Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,230 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

55 Commits

Author SHA1 Message Date
Rob Winch 02c3565e22 Fix compiling in Eclipse 2014-09-16 10:18:46 -05:00
Rob Winch 934937d9c1 SEC-2688: CAS Proxy Ticket Authentication uses Service for host & port 2014-08-15 16:41:33 -05:00
Rob Winch 086056f191 SEC-2289: Make compatible with Spring 4 as well 
There are a few subtle changes in Spring 4 that this commit addresses
 2013-08-27 16:43:10 -05:00
Rob Winch f5a30e55a3 SEC-2042: AbstractAuthenticationProcessingFilter supports RequestMatcher 2013-07-23 13:06:51 -05:00
Rob Winch 6b81f97081 SEC-2114: Polishing Spring Based Cache 2013-01-04 11:33:46 -06:00
Marten Deinum 01ea39ce35 SEC-2114: Provide Spring Cache Abstraction based cache implementations 
As of Spring 3.1 spring has its own cache abstraction. This commit adds cache
imlpementations based on that abstraction.
 2013-01-04 11:33:27 -06:00
Luke Taylor 8178371927 SEC-1700: Add fixed serializationVersionUID values to security context, authentication tokens and related classes 2011-04-21 19:55:32 +01:00
Rob Winch a76a947b12 SEC-965: Added support for CAS proxy ticket authentication on any URL 2011-04-17 18:00:35 -05:00
Rob Winch 3f7f87e19f SEC-1592: Updated CasAuthenticationFilter so that it does not continue FilterChain when handling proxy requests. 
The fix moves CommonUtils.readAndRespondToProxyReceptorRequest into CasAuthenticationFilter.attemptAuthentication. This makes sense since
The CAS server is authenticating that the proxy url is valid (i.e. it exists and the SSL handshake succeeds). It also allows the FilterChain
to not be processed by returning a null Authentication.
 2011-01-27 09:25:01 -06:00
Luke Taylor 4a40d80da1 SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority. 
It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
 2010-12-03 16:41:46 +00:00
Luke Taylor 4ad0652787 Removed array of authorities constructor from TestingAuthenticationToken and RunAsUserToken. 2010-12-01 20:52:37 +00:00
Luke Taylor d64efe9747 SEC-1492: Added GrantedAuthoritiesMapper to provide mapping of loaded authorities to those which are eventually stored in the user Authentication object. 2010-11-25 15:19:37 +00:00
Luke Taylor d1e8b8e29d More tests. Minor refactoring. 2010-08-24 20:57:45 +01:00
Luke Taylor 85c4c91e0e IDEA inspection refactorings. 2010-08-05 23:28:07 +01:00
Luke Taylor 0e57ce2dc3 SEC-1481: Updated constructors of Authentication types to use a generic wildcard for authorities collection. 2010-05-21 15:59:50 +01:00
Luke Taylor 74896f217b SEC-1459: Generifying AuthenticationUserDetailsService. Now parameterized with <? extends Authentication>. 2010-04-20 23:47:47 +01:00
Luke Taylor 977bc2b164 SEC-1433: Reduce the number of direct dependencies on DataAccessException from spring-tx. 
It is still required as a compile-time dependency by classes which use Spring's JDBC support, but it doesn't really have to be used in many interfaces and classes which are not necessarily backed by JDBC implementations.
 2010-03-26 18:05:28 +00:00
Luke Taylor 36612377e2 Replace package.html with package-info.java files, creating new ones where missing and updating outdated contents. 2010-02-14 23:23:23 +00:00
Luke Taylor 052537c8b0 Removing $Id$ markers and stripping trailing whitespace from the codebase. 2010-01-08 21:05:13 +00:00
Scott Battaglia 7e817b9640 NOJIRA formatting fix 2009-12-24 14:40:24 +00:00
Scott Battaglia 4afe6c2c6a SEC-1341 
made it more extensible
 2009-12-24 14:39:40 +00:00
Luke Taylor aeed49393c Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting). 2009-12-18 18:44:42 +00:00
Luke Taylor a5ed2e579e Refactored CAS test to remove dependency on core tests jar. 2009-12-07 21:40:53 +00:00
Scott Battaglia 46ef4239ca SEC-1228 
added NO_PASSWORD instead of passing in NULL since the User object does not allowe NULL for the password.
 2009-11-18 15:19:55 +00:00
Scott Battaglia f35cb48407 NOJIRA 
changed constructor back to collection.  Accidentally set to List due to old code residing on notebook.
 2009-11-18 15:09:56 +00:00
Scott Battaglia e812c58e04 NOJIRA 
fixed changed constructor
 2009-11-17 23:52:26 +00:00
Scott Battaglia f0a5572188 SEC-1228 
fixed mistyped class name
 2009-11-17 16:26:53 +00:00
Luke Taylor 1286741c7c SEC-1259: Improve consistency of authentication filter names. 2009-10-07 14:43:55 +00:00
Luke Taylor caff3ee9ba SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc). 2009-10-05 19:28:53 +00:00
Scott Battaglia df9e2eac9e NOJIRA 
updated license header and removed unneeded interface
 2009-10-01 16:50:00 +00:00
Luke Taylor 5bdfd8cd77 Tidying imports etc to remove compiler warnings. 2009-09-05 14:14:58 +00:00
Scott Battaglia 53baac2fd9 SEC-1228 
started adding support for supporting creating UserDetails via Assertions.
 2009-09-01 19:53:19 +00:00
Luke Taylor f536c80020 SEC-1202: Removed SpringSecurityFilter and replaced with use of GenericFilterBean from spring-web 2009-08-10 14:18:18 +00:00
Luke Taylor 83da7be2ea Remove (ticket) cache package from CAS module. Unnecesary and has a circular reference. 2009-07-17 23:33:55 +00:00
Luke Taylor af0c5f9e7f SEC-1186: Removed 'order' from ntlm and cas filters 2009-06-26 12:47:36 +00:00
Luke Taylor a8215fa2cb SEC-1160: Renaming of authentication filters and entry points and associated doc changes 2009-05-12 05:37:11 +00:00
Luke Taylor 93bdcccaee SEC-1132: Moved userdetails into core and added core/authority sub-package 2009-04-15 07:39:21 +00:00
Luke Taylor ca7d055c2b SEC-1132: Created core and authentication packages within core module. 2009-04-13 13:43:23 +00:00
Luke Taylor 9efb5a7007 SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet 2009-04-12 12:23:23 +00:00
Luke Taylor f746a20ab4 SEC-1132: package refactoring of non-core modules 2009-03-27 05:01:03 +00:00
Luke Taylor bec84f874a SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples. 2009-03-26 07:18:36 +00:00
Luke Taylor 4a41416c9b Tidying up and removing compiler warnings. 2008-12-21 16:36:16 +00:00
Luke Taylor cc5966bc7e Tidying up, removing compiler warnings etc. 2008-12-20 00:16:49 +00:00
Luke Taylor 224c86a0b3 Tidying. 2008-12-15 23:51:46 +00:00
Luke Taylor 40ccd3be11 SEC-1058: Further refactoring to remove use of getDefaultTargetUrl(). Subclasses now pass the default value as a constructor argument. 2008-12-15 01:25:12 +00:00
Luke Taylor 2927b8464f SEC-1058: Substantial refactoring of AbstractProcessingFilter to use AuthenticationFailureHandler strategy. Also changed attemptAuthentication method to take a response object and have the option of returning null, to allow OpenIDAuthenticationProcessingFilter to work without having to throw exceptions between the template methods (which made the logic very hard to follow). The OpenID filter now redirects to the OpenID provider service from this method, rather than treating it as a temporary failure and throwing OpenIDAuthenticationRequiredException. 2008-12-14 22:20:21 +00:00
Luke Taylor 3f40604b82 SEC-1055: Converted interfaces and methods using ServletRequest/Response to HttpServletRequest/Response where appropriate. 2008-12-10 13:48:25 +00:00
Luke Taylor 6601b3da5f Refactored inline authority list into member variable. 2008-12-01 13:13:44 +00:00
Luke Taylor e5b1073501 SEC-1012: Added more generics and warning suppression 2008-11-11 09:06:50 +00:00
Luke Taylor ec44f2bdfe SEC-1012: Refactoring of use of GrantedAuthority[] to generified collections 2008-10-31 03:53:00 +00:00