Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,612 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

105 Commits

Author SHA1 Message Date
Rob Winch ce20cfcb98 Revert "Remove MaxPermSize" 
Continue to support older JDK versions

This reverts commit d27abdb168.
 2016-03-15 15:20:03 -05:00
Rob Winch 1c008cd56e Disable DEBUG logs 
Fixes gh-3757
 2016-03-15 08:37:01 -05:00
Rob Winch 1382bd728b Clean up Javadoc log levels 
Issue gh-3757
 2016-03-15 08:37:01 -05:00
Rob Winch d27abdb168 Remove MaxPermSize 
Fixes gh-3578
 2016-03-15 08:37:00 -05:00
Rob Winch 36c381a06a Update to Java 1.6 
Fixes gh-3756
 2016-03-15 08:37:00 -05:00
Rob Winch 6bd16fc686 Extract ide.gradle 
Issue gh-3747
 2016-03-14 00:15:14 -05:00
Rob Winch bb600a473e Start AssertJ Migration 
Issue gh-3175
 2016-03-09 14:26:30 -06:00
Justine Tunney 3bbcbaae9c Upgrade Apache Commons Collections to v3.2.2 
Version 3.2.1 has a CVSS 10.0 vulnerability. That's the worst kind of
vulnerability that exists. By merely existing on the classpath, this
library causes the Java serialization parser for the entire JVM process
to go from being a state machine to a turing machine. A turing machine
with an exec() function!

https://commons.apache.org/proper/commons-collections/security-reports.html
http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
 2016-03-08 08:56:01 -06:00
Rob Winch fc75a679d9 Polish SCryptPasswordEncoder 
* JKD8 Base64 -> Spring Security's Base64 to continue to support older JDKs
* Spaces to tabs
* Javadoc cleanup
* Remove of @Override to compile in Eclipse

Issue gh-3702
 2016-03-03 14:06:08 -06:00
Rob Winch 3480e3c05c Remove check.dependsOn springSnapshotTest 2015-12-21 16:09:59 -06:00
Rob Winch 3a8aec0c2f SEC-3178: Update to JUnit 4.12 2015-12-21 14:53:07 -06:00
Rob Winch e66eb539cc SEC-3173: Update to cas-client-3.4.1 2015-12-15 09:50:54 -06:00
Rob Winch 7914b96e23 SEC-3077: Update to Groovy 2.4.4 2015-08-19 16:05:14 -05:00
Andy Wilkinson 92c23fbbdc Upgrade to a version of Powermock that’s compatible with JUnit 4.12 2015-07-13 15:42:50 -05:00
Rob Winch 848523e47a SEC-3029: Add springSnapshotTests 
Test against Spring Framework's latest Snapshots
 2015-07-07 22:43:06 -05:00
Rob Winch a1ff94a34e SEC-2922: Specify Version in Manifest 2015-04-20 16:39:53 -05:00
Rob Winch d5dfeeca49 SEC-2927: Update chat-jc pom so Maven Builds 
Previously there were some incorrect dependency versions. This commit fixes
that.

We added dependencyManagement for Spring Framework and corrected
Thymeleaf and embedded redis versions.
 2015-04-20 15:53:26 -05:00
Rob Winch 0a2e496a84 SEC-2915: groovy/gradle spaces->tabs 2015-03-25 13:08:59 -05:00
Rob Winch 37740cd020 SEC-2861: Add WebSocket Documentation & Sample 2015-02-24 10:29:47 -06:00
Rob Winch 11116c2b80 SEC-2787: Update Versions 2014-12-10 16:37:19 -06:00
Rob Winch c67ff42b8a SEC-2783: XML Configuration Defaults Should Match JavaConfig 
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
 2014-12-08 15:09:15 -06:00
Rob Winch dfa17bdb98 SEC-2747: Remove spring-core dependency from spring-security-crypto 2014-11-20 16:16:22 -06:00
Rob Winch 02c3565e22 Fix compiling in Eclipse 2014-09-16 10:18:46 -05:00
Rob Winch 6321665353 SEC-2676: Update to Spring Data Evans RC1 2014-08-15 20:46:59 -05:00
Rob Winch 1f861f512a SEC-2676: Add SpEL Spring Security Integration 2014-07-29 20:04:37 -05:00
Rob Winch 47e02c41b6 SEC-2647: IntelliJ testSourceDirs 2014-06-17 16:38:43 -05:00
Rob Winch 10c4d8f1af SEC-2651: Update Thymeleaf to Spring 4 variants in samples 2014-06-12 16:48:04 -05:00
Rob Winch 82e89db1c8 SEC-2622: Add integration test support to samples 2014-06-12 12:14:37 -05:00
Rob Winch fb25273672 SEC-2617: Fix JSTL Samples 2014-06-12 12:01:04 -05:00
Rob Winch 26ffbeadf0 SEC-2647: Add integration test classpath in IntelliJ 2014-06-12 11:37:42 -05:00
Rob Winch e6e35932ed SEC-2603: Fix config groovy integration tests 2014-05-20 23:15:39 -05:00
Rob Winch 76bf378077 SEC-2580: Include ApacheDS in samples/ldap-xml 2014-05-01 11:28:27 -05:00
Rob Winch 00e1094178 Add springio-platform plugin 2014-04-23 14:35:22 -05:00
Rob Winch ccf96a4d69 SEC-2542: Polish dependency exclusions 
This cleans up exclusions so the pom.xml are not as cluttered.
 2014-04-02 09:47:29 -05:00
Rob Winch 3118e39de8 SEC-2542: Use exclusions to remove duplicate dependencies 
A number of projects had duplicate dependencies on their classpaths
as a result of the same classes being available in more than one
artifact, each with different Maven coordinates. Typically this only
affected the tests, but meant that the actual classes that were
loaded was somewhat unpredictable and had the potential to vary
between an IDE and the command line depending on the order in which
the aritfacts appeared on the classpath. This commit adds a number of
exclusions to remove such duplicates.

In addition to the new exclusions, notable other changes are:

 - Spring Data JPA has been updated to 1.4.1. This brings its
   transitive dependency upon spring-data-commons into line with
   Spring LDAP's and prevents both spring-data-commons-core and
   spring-data-commons from being on the classpath
 - All Servlet API dependencies have been updated to use the official
   artifact with all transitive dependencies on unofficial servlet API
   artifacts being excluded.
 - In places, groovy has been replaced with groovy-all. This removes
   some duplicates caused by groovy's transitive dependencies.
 - JUnit has been updated to 4.11 which brings its transitive Hamcrest
   dependency into line with other components.

There appears to be a bug in Gradle which means that some exclusions
applied to an artifact do not work reliably. To work around this
problem it has been necessary to apply some exclusions at the
configuration level

Conflicts:
	samples/messages-jc/pom.xml
 2014-04-02 09:47:26 -05:00
Rob Winch 6be4e3a9fc SEC-2506: Remove Bundlor Support 2014-03-05 13:32:16 -06:00
Rob Winch 4a1a2dfed4 Update min Spring version of 4.0.2.REELASE 2014-02-19 11:16:57 -06:00
Rob Winch e17adad878 SEC-2469: Support Spring LDAP 2.0.1+ 2014-02-12 08:11:26 -06:00
Rob Winch 2df5541905 SEC-2448: Update to HSQL 2.3.1 2013-12-14 10:19:06 -06:00
Rob Winch 4708287ad3 SEC-2444: Convert Java Config samples to thymeleaf and tiles 2013-12-13 15:47:28 -06:00
Rob Winch 4672c2a1f7 SEC-2430: Add Maven BOM 2013-12-09 15:51:49 -06:00
Rob Winch 74a6303b6f SEC-2385: Document how to use with Spring 4 2013-12-04 12:38:45 -06:00
Rob Winch 88f41cdf62 SEC-2341: Update to Gradle 1.8 
Some dependencies were necessary to update due to issues with JUnit
integration.
 2013-09-24 15:35:51 -05:00
Rob Winch c156716be8 Ensure single version of org.slf4j 2013-09-18 16:13:03 -05:00
Rob Winch 53a0db6be1 SEC-2313: Gradle javadoc hotfix 2013-09-11 15:30:50 -07:00
Rob Winch 7203faf34f SEC-2300: Update Spring LDAP version to 1.3.2.RELEASE 2013-08-31 11:26:43 -05:00
Rob Winch 3d2f23602f SEC-2294: Update Spring Version to 3.2.4.RELEASE 2013-08-31 11:26:43 -05:00
Rob Winch ae368829f4 Tweak PermGen for tests 2013-08-28 13:30:25 -05:00
Rob Winch e1dfa81a0f GRADLE-1116: Add back workaround for depending on test sources 2013-08-13 09:13:02 -05:00
Rob Winch 54bf6c846b SEC-2097: Remove configure() blocks from gradle/*.gradle 2013-08-08 16:29:43 -05:00