Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-21 22:05:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,005 Commits 33 Branches 337 Tags
Commit Graph

442 Commits

Author SHA1 Message Date
Luke Taylor
30088f19ae SEC-1806: Log that bean definition is being created rather than bean in LdapServerBDP. 2011-10-31 23:50:06 +00:00
Luke Taylor
2f67bb3032 SEC-1847: Add authentication-manager-ref attribute to http and global-method-security namespace elements. 2011-10-30 21:51:02 +00:00
Luke Taylor
44e2543015 Minor changes to make filter chain validation more robust with custom request matchers. 2011-10-24 21:21:10 +01:00
Luke Taylor
f2786805e6 SEC-1841: Added request-matcher-ref attribute to namespace for defining a filter chain. 2011-10-21 20:04:35 +01:00
Luke Taylor
58f7d3acc6 SEC-1835: Changed xsd:ID to xsd:token. 2011-10-21 18:35:06 +01:00
Luke Taylor
ac6ed671a1 SEC-1830: Use constructor injection in namespace parsing code for creation of ProviderManager 2011-09-26 18:24:36 +01:00
Luke Taylor
a1c714cff4 SEC-1754: Added an InvalidSessionStrategy to allow SessionManagementFilter to delegate out the behaviour when an invalid session identifier is submitted. 2011-07-14 16:43:02 +01:00
Luke Taylor
f92589f051 Extract a SecurityFilterChain interface and create a default implementation to facilitate other configuration options. 2011-07-06 00:12:48 +01:00
Luke Taylor
73442125de SEC-1775: Removed internal use of UserAttribute class in AnonymousAuthenticationFilter. 2011-07-04 21:09:48 +01:00
Luke Taylor
5d20f57fa8 Import cleaning. 2011-07-02 20:36:42 +01:00
Rob Winch
85807fdfd0 Removed @Overrides from method that implements interface instead of overriding superclass to resolve Java 1.5 error 2011-06-21 07:22:35 -05:00
Luke Taylor
5a1ddc660b SEC-1768: Added tests to reproduce "double-proxying" issue combining intercept-methods and tx-annotation-driven. Problem is caused by use of ProxyFactoryBean with auto-proxying. 2011-06-18 14:32:31 +01:00
Luke Taylor
52c0ee6756 Improve error reporting of missing web classes in namespace handler. Now catches and logs the class-loading error. 2011-06-13 13:39:55 +01:00
Luke Taylor
e8a1a6e40b Added spring-expression to config module testCompile to fix build. 2011-05-19 23:50:35 +01:00
Luke Taylor
27caecd53f SEC-1452: Added namespace support for custom expression handler for use with web access expressions. 2011-05-19 15:27:58 +01:00
Luke Taylor
1b8eee6f07 Improve "missing web classes" message in SecurityNamespaceHandler, by indicating that a missing transitive dependency may also be the problem. 2011-05-16 00:19:30 +01:00
Rob Winch
92face623a SEC-1738: removed accidental commit of writeNewPom task 2011-05-10 23:23:13 -05:00
Rob Winch
3d24d6f672 SEC-1738: Changed openid4java to be testCompile dependency of spring security config 2011-05-10 23:17:36 -05:00
Luke Taylor
6e91786f92 SEC-1734: AbstractRememberMeServices will now default to using a secure cookie if the connection is secure. The behaviour can be overridden by setting the useSecureCookie property in which case the cookie will either always be secure (true) or never (false). 2011-05-09 13:36:23 +01:00
Luke Taylor
25ebc5e5f4 Fix openid dep in config.gradle. Should be a testCompile dep. 2011-04-29 14:04:32 +01:00
Rob Winch
bd74185e41 SEC-1729: Updated openid module and sample to openid4java 0.9.6 and httpclient 4.1.1 2011-04-26 23:39:51 -05:00
Luke Taylor
c4a1ce9f1a SEC-1725: Update docs to remove references to filter-chain-map. 2011-04-25 23:38:44 +01:00
Luke Taylor
b5924db74d SEC-1725: Add option to filter-chain to use an explicit request-matcher-ref instead of a "path" attribute. 2011-04-25 23:20:15 +01:00
Luke Taylor
04dc65c8fe SEC-1657: Corresponding namespace updates to use SecurityFilterChain list in place of filterChainMap. 2011-04-25 13:48:47 +01:00
Luke Taylor
71ed6d7964 SEC-1720: Avoid bean-creation side-effects in ContextSourceSettingPostProcessor. 2011-04-20 11:58:00 +01:00
Luke Taylor
8d702a4f98 SEC-1699: Make sure a FilterInvocation is passed to the AccessDecisionManager when checking the login page access in DefaultFilterChainValidator. 2011-04-14 18:04:29 +01:00
Luke Taylor
160fed1bfe SEC-1713: Fix typo in schema RNC file. 2011-04-08 17:22:57 +01:00
Luke Taylor
3f1d8782c3 Minor fix to bundlor template for config module. 2011-04-06 14:02:01 +01:00
Luke Taylor
8d99918798 SEC-1491: Add support for an external priority SecurityMetadataSource to be referenced from global-method-security. 2011-04-05 15:07:43 +01:00
Luke Taylor
ddaf9eb64f SEC-1705: Make sure a single OpenIDAuthenticationFilter bean is created by the namespace. Likewise for UsernamePasswordAuthenticationFilter. 2011-03-31 21:09:54 +01:00
Luke Taylor
ccc548b9e4 Fixing bundlor warnings. 2011-03-08 16:20:37 +00:00
Luke Taylor
088042b3d0 Upgrade spock and groovy versions, and make sure apacheDS work directory is set for config integrationTest task. 2011-02-14 19:03:08 +00:00
Luke Taylor
bc2448419b SEC-1679: Make sure whitespace is trimmed from cookie names when specifying multiple cookies. 2011-02-14 19:02:28 +00:00
Luke Taylor
27be72a81c SEC-1677: Split out LDAP server tests from config module. 2011-02-14 19:01:27 +00:00
Luke Taylor
b0df1bd1b0 SEC-1673: Use a map to store the range values use in the bundlor templates. 2011-02-07 16:06:23 +00:00
Luke Taylor
866615ceaa SEC-1662: Cater for the case where a user uses two <http> elements without patterns and the RequestMatcher does not have two arguments. 2011-01-26 16:39:50 +00:00
Luke Taylor
2eefbf3a23 SEC-1657: Added support for 'name' attribute in <http> element to expose filter chain as a list bean. 2011-01-14 17:21:22 +00:00
Luke Taylor
6de2197c0f SEC-1653: Ensure UserDetailsServiceFactoryBean is registered using the tools API to prevent errors in STS. 2011-01-11 00:10:07 +00:00
Luke Taylor
6779822325 Remove GRADLE-1090 workarounds from config.gradle. 2011-01-07 18:28:21 +00:00
Luke Taylor
8d7830a1ee SEC-1603: Add support in namespace for use of AuthenticationSuccessHandler with remember-me. 2011-01-06 15:16:13 +00:00
Rob Winch
1ed5227d75 Removed @Override from HttpFirewallBeanDefinitionParser.parse since it does not override a method definition, it implements one. 
Fixed The method parse(Element, ParserContext) of type HttpFirewallBeanDefinitionParser must override a superclass method	HttpFirewallBeanDefinitionParser.java	/spring-security-config/src/main/java/org/springframework/security/config/http	line 23	Java Problem
 2010-12-16 22:20:20 -06:00
Luke Taylor
2be2660b13 SEC-1636: Add optimizations for simple pattern cases in AntPathRequestMatcher. "/**" and "**" are treated as universal matches and a trailing "/**" is now optimized using a substring match. 2010-12-11 21:56:35 +00:00
Luke Taylor
4a40d80da1 SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority. 
It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
 2010-12-03 16:41:46 +00:00
Luke Taylor
441aa25383 SEC-1615: Changed key generation for anonymous provider to only use SecureRandom on demand. 2010-12-01 20:52:37 +00:00
Luke Taylor
b9a98613eb SEC-1593: Added tests to try to reproduce issue. 2010-11-03 19:37:25 +00:00
Luke Taylor
21ed5feb8d SEC-1600: Added Implementation-Version and Implementation-Title to manifest templates and checking of version numbers in namespace config module and core. Config checks the version of core it is running against and core checks the Spring version, reporting any mismatches or situations where the app is running with less than the recommended Spring version. 2010-10-27 13:25:40 +01:00
Luke Taylor
f70942c6f5 SEC-1589: Add support for property placeholder in intercept-methods access attribute. 2010-10-27 13:25:39 +01:00
Luke Taylor
173537f4f2 SEC-1584: Added namespace support for injecting custom HttpFirewall instance into FilterChainProxy. 2010-10-27 13:25:39 +01:00
Luke Taylor
0961671772 Reinstated missing 3.0.3 schema file 2010-10-27 13:25:39 +01:00
Luke Taylor
f455e9a5a4 SEC-1584: Documentation of request-checking and matching process. Logging of servletPath and and pathInfo in DebugFilter for comparison. 2010-10-27 13:25:39 +01:00