Rob Winch
3118e39de8
SEC-2542: Use exclusions to remove duplicate dependencies
...
A number of projects had duplicate dependencies on their classpaths
as a result of the same classes being available in more than one
artifact, each with different Maven coordinates. Typically this only
affected the tests, but meant that the actual classes that were
loaded was somewhat unpredictable and had the potential to vary
between an IDE and the command line depending on the order in which
the aritfacts appeared on the classpath. This commit adds a number of
exclusions to remove such duplicates.
In addition to the new exclusions, notable other changes are:
- Spring Data JPA has been updated to 1.4.1. This brings its
transitive dependency upon spring-data-commons into line with
Spring LDAP's and prevents both spring-data-commons-core and
spring-data-commons from being on the classpath
- All Servlet API dependencies have been updated to use the official
artifact with all transitive dependencies on unofficial servlet API
artifacts being excluded.
- In places, groovy has been replaced with groovy-all. This removes
some duplicates caused by groovy's transitive dependencies.
- JUnit has been updated to 4.11 which brings its transitive Hamcrest
dependency into line with other components.
There appears to be a bug in Gradle which means that some exclusions
applied to an artifact do not work reliably. To work around this
problem it has been necessary to apply some exclusions at the
configuration level
Conflicts:
samples/messages-jc/pom.xml
2014-04-02 09:47:26 -05:00
Rob Winch
9988fa141c
Update Spring Security version in pom.xml
2014-03-06 08:13:52 -06:00
Rob Winch
6be4e3a9fc
SEC-2506: Remove Bundlor Support
2014-03-05 13:32:16 -06:00
Rob Winch
7f99a2dfbb
SEC-2487: Update to Spring 3.2.8.RELEASE
2014-02-19 09:30:40 -06:00
Rob Winch
ec8b48150d
SEC-2474: Update poms
2014-02-07 17:01:11 -06:00
Rob Winch
a34178bc40
SEC-2434: Update to Spring 3.2.6 and Spring 4.0 GA
2013-12-12 08:16:59 -06:00
Rob Winch
4460e84b29
Updates to pom.xml author and repo
2013-12-09 08:57:30 -06:00
Rob Winch
2c8946c406
Next development version
2013-11-01 14:20:55 -05:00
Spring Buildmaster
9c703a3051
Release version 3.2.0.RC2
2013-11-01 14:20:49 -05:00
Rob Winch
88f41cdf62
SEC-2341: Update to Gradle 1.8
...
Some dependencies were necessary to update due to issues with JUnit
integration.
2013-09-24 15:35:51 -05:00
Rob Winch
3d2f23602f
SEC-2294: Update Spring Version to 3.2.4.RELEASE
2013-08-31 11:26:43 -05:00
Rob Winch
086056f191
SEC-2289: Make compatible with Spring 4 as well
...
There are a few subtle changes in Spring 4 that this commit addresses
2013-08-27 16:43:10 -05:00
Rob Winch
976d9a9016
SEC-2194: Polish java config sample apps
2013-08-08 14:33:54 -05:00
Rob Winch
5e6ca12b01
SEC-2097: Update integrationTestCompile to use optional and provided
...
Also update slf4j version and remove explicit commons-logging from pom generation
2013-07-16 15:59:06 -05:00
Rob Winch
02551e1b7a
SEC-2214: Update Spring Version
2013-07-16 15:15:47 -05:00
Rob Winch
faa8b354b7
SEC-2209: add pom.xml
2013-07-16 15:15:47 -05:00
Rob Winch
07c3fdf8a7
SEC-2195: Update Groovy, Geb, Spock, httpcomponents, and Jetty
2013-07-16 15:02:39 -05:00
Rob Winch
e88800cd9b
SEC-2187: Polish
...
Create private utf8UrlEncode method to improve readability
2013-07-05 10:24:10 -05:00
Tom Boettcher
54c1c20c69
SEC-2187: Encode query parameter names and values in return_to URL
2013-07-05 09:47:18 -05:00
Rob Winch
1ed643ca1f
SEC-1998: Provide integration with WebAsyncManager#startCallableProcessing
...
Support integration of the Spring SecurityContext on Callable's used with
WebAsyncManager by registering SecurityContextCallableProcessingInterceptor.
2012-11-28 17:56:03 -06:00
Luke Taylor
a573e7b395
SEC-1820: Added null check for attributesToFetch in OpenID4JavaConsumer.
2011-09-20 21:46:21 +01:00
Rob Winch
4a000d040c
SEC-1815: Downgrade openid to use HttpClient 4.1.1 to avoid bug in openid4java's usage of HttpClient
2011-09-18 18:52:27 -05:00
Luke Taylor
8ce4d326f5
Update HttpClient to 4.1.2 and removed incorrect bundlor references to commons version.
2011-08-12 00:23:29 +01:00
Luke Taylor
0120643721
SEC-1794: Convert OpenIDAuthenticationStatus to an enum.
2011-08-10 17:09:33 +01:00
Luke Taylor
89fa771093
SEC-1753: Cater for missing DiscoveryInformation object in OpenID4JavaConsumer.endConsumption.
2011-07-13 22:29:47 +01:00
Luke Taylor
6c9ab570a2
SEC-1729: Fix openid4java guice dependencies to use Maven Central.
2011-04-27 22:13:15 +01:00
Rob Winch
855ea73117
SEC-1729: Updated gradle to reference guice maven repo for all projects
2011-04-27 00:19:58 -05:00
Rob Winch
bd74185e41
SEC-1729: Updated openid module and sample to openid4java 0.9.6 and httpclient 4.1.1
2011-04-26 23:39:51 -05:00
Rob Winch
ae5b402651
SEC-1729: Revert "SEC-1710: Added shutdown method to OpenID4JavaConsumer that invokes MultiThreadedHttpConnectionManager.shutdownAll()" since it is superseded by SEC-1729
...
This reverts commit 62ba0fca5c
.
2011-04-26 19:53:32 -05:00
Rob Winch
a6b0c265db
SEC-1729: Revert "SEC-1711: Support verifying that attribute exchange parameters were signed" since it is superseded by SEC-1729
...
This reverts commit 68ba11ba7b
.
2011-04-26 19:52:44 -05:00
Luke Taylor
8178371927
SEC-1700: Add fixed serializationVersionUID values to security context, authentication tokens and related classes
2011-04-21 19:55:32 +01:00
Luke Taylor
23df97f44a
Added missing HttpClient version information to openid bundlor template file.
2011-04-20 11:38:26 +01:00
Luke Taylor
4dc5d7d16e
Typo.
2011-04-14 18:04:38 +01:00
Rob Winch
5c05575c0d
Cleaned up warnings in openid module
2011-04-07 23:28:34 -05:00
Rob Winch
68ba11ba7b
SEC-1711: Support verifying that attribute exchange parameters were signed
2011-04-07 23:28:34 -05:00
Rob Winch
62ba0fca5c
SEC-1710: Added shutdown method to OpenID4JavaConsumer that invokes MultiThreadedHttpConnectionManager.shutdownAll()
2011-04-07 23:28:05 -05:00
Luke Taylor
4a1908188a
SEC-1701: Trim claimed identity parameter value before submitting to OpenID4Java.
2011-03-25 19:13:06 +00:00
Luke Taylor
84ba7a0ea9
Additional tests for OpenID classes and minor refactoring of OpenID4JavaConsumer for easier testing.
2011-02-10 19:56:28 +00:00
Luke Taylor
b0df1bd1b0
SEC-1673: Use a map to store the range values use in the bundlor templates.
2011-02-07 16:06:23 +00:00
Luke Taylor
43be9ea2a4
SEC-1430: Removed caching of username in session upon failed authentication. Improved Javadoc.
2010-11-26 13:58:49 +00:00
Luke Taylor
d64efe9747
SEC-1492: Added GrantedAuthoritiesMapper to provide mapping of loaded authorities to those which are eventually stored in the user Authentication object.
2010-11-25 15:19:37 +00:00
Luke Taylor
265cdaf2a6
SEC-1595: Added extra constructor to OpenID4JavaConsumer which takes a ConsumerManager to allow a version compatible with GAE to be injected.
2010-11-02 20:19:16 +00:00
Luke Taylor
21ed5feb8d
SEC-1600: Added Implementation-Version and Implementation-Title to manifest templates and checking of version numbers in namespace config module and core. Config checks the version of core it is running against and core checks the Spring version, reporting any mismatches or situations where the app is running with less than the recommended Spring version.
2010-10-27 13:25:40 +01:00
Luke Taylor
f4d57ab5e8
SEC-1456: Remove maven poms as we are now using gradle for the build.
2010-08-30 19:02:19 +01:00
Luke Taylor
85c4c91e0e
IDEA inspection refactorings.
2010-08-05 23:28:07 +01:00
Luke Taylor
2d9a848265
Added missing gradle build files for remaining samples. Some related reordering, dependency fixing etc. CAS sample no longer requires two separate subprojects as both client and server app can be run from a single gradle build.
2010-07-27 02:20:36 +01:00
Luke Taylor
0e57ce2dc3
SEC-1481: Updated constructors of Authentication types to use a generic wildcard for authorities collection.
2010-05-21 15:59:50 +01:00
Luke Taylor
2f025fba6c
SEC-1460: Added AxFetchListFactory which matches OpenID identifiers to lists of attributes to use in a fetch-request.
...
This allows different configurations to be used based on the identity-provider (google, yahoo etc). The default implementation iterates through a map of regex patterns to attribute lists. The namespace has also been extended to support this facility, with the "identifier-match" attribute being added to the attribute-exchange element. Multiple attribute-exchange elements can now be defined, each matching a different identifier.
2010-04-20 23:47:48 +01:00
Luke Taylor
f5468087c2
Remove cached DiscoveryInformation from session in OpenID4JavaConsumer's endConsumption method.
2010-04-20 23:47:47 +01:00
Luke Taylor
d3d9c5db59
Refactoring of UserDetailsService injection (for X509, OpenID and RememberMeServices) to use a factory bean rather than a post-processor.
2010-04-20 23:47:47 +01:00