Luke Taylor
51dfc0fb39
Set versions to 3.0.2-CI-SNAPSHOT, post release.
2010-01-15 18:15:19 +00:00
Luke Taylor
05634f97dc
Updated version numbers for 3.0.1 release.
2010-01-15 18:04:28 +00:00
Luke Taylor
b323098167
Added gradle build files for taglibs, tutorial, contacts and openid.
...
Changed build file names to match module names (by manipulating the project objects in the settings.gradle file).
2010-01-10 23:31:23 +00:00
Luke Taylor
e211f9b35f
SEC-1349: Allow configuration of OpenID with parameters which should be transferred to the return_to URL.
...
The OpenIDAuthenticationFilter now has a returnToUrlParameters property (a Set). If this is set, the named parameters will be copied from the incoming submitted request to the return_to URL. If not set, it defaults to the "parameter" property of the AbstractRememberMeServices of the parent class. If remember-me is not in use, it defaults to the empty set.
Enabled remember-me in the OpenID sample.
2010-01-09 01:04:13 +00:00
Luke Taylor
052537c8b0
Removing $Id$ markers and stripping trailing whitespace from the codebase.
2010-01-08 21:05:13 +00:00
Luke Taylor
be72ed1350
Remove commented out beans from contacts sample app context.
...
These were left when the app was updated to use Spring MVC @Controller syntax and scanning.
2010-01-06 22:21:34 +00:00
Luke Taylor
893f212fa5
Tidying
2010-01-02 19:53:19 +00:00
Luke Taylor
115d5b84ff
[maven-release-plugin] prepare for next development iteration
2009-12-22 22:20:01 +00:00
Luke Taylor
6c6ef08353
[maven-release-plugin] prepare release spring-security-3.0.0.RELEASE
2009-12-22 22:19:38 +00:00
Luke Taylor
a7770a64d3
Update cas server version in runall.sh
2009-12-22 21:31:26 +00:00
Luke Taylor
aad7d01c84
Updated CAS server version for sample use to 3.3.5
2009-12-22 19:35:20 +00:00
Luke Taylor
fcce29f8df
SEC-1326: Updating dependencies to match Spring versions. Removing unused deps.
2009-12-21 17:32:38 +00:00
Luke Taylor
aeed49393c
Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting).
2009-12-18 18:44:42 +00:00
Luke Taylor
fac07ba8ff
Schema updates to Spring 3.0
2009-12-18 18:44:17 +00:00
Luke Taylor
85a58fd473
SEC-1331: Modify namespace to allow omission of user passwords in user-service element and generate random ones internally, preventing authentication against the data..
2009-12-18 15:39:13 +00:00
Luke Taylor
520e733cb2
[maven-release-plugin] prepare for next development iteration
2009-12-08 21:19:41 +00:00
Luke Taylor
f2cf17bd49
[maven-release-plugin] prepare release spring-security-3.0.0.RC2
2009-12-08 21:19:20 +00:00
Luke Taylor
94d185a6be
Updated slf4j version in ldap sample
2009-12-08 20:24:12 +00:00
Luke Taylor
5546698fef
SEC-1253: Decouple spring-security-config module from spring-security-web. Added ClassUtils.isPresent() check for FilterChainProxy before attempting to register web-related parsers and decorators. Added use of namespace to dms sample for testing.
2009-11-17 23:39:42 +00:00
Luke Taylor
4d8956a227
SEC-1288: Changed claimedIdentityFieldName in OpenIDAuthenticationFilter to "openid_identifier", as recommended by the 2.0 spec.
2009-11-17 22:05:38 +00:00
Luke Taylor
8f5c414b00
Improve cleanup in sample script
2009-10-17 13:00:24 +00:00
Luke Taylor
3f963ef8ca
Restore versions and svn URLs in trunk (release plugin fail)
2009-10-11 21:59:38 +00:00
Luke Taylor
af563e826c
[maven-release-plugin] prepare release spring-security-3.0.0.RC1
2009-10-11 21:43:42 +00:00
Luke Taylor
5f3ff97ce0
Disable aspectj sample
2009-10-11 21:39:14 +00:00
Luke Taylor
cf5e713812
Fixes to samples and improved test workout script
2009-10-10 23:50:33 +00:00
Luke Taylor
cb643f73de
Tidying up.
2009-10-07 21:08:57 +00:00
Luke Taylor
1286741c7c
SEC-1259: Improve consistency of authentication filter names.
2009-10-07 14:43:55 +00:00
Luke Taylor
1042305cfe
Renamed web.wrapper to web.servletapi. Added some package.html files.
2009-10-05 16:59:37 +00:00
Luke Taylor
7247902911
SEC-1229: Updated sample and itest namespace concurrency configs.
2009-09-29 16:18:01 +00:00
Luke Taylor
aa153681bf
SEC-1229: Added session-management element to namespace and refactored existing session-related attributes and concurrency control. Refactored <http> parsing code to split it up into more manageable units.
2009-09-29 00:29:09 +00:00
Luke Taylor
3f70d79df5
SEC-1022: Remove use of static methods/initializers in Acl Permissions. Converted PermissionFactory to a strategy which is used to convert integers and names to Permission instances.
2009-09-16 12:45:53 +00:00
Luke Taylor
731402e9f5
SEC-525: [PATCH] Add AccessCheckerTag based on URL resource access permissions. Added functionality to "authorize" tag to allow evaluation of whether a particual url is accessible to the user. Uses a WebInvocationPrivilegeEvaluator registered in the application context.
2009-09-16 00:23:13 +00:00
Luke Taylor
b531a81176
SEC-1246: Introduce EL-based authorization tag. Added optional access expression to authorize tag.
2009-09-15 16:34:05 +00:00
Luke Taylor
1d00b92d25
Removed portlet sample
2009-09-09 20:53:19 +00:00
Luke Taylor
aec730ae7e
SEC-1238: Disable portlet module
2009-09-09 20:03:00 +00:00
Luke Taylor
5bdfd8cd77
Tidying imports etc to remove compiler warnings.
2009-09-05 14:14:58 +00:00
Mike Wiesner
ed0686cacf
Upgraded to AspectJ 1.6.5 and fixes some maven plugin config bugs
2009-09-04 15:25:23 +00:00
Mike Wiesner
a1751aec2c
SEC-1232: Added the aspect library needed for <global-method-security mode="aspectj"/> and a small sample
2009-09-04 13:53:55 +00:00
Luke Taylor
0d7b990e0a
SEC-1184: Moved ACL cache classes and interface out of jdbc package.
2009-08-31 22:15:37 +00:00
Luke Taylor
092d7b5c2b
Fix CAS filter configuration.
2009-08-25 20:26:12 +00:00
Luke Taylor
5a8772df5b
Reset pom versions post release
2009-08-21 12:02:49 +00:00
Luke Taylor
0e5aa7008d
[maven-release-plugin] prepare release spring-security-3.0.0.M2
2009-08-20 15:51:26 +00:00
Luke Taylor
984b2835d6
Update CAS sample to use new namespace syntax for authentication providers.
2009-08-20 14:58:59 +00:00
Luke Taylor
48988bde84
SEC-935: Support for OpenID attribute exchange and changes to namespace syntax to allow simple configuration of attributes to request.
2009-08-13 23:55:25 +00:00
Luke Taylor
faa6be2011
SEC-935: Updated to OpenID4Java 0.9.5 release
2009-08-10 16:06:19 +00:00
Luke Taylor
5953af0f6b
SEC-1196: Change use of <authentication-manager> to actually register the global ProviderManager instance. This element now registers the global ProviderManager instance and must contain any authentication-provider elements (or ldap-authentication-provider elements).
2009-08-03 00:21:11 +00:00
Luke Taylor
0a37aed4b9
SEC-1207. Fixed class name in jsp
2009-07-22 16:37:22 +00:00
Luke Taylor
1afa67c954
SEC-1195: Added internal AuthenticationManager for use by beans which are generated by the <http> block.
2009-07-15 23:09:47 +00:00
Luke Taylor
853b4c8753
SEC-1186: Make sure an Element is always supplied when registering the AuthenticationManager. Fixes broken tests.
2009-06-28 13:36:54 +00:00
Luke Taylor
408e982b96
Minor JSP classname fixes etc in samples
2009-06-18 13:28:44 +00:00
Luke Taylor
5808da12ff
SEC-1094: Simplified WebXml attribute mapping. Removed generic jaxen-based implementation on which it was based in favour of simple DOM model traversal. Updated sample.
2009-06-08 15:23:41 +00:00
Luke Taylor
0134a5646d
Changed to use expressions in commented-out XML instead of outdated syntax.
2009-05-31 21:26:52 +00:00
Luke Taylor
131ba5c62e
Reset poms to 3.0.0.CI-SNAPSHOT after tagging M1 release
2009-05-27 00:12:30 +00:00
Luke Taylor
e2c218e8c9
[maven-release-plugin] prepare release spring-security-3.0.0.M1
2009-05-26 23:44:11 +00:00
Luke Taylor
f976080d1d
Fixes to sample app context files
2009-05-26 22:15:05 +00:00
Luke Taylor
1788dfdba0
Removed duplicate logging from cas sample
2009-05-26 22:14:34 +00:00
Luke Taylor
45c54c558c
Updated build to use maven.springframework.org deps
2009-05-13 06:16:05 +00:00
Luke Taylor
a8215fa2cb
SEC-1160: Renaming of authentication filters and entry points and associated doc changes
2009-05-12 05:37:11 +00:00
Luke Taylor
4bad213b19
SEC-1132: Moved remaining preauth code from core to web
2009-05-12 00:11:06 +00:00
Luke Taylor
1a69a4d45a
SEC-1132: Restructuring of ACL packages
2009-05-11 05:37:36 +00:00
Luke Taylor
14c4739605
SEC-1158: Decoupling of Pre/Post annotations implementation from Spring EL.
2009-05-11 05:18:20 +00:00
Luke Taylor
29fafbbf18
Misc tidying up of old files and refactoring of tests
2009-05-05 13:29:59 +00:00
Luke Taylor
331a04c07c
Some changes to make it easier to run the sample with the database driver as part of the jetty plugin configuration, preventing classloader leaks.
2009-05-05 03:21:07 +00:00
Luke Taylor
6d655aa514
SEC-1132: More refactoring to remove cycles ad reduce complexity metrics
2009-05-04 14:24:54 +00:00
Luke Taylor
e1bc1819da
SEC-1150: Update Contacts sample to use modernized Spring MVC controllers
2009-05-04 09:22:31 +00:00
Luke Taylor
e94baf38b3
Tidying up to remove warnings (generics, use of deprecated test classes etc).
2009-04-28 06:49:43 +00:00
Luke Taylor
21e36e0a57
Updated version number from 2.5.0-SNPSHOT to 3.0.0.CI-SNAPSHOT
2009-04-22 12:55:52 +00:00
Luke Taylor
13af4b95a2
Sample package name updates
2009-04-18 06:04:56 +00:00
Luke Taylor
ace6d225b4
SEC-1131: Correct portlet API version (again).
2009-04-17 05:26:14 +00:00
Luke Taylor
446bcb9b1d
SEC-1131: Correct portlet API version.
2009-04-17 04:56:59 +00:00
Luke Taylor
101203b44d
SEC-1132: Updates to samples to reflect ACL refactoring.
2009-04-15 10:07:23 +00:00
Luke Taylor
93bdcccaee
SEC-1132: Moved userdetails into core and added core/authority sub-package
2009-04-15 07:39:21 +00:00
Luke Taylor
c770998d92
SEC-1132: Move authoritymapping to core as it is actually used in loading authorities for a use, not in making access decisions.
2009-04-14 04:22:57 +00:00
Luke Taylor
ca7d055c2b
SEC-1132: Created core and authentication packages within core module.
2009-04-13 13:43:23 +00:00
Luke Taylor
9efb5a7007
SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet
2009-04-12 12:23:23 +00:00
Luke Taylor
7c4d54f356
SEC-1131: Applied patch for portlet upgrade
2009-04-12 05:52:20 +00:00
Luke Taylor
f746a20ab4
SEC-1132: package refactoring of non-core modules
2009-03-27 05:01:03 +00:00
Luke Taylor
bec84f874a
SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples.
2009-03-26 07:18:36 +00:00
Luke Taylor
2a9a8a41db
SEC-1125: Created separate web module spring-security-web
2009-03-25 06:28:18 +00:00
Luke Taylor
2c985a1c36
SEC-1126: separated out spring-security-config module containing namespace configuration classes and resources
2009-03-23 04:23:48 +00:00
Luke Taylor
4aff4b2350
SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring
2009-03-20 04:32:06 +00:00
Luke Taylor
4aae5ec42e
SEC-1124: Refactored LDAP code into separate module
2009-03-19 06:30:32 +00:00
Luke Taylor
591681c180
Upgrade to Spring M2 and correct expression classes and pom files to match changes
2009-03-19 01:17:16 +00:00
Luke Taylor
ef3ea65fdb
Switching back to 2.5.0-SNAPSHOT after tagging M1 release
2009-01-03 07:42:19 +00:00
Luke Taylor
fc5f50501e
[maven-release-plugin] prepare release 2.5.0.M1
2009-01-03 07:08:25 +00:00
Luke Taylor
4eb4d08825
Added -o to mven:jetty-run in runall.sh to speed up script
2009-01-03 06:45:41 +00:00
Luke Taylor
d6ee9a9a93
Commented out hessian and burlap remoting beans to avoid missing class exceptions on startup
2009-01-03 05:51:45 +00:00
Luke Taylor
0ead104b86
Update CAS server information to latest version
2009-01-03 05:20:22 +00:00
Luke Taylor
65a78ce4a4
SEC-745: updated cas sample filter bean configuration
2008-12-29 01:33:27 +00:00
Luke Taylor
4a41416c9b
Tidying up and removing compiler warnings.
2008-12-21 16:36:16 +00:00
Luke Taylor
0d7002e322
SEC-1012: Extra fixes to dependent modules following changes to Acl APIs.
2008-12-21 02:06:55 +00:00
Luke Taylor
cc5966bc7e
Tidying up, removing compiler warnings etc.
2008-12-20 00:16:49 +00:00
Luke Taylor
8154161ef5
SEC-1035: Updated build to use Spring 3.0.0.M1 Release
2008-12-18 02:37:00 +00:00
Luke Taylor
7fa9a959b5
Added webAppRootKey context-param to samples to prevent conflicts when run together in Tomcat.
2008-12-16 21:13:03 +00:00
Luke Taylor
681f1ee00c
Fix duplicate logging.
2008-12-16 19:07:31 +00:00
Luke Taylor
2927b8464f
SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException.
2008-12-14 22:20:21 +00:00
Luke Taylor
df771038b4
SEC-1051: Fixed class names in dms sample app context.
2008-12-12 17:43:09 +00:00
Luke Taylor
6ccdcec629
SEC-1033: Added web expressions to tutorial sample configuration.
2008-12-08 21:56:44 +00:00
Luke Taylor
bc6878c1c5
SEC-1044: Removed remember-me functionality from http auto-config namespace configuration. Added explicit <remember-me> elements to contacts and tutorial sample configurations.
2008-12-05 16:36:43 +00:00
Luke Taylor
3cbad3ebd7
Corrected comment.
2008-12-05 16:04:22 +00:00
Luke Taylor
781b09e889
SEC-1036: Updated ldap sample pom
2008-11-29 14:16:08 +00:00
Ben Alex
7e562031cc
Better demonstrate the new EL-based "overdraft" authorization rules.
2008-11-19 09:32:04 +00:00
Luke Taylor
f3b3004085
Removed references to Acegi in contacts sample home page
2008-11-15 06:28:01 +00:00
Luke Taylor
78065ba47c
Fixed up contacts sample: removed casfailed page, corrected debug.jsp errors and fixed incorrect bean reference in context files.
2008-11-15 03:38:49 +00:00
Luke Taylor
3261fcb174
Tidying stuff
2008-11-14 07:16:30 +00:00
Luke Taylor
464da0f0df
SEC-999: Refactored namespace to take an expression handler instead of a permission evaluator, allowig fo greater cusomtomization and for a single handler to be used in both web and method security expressions.
2008-11-13 07:41:21 +00:00
Luke Taylor
e5b1073501
SEC-1012: Added more generics and warning suppression
2008-11-11 09:06:50 +00:00
Luke Taylor
7731a3df57
Typo.
2008-11-11 03:41:50 +00:00
Luke Taylor
e11114ce77
SEC-1023: Add hasPermission() support to SecurityExpressionRoot
...
http://jira.springframework.org/browse/SEC-1023 .
hasPermission() now delegates to a PermissionEvaluator interface, with a default implementation provided by the Acl module. The contacts sample now uses expressions on the ContactManager interface. The permission-evaluator element on global-method-security can be used to set the instance to an AclPermissionEvaluator. If not set, all hasPermission() expressions will evaluate to 'false'.
2008-11-10 04:27:25 +00:00
Luke Taylor
d6cd392a9e
Tidying up some stuff in tutorial app
2008-11-07 06:55:00 +00:00
Luke Taylor
d6bb6ccbf5
Removed .cvsignore files
2008-11-06 01:11:08 +00:00
Luke Taylor
a7d046357b
SEC-1013: Refactored out use of ConfigAttributeDefinition from remaining interfaces
2008-10-30 04:10:54 +00:00
Luke Taylor
4aa32f7d06
SEC-999: First commit of expression-based authorization implementation
2008-10-24 00:38:36 +00:00
Luke Taylor
6c8a82fa13
Updated poms to Spring 2.5 and fixed up sandbox to work with latest build
2008-10-15 05:52:40 +00:00
Luke Taylor
a62eae4587
Script for running all the sample apps
2008-10-15 05:49:31 +00:00
Luke Taylor
7cc0965383
SEC-1001: Move core tiger code into core and adjust pom files
2008-10-03 15:23:31 +00:00
Luke Taylor
5b9bb8ba54
[maven-release-plugin] prepare for next development iteration
2008-09-05 19:04:22 +00:00
Luke Taylor
73eed2656d
[maven-release-plugin] prepare release spring-security-parent-2.0.4
2008-09-05 18:57:43 +00:00
Luke Taylor
6e06789a28
SEC-937: Added CAS logout filter to sample application
2008-07-28 10:53:55 +00:00
Luke Taylor
d9634bcb39
SEC-920: Update preauth sample to make use of internal authentication manager
...
http://jira.springframework.org/browse/SEC-920 . Updated context file to use <custom-authentication-provider>.
2008-07-11 10:56:57 +00:00
Luke Taylor
6ff0b969d5
Corrected ldap sample config (traditional bean version was wrong)
2008-06-23 23:43:48 +00:00
Luke Taylor
775a6c3939
[maven-release-plugin] prepare for next development iteration
2008-06-23 14:10:35 +00:00
Luke Taylor
87d50aecce
[maven-release-plugin] prepare release spring-security-parent-2.0.3
2008-06-23 14:05:36 +00:00
Luke Taylor
57558de3ec
Added error page URL to openid login sample
2008-06-23 13:18:35 +00:00
Luke Taylor
5ec06778f5
removed optional scope from jaxen dependecy in preauth sample as it breaks war file
2008-06-23 13:00:03 +00:00
Scott Battaglia
5b089aea16
SEC-852
...
provided mechanism to do get a proxy ticket
2008-06-18 17:34:14 +00:00
Ben Alex
de897ad1ac
SEC-867: Remove superfluous <property /> entry.
2008-06-05 22:51:47 +00:00
Luke Taylor
ff785a829f
[maven-release-plugin] prepare for next development iteration
2008-06-03 16:07:20 +00:00
Luke Taylor
db1d8604a6
[maven-release-plugin] prepare release spring-security-parent-2.0.2
2008-06-03 16:05:40 +00:00
Luke Taylor
d784d854cd
Corrected log file name.
2008-06-03 14:57:40 +00:00
Luke Taylor
cf4072c517
Context file improvements (based on sts suggestions)
2008-05-25 20:57:07 +00:00
Luke Taylor
859e99edf4
SEC-851: Fix port number in LDAP sample.
2008-05-23 21:24:48 +00:00
Luke Taylor
4f6b4e4bfd
Make sample login pages use c:out for data output
2008-05-15 12:48:13 +00:00
Luke Taylor
d4defb10fe
SEC-833: Fixed login-failure-url in contacts sample app.
2008-05-14 22:41:13 +00:00
Luke Taylor
5cf0c84e2f
SEC-814: Added standard bean config to ldap example and updated doc to provide some pointers to DefaultLdapAuthoritiesPopulator
2008-05-06 14:50:14 +00:00
Luke Taylor
a599ef5398
[maven-release-plugin] prepare for next development iteration
2008-05-01 20:09:03 +00:00
Luke Taylor
3e808335a4
[maven-release-plugin] prepare release spring-security-parent-2.0.1
2008-05-01 20:07:46 +00:00
Luke Taylor
18a9965b80
Moved dummy file out of default package for easy exclusion from javadoc
2008-05-01 19:45:36 +00:00
Luke Taylor
fc498954c6
Updated sample context files to point at 2.0.1 schema
2008-05-01 17:51:48 +00:00
Luke Taylor
014f21ee85
Deleted attributes sample
2008-05-01 17:50:47 +00:00
Luke Taylor
882509fb2a
Renamed context file
2008-04-24 00:27:37 +00:00
Luke Taylor
eba18675fc
Removed old acegi file from tutorial sample as it's causing confusion with users.
2008-04-23 21:08:41 +00:00
Luke Taylor
80cd7f4acc
Removed accidental commit of tutorial context file
2008-04-23 13:13:56 +00:00
Luke Taylor
0cf745b85f
Updated clean plugin to 2.2
2008-04-22 21:59:40 +00:00
Luke Taylor
1663142cf1
SEC-784: removed 'optional' tag on dependencies
2008-04-19 12:40:17 +00:00
Ben Alex
b5dc523041
[maven-release-plugin] prepare for next development iteration
2008-04-14 07:06:44 +00:00
Ben Alex
0c42670431
[maven-release-plugin] prepare release spring-security-parent-2.0.0
2008-04-14 07:05:46 +00:00
Luke Taylor
8f52c6a79c
Corrected name in cas samples pom
2008-04-13 21:26:43 +00:00
Luke Taylor
da72a7dc00
Forgot to add cas samples parent pom
2008-04-13 00:25:11 +00:00
Luke Taylor
0422cb1f8f
Fixed artifact groups for aspectjrt and added cas sample to project build
2008-04-13 00:08:18 +00:00