Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,452 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

757 Commits

Author SHA1 Message Date
Ben Alex 719d3af879 SVN updates. 2006-04-25 00:22:00 +00:00
Luke Taylor 4d9f99acc4 Added getter for authoritiesPopulator. Fix for SEC-227. 2006-04-18 23:44:07 +00:00
Luke Taylor 596882804f First commit of LdapTemplate class, a la Spring JdbcTemplate, as suggested by Ben to simplify Ldap connection handling etc. 2006-04-18 22:34:04 +00:00
Luke Taylor 3d51c46575 Added license header. 2006-04-18 22:27:17 +00:00
Luke Taylor f61a58d98b Added a couple more tests. 2006-04-16 21:18:12 +00:00
Luke Taylor 7a0a87a167 Added support for LDAP SSHA (salted SHA) encoded passwords. 2006-04-16 21:12:39 +00:00
Luke Taylor c6dd545de0 Javadoc change. 2006-04-16 17:11:44 +00:00
Luke Taylor e5bef3f31b Added doc for @throws 2006-04-16 17:11:06 +00:00
Luke Taylor 9c8a4c2f74 Fix for SEC-237. Make LDAP Provider reject empty username. 2006-04-16 16:41:08 +00:00
Luke Taylor 743cc9fec7 Fix for SEC-215. Check for empty nameInNameSpace before appending. 2006-04-16 16:11:02 +00:00
Luke Taylor d5885baf6b Added some comments. 2006-04-16 16:00:32 +00:00
Luke Taylor 3f06c51379 Fix for SEC-225. Allow empty search base in authorities populator. 2006-04-16 15:37:48 +00:00
Luke Taylor 48716af20a Removed unnecessary package names left over from refactoring. 2006-04-16 15:25:33 +00:00
Luke Taylor 072a4c3d18 Fix for SEC-226. Added ability to set derefLinkFlag property. 2006-04-16 15:15:55 +00:00
Luke Taylor 267c846e12 Sort out LDAP tests to match up with moved production classes. 2006-04-16 14:31:13 +00:00
Luke Taylor bf4fca9126 Move non security-specific LDAP classes to org.acegisecurity.ldap package 2006-04-16 14:26:46 +00:00
Luke Taylor 7c69668589 Deprecated, pending deletion. 2006-04-16 14:12:23 +00:00
Luke Taylor bbd250e442 Modified to use classes from org.acegisecurity.ldap package 2006-04-16 14:05:28 +00:00
Luke Taylor 7f24e209a6 Move non security-specific LDAP classes to org.acegisecurity.ldap package 2006-04-16 13:56:36 +00:00
Luke Taylor 0c1ab7f98c Corrected a couple of Javadoc typos. 2006-04-15 12:32:50 +00:00
Scott Battaglia 9a8fdcd269 SEC-196 
updated references to Yale CAS to JA-SIG CAS
 2006-03-28 15:41:20 +00:00
Scott Battaglia b0d4cbceac updated javadoc to reflect proper value of getPrincipal 2006-03-28 14:05:57 +00:00
Scott Battaglia 3d0f746719 SEC-224 
updated CasAuthenticationToken to be consistant with approach taken by other providers with regards to authentication.getPrincipal()
 2006-03-14 16:15:51 +00:00
Ben Alex 51f1b33af9 SEC-209: Make eventPublisher protected. 2006-03-07 13:04:12 +00:00
Luke Taylor 7e7920ce00 Fix for SEC-202. Intialize manager password to default "manager_password_not_set". 2006-02-28 17:47:55 +00:00
Scott Battaglia 5607da8d67 updated references from Yale CAS to JA-SIG CAS 2006-02-27 13:52:41 +00:00
Luke Taylor 6abceb7ab0 Additional changes related to SEC-192 (avoiding session creation when creating WebAuthenticationDetails). Also fixed Jalopy chaos in SwitchUserProcessingFilter. 2006-02-20 00:37:39 +00:00
Luke Taylor 52a212e609 Removed "== true" in boolean. 2006-02-20 00:27:36 +00:00
Luke Taylor 5475ab0575 Modify AbstractAuthenticationManager to transfer the details object from authentication request to the resulting authentication token, provided it has not already been set on the latter by an authentication provider. 2006-02-19 23:50:21 +00:00
Luke Taylor c88b9093c0 Remove unnecessary check for null. 2006-02-19 22:35:37 +00:00
Luke Taylor ee41d24447 Javadoc correction. 2006-02-19 22:23:04 +00:00
Luke Taylor e12c8310eb Remove unnecessary default constructors which throw IllegalArgumentException. Favours compile time over runtime errors. 2006-02-16 16:44:35 +00:00
Luke Taylor 4b4d4d3332 Added some uses of Spring Assert class and removed one to prevent unnecessary StringBuffer creation. 2006-02-16 01:11:31 +00:00
Luke Taylor 84ccd89061 More readable javadoc. 2006-02-15 19:06:04 +00:00
Luke Taylor cd7efaf567 Fix for SEC-189. Added getter for initialDirContextFactory. 2006-02-13 16:20:42 +00:00
Luke Taylor 6c29a6d17e Added test for immutability of authorities array. Refactored standard authorities array into an instance field. 2006-02-13 16:16:43 +00:00
Ben Alex 2ab5af0a69 SEC-188: Fix JavaDocs. 2006-02-12 06:29:53 +00:00
Ben Alex a28a932598 SEC-183: Minimise session creation as a consequence of SEC-168 and SEC-182 changes. 2006-02-09 23:04:29 +00:00
Ben Alex 0282696202 SEC-182: Remember-me compatibility with concurrent session support. 2006-02-09 10:32:49 +00:00
Ben Alex b1dd784dee SEC-180: BasicProcessingFilter should configurably ignore authentication failures. 2006-02-09 06:41:31 +00:00
Ben Alex e63b2ec9e6 Cleanup unused imports. 2006-02-09 06:00:25 +00:00
Ben Alex 96196bd637 SEC-179: Upgrade to Spring 2.0-M2. 2006-02-09 05:36:06 +00:00
Ben Alex ae29498f75 SEC-158: X509 to support Authentication.isAuthenticated() as per usual contract. 2006-02-09 04:25:07 +00:00
Ben Alex 79287999dc SEC-178: Refactor AbstractAuthenticationToken. 2006-02-09 04:16:50 +00:00
Ben Alex 74de83e5f1 SEC-177: Add hashCode() method. 2006-02-09 03:45:47 +00:00
Ben Alex c9cee6651c SEC-176: Add hashCode() method. 2006-02-09 03:36:47 +00:00
Ben Alex ac457021b8 Inheritance doesn't seem to work, so added the groupId manually. 2006-02-09 03:13:58 +00:00
Ben Alex 77be0009ad Correct equals(Object) method handling if both objects have null getDetails(). 2006-02-09 02:54:40 +00:00
Ben Alex 78df09db8a SEC-175: Add equals(Object) method. 2006-02-09 02:53:27 +00:00
Luke Taylor dc959b1847 Fix for SEC-159. Added clearContext() method to SecurityContextHolder and refactored code to use it instead of putting an empty context into the holder. 2006-02-08 23:27:46 +00:00
Ben Alex 8c0ce12332 SEC-169: Add SessionRegistry.getAllPrincipals() method. 2006-02-08 05:22:48 +00:00
Ben Alex 3a01e48b17 SEC-174: Correct IE6 bug with AuthenticationProcessingFilterEntryPoint. 2006-02-08 04:58:50 +00:00
Ben Alex 9d213f46a4 SEC-168: Prevent errors with concurrent session support. 2006-02-08 04:42:03 +00:00
Ben Alex 1fa6ac0975 SEC-164: Copy Authentication.getDetails() to returned Authentication object. 2006-02-08 02:19:43 +00:00
Luke Taylor 2daea069f9 Refactoring of BindAuthenticator to allow an extended version which uses ppolicy controls. Added no-cause constructor in LdapDataAccessException for use in data parsing errors. 2006-02-08 02:17:44 +00:00
Ben Alex ca1bf5cc21 SEC-170: AbstractAclVoter to support JoinPoint. 2006-02-08 02:06:55 +00:00
Luke Taylor eb7964f6e5 Clean imports. 2006-02-08 01:54:03 +00:00
Luke Taylor fe88d6ec17 SEC-134 fix. Authorities array is now copied on access. Also refactored token classes to move authorities to the base class. 2006-02-08 01:24:38 +00:00
Luke Taylor 842ad929a4 Change search object to use constructor injection (SEC-165) . 2006-02-03 19:53:08 +00:00
Luke Taylor 436fcde10b Change apacheds to version 0.9.4-SNAPSHOT, add slf4j-log4j12 dep 2006-02-02 19:58:46 +00:00
Carlos Sanchez 3036b5d46b Spring mock is required for compilation 2006-02-01 19:16:46 +00:00
Ben Alex 9771b7817a SEC-144: Separate SecurityEnforcementFilter from FilterSecurityInterceptor. 2006-01-28 22:54:23 +00:00
Ben Alex fa4c2a6ade Correct bug with SEC-120 location of where filter chain proceeds. 2006-01-28 22:52:17 +00:00
Ben Alex 823f93fe3b SEC-163: Fix ClassCastException bug in MethodInvocationUtils, and add test to prove correct functionality. 2006-01-28 21:33:35 +00:00
Ben Alex ce907f2ddc SEC-153: Improve toString() method. 2006-01-28 01:30:46 +00:00
Ben Alex 484b0e3a51 SEC-126: Initial commit of WebInvocationPrivilegeEvaluator feature. 2006-01-28 01:26:58 +00:00
Ben Alex 0c89822c56 SEC-162: Properly handle null Authentication. 2006-01-28 01:24:52 +00:00
Ben Alex c8c7c24822 SEC-120: Remember-me to delegate to AuthenticationManager so authentication-specific behaviour (such as concurrent user management) can be applied. 2006-01-28 01:22:36 +00:00
Luke Taylor 9062b4c352 Improved solution to 1.4-compatible IllegalArgumentException with "cause" exception (as suggested on dev list). 2006-01-27 18:53:37 +00:00
Luke Taylor fbe5957c23 Add support for ldaps:// urls. (Fix for SEC-146). 2006-01-27 18:28:13 +00:00
Ben Alex 82be52cea0 SEC-123: Remove exception from no-arg constructor. 2006-01-27 05:26:46 +00:00
Ben Alex ea182f73fe SEC-145: Include nested exception. 2006-01-27 05:17:13 +00:00
Ben Alex 2459858f48 SEC-132: Refactor out getSessionId() to interface, so different Authentication.getDetails() implementations can be used. 2006-01-27 05:10:30 +00:00
Ben Alex 07ed2ca2f0 Initial commit. 2006-01-27 05:09:57 +00:00
Ben Alex ab223b8423 SEC-156: Use getName() instead of toString() as getName() is always the username whereas toString() contains extra information if the Authentication.getPrincipal() has been converted to a UserDetails. 2006-01-27 04:52:46 +00:00
Ben Alex 8f6275ab3e SEC-155: BasicaclEntryCache to provide "remove from cache" support. 2006-01-27 04:42:39 +00:00
Ben Alex 449e395181 Reformat code. 2006-01-27 04:42:15 +00:00
Ben Alex e675c89e28 Remove unused imports. 2006-01-27 04:41:32 +00:00
Ben Alex 5e258cc201 SEC-161: Truncate everything after ? in URL. 2006-01-27 03:30:01 +00:00
Ben Alex 49a917b08d Remove extra dependency on Commons Lang. This dependency is only required by the domain subproject, not the core security project. 2006-01-27 03:18:34 +00:00
Luke Taylor 13a0784736 Replaced use of Java 1.5 IllegalArgumentException constructor. 2006-01-27 01:20:15 +00:00
Luke Taylor 2b0a65983d Removed unused logger. 2006-01-26 20:48:49 +00:00
Luke Taylor f9e043d43a added commons lang dependency 2006-01-26 20:02:26 +00:00
Luke Taylor 17b3424b85 Javadoc typos. 2006-01-26 14:55:13 +00:00
Ben Alex 4024f124b9 SEC-154: Support Hibernate/CGLIB modified domain objects. 2006-01-26 10:27:32 +00:00
Ben Alex a7ebe51fc8 SEC-135: Additional logging of votes in BasicAclEntryVoter. 2006-01-26 10:04:36 +00:00
Ben Alex f4c1b81a9c SEC-150: Expand exception message. 2006-01-26 10:00:59 +00:00
Ben Alex 37802e3748 SEC-138: Make exception output to Commons Logging, not system console. 2006-01-26 09:36:48 +00:00
Ben Alex 10541fc9db SEC-137: Correct stack overflow with MethodInvocation.createFromClass(Class, Method). 2006-01-26 09:28:30 +00:00
Ben Alex e5c538d1a5 SEC-125: Provide hashCode() method for AbstractAuthenticationToken. 2006-01-26 09:23:03 +00:00
Luke Taylor 63682a9c5d Javadoc typos. 2006-01-25 17:04:58 +00:00
Luke Taylor fe2f4e4a3b Added setter method to allow connection pooling to be disabled. 2006-01-25 17:04:02 +00:00
Ray Krueger b20c0a674a Fixed NPE see SEC-143 2006-01-16 23:56:04 +00:00
Luke Taylor 38629f159a Added default role option to authorities populator. 2006-01-13 21:13:53 +00:00
Luke Taylor 63dcdec1b7 Corrected more Jalopy screwy formatting. 2006-01-06 02:00:41 +00:00
Luke Taylor 22b0e1613c Addition of package.html files. Minor formatting. 2006-01-05 19:59:04 +00:00
Luke Taylor 2f53f0e7d7 Message string changed to reflect class name changes. 2006-01-05 01:11:45 +00:00
Luke Taylor affa500778 Message string changed to reflect class name changes. 2006-01-05 01:02:49 +00:00
Luke Taylor d7ae1ad21b Refactoring to reduce code duplication, remove config files and use JMock to enforce expectations on whether FilterChain proceeds or not. 2006-01-05 00:59:10 +00:00
Luke Taylor 0202b47346 Switched to using JMock methods for dummy objects. 2006-01-04 23:31:34 +00:00
Luke Taylor 4063a87dbf Changed to use parent method for Mock creation rather than new operator. 2006-01-04 23:25:40 +00:00
Luke Taylor f9d0ee209b Changed FilterInvocationDefinitionSourceEditor to complain if the parsed URL or the config attribute is empty or null. Plus some comment tidying. 2006-01-04 21:35:10 +00:00
Luke Taylor 56bccf6070 Added MessageSource support for LDAP provider classes. 2006-01-03 20:31:19 +00:00
Luke Taylor e81be72bd7 Changed test to use tested class rather than interface name. Added test for service detection style URLs. 2006-01-01 15:11:54 +00:00
Carlos Sanchez 1dfc42550f Add spring-mock to dependency management 
Add ldap dependencies
Simplify spring dependencies
 2005-12-25 00:21:49 +00:00
Ben Alex 6b1f97a381 Resolve compiler warnings. 2005-12-24 10:03:18 +00:00
Carlos Sanchez b0d65259b6 Changed groupId to org.acegisecurity 2005-12-22 16:40:22 +00:00
Carlos Sanchez f226dfb67f Use ISO encoding to avoid problems 2005-12-22 16:27:44 +00:00
Carlos Sanchez 0c9e1769a4 Improved m2 poms 2005-12-22 15:54:37 +00:00
Carlos Sanchez f662ed5890 Ignore eclipse project files 2005-12-22 13:41:33 +00:00
Luke Taylor 9b5aa159aa Correct screwy formatting. 2005-12-22 01:42:27 +00:00
Luke Taylor 3977e3b822 Refactored to remove unnecessary null check in createSuccessAuthentication. Removed several legacy references to AuthenticationDao in Javadoc. 2005-12-22 01:30:53 +00:00
Luke Taylor 5b076c79d1 Changed to use a Set rather than array index to check for the presence of granted authorities as the ordering of the latter couldn't be guaranteed. 2005-12-22 01:22:09 +00:00
Luke Taylor 41a95b11cd Corrected wrong package name in Javadoc. 2005-12-22 01:18:32 +00:00
Luke Taylor 8f725f7a74 Removed no-arg constructor from UsernamePasswordAuthenticationToken. 2005-12-22 01:16:16 +00:00
Luke Taylor c378779610 Removed printStackTrace from expected exception. 2005-12-22 01:15:25 +00:00
Luke Taylor 09cef7adc2 Refactoring to remove encodeInternal method. Same as recent changes to SHA encoder. 2005-12-21 16:41:52 +00:00
Luke Taylor 2d1dd7b292 Restoring author/version tags, some minor comments. 2005-12-21 00:48:57 +00:00
Luke Taylor 20d69e2734 Tidying up some Jalopy weirdness. 2005-12-21 00:39:36 +00:00
Luke Taylor dc728987f4 Changed LdapDataAccessException to extend AuthenticationServiceException. 2005-12-21 00:14:15 +00:00
Luke Taylor 0f678d53ba Javadoc typo in tag. 2005-12-21 00:00:02 +00:00
Luke Taylor 911be66513 Move LdapUserSearch into main provider package and separate out its current implementation as it may be used for more than authentication. 2005-12-20 23:58:35 +00:00
Luke Taylor b01bf0b878 Expanded Javadoc. 2005-12-20 23:26:38 +00:00
Luke Taylor 1549ec55b1 Switch to embedded context version of apache DS (no socket nonsense etc.) 2005-12-20 23:08:54 +00:00
Luke Taylor 9554dc50bc Pull functionality for hiding UsernameNotFoundException's up into AbstractUserDetailsAuthenticationProvider. 2005-12-19 17:23:34 +00:00
Luke Taylor 929b08c085 Spring config for ApacheDS is no longer used. 2005-12-19 17:04:09 +00:00
Luke Taylor 069f78c00b Move the apacheDS working directory to java.io.tmpdir 2005-12-19 17:01:25 +00:00
Luke Taylor 1f66750e24 Added support for multiple DN patterns. Changes to favour constructor injection for mandatory properties. Renamed LdapUserInfo to prevent confusion with UserDetails interface. 2005-12-18 21:14:27 +00:00
Luke Taylor e3b728cc9a Javadoc typos. 2005-12-18 15:02:17 +00:00
Luke Taylor 40f50498b2 Re-enable some tests which partially work with embedded ApacheDS. 2005-12-16 18:26:23 +00:00
Luke Taylor bfb4fb81d4 Remove messages about existing data. 2005-12-16 02:47:47 +00:00
Luke Taylor f9c88adfa9 Switch to embedded server and disable tests which cause problems with apacheDS for the time being. 2005-12-16 02:23:06 +00:00
Luke Taylor 53252d258f Set extra properties on InitialDirContextFactory and corrected group search filter. 2005-12-16 01:28:29 +00:00
Luke Taylor 1db1a3cd62 Changes try to get Ldap tests working with the possibility of using a non-networked embedded server. 2005-12-16 01:07:31 +00:00
Luke Taylor 45e2f9dac4 Removed internal encoding method to make subclassing work. 2005-12-16 00:59:29 +00:00
Luke Taylor 781ed0f380 Switch to local url. 2005-12-15 03:45:48 +00:00
Luke Taylor d014411d48 Corrections to DIT for apache-ds tests. 2005-12-15 02:16:13 +00:00
Luke Taylor ce3d6f2129 Initial LDAP provider checkin. 2005-12-15 00:18:13 +00:00
Ben Alex a1037ddc87 Prepare 1.0.0 RC1. 2005-12-04 11:20:52 +00:00
Ben Alex d89c6c0a74 SEC-118: Wrong logger class corrected. 2005-12-04 10:48:33 +00:00
Ben Alex ee48f38ff0 SEC-116: Correct JavaDocs. 2005-12-02 12:14:38 +00:00
Ben Alex 75a9784028 SEC-58: Initial commit of Velocity helper. 2005-12-01 09:38:50 +00:00
Ben Alex b16ce31c5b Prove placeholders work correctly. 2005-12-01 00:30:18 +00:00
Ben Alex 2c28ff4fd1 SEC-56: Further improvements to localization. 2005-11-30 01:23:36 +00:00
Ben Alex 62fde4ede3 SEC-107: Finalize rename of AuthenticationDao to UserDetailsService with corresponding change in package from .providers.dao to .userdetails. 2005-11-30 00:20:13 +00:00
Ben Alex a6e23d79ae SEC-107: Rename AuthenticationDao to UserDetailsService. 2005-11-29 13:10:15 +00:00
Ben Alex 6144e1664e SEC-108: Make fields protected. 2005-11-29 02:43:35 +00:00
Ben Alex 6585c2b391 Allow subclasses to make modifications to GrantedAuthority[]. 2005-11-26 13:27:30 +00:00
Ben Alex fddcd6112e SEC-56: Add localisation support. 2005-11-26 05:11:53 +00:00
Ben Alex f4c3e2ff8c Use Spring Assert for cleaner code. 2005-11-26 04:18:21 +00:00