893 Commits

Author	SHA1	Message	Date
Luke Taylor	0615b94f55	Converted expression test to use static method.	2009-10-09 23:42:23 +00:00
Luke Taylor	4dcb9de67a	SEC-1257: Some additional API changes to use Collection instead of List...	2009-10-07 21:08:20 +00:00
Luke Taylor	f213cc5d9e	SEC-1257: APIs using List<ConfigAttribute> should use a Collection instead. Converted.	2009-10-06 19:46:44 +00:00
Luke Taylor	caff3ee9ba	SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc).	2009-10-05 19:28:53 +00:00
Luke Taylor	acf13c74ca	SEC-1229: Refactored authentication.concurrent in core, moving classes into core.session	2009-10-05 15:51:00 +00:00
Luke Taylor	2a1430f1ce	SEC-1229: Removed legacy concurrency classes	2009-09-29 16:18:25 +00:00
Luke Taylor	1c4a809e09	SEC-1245: Add role hierarchy support to expression handlers. Done.	2009-09-15 17:17:21 +00:00
Luke Taylor	6851655ea9	SEC-1177: MethodInvocationUtils Returns Null With Valid Method String and Class. Added very simple checking of declared methods on class.	2009-09-09 19:49:44 +00:00
Luke Taylor	ef2df77889	SEC-1239: Special characters in JAAS config file location. Fix - convert Resource to a File before obtaining the URL from it. The URL.toString() obtained this way is different from the one obtained from Resource.getURL().toString().	2009-09-09 17:41:35 +00:00
Mike Wiesner	58ee9a364e	SEC-1181: DNS helper classes, will primarily be use for lookup of Active Directory servers.	2009-09-02 14:29:35 +00:00
Luke Taylor	0f6642d3ab	SEC-1216: Replacement of custom-after-invocation-provider with after-invocation-provider element. Some changes to help prevent proxying of aop infrastructure classes (use of AopInfrastructureBean marker interface)	2009-08-04 00:18:07 +00:00
Luke Taylor	5953af0f6b	SEC-1196: Change use of <authentication-manager> to actually register the global ProviderManager instance. This element now registers the global ProviderManager instance and must contain any authentication-provider elements (or ldap-authentication-provider elements).	2009-08-03 00:21:11 +00:00
Luke Taylor	1afa67c954	SEC-1195: Added internal AuthenticationManager for use by beans which are generated by the <http> block.	2009-07-15 23:09:47 +00:00
Luke Taylor	6346e31517	SEC-1195: Change <http> parsing behaviour to use an internal AuthenticationManager instance. Implemented "parent" AuthenticationManager in ProviderManager which is delegated to when no authentication is returned by the instances list of authentication providers. Extracted the Authentication success/failure publishing into a separate strategy.	2009-07-15 01:28:28 +00:00
Luke Taylor	1ca2e6e6fc	Tidying.	2009-07-13 23:12:32 +00:00
Luke Taylor	5d389d953d	RoleVoter test class.	2009-07-13 23:11:15 +00:00
Luke Taylor	946f3d1067	Converted to use mockito.	2009-07-13 23:10:52 +00:00
Luke Taylor	8a3930e673	Refactoring of ProviderManager to ensure that any AuthenticationException from the ConcurrentSessionController will prevent further polling of providers.	2009-07-08 23:20:46 +00:00
Luke Taylor	c6b9371029	Updated to latest Spring build snapshot. Required minor EL changes to parser class name	2009-06-15 23:41:20 +00:00
Luke Taylor	ab7f06c108	SEC-1156: Modified JdbcUserDetailsManager to only save/update authorities if enableAuthorities is set	2009-06-14 22:26:44 +00:00
Luke Taylor	4e0d3c644f	Committed deletion of previous AuthorityUtilsTests	2009-06-09 01:50:35 +00:00
Luke Taylor	4768e4b13c	Removed methods relating to current context from AuthorityUtils, making it a simple factory for GrantedAuthority lists etc.	2009-06-09 01:42:37 +00:00
Luke Taylor	5808da12ff	SEC-1094: Simplified WebXml attribute mapping. Removed generic jaxen-based implementation on which it was based in favour of simple DOM model traversal. Updated sample.	2009-06-08 15:23:41 +00:00
Luke Taylor	45c54c558c	Updated build to use maven.springframework.org deps	2009-05-13 06:16:05 +00:00
Luke Taylor	4bad213b19	SEC-1132: Moved remaining preauth code from core to web	2009-05-12 00:11:06 +00:00
Luke Taylor	c7a2e12c65	Moved python script to correct directory	2009-05-11 06:03:59 +00:00
Luke Taylor	76438b3347	SEC-1132: Refactoring of access/intercept package to extract packages and classes which are externally depended on or potentially may be used outside of the standard interceptor model (e.g. SecurityMetadataSource)	2009-05-11 05:44:31 +00:00
Luke Taylor	14c4739605	SEC-1158: Decoupling of Pre/Post annotations implementation from Spring EL.	2009-05-11 05:18:20 +00:00
Luke Taylor	5b543f83ec	Removed web dependency on core-tests	2009-05-04 02:25:49 +00:00
Luke Taylor	e94baf38b3	Tidying up to remove warnings (generics, use of deprecated test classes etc).	2009-04-28 06:49:43 +00:00
Luke Taylor	50ac9d3b05	More generification to remove last warnings in core package.	2009-04-26 10:17:09 +00:00
Luke Taylor	1454cbb78e	SEC-1132: Moved TextUtils to web module and StringSplit utils into Digest authentication package (as they aren't used elsewhere).	2009-04-25 08:04:26 +00:00
Luke Taylor	a76cbee4bc	SEC-1132: Moved ThrowableAnalyzer code to web module as it is only used in ExceptionTranslationFilter	2009-04-25 07:03:15 +00:00
Luke Taylor	305ce125fb	SEC-863: Hierarchical roles should use the interface GrantedAuthority. Applied submitted patch.	2009-04-22 05:53:59 +00:00
Luke Taylor	ba6664f77f	SEC-1012: Refactor SessionRegistry interface to use Java 5 generics.	2009-04-21 06:57:21 +00:00
Luke Taylor	cac2bce382	Refactored SessionRegistryImpl to remove servlet API deps and moved back into core, along with other concurrent authentication package classes.	2009-04-21 06:05:14 +00:00
Luke Taylor	93bdcccaee	SEC-1132: Moved userdetails into core and added core/authority sub-package	2009-04-15 07:39:21 +00:00
Luke Taylor	c770998d92	SEC-1132: Move authoritymapping to core as it is actually used in loading authorities for a use, not in making access decisions.	2009-04-14 04:22:57 +00:00
Luke Taylor	10673780db	OPEN - issue SEC-1136: Removed SpringSecurityException. Introduced new AclException as base class for Acl module. Refactored JAAS authentication to map to AuthenticationExcpetions rather than SpringSecurityException. Modified ExceptionTranslationFilter to look explicitly for AuthenticationException or AccessDeniedException (which it should do since these are the only two it handles).	2009-04-13 14:56:49 +00:00
Luke Taylor	ca7d055c2b	SEC-1132: Created core and authentication packages within core module.	2009-04-13 13:43:23 +00:00
Luke Taylor	9efb5a7007	SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet	2009-04-12 12:23:23 +00:00
Luke Taylor	7c4d54f356	SEC-1131: Applied patch for portlet upgrade	2009-04-12 05:52:20 +00:00
Luke Taylor	365ae3936e	Moved MockAuthenticationManager to test package.	2009-04-12 05:13:18 +00:00
Luke Taylor	bec84f874a	SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples.	2009-03-26 07:18:36 +00:00
Luke Taylor	2a9a8a41db	SEC-1125: Created separate web module spring-security-web	2009-03-25 06:28:18 +00:00
Luke Taylor	2c985a1c36	SEC-1126: separated out spring-security-config module containing namespace configuration classes and resources	2009-03-23 04:23:48 +00:00
Luke Taylor	4aff4b2350	SEC-1123: Renamed ObjectDefinitionSource to SecurityMetadataSourceand performed related refactoring	2009-03-20 04:32:06 +00:00
Luke Taylor	4aae5ec42e	SEC-1124: Refactored LDAP code into separate module	2009-03-19 06:30:32 +00:00
Luke Taylor	591681c180	Upgrade to Spring M2 and correct expression classes and pom files to match changes	2009-03-19 01:17:16 +00:00
Luke Taylor	9de9f638fe	SEC-1083: Removed unnecessary import	2009-03-16 08:07:18 +00:00