Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 06:58:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,824 Commits 33 Branches 337 Tags
Commit Graph

3824 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Luke Taylor
ecbacddc7c SEC-1146: Add some information on using authority groups 2009-07-29 16:30:15 +00:00
Luke Taylor
5d5df0c63d Added extra 'manual' security interceptor config 2009-07-29 16:08:04 +00:00
Luke Taylor
68364f06a2 Minor itest updates 2009-07-29 16:05:47 +00:00
Luke Taylor
3e6054b69f SEC-1211: Rename SessionFixationProtectionFilter to SessionManagementFilter, since it no longer performs session-fixation protection directly, but just executes the AuthenticatedSessionStrategy. 2009-07-29 00:52:30 +00:00
Luke Taylor
5e285b3692 SEC-1211: Set the default AuthenticatedSessionStrategy to a null implementation to preserve existing behaviour. 2009-07-28 23:57:46 +00:00
Luke Taylor
609a68b12a SEC-1077: Added DefaultAuthenticatedSessionStrategy test to check that saved request attribute is retained when migrateAttributes is false. 2009-07-28 23:47:26 +00:00
Luke Taylor
db90122179 SEC-1211: Create strategy for session handling on successful authentication. Added AuthenticatedSessionStrategy interface and default implementation which encapsulates the functionality that was previously in SessionFixationProtectionFilter and AbstractAuthentictationProcessingFilter. Updated the namespace to make use of these. 2009-07-28 18:00:24 +00:00
Luke Taylor
4a12b80470 Minor updates to x509 doc and update of remember-me doc (no longer part of auto-config) 2009-07-27 22:27:48 +00:00
Luke Taylor
fdb7325cbc Javadoc update 2009-07-24 15:21:59 +00:00
Luke Taylor
9c27bced5b Corrected typo 2009-07-23 20:42:04 +00:00
Luke Taylor
40efe6db57 Minor doc updates 2009-07-22 17:24:05 +00:00
Luke Taylor
0a37aed4b9 SEC-1207. Fixed class name in jsp 2009-07-22 16:37:22 +00:00
Luke Taylor
719a5e09d8 SEC-1205: Added comment to Javadoc for PasswordComparisonAuthenticator to indicate that it won't work with SSHA passwords 2009-07-22 16:11:24 +00:00
Luke Taylor
931cf90dbb SEC-1203: Allow configuration of X509 subject-dn-regex attribute using PropertyPlaceholderConfigurer. Modified parser to use a BeanDefinition for the SubjectPrincipalDnExtractor to allow property subsititution. 2009-07-21 00:14:57 +00:00
Luke Taylor
8b115e2a21 SEC-1167: Added setRequestCache to SavedRequestAwareAuthenticationSuccessHandler and updated namespace parsing to set PortResolver on created HttpRequestCache. 2009-07-20 22:52:48 +00:00
Luke Taylor
f404bb3d74 SEC-1167: Introduce more flexible SavedRequest handling. Separated the concept of SavedRequest from SecurityContextHolderAwareFilter since the two are orthogonal requirements. This no longer takes a wrapper class property or uses reflection. SavedRequest functionality is accessed through the RequestCache interface, with the default implementation being HttpSessionRequestCache. A separate filter RequestCacheAwareFilter is now responsible for reconstituting the SavedRequest if it matches the current request. The functionality for matching and returning the wrapper is contained in the RequestCache method though. 2009-07-20 22:34:40 +00:00
Luke Taylor
efd1dbf54a Removed public modifier from getSessionController() method on ProviderManager. 2009-07-17 23:37:45 +00:00
Luke Taylor
491837ae34 SEC-1197: Moved support from session-controller-ref from authentication-manager to concurrent-session-control element. Plus refactoring of config classes into separate packages. 2009-07-17 23:36:35 +00:00
Luke Taylor
83da7be2ea Remove (ticket) cache package from CAS module. Unnecesary and has a circular reference. 2009-07-17 23:33:55 +00:00
Luke Taylor
1afa67c954 SEC-1195: Added internal AuthenticationManager for use by beans which are generated by the <http> block. 2009-07-15 23:09:47 +00:00
Luke Taylor
6346e31517 SEC-1195: Change <http> parsing behaviour to use an internal AuthenticationManager instance. Implemented "parent" AuthenticationManager in ProviderManager which is delegated to when no authentication is returned by the instances list of authentication providers. Extracted the Authentication success/failure publishing into a separate strategy. 2009-07-15 01:28:28 +00:00
Luke Taylor
1ca2e6e6fc Tidying. 2009-07-13 23:12:32 +00:00
Luke Taylor
5d389d953d RoleVoter test class. 2009-07-13 23:11:15 +00:00
Luke Taylor
946f3d1067 Converted to use mockito. 2009-07-13 23:10:52 +00:00
Luke Taylor
e63fba3a36 Tidying 2009-07-08 23:55:42 +00:00
Luke Taylor
d59bdc0cbc Reducing use of global bean Ids as part of SEC-1186 2009-07-08 23:54:26 +00:00
Luke Taylor
7622dfe092 SEC-1194: Added support for services-alias to remember-me 2009-07-08 23:53:47 +00:00
Luke Taylor
b795d22e51 Upgraded junit and bundlor deps 2009-07-08 23:46:15 +00:00
Luke Taylor
3b1cdc3ab4 Tidying. 2009-07-08 23:27:53 +00:00
Luke Taylor
8a3930e673 Refactoring of ProviderManager to ensure that any AuthenticationException from the ConcurrentSessionController will prevent further polling of providers. 2009-07-08 23:20:46 +00:00
Luke Taylor
d02bbbf560 import cleaning. 2009-07-08 17:17:45 +00:00
Luke Taylor
43dab4c3b3 SEC-1186: Additional changes to remove custom-filter decorator functionality. 2009-07-08 16:50:47 +00:00
Luke Taylor
abddcb044a SEC-1186: Remove functionality from CustomFilterBeanDefinitionDecorator and report a warning instead. 2009-07-08 16:49:30 +00:00
Luke Taylor
b3366a1646 SEC-1186: Tidying up changes to http parsing 2009-07-08 16:19:26 +00:00
Luke Taylor
df7c734450 SEC-1192: Fix incorrect classname in preauth chapter 2009-07-08 14:53:40 +00:00
Luke Taylor
6b53703e37 SEC-1187: Moved pre-authentication status check inside try/catch block and repeated the call after reloading the user during the "cacheWasUsed" logic. 2009-07-07 17:09:44 +00:00
Luke Taylor
eae670269d Tidying 2009-07-06 10:33:57 +00:00
Luke Taylor
be12d93f7a Manual updates 2009-07-06 10:33:14 +00:00
Luke Taylor
853b4c8753 SEC-1186: Make sure an Element is always supplied when registering the AuthenticationManager. Fixes broken tests. 2009-06-28 13:36:54 +00:00
Luke Taylor
980b9b73b8 deprecate property editor 2009-06-26 12:49:23 +00:00
Luke Taylor
3e9983c744 SEC-1186: Removed 'order' from openid filter 2009-06-26 12:48:36 +00:00
Luke Taylor
af0c5f9e7f SEC-1186: Removed 'order' from ntlm and cas filters 2009-06-26 12:47:36 +00:00
Luke Taylor
d5bf5d7adc SEC-1186: validator for filter chain beans 2009-06-26 12:47:03 +00:00
Luke Taylor
8ddd96af2b SEC-1186: intermediate commit of namespace changes for improved tooling support 2009-06-26 12:44:46 +00:00
Luke Taylor
f6e2e36346 Remove use of property editor internally. 2009-06-18 23:37:36 +00:00
Luke Taylor
074fa7d629 SEC-1186: Refactoring to bring all filter registrations into the HttpBDP parse method in preparation for building the filter chain and map at that point, rather than in a post-processor 2009-06-18 22:33:16 +00:00
Luke Taylor
44487293f0 Minor faq updates 2009-06-18 13:35:02 +00:00
Luke Taylor
408e982b96 Minor JSP classname fixes etc in samples 2009-06-18 13:28:44 +00:00
Luke Taylor
67a90b36ee SEC-1178: New manual chapters 2009-06-16 12:47:26 +00:00
Luke Taylor
c6b9371029 Updated to latest Spring build snapshot. Required minor EL changes to parser class name 2009-06-15 23:41:20 +00:00