Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,105 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

1714 Commits

Author SHA1 Message Date
Luke Taylor a207acf7cb SEC-999: Fix broken test which was failing due to use of incorrect authentication object. 2008-11-05 01:09:14 +00:00
Luke Taylor 56141e9c5f SEC-999: Refactoring out specific dependencies on Spring EL into SecurityExpressionHandler. 
SEC:1023: Updates to expression root to allow evaluationof permissions.
 2008-11-04 23:30:56 +00:00
Luke Taylor dabb719456 SEC-1023: Add hasPermission() support to SecurityExpressionRoot 
http://jira.springframework.org/browse/SEC-1023. PermissionEvaluator interface for use by expressions when evaluating hasPermisson() expressions.
 2008-11-04 22:46:21 +00:00
Luke Taylor b42fc7221f Upgraded to jmock 2.5.1 2008-11-04 05:37:56 +00:00
Luke Taylor 514bca669f SEC-999: Introduced custom SecurityExpressionEvaluationContext which is responsible for lazy initialization of parameter values in the context. Also some further conversion of code using GrantedAuthority arrays. 2008-10-31 11:40:11 +00:00
Luke Taylor ec44f2bdfe SEC-1012: Refactoring of use of GrantedAuthority[] to generified collections 2008-10-31 03:53:00 +00:00
Luke Taylor e891b334e6 SEC-1009: removed additional container adapter specific code 2008-10-30 05:45:13 +00:00
Luke Taylor 09cc58d7ac SEC-1009: removed additional container adapter specific code 2008-10-30 05:44:38 +00:00
Luke Taylor 3521af4cae Added missing test class. 2008-10-30 04:32:22 +00:00
Luke Taylor a7d046357b SEC-1013: Refactored out use of ConfigAttributeDefinition from remaining interfaces 2008-10-30 04:10:54 +00:00
Luke Taylor c7abdadc06 SEC-999: Moved caching from AbstractFallbackMethodDefinitionSource to DelegatingMethodDefinitionSource, to allow ExpressionBasedMethodDefinitionSource to take advantage of it. The latter no-longer uses the fallback approach as it requires its own strategy to combine annotations which may be defined at method-on-class, class, method-on-interface or interface level. 2008-10-28 06:37:04 +00:00
Luke Taylor f2ec8c978a Moved MethodDefinitionSource to standalone class. 2008-10-27 21:51:58 +00:00
Luke Taylor f592357c27 SEC-999,SEC-1013: removed ConfigAtributeDefinition from ObjectDefinitionSource and implementations. Modified el-authz to allow methods which use an annotation without explicitly specifying a PreAuthorize condition 2008-10-27 09:04:22 +00:00
Luke Taylor 5174693c64 SEC-999: Expression language based access decision support 
http://jira.springframework.org/browse/SEC-999. Added missing test class.
 2008-10-24 00:57:52 +00:00
Luke Taylor 4aa32f7d06 SEC-999: First commit of expression-based authorization implementation 2008-10-24 00:38:36 +00:00
Luke Taylor 91c44a47fd SEC-999: Added spel-annotations to newly created 2.5 schema file. 
http://jira.springframework.org/browse/SEC-999
 2008-10-21 05:54:42 +00:00
Luke Taylor b031124f61 SEC-991: Removed deprecated getAttributes() method from LdapUserDetails interface 2008-10-17 05:12:11 +00:00
Luke Taylor b589f78918 SEC-954: Deprecate AbstractMethodDefinitionSource 2008-10-17 01:06:21 +00:00
Luke Taylor c947d42146 SEC-1010: Moved TestingAuthenticationProvider and token to main core src tree and updated poms to match 2008-10-15 06:35:11 +00:00
Luke Taylor 6c8a82fa13 Updated poms to Spring 2.5 and fixed up sandbox to work with latest build 2008-10-15 05:52:40 +00:00
Luke Taylor 7cc0965383 SEC-1001: Move core tiger code into core and adjust pom files 2008-10-03 15:23:31 +00:00
Luke Taylor 97381fb448 SEC-974: Made getExceptionMappings() protected. 2008-10-01 16:25:20 +00:00
Luke Taylor 4542f00b14 SEC-975: Namespace security syntax does not interpret properties 
http://jira.springframework.org/browse/SEC-975. Changed creation of AccessDeniedHandler to use a BeanDefinition to make sure placeholders work OK.
 2008-09-12 19:06:53 +00:00
Luke Taylor 5e4634d216 Minor Javadoc improvement. 2008-09-12 14:57:21 +00:00
Luke Taylor d291def963 Removed invalid comment. 2008-09-12 10:18:40 +00:00
Luke Taylor df59cb9dcd Import cleaning. 2008-09-11 14:41:00 +00:00
Luke Taylor ef0389ae79 SEC-976: Removed checks for presence of core-tiger classes. 2008-09-11 14:37:55 +00:00
Luke Taylor 5b9bb8ba54 [maven-release-plugin] prepare for next development iteration 2008-09-05 19:04:22 +00:00
Luke Taylor 73eed2656d [maven-release-plugin] prepare release spring-security-parent-2.0.4 2008-09-05 18:57:43 +00:00
Luke Taylor 8661e17df9 OPEN - issue SEC-960: DN Encoding in LDAPUserDetailsManager.changePassword() causes bind errors 
http://jira.springframework.org/browse/SEC-960. Replaced call to toUrl() with toString() to prevent URL encoding when setting up principal name for reconnect() in changePassword() method.
 2008-09-05 13:49:38 +00:00
Luke Taylor 5102be3a59 SEC-971: getter for cookieName in AbstractRememberMeServices 
http://jira.springframework.org/browse/SEC-971. Added getCookieName() method.
 2008-09-04 16:05:34 +00:00
Luke Taylor 4e2d6f8b2e SEC-967: TextUtils.java does not escape ampersand character 
http://jira.springframework.org/browse/SEC-967. Added escaping of '&' character
 2008-08-29 12:01:45 +00:00
Luke Taylor d781deffe7 OPEN - issue SEC-966: Consider adding escapeXml attribute to security:authentication 
http://jira.springframework.org/browse/SEC-966.  Added escaping of rendered text as default.
 2008-08-26 16:21:29 +00:00
Luke Taylor a4e4120443 SEC-963: LDAP Group Search Root 
http://jira.springframework.org/browse/SEC-963. Changed namespace instances of DefaultAuthoritiesPopulator to use the root as the default search location.
 2008-08-26 13:51:01 +00:00
Luke Taylor 83868a7334 SEC-955: ability to externalize port mapping for secured channel to a property file 
http://jira.springframework.org/browse/SEC-955. Changed schema to make port-mapping type xsd:string to allow placeholders.
 2008-08-26 13:20:01 +00:00
Luke Taylor 150f3d97d0 SEC-832: NamingEnumeration.hasMore fails on MS AD with PartialResultException 
http://jira.springframework.org/browse/SEC-832. Changed searchForSingleEntry method to ignore PartialResultException, similar to Spring LDAP's approach.
 2008-08-26 12:49:37 +00:00
Luke Taylor 7f28a8bc5d Refactored DefaultLdapAuthoritiesPopulator to remove contextSource field and setter method. 2008-08-26 12:38:02 +00:00
Luke Taylor 1cfd886517 SEC-922: Spring Security should respect Spring XML boolean operators for AJ pointcut 
http://jira.springframework.org/browse/SEC-922. Added method to substitute boolean operators "and, not, or" with aspectj versions "&&, !, ||".
 2008-08-18 23:31:14 +00:00
Luke Taylor bb457e1d07 SEC-957: logger.debug without guard causing massive performance hit 
http://jira.springframework.org/browse/SEC-957. Added debug logging guard as requested.
 2008-08-18 18:20:48 +00:00
Luke Taylor 09cf90258f SEC-758: Both AspectJSecurityInterceptor and AspectJAnnotationSecurityInterceptor not usable with @AspectJ notation 
http://jira.springframework.org/browse/SEC-758. Added "throws Throwable" to AspectJAnnotationCallback signature.
 2008-08-18 14:47:28 +00:00
Luke Taylor e15d7a78cd SEC-956: Remove MapBasedMethodDefinitionSource.lookupAttributes 
http://jira.springframework.org/browse/SEC-956. Done.
 2008-08-18 13:13:18 +00:00
Luke Taylor 3bf5e406b7 SEC-936: NPE in AbstractFallbackMethodDefinitionSource 
http://jira.springframework.org/browse/SEC-936. Changed to check if the value of MethodInvocation.getThis() is null to prevent NPE. MapBasedMethodDefinitionSource now ignores calls to findAttributes() with a null target class (all its entries require a class) and the fallback option in AbstractFallbackMethodDefinitionSource is used if the targetClass is null (i.e. Method.getDeclaringClass() will be used as the Class)
 2008-08-16 02:31:36 +00:00
Luke Taylor 55d357f42d OPEN - issue SEC-905: <protect-pointcut /> pointcuts do not respect method arguments 
http://jira.springframework.org/browse/SEC-905. Added extra registration method to MapBasedMethodDefinitionSource which takes a Method instance rather than the method name.
 2008-08-12 17:11:38 +00:00
Luke Taylor d9ab0758ee SEC-954: Removed test dependency on AbstractMethodDefinitionSource. 2008-08-12 17:08:55 +00:00
Luke Taylor 36b35e3b1f CLOSED - issue SEC-953: Query string isn't ignored while url - filterchain pattern matching 
http://jira.springframework.org/browse/SEC-953. Fixed autoboxing issue.
 2008-08-11 21:15:09 +00:00
Luke Taylor 39a656eb78 OPEN - issue SEC-953: Query string isn't ignored while url - filterchain pattern matching 
http://jira.springframework.org/browse/SEC-953. Added stripQueryStringFromUrls parameter to FilterChainProxy which works the same as the one on DefaultFilterInvocationDefinitionSource. This defaults to true when used with ant path matching.
 2008-08-11 19:15:33 +00:00
Luke Taylor b6dec19e90 SEC-932: Added supplied class and test class. 2008-08-11 16:36:01 +00:00
Luke Taylor 3ab9fcdcaf Tidying. 2008-08-11 15:05:16 +00:00
Luke Taylor 3a9eb018ba SEC-950: Added test to attempt to reproduce problem. 2008-08-08 15:41:14 +00:00
Luke Taylor b3a23b4377 Some minor improvements to schema comments 2008-08-07 19:15:13 +00:00