Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 07:37:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,993 Commits 34 Branches 337 Tags
Commit Graph

1658 Commits

Author SHA1 Message Date
Luke Taylor
3049b933d9 Moved XML test snippet to ConfigTestUtils class and removed context files from core-tiger tests in favour of in-memory XML 2008-07-31 21:35:29 +00:00
Luke Taylor
1d96283876 Removed commented out line. 2008-07-31 20:45:25 +00:00
Luke Taylor
d7926f3557 SEC-943: Forgot to commit tests. 2008-07-31 20:30:56 +00:00
Luke Taylor
e5d86b13b7 SEC-941: Embedded ldap-server uses hard-coded ldap url for importing ldif files 
http://jira.springframework.org/browse/SEC-941. Changed LdapUtils.parseRootDnFromUrl to use URI.getRawPath() so the returned root value still contains the escaping. I think this should be Ok.
 2008-07-31 19:50:08 +00:00
Luke Taylor
67e5afbb79 OPEN - issue SEC-881: PreAuthenticatedFilter continues filter chain after unsuccessfulAuthentication(...) 
http://jira.springframework.org/browse/SEC-881. Updated Javadoc.
 2008-07-31 15:56:37 +00:00
Luke Taylor
000bb1cbed OPEN - issue SEC-881: PreAuthenticatedFilter continues filter chain after unsuccessfulAuthentication(...) 
http://jira.springframework.org/browse/SEC-881. Added test class.
 2008-07-31 15:42:04 +00:00
Luke Taylor
243c4f22d4 OPEN - issue SEC-899: GrantedAuthorityImpl.compareTo should handle null roles 
http://jira.springframework.org/browse/SEC-899. Changed to return -1 when compared to custom auhority which returns null from getAuthority()
 2008-07-31 13:01:22 +00:00
Luke Taylor
d4c105d8ba OPEN - issue SEC-934: security:intercept-url throws NPE if defined twice with the same url 
http://jira.springframework.org/browse/SEC-934. Added log warning when the same url is used multiple times.
 2008-07-30 15:03:47 +00:00
Luke Taylor
f6ff958411 Renamed rnc file. 2008-07-30 11:05:44 +00:00
Luke Taylor
4bb3eb12c3 SEC-933: global-method-security and aop:aspectj-autoproxy throws NullPointerException in some situations 
http://jira.springframework.org/browse/SEC-933. Removed the setting of the attributeSource field from the interceptor in MethodDefinitionSourceAdvisor as this was overwriting the version supplied with the constructor with null (causing the NPE).
Also implemented lazy initialization of the authentication provider list from the bean factory in a custom NamespaceAuthenticationManager (extends ProviderManager and introspects the BeanFactory when getProviders() is first called). This should prevent the perennial problem of the eager initialization of UserDetailsService and other beans when the interceptor is eagerly initialized by something like aspectj-autoproxy.
 2008-07-30 11:01:23 +00:00
Luke Taylor
f453264bde SEC-909: custom remember me services doesn't get registered as logout handler 
http://jira.springframework.org/browse/SEC-909. HttpSecurityBeanDefinitionParser now passes the resolved RememberMeServices bean name to the LogoutBeanDefinitionparser so that it an use it explicitly.
 2008-07-15 18:22:53 +00:00
Luke Taylor
1ddc033fe5 SEC-903: Wrong attribute mapping when using jdbc-user-service bean 
http://jira.springframework.org/browse/SEC-903. Corrected property name set by JdbcUserServiceBeanDefinitionParser (was setting authorities query rather than groups one).
 2008-07-15 16:43:57 +00:00
Luke Taylor
e303e8b71a SEC-924: Implement automatic injection of namespace created RememberMeServices into custom AbstractProcessingFilter based beans. 
http://jira.springframework.org/browse/SEC-924. Delayed setting of NullRememberMeServices in AbstractProcessingFilter until afterPropertiesSet method is called, allowing the null value to be read by the namespace and the confgiured RememberMeServices bean injected.
 2008-07-15 14:52:13 +00:00
Luke Taylor
bf5896600e OPEN - issue SEC-913: SwitchUserProcessingFilter modifies the switchFailureUrl member variable on failure 
http://jira.springframework.org/browse/SEC-913. Applied patch as suggested (use sendRedirect method for failure URL).
 2008-07-15 13:42:30 +00:00
Luke Taylor
b4c63db680 SEC-921: Improved messages_zh_CN.properties for Chinese 
http://jira.springframework.org/browse/SEC-921. Added contributed file.
 2008-07-15 11:11:21 +00:00
Luke Taylor
a56c13fb22 SEC-912: Added callback methods to BasicProcessingFilter for successful and unsuccessful authentication. 2008-07-12 17:40:39 +00:00
Luke Taylor
697c7c5f48 SEC-918: Added more info on DB schema to javadoc 2008-07-12 15:21:24 +00:00
Luke Taylor
6d179122d3 SEC-916: Added Spanish messages contribution. 2008-07-10 15:32:01 +00:00
Luke Taylor
2cda6242c8 SEC-904: Moved multi-threaded tests into sandbox 2008-07-02 19:19:21 +00:00
Luke Taylor
479693ced7 SEC-900: Added extra checks on expiry time 2008-07-02 18:40:55 +00:00
Luke Taylor
775a6c3939 [maven-release-plugin] prepare for next development iteration 2008-06-23 14:10:35 +00:00
Luke Taylor
87d50aecce [maven-release-plugin] prepare release spring-security-parent-2.0.3 2008-06-23 14:05:36 +00:00
Luke Taylor
3ee8733261 SEC-879: Added required BeanPostProcessor to set SessionRegistry is set on namespace registered AbstractProcessingFilter and SessionFixationProtectionFilter when using custom ConcurrentSessionController 
http://jira.springframework.org/browse/SEC-879.
 2008-06-20 22:08:05 +00:00
Luke Taylor
d5ee89bb7c Correct typo in error message. 2008-06-19 15:21:03 +00:00
Luke Taylor
ff5bfccdba SEC-892: Linked use of create-session='never' in namespace to corresponding properties in ExceptionTranslationFilter and AbstractProcessingFilter 2008-06-19 13:46:45 +00:00
Luke Taylor
c56d524bd9 SEC-887: Added setter method for account status checker. 2008-06-18 12:00:45 +00:00
Luke Taylor
af5f193ec1 SEC-890: Corrected use of dataSource property name in RememberMeBDP. 2008-06-18 10:35:30 +00:00
Luke Taylor
7d79ae5424 SEC-880: Fix incorrect index value. 2008-06-13 10:58:01 +00:00
Luke Taylor
32b8009bee SEC-875: Removed duplicated parameters from SavedRequestWrapper.getParameterValues() 2008-06-09 23:33:36 +00:00
Luke Taylor
3b775d29d3 SEC-870: Polish messages file contribution 2008-06-08 22:09:47 +00:00
Ben Alex
358f284f42 SEC-760: Correct bug where more than one concurrent JaasAuthenticationProvider used. 2008-06-06 06:13:14 +00:00
Luke Taylor
ff785a829f [maven-release-plugin] prepare for next development iteration 2008-06-03 16:07:20 +00:00
Luke Taylor
db1d8604a6 [maven-release-plugin] prepare release spring-security-parent-2.0.2 2008-06-03 16:05:40 +00:00
Luke Taylor
9308284bd4 SEC-864: Removed duplicate OpenID provider. 2008-06-03 14:53:43 +00:00
Luke Taylor
122e1c47ed Changed rnc filename prior to 2.0.2 release 2008-06-01 19:34:50 +00:00
Luke Taylor
64ab7e534c Spelling corrections in Javadoc. 2008-06-01 17:26:27 +00:00
Luke Taylor
ab6d29d927 SEC-862: Make logoutSuccessUrl accessible to sub-classes. 2008-06-01 16:15:09 +00:00
Luke Taylor
1d9d7eb9a7 Removed accidental commit of SavedRequest clearing code in TargetUrlResolverImpl 2008-05-30 17:53:09 +00:00
Luke Taylor
ecd2cc6da7 Added some Assert calls to setters and improved comments. 2008-05-30 15:29:51 +00:00
Luke Taylor
f228d013d8 SEC-861: Change default value of justUseSavedRequestOnGet to false 2008-05-30 15:09:51 +00:00
Luke Taylor
4de4bb8e87 SEC-860: Added setter for authenticationDetailsSource to AbstractRememberMeServices 2008-05-30 14:29:32 +00:00
Luke Taylor
f8cded10ee Typo. 2008-05-30 11:20:16 +00:00
Luke Taylor
c031588975 SEC-606: Added support for customizable credentials character set. 2008-05-29 18:00:15 +00:00
Luke Taylor
36a192b70f SEC-858: Replaced integer properties in schema with strings to allow use of placeholders. 2008-05-29 16:13:14 +00:00
Luke Taylor
980a72f9a0 Removed TODO (done). 2008-05-29 15:54:50 +00:00
Luke Taylor
517a7f117a SEC-857: Make request wrapper getParameterValues() consistent with getParameterMap() etc. 2008-05-29 15:49:43 +00:00
Luke Taylor
244579faf4 OPEN - issue SEC-856: GroupManager JdbcUserDetailsManager implementation: addGroupAuthority() method doesn't work. 
http://jira.springframework.org/browse/SEC-856. Refactored class to remove the JDBC-related inner classes.
 2008-05-28 16:25:28 +00:00
Luke Taylor
d63536cc0d SEC-821: Added support for eternal session registry and concurrent session controller to the 2.0.2 namespace. 2008-05-27 13:14:21 +00:00
Luke Taylor
8b5bbe3800 SEC-830: Changed SavedRequestAwareWrapper to make wrapped request parameters take precedence over saved request ones. 2008-05-25 22:57:03 +00:00
Luke Taylor
45c3084502 SEC-836: Made LDAP namespace elements use subtree group searching by default. 2008-05-23 23:57:01 +00:00