Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,745 Commits 34 Branches 334 Tags 114 MiB
Commit Graph

1528 Commits

Author SHA1 Message Date
Luke Taylor 4ae40150c9 SEC-752: ClassLoading in GlobalMethodSecurityBeanDefinitionParser doesn't work in tooling 
http://jira.springframework.org/browse/SEC-752. Removed check for JSR-250 class.
 2008-04-13 20:59:39 +00:00
Luke Taylor 552dc6486a SEC-703: Expose customization of SQL used by <jdbc-user-service> 
http://jira.springframework.org/browse/SEC-703. Added suggested attributes for sql queries.
 2008-04-13 20:51:40 +00:00
Luke Taylor d6e5dbbcfd SEC-767: Added override for flushBuffer in response wrapper. 2008-04-13 20:22:31 +00:00
Luke Taylor 9d54c2d22b OPEN - issue SEC-637: Dependency on RequestUtils 
http://jira.springframework.org/browse/SEC-637. Removed use of ServletRequestUtils in AbstractRememberMeServices
 2008-04-13 12:53:01 +00:00
Luke Taylor 0422cb1f8f Fixed artifact groups for aspectjrt and added cas sample to project build 2008-04-13 00:08:18 +00:00
Luke Taylor 83c152e379 SEC-768: Changed exception to error reported through parser context. Added entry-point-ref to cas config 2008-04-13 00:02:46 +00:00
Luke Taylor a2f4ee1c58 SEC-767: Added check for committed response before attempting to create a new session 2008-04-12 23:18:03 +00:00
Luke Taylor 2d3bc27d06 SEC-755: Updated bundle names in line with Christian's recommendations. 2008-04-12 18:38:06 +00:00
Luke Taylor d0ae8e072d Refactored out safeGetHttpSession method to remove multiple try/catch IllegalArgumentException blocks round request.getSession() calls. 2008-04-12 15:01:52 +00:00
Luke Taylor 6b86b05a0a Removed autoboxing 2008-04-11 23:22:36 +00:00
Luke Taylor d288f722a8 OPEN - issue SEC-759: GrantedAuthoritiesContainer should extend Serializable 
http://jira.springframework.org/browse/SEC-759. Added Serializable to interface.
 2008-04-11 17:25:41 +00:00
Luke Taylor 3b3d339393 SEC-764: Added support for "position" attribute. Also added "LAST" as an option for filter position. 2008-04-11 17:01:08 +00:00
Luke Taylor 7145198e5a OPEN - issue SEC-763: Allow setting of alwaysUseDirectTargetUrl via form-login namespace URL 
http://jira.springframework.org/browse/SEC-763. Added always-use-default target attribute to namespace.
 2008-04-11 12:03:55 +00:00
Luke Taylor a3de51ea51 Fixed typo in constant name. 2008-04-09 23:41:27 +00:00
Luke Taylor 029f8a2409 Made test method getFilters on FilterChainProxy default access. 2008-04-07 22:41:50 +00:00
Luke Taylor a2d2c6b67a Corrected element name. 2008-04-07 22:28:47 +00:00
Luke Taylor 243b5f4a2a SEC-746: impossible to specify errorPage for the AccessDeniedHandlerImp when using namespace based configuration 
http://jira.springframework.org/browse/SEC-746. Added access-denied-page to http element.
 2008-04-07 22:17:09 +00:00
Luke Taylor f57ba43780 SEC-673: Reinstated a bean registration that had accidentally bean removed by the last patch, breaking core-tiger tests. 2008-04-07 21:05:13 +00:00
Luke Taylor 80dbc4fd75 SEC-673: Applied patch from Christian. 2008-04-07 20:20:58 +00:00
Luke Taylor 594b69b7ef SEC-754: Changed tests to use unicode escapes rather than explicit UTF-8. 2008-04-07 18:05:45 +00:00
Luke Taylor 236e310ea7 SEC-747: impossible to specify "observeOncePerRequest" property in the namespace based configuration. 
http://jira.springframework.org/browse/SEC-747. Added once-per-request attribute to http element.
 2008-04-07 15:30:27 +00:00
Luke Taylor 6612d0f729 SEC-754: Fixed wrong array length and added tests for encoding non-ascii password. 2008-04-07 14:13:40 +00:00
Luke Taylor 6d1932da33 SEC-753: Changed Spring version range in felix plugin to [2.0,2.6) to allow use with minor 2.5 versions. 2008-04-07 12:39:00 +00:00
Luke Taylor 92ad1ecf81 Typo in Javadoc. 2008-04-06 00:08:41 +00:00
Luke Taylor 67d5a5b814 SEC-750: Support for JPA PersistenceContext annotation broken 
http://jira.springframework.org/browse/SEC-750. Updates to prevent the HttpSecurityPostProcessor from causing beans to be instantiated. Added a simplified test case to HttpSecurityBeanDefinitionParserTests.
 2008-04-06 00:04:50 +00:00
Luke Taylor a43d054bd7 Removed comment about status checking as it is not entirely correct and misleads people. 2008-04-04 19:40:28 +00:00
Luke Taylor 21e83e8364 [maven-release-plugin] prepare for next development iteration 2008-04-01 15:03:29 +00:00
Luke Taylor 91ed7dceb6 [maven-release-plugin] prepare release release_2_0_0_RC1 2008-04-01 15:01:30 +00:00
Luke Taylor 3cb504fa95 Fixed jdk 1.4 compatibility issues 2008-04-01 14:32:31 +00:00
Luke Taylor e05d1da102 Refactored AuthenticationUserDetailsService to userdetails package as it isn't preauth specific 2008-03-31 23:08:30 +00:00
Luke Taylor f898bec370 OPEN - issue SEC-742: IllegalArgumentException if namespace configuration defines RememberMeServices without BasicProcessingFilter 
http://jira.springframework.org/browse/SEC-742. Fix. Post processor was assuming there was a BasicProcessinFilter in the app context when a remember-me services was present.
 2008-03-31 22:44:11 +00:00
Luke Taylor c347834401 OPEN - issue SEC-605: JdbcDaoImpl of UserDetailsService should provide a method for customizing creation of the final UserDetails object 
http://jira.springframework.org/browse/SEC-605. Added a createUserDetails method and also some other methods which are responsible for executing the individual queries for loading the userinformation and authorities.
 2008-03-31 18:01:07 +00:00
Luke Taylor 40e51dd5fe OPEN - issue SEC-649: Add user-service-ref attribute to remember-me namespace element 
http://jira.springframework.org/browse/SEC-649. Added attribute to namespace and parsing support.
 2008-03-31 17:27:58 +00:00
Luke Taylor cc752cfc28 OPEN - issue SEC-732: Encapsulate query objects in JdbcDaoImpl and JdbcUserDetailsManager 
http://jira.springframework.org/browse/SEC-732. Updated these classes to hide the internal query and update objects to allow future refactoring.
 2008-03-31 16:52:31 +00:00
Luke Taylor 53b084e2f9 Simple tests to detect invalid configurations, particularly when the namespace has been updated without applying the spring-security.xsl transformation, which prevents certain elements from appearing at top level. 2008-03-31 16:30:28 +00:00
Luke Taylor b1ae4922d2 SEC-726: Added entry-point-ref to <http> namespace element to allow customization of authentication process. 2008-03-31 16:22:40 +00:00
Luke Taylor 9db55f336c SEC-739: Removed siteminder provider code. 2008-03-31 12:23:32 +00:00
Luke Taylor 512c64fb98 SEC-738: Add session-registry-alias attribute to concurrent-session-control 
http://jira.springframework.org/browse/SEC-738. Added this attribute. Also various bugfixes in handling of attribute names for concurrent session control.
 2008-03-31 12:01:37 +00:00
Luke Taylor 07f820f1a6 Minor portlet-related changes suggested by John Lewis: Javadoc and default values of booleans. 2008-03-31 10:10:13 +00:00
Luke Taylor c9b6fe9555 OPEN - issue SEC-657: Create pre-authenticated processing filter which obtains username from request header 
http://jira.springframework.org/browse/SEC-657. Added filter and test class.
 2008-03-30 13:37:13 +00:00
Luke Taylor b98c72056a SEC-728: Change use of String.getBytes() in password encoders to use UTF-8 2008-03-29 15:21:31 +00:00
Luke Taylor 1463b9769d SEC-629: authentication-provider doesn't support caching. 
http://jira.springframework.org/browse/SEC-629. Added support for cache-ref elements on jdbc-user-service and ldap-user-service
 2008-03-28 17:55:12 +00:00
Luke Taylor db6fafaf56 SEC-629: authentication-provider doesn't support caching. Refactored MockUserCache class to top level 2008-03-28 14:17:05 +00:00
Luke Taylor 1fece47b49 SEC-691: Applied patch to allow setting of returned user attributes from LDAP search. 2008-03-27 14:41:11 +00:00
Luke Taylor 350a626587 SEC-477: Added preauthenticated websphere contribution. 2008-03-27 14:25:17 +00:00
Luke Taylor 584853bbcb Tidied imports. 2008-03-26 21:49:26 +00:00
Luke Taylor ef5b3e2f9c SEC-733: Changed names of <global-method-security> attributes as discussed with Ben and updated sample to reflect the changes. Also changed explicit instantiation of Jsr250 and Secured annotation MethodDefinitionSource beans in GlobalMethodSecurityBDP into bean definitions to make more tooling friendly. 2008-03-26 21:48:24 +00:00
Luke Taylor 9ea2408ac6 Fixed error in choosing main entry point (it's an alias not a bean name, so doesn't appear in the entry map - you have to get it direct from the bean factory). 2008-03-26 17:34:42 +00:00
Luke Taylor 1b8a3c5673 SEC-689: Updated session fixation protection namespace support to set session registry on SessionFixationProtectionFilter. 2008-03-26 14:51:16 +00:00
Luke Taylor eeb14b3965 Changed filter order numbers to start at zero (makes them more readable in log compared with large negative numbers) 2008-03-26 12:22:26 +00:00