4ad0652787
Removed array of authorities constructor from TestingAuthenticationToken and RunAsUserToken.
2010-12-01 20:52:37 +00:00
1c8d28501c
SEC-1550: Convert signatures to use Collection<? extends GrantedAuthority> where appropriate.
2010-11-03 13:48:59 +00:00
21ed5feb8d
SEC-1600: Added Implementation-Version and Implementation-Title to manifest templates and checking of version numbers in namespace config module and core. Config checks the version of core it is running against and core checks the Spring version, reporting any mismatches or situations where the app is running with less than the recommended Spring version.
2010-10-27 13:25:40 +01:00
f4d57ab5e8
SEC-1456: Remove maven poms as we are now using gradle for the build.
2010-08-30 19:02:19 +01:00
65712f5cbc
SEC-1549: AclPermissionCacheOptimizer now does nothing if passed an empty collection of domain objects.
2010-08-28 14:39:43 +01:00
42721d407b
Added tests for acls/afterinvocation package
2010-08-24 18:26:09 +01:00
bdb906e588
Enable parameterization for log levels in logback files to allow the use of command-line options for controlling log output.
2010-08-24 18:25:39 +01:00
3c02989d67
Removal of jmock test dependency and upgrading of mockito version to 1.8.5. Minor adjustments to other build deps and configurations (e.g. prevent groovy from being used as a transitive dep, since we only use it for tests).
2010-08-18 02:32:43 +01:00
2222a7be07
Use Integer.valueOf() in preference to new Integer()
2010-08-11 18:17:23 +01:00
1a838c2049
SEC-1533: AclAuthorizationStrategyImpl can now take either one or three GrantedAuthority arguments. If only one is supplied, it will be used for all 3 of the permissions supported by the class.
2010-08-07 14:41:25 +01:00
85c4c91e0e
IDEA inspection refactorings.
2010-08-05 23:28:07 +01:00
64375484a1
More build and logging tuning.
2010-08-04 22:55:17 +01:00
97bc240602
SEC-1519: Added extra constructor to make sure strategy objects are initialized before the first attempt to retrieve an object from the Acl cache.
2010-07-23 17:57:57 +01:00
b3aad4cf19
Javadoc fixes.
2010-05-06 20:02:08 +01:00
977bc2b164
SEC-1433: Reduce the number of direct dependencies on DataAccessException from spring-tx.
...
It is still required as a compile-time dependency by classes which use Spring's JDBC support, but it doesn't really have to be used in many interfaces and classes which are not necessarily backed by JDBC implementations.
2010-03-26 18:05:28 +00:00
f3264ba9ab
Addition of commons-logging exclusions and adjustments to pom generation.
2010-03-07 21:58:25 +00:00
b147652193
Make hsqldb a testRuntime/runtime dependency.
2010-03-01 01:10:58 +00:00
f3f84da625
Increase upper bounds of Spring and Spring Security versions in bundlor templates to 3.2.0.
2010-02-21 23:25:36 +00:00
b37d2ed978
SEC-593: Added PermissionCacheOptimizer strategy interface and implementation in Acl module.
...
This is used by DefaultMethodSecurityExpressionHandler to allow permissions to be cached before repeatedly evaluating an expression for a collection of domain objects.
2010-02-20 18:02:12 +00:00
1474e73b11
SEC-1166: Added new interface PermissionGrantingStrategy to allow customization of ACL permission granting logic.
...
The DefaultPermissionGrantingStrategy contains the standard behaviour that was previously in AclImpl.
2010-02-20 18:02:11 +00:00
2ee7696bf4
Update version number to 3.1.0.CI-SNAPSHOT.
2010-02-19 17:35:19 +00:00
44f45d21f0
3.0.2 release. Update version in build files.
2010-02-19 01:22:21 +00:00
c12c43da9e
Javadoc fixes.
2010-02-14 23:27:09 +00:00
36612377e2
Replace package.html with package-info.java files, creating new ones where missing and updating outdated contents.
2010-02-14 23:23:23 +00:00
15c309a2ed
Add spring-aop to acl and contacts compile dependencies following changes for SEC-1390.
...
AopInfrastructureBean interface is now required.
2010-02-06 21:22:12 +00:00
51dfc0fb39
Set versions to 3.0.2-CI-SNAPSHOT, post release.
2010-01-15 18:15:19 +00:00
05634f97dc
Updated version numbers for 3.0.1 release.
2010-01-15 18:04:28 +00:00
b323098167
Added gradle build files for taglibs, tutorial, contacts and openid.
...
Changed build file names to match module names (by manipulating the project objects in the settings.gradle file).
2010-01-10 23:31:23 +00:00
052537c8b0
Removing $Id$ markers and stripping trailing whitespace from the codebase.
2010-01-08 21:05:13 +00:00
893f212fa5
Tidying
2010-01-02 19:53:19 +00:00
115d5b84ff
[maven-release-plugin] prepare for next development iteration
2009-12-22 22:20:01 +00:00
6c6ef08353
[maven-release-plugin] prepare release spring-security-3.0.0.RELEASE
2009-12-22 22:19:38 +00:00
e64866ae6a
Updated bundlor templates and introduced spring.version variable
2009-12-22 01:10:04 +00:00
aeed49393c
Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting).
2009-12-18 18:44:42 +00:00
520e733cb2
[maven-release-plugin] prepare for next development iteration
2009-12-08 21:19:41 +00:00
f2cf17bd49
[maven-release-plugin] prepare release spring-security-3.0.0.RC2
2009-12-08 21:19:20 +00:00
adfac7e718
Added gradle file for cas and standardised ehcache version
2009-12-08 01:54:15 +00:00
dab76249db
Added gradle build files (experimental)
2009-12-04 21:33:17 +00:00
4582afa739
Spelling fix in Javadoc
2009-11-29 13:17:58 +00:00
999eadc540
Minor refactoring to use generics and avoid converting collections to arrays.
2009-11-25 22:51:53 +00:00
330e71eb8f
Minor Javadoc.
2009-11-25 21:01:04 +00:00
693d2bce03
SEC-1286: Fixed toString() output.
2009-11-17 21:44:52 +00:00
c922021d28
SEC-1287: Regression with fix SEC-1022 - cannot register custom permissions w/BasicLookupStrategy. Added setter method for PermissionFactory field.
2009-11-17 13:13:54 +00:00
3f963ef8ca
Restore versions and svn URLs in trunk (release plugin fail)
2009-10-11 21:59:38 +00:00
af563e826c
[maven-release-plugin] prepare release spring-security-3.0.0.RC1
2009-10-11 21:43:42 +00:00
6aee4f0ee4
Removed commented out method.
2009-10-07 15:45:32 +00:00
f213cc5d9e
SEC-1257: APIs using List<ConfigAttribute> should use a Collection instead. Converted.
2009-10-06 19:46:44 +00:00
caff3ee9ba
SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc).
2009-10-05 19:28:53 +00:00
40759ab232
SEC-925: BasicLookupStrategy - support for schema qualifier. Added setters for ACL SQL statements.
2009-09-30 12:32:22 +00:00
9639340fef
SEC-1049: RoleHierarchy in SidRetrievalStrategy. Added optional RoleHierarchy injection to SidRetrievalStrategyImpl
2009-09-16 19:59:37 +00:00
9374bddceb
Added test class for AccessControlListTag.
2009-09-16 19:20:07 +00:00
9f76db0606
SEC-1022: Remove use of static methods/initializers in Acl Permissions. Added extra constructors to DefaultPermissionFactory to allow injection of custom permissions to the registry.
2009-09-16 18:42:44 +00:00
24155d4abe
SEC-1022: Remove use of static methods/initializers in Acl Permissions. Added setter for PermissionFactory to AclPermissionEvaluator
2009-09-16 15:32:17 +00:00
3f70d79df5
SEC-1022: Remove use of static methods/initializers in Acl Permissions. Converted PermissionFactory to a strategy which is used to convert integers and names to Permission instances.
2009-09-16 12:45:53 +00:00
0d7b990e0a
SEC-1184: Moved ACL cache classes and interface out of jdbc package.
2009-08-31 22:15:37 +00:00
6236858356
SEC-951: Acl Serialization Errors that cohere with parent-child-structure of Acls. Modified tests to reproduce the issue and applied suggested fix (recursive call to set transient fields on parent).
2009-08-31 19:15:13 +00:00
5a8772df5b
Reset pom versions post release
2009-08-21 12:02:49 +00:00
0e5aa7008d
[maven-release-plugin] prepare release spring-security-3.0.0.M2
2009-08-20 15:51:26 +00:00
72af366a72
SEC-1172: Added extra constructor which allows setting of the config attribute name.
2009-06-09 14:21:42 +00:00
39d76d5b5f
SEC-1165: Relax the requirement that the ObjectIdentity "type" be a Java class. Modified ObjectIdentity, changing the javaType property to "type" which is now a plain String. Also removes the requirement that the class be present on the classpath when creating the ObjectIdentityImpl instance (e.g. in the case of a permissions administration app which doesn't actually use the domain classes itself).
2009-06-09 00:17:45 +00:00
131ba5c62e
Reset poms to 3.0.0.CI-SNAPSHOT after tagging M1 release
2009-05-27 00:12:30 +00:00
e2c218e8c9
[maven-release-plugin] prepare release spring-security-3.0.0.M1
2009-05-26 23:44:11 +00:00
45c54c558c
Updated build to use maven.springframework.org deps
2009-05-13 06:16:05 +00:00
76438b3347
SEC-1132: Refactoring of access/intercept package to extract packages and classes which are externally depended on or potentially may be used outside of the standard interceptor model (e.g. SecurityMetadataSource)
2009-05-11 05:44:31 +00:00
9875cbec8b
SEC-1132: Restructuring of ACL packages
2009-05-11 05:20:09 +00:00
acd7dc1f2d
SEC-1151: Fixed check on ACE list bounds in AclImpl and updated tests
2009-05-08 03:10:25 +00:00
c6dfee69d4
SEC-1038: Changed JdbcMutableAclServiceTests to facilitate testing with PostgreSQL and updated JdbcMutableAclService to use a the id obtained from the ObjectIdentity directly rather than calling toString() on it before passing to the JDBC call.
2009-05-06 14:29:53 +00:00
29fafbbf18
Misc tidying up of old files and refactoring of tests
2009-05-05 13:29:59 +00:00
459a3095c4
SEC-1041: Applied patch with minor modifications - introduces permission constructor which sets pattern "on" code to '*' as a default.
2009-04-30 07:58:53 +00:00
c96da98e14
Removed unnecessary toString()
2009-04-27 10:41:16 +00:00
da823b2396
Tidying up.
2009-04-27 10:37:55 +00:00
d0a308c99b
SEC-1107: Added test to attempt to reproduce issue.
2009-04-27 10:21:31 +00:00
bd1d19f372
Fix mockito usage error.
2009-04-26 11:20:03 +00:00
a5792b094a
More generification to remove last warnings in Acl package.
2009-04-26 10:05:55 +00:00
8570d864dc
Generifying DefaultPermissionFactory
2009-04-26 09:57:41 +00:00
22e7142f45
SEC-998: Bundlor enabled in web, ldap, config and core modules
2009-04-24 09:12:53 +00:00
30fe9a0935
Remove dependency on commons collections (ArrayIterator).
2009-04-23 05:39:50 +00:00
21e36e0a57
Updated version number from 2.5.0-SNPSHOT to 3.0.0.CI-SNAPSHOT
2009-04-22 12:55:52 +00:00
5509da7a2e
SEC-1141: ObjectIdentityImpl has incorrect hashCode implementation. Modified equals method to compare longValue of Number identifier types and use standard equals for other serializable identifiers.
2009-04-22 02:08:00 +00:00
21c608389c
SEC-1128: Changed to use ClassUtils.forName to load "javaType" class.
2009-04-21 07:54:49 +00:00
fd1af34add
Minor javadoc stuff.
2009-04-21 06:06:13 +00:00
75d5e8f5f2
Spelling correction.
2009-04-21 03:38:43 +00:00
3adbbdf50d
SEC-1081: Minor Acl refactoring to remove generic warnings. Minor efficiency improvements.
2009-04-21 02:54:17 +00:00
d5f5b0860e
SEC-1132: Refactoring to remove package cycles in ACL module.
2009-04-15 10:04:45 +00:00
93bdcccaee
SEC-1132: Moved userdetails into core and added core/authority sub-package
2009-04-15 07:39:21 +00:00
10673780db
OPEN - issue SEC-1136: Removed SpringSecurityException. Introduced new AclException as base class for Acl module. Refactored JAAS authentication to map to AuthenticationExcpetions rather than SpringSecurityException. Modified ExceptionTranslationFilter to look explicitly for AuthenticationException or AccessDeniedException (which it should do since these are the only two it handles).
2009-04-13 14:56:49 +00:00
ca7d055c2b
SEC-1132: Created core and authentication packages within core module.
2009-04-13 13:43:23 +00:00
9efb5a7007
SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet
2009-04-12 12:23:23 +00:00
2a9a8a41db
SEC-1125: Created separate web module spring-security-web
2009-03-25 06:28:18 +00:00
766aca885b
SEC-1054: Add method "clear" to interface AclCache. As requested.
2009-03-16 09:31:52 +00:00
ef3ea65fdb
Switching back to 2.5.0-SNAPSHOT after tagging M1 release
2009-01-03 07:42:19 +00:00
fc5f50501e
[maven-release-plugin] prepare release 2.5.0.M1
2009-01-03 07:08:25 +00:00
4a41416c9b
Tidying up and removing compiler warnings.
2008-12-21 16:36:16 +00:00
6003291a68
Updated to use new Sprig test classes and to remove data dependencies between tests.
2008-12-21 16:34:26 +00:00
14c50a9c96
SEC-1012: Java-5-ifying the ACL package.
2008-12-21 01:41:30 +00:00
cc5966bc7e
Tidying up, removing compiler warnings etc.
2008-12-20 00:16:49 +00:00
8154161ef5
SEC-1035: Updated build to use Spring 3.0.0.M1 Release
2008-12-18 02:37:00 +00:00
3fcc7b5403
SEC-1051: Moved voter and afterinvocation packages into acl package. Also moved filterer classes fom core, as they are used in the acl after-invocation classes
2008-12-12 12:47:42 +00:00
6197668fa6
renamed test file
2008-12-02 15:36:35 +00:00
7505b734d6
Converted to use jmock.
2008-12-02 12:17:13 +00:00
7bf47f2d97
Converted to use jmock.
2008-12-02 12:06:09 +00:00
51549a9f6f
Added missing '$' to Id.
2008-11-30 23:20:49 +00:00
67c06d3d52
SEC-1012: Adding generics and general tidying up of tests etc
2008-11-15 13:00:38 +00:00
a9d69ac4e8
Tidied up test class.
2008-11-15 10:54:34 +00:00
31375b7212
SEC-1012: Futher generification. Also changed method signature of ObjectDefinitionSource.getAllConfigAtributes to return a single collection
2008-11-15 09:35:11 +00:00
e5b1073501
SEC-1012: Added more generics and warning suppression
2008-11-11 09:06:50 +00:00
62986c700b
SEC-1027: Removed bnd plugin and 'bundle' package types from pom.xml files
2008-11-11 01:09:37 +00:00
e11114ce77
SEC-1023: Add hasPermission() support to SecurityExpressionRoot
...
http://jira.springframework.org/browse/SEC-1023 .
hasPermission() now delegates to a PermissionEvaluator interface, with a default implementation provided by the Acl module. The contacts sample now uses expressions on the ContactManager interface. The permission-evaluator element on global-method-security can be used to set the instance to an AclPermissionEvaluator. If not set, all hasPermission() expressions will evaluate to 'false'.
2008-11-10 04:27:25 +00:00
d33b13e52e
SEC-1023: Added support for hasPermission() based on Id and type
2008-11-05 22:44:46 +00:00
d601301de6
SEC-1023: Fix broken test.
2008-11-05 04:14:29 +00:00
1c3b576d91
SEC-1023: PermissionEvaluator based on the Acl module.
2008-11-05 03:45:50 +00:00
7ff5602dbc
Convert AclImplTests to use JMock mocks.
2008-11-04 06:43:08 +00:00
04e2fc7daf
Tidying.
2008-11-04 06:36:49 +00:00
514bca669f
SEC-999: Introduced custom SecurityExpressionEvaluationContext which is responsible for lazy initialization of parameter values in the context. Also some further conversion of code using GrantedAuthority arrays.
2008-10-31 11:40:11 +00:00
ec44f2bdfe
SEC-1012: Refactoring of use of GrantedAuthority[] to generified collections
2008-10-31 03:53:00 +00:00
a7d046357b
SEC-1013: Refactored out use of ConfigAttributeDefinition from remaining interfaces
2008-10-30 04:10:54 +00:00
c947d42146
SEC-1010: Moved TestingAuthenticationProvider and token to main core src tree and updated poms to match
2008-10-15 06:35:11 +00:00
6c8a82fa13
Updated poms to Spring 2.5 and fixed up sandbox to work with latest build
2008-10-15 05:52:40 +00:00
7cc0965383
SEC-1001: Move core tiger code into core and adjust pom files
2008-10-03 15:23:31 +00:00
5b9bb8ba54
[maven-release-plugin] prepare for next development iteration
2008-09-05 19:04:22 +00:00
73eed2656d
[maven-release-plugin] prepare release spring-security-parent-2.0.4
2008-09-05 18:57:43 +00:00
c45b4e0989
SEC-951: Overcome serialization error caused by BasicLookupStrategy failing to modify AccessControlEntryImpl.acl field to the replacement AclImpl (previously old references to StubAclParent were retained).
2008-09-05 05:33:41 +00:00
0f8ea229c2
SEC-908: Correct issue with BasePermission static initialization failure.
2008-09-05 04:33:52 +00:00
4165e15861
Fix issues with move of TestingAuthenticationToken
2008-08-04 20:14:20 +00:00
775a6c3939
[maven-release-plugin] prepare for next development iteration
2008-06-23 14:10:35 +00:00
87d50aecce
[maven-release-plugin] prepare release spring-security-parent-2.0.3
2008-06-23 14:05:36 +00:00
b403216494
SEC-838: Make fields in AbstractAclProvider protected to facilitate subclass reuse.
2008-06-06 03:01:51 +00:00
371769740a
SEC-831: Improve support for Postges, which requires "AS" for table aliasing, together with stored procedures for sequence allocation.
2008-06-06 02:55:53 +00:00
e38d5dfd87
SEC-813: Allow custom Permission classes to be used.
2008-06-06 02:37:19 +00:00
ff5666ae83
SEC-819: Properly support integer (and other numeric) identifiers.
2008-06-06 01:05:46 +00:00
ff785a829f
[maven-release-plugin] prepare for next development iteration
2008-06-03 16:07:20 +00:00
db1d8604a6
[maven-release-plugin] prepare release spring-security-parent-2.0.2
2008-06-03 16:05:40 +00:00
4b45e5d7c2
Fixed OSGi version numbers in ranges [x,y] by adding a property pom.version.osgi
2008-05-25 20:55:17 +00:00
a599ef5398
[maven-release-plugin] prepare for next development iteration
2008-05-01 20:09:03 +00:00
3e808335a4
[maven-release-plugin] prepare release spring-security-parent-2.0.1
2008-05-01 20:07:46 +00:00
6ecfa0541f
SEC-806: Osgi-ified more modules
2008-05-01 17:11:31 +00:00
e7e256a9d5
SEC-787: Consistently use lowercase in all ACL module SQL statements.
2008-05-01 07:48:10 +00:00
0c28845d4e
SEC-787: Converted SQL in BasicLookupStrategy to lower case to make it consistent with other classes.
2008-04-26 13:08:31 +00:00
b5dc523041
[maven-release-plugin] prepare for next development iteration
2008-04-14 07:06:44 +00:00
0c42670431
[maven-release-plugin] prepare release spring-security-parent-2.0.0
2008-04-14 07:05:46 +00:00
54882fe1ea
SEC-670: Provide mutator for JdbcMutableAclService.foreignKeysInDatabase property.
2008-04-05 22:57:02 +00:00
8a7bfafce9
SEC-670: Deadlock avoidance.
2008-04-05 22:49:37 +00:00
64442b6645
SEC-590: Correct misuse of "continue" keyword so ACLs retrieved even when last element is already cached.
2008-04-05 22:33:59 +00:00
8919b203e6
SEC-422: Correct SQL to increase database compatibility.
2008-04-05 22:13:23 +00:00
d79485a975
SEC-547: Release database connections between each layer of parent lookups.
2008-04-05 21:19:42 +00:00
677607bcad
SEC-530: Refactor ACL module so ACE manipulation is index-based as
...
opposed to AccessControlEntry.getId() based.
2008-04-05 20:43:10 +00:00
9e9b69ec8f
SEC-572: Permit null parent for an AclImpl.
2008-04-05 08:16:19 +00:00
c6ea734d8f
SEC-589: Fine-tune NotFoundException handling and JavaDocs generally.
2008-04-05 08:07:20 +00:00
340020ad3a
SEC-655: Evict from the cache any children ACLs of the ACL being updated.
2008-04-05 06:17:05 +00:00
5cf5140029
SEC-527: Correct serialization issues with EH-CACHE.
2008-04-05 05:58:11 +00:00
f5a464bc39
Make compile Java 1.4 compatible (no autoboxing).
2008-04-05 05:17:19 +00:00
8f645f97f7
Improve toString() method to use Class.getName().
2008-04-05 04:05:07 +00:00
833b76c011
SEC-676: Remove child ACLs from cache during delete.
2008-04-05 03:42:16 +00:00
1036074d26
More robust null handling in equals(Object) method.
2008-04-05 03:41:25 +00:00
af9715c168
SEC-697: Add setOwner(Sid) to MutableAcl interface.
2008-04-05 03:08:45 +00:00
337155f0ea
SEC-602: Retrieve true underlaying class, properly handling CGLIB enhanced versions.
2008-04-05 02:46:27 +00:00
bf41423b5b
Various modest documentation improvements.
2008-04-04 00:49:34 +00:00
21e83e8364
[maven-release-plugin] prepare for next development iteration
2008-04-01 15:03:29 +00:00
91ed7dceb6
[maven-release-plugin] prepare release release_2_0_0_RC1
2008-04-01 15:01:30 +00:00
6ab301981c
Update dependency versions and POM structure.
2008-03-24 09:05:44 +00:00
8f7b216de3
Import cleaning, removal of unnecessary constructors etc based on eclipse warnings
2008-03-17 14:10:22 +00:00
ff16c413dd
[maven-release-plugin] prepare for next development iteration
2008-02-29 14:55:31 +00:00
b8916ffaba
[maven-release-plugin] prepare release release_2_0_M2
2008-02-29 14:54:15 +00:00
5187f89fe8
SEC-679: Removed use of MockApplicationContext and improved use of ehcache (shutting down cache managers after tests are run). Upgraded ehcache version to 1.3 as used in Spring pom.
2008-02-22 13:34:20 +00:00
2dd9faabc0
SEC-674: Created new project modules for cas, captcha, acls and taglibs
2008-02-19 20:30:53 +00:00
Luke Taylor
Ben Alex