a Move "realm" attribute to be on <http> element rather than <http-basic>. 
This faciltiates reuse with other mechanisms (like Digest) whilst also 
moving towards the <http-auto-configure> element (which benefits from 
having shared configuration in <http> as opposed to mechanism-specific 
elements).
 2007-12-04 08:02:40 +00:00
Ben Alex
d9ec944579 Refactor strings to static fields. To facilitate unit testing, package 
protected visibility was adopted for all element names, attribute names, 
and attribute default values. A public access modifier was used for all 
bean IDs assigned to bean definitions created by the 
BeanDefinitionParsers.
 2007-12-04 07:12:08 +00:00
Ben Alex
4e55bd0117 Make extend Spring Security's exception, for consistency with all other Spring Security exceptions. 2007-12-04 06:58:43 +00:00
Ben Alex
9b4bb0ffd8 <repository> element and JdbcUserDetailsManager support. 2007-12-04 05:58:54 +00:00
Ben Alex
5f98ee6817 <repository> element and JdbcUserDetailsManager support. 2007-12-04 05:54:58 +00:00
Ben Alex
0b0b174eda Support <repository> and JbcUserDetailsManager. 2007-12-04 05:27:17 +00:00