Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 16:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,146 Commits 34 Branches 337 Tags
Commit Graph

540 Commits

Author SHA1 Message Date
Ben Alex
c7dcceb05c Do not setAuthenticated(false) in the event of a public (unsecured) invocation. Thanks to Joseph Dane for reporting this issue on acegisecurity-developer on 3 September 2005. 2005-09-08 09:32:24 +00:00
Mark St. Godard
486bbee35d added context path to redirect 2005-09-03 21:43:08 +00:00
Mark St. Godard
9d359780d9 finish user context switch event publishing 2005-09-03 20:24:35 +00:00
Mark St. Godard
20ebb668a6 Added event for user context switching and updated switch user filter 2005-08-25 02:59:19 +00:00
Ben Alex
55f5c3397a Relocated JdbcDaoExtendedImpl.convertAclObjectIdentityToString to superclass (pursuant to suggestion made by Tim Kettering on acegisecurity-developer). 2005-08-23 22:45:17 +00:00
Ray Krueger
2bda6ec25c Fix: SEC-48 http://opensource2.atlassian.com/projects/spring/browse/SEC-48 
If the principal is an instanceof UserDetails, UserDetails.getUsername();
 2005-08-23 15:15:06 +00:00
Ben Alex
40a81ed220 Revisit synchonization issue and correct problem identified by Volker Malzahn. 2005-08-21 10:10:16 +00:00
Mark St. Godard
ec5e39c2e8 Initial checkin of user security context switching (see SEC-15). This is the first cut of the SwitchUserProcessingFilter that handles switching to a target uesr and exiting back to the original user. Note: This is going to be used for the common use-case of an Administrator 'switching' to another user (i.e. ROLE_ADMIN -> ROLE_USER). This is the initial cut of a Unix 'su' for Acegi managed web applications. 2005-08-04 05:49:12 +00:00
Luke Taylor
725ec767b6 Javadoc typo corrected (as suggested on mailing list) 2005-08-01 20:05:02 +00:00
Scott McCrory
c2c48b905b Added package.html files to reamining java packages (see http://opensource.atlassian.com/projects/spring/browse/SEC-41) 2005-07-26 01:54:18 +00:00
Scott McCrory
f5975dcf30 Whoops, almost forgot to remove System.out debug lines :-/ 2005-07-26 00:55:53 +00:00
Scott McCrory
891cd7380c Mirrored Ben's FilterChainProxy.java 1.5 spelling fix to its corresponding test class, which depended on equality of the exception message. All JUnit tests pass now. 2005-07-26 00:50:43 +00:00
Scott McCrory
dc31553f2a Syntax 2005-07-25 22:49:05 +00:00
Scott McCrory
db4ed4bc44 Added debug statement to AbstractTicketValidator to help with Acegi+CAS+SSL setup (thanks Seth Ladd for the patch) (see http://opensource.atlassian.com/projects/spring/browse/SEC-34) 2005-07-25 03:46:23 +00:00
Scott McCrory
c66c5dfab5 AuthorizeTag no longer depends on JDK 1.4. Tested on Websphere 5.0 w/JDK 1.3 (see http://opensource.atlassian.com/projects/spring/browse/SEC-11) 2005-07-25 00:52:15 +00:00
Scott McCrory
32f62d1ef1 Added SiteminderAuthenticationProcessingFilter for Ben's review. <Untested>. 2005-07-24 23:59:08 +00:00
Ben Alex
f625d06cd9 Avoid expense of HttpSession when working with anonymous users. 2005-07-23 09:52:42 +00:00
Ben Alex
4ad98a7df3 Spelling correction, thanks to Zack Chandler. 2005-07-23 07:40:43 +00:00
Ben Alex
c5ba30b001 Comment how to make a signing certificate. 2005-07-23 07:39:56 +00:00
Ray Krueger
4b98d357ff SecureContextLoginModuleTest has been renamed to ...Tests as per Acegi project. 
SecureContextLoginModule now throws a LoginException if there is no authentication present, if the ignoreMissingAuthentication option is true, the login() method will simply return false.
 2005-07-22 04:35:31 +00:00
Luke Taylor
e51c38aec9 Removed reference in Javadoc to obtaining and validating the SecureContext (checking for null etc), as this is no longer relevant. 2005-07-21 22:59:30 +00:00
Luke Taylor
c89d4a8add Added trimming of whitespace to tokens and use of Springs StringUtils.hasText() to check for content in the string passed to setAsText. 2005-07-21 22:55:27 +00:00
Marc-Antoine Garrigue
3287439421 Initial commit for captcha adapter 2005-07-19 12:35:50 +00:00
Luke Taylor
74588c8e53 Move acegifier code from core. 2005-07-16 19:35:30 +00:00
Luke Taylor
5bbc54ac42 Javadoc typo corrected 2005-07-15 14:28:44 +00:00
Ben Alex
d9b1a8e83c Fix typo in InteractiveAuthenticationSucces(s)Event 2005-07-11 01:23:20 +00:00
Ben Alex
c7bfeeaf58 Clarify local variable name given it was the same as a member variable. 2005-07-11 01:19:41 +00:00
Luke Taylor
ab065923d4 Correct doctype for generated web.xml files and add declaration to test file. 2005-07-09 23:32:08 +00:00
Luke Taylor
22a28f3b39 Separate InMemoryResource class for use in Acegifier web application. 2005-07-09 21:37:50 +00:00
Luke Taylor
7268c81192 Fix for SEC-27. Now checks for a null authentication before proceeding to fire the success event. 2005-07-08 21:16:12 +00:00
Luke Taylor
f1656ee7fd Tidying: removed unused intermediate variable. 2005-07-08 21:10:26 +00:00
Luke Taylor
6f467def90 Added conversion of URLs ending in '*' to the ant '**' form. 2005-07-06 17:22:19 +00:00
Luke Taylor
9e1a773cc7 Add xsl resources to build. 2005-07-06 15:22:52 +00:00
Luke Taylor
d13faf0815 Renaming and refactoring of web.xml converter. 2005-06-30 21:23:50 +00:00
Luke Taylor
118f6401d8 XSL file for converting web.xml to acegified version. 2005-06-29 23:00:54 +00:00
Luke Taylor
a2bc398915 Refactoring and commenting XSL 2005-06-27 21:56:13 +00:00
Ben Alex
3e4a29eae9 FilterSecurityInterceptor now has an observeOncePerRequest boolean property, allowing multiple fragments of the HTTP request to be individually authorized (see http://opensource.atlassian.com/projects/spring/browse/SEC-14). 2005-06-27 03:57:31 +00:00
Ben Alex
5c883e639f Add InteractiveAuthenticationSuccessEvent handling to authentication mechanisms. 2005-06-27 03:34:36 +00:00
Ben Alex
60f8095cf2 Make Authenticated.isAuthenticated() behaviour switchable. See http://opensource.atlassian.com/projects/spring/browse/SEC-13. 2005-06-27 03:05:26 +00:00
Ben Alex
ef8281f534 HttpSessionContextIntegrationFilter elegantly handles IOExceptions and ServletExceptions within filter chain (see http://opensource.atlassian.com/projects/spring/browse/SEC-20). 2005-06-27 02:55:01 +00:00
Luke Taylor
25fa471779 First version of web.xml to acegi translator 2005-06-26 17:30:36 +00:00
Ben Alex
a312fede74 Refactor DAO authentication failure events under a consistent abstract superclass (thanks to Mark St Godard for suggestion). 2005-06-22 08:07:52 +00:00
Ben Alex
c0f1d4e19d Remove getters and setters from JdbcDaoImpl so IoC container cannot modify MappingSqlQuerys (thanks to David Durham for bug report). 2005-06-22 08:06:28 +00:00
Ben Alex
a15691d9d7 Silently catch NotSerializableException in AbstractProcessingFilter if rootCause is not Serializable (thanks to Joseph Dane for reporting this bug). 2005-06-22 07:03:53 +00:00
Ben Alex
5f75e9bf9a Refactor Authentication.isAuthenticated() handling to be more performance (as per developer list discussion). 2005-06-22 06:30:46 +00:00
Ben Alex
a7b5299e77 Correct synchronization issue with FilterToBeanProxy initialization (thanks to George Franciscus and Volker Malzahn as per acegisecurity-developer discussion 4 June 2005). 2005-06-22 05:22:05 +00:00
Ben Alex
c699f7d40e Support non-username as primary key. 2005-05-29 09:46:51 +00:00
Ben Alex
25cb085df7 More JavaDocs. 2005-05-29 08:30:28 +00:00
Ben Alex
3401072368 Made Serializable as per acegisecurity-developer list discussion on 20 May 2005. 2005-05-22 03:56:37 +00:00
Ben Alex
4e55780e7c Performance optimisations thanks to Paulo Neves. 2005-05-20 00:00:22 +00:00