2df5541905
SEC-2448: Update to HSQL 2.3.1
2013-12-14 10:19:06 -06:00
4708287ad3
SEC-2444: Convert Java Config samples to thymeleaf and tiles
2013-12-13 15:47:28 -06:00
a34178bc40
SEC-2434: Update to Spring 3.2.6 and Spring 4.0 GA
2013-12-12 08:16:59 -06:00
4460e84b29
Updates to pom.xml author and repo
2013-12-09 08:57:30 -06:00
feeb380b51
Polish Guides
2013-12-06 11:12:07 -06:00
ec524da6cb
SEC-2416: Fix Hello MVC guide
2013-12-05 15:47:38 -06:00
fc6fc19eed
Fix guides
2013-12-05 13:16:59 -06:00
2c8946c406
Next development version
2013-11-01 14:20:55 -05:00
9c703a3051
Release version 3.2.0.RC2
2013-11-01 14:20:49 -05:00
348e3a22b6
SEC-2365: registerAuthentication->configure
2013-10-16 13:59:56 -05:00
0978c12c47
SEC-2361: Java Config Sampels use @Autowired AuthenticationManagerBuilder
2013-10-15 12:35:32 -05:00
0b0e7dbea9
SEC-2359: Merge DefaultLoginPageViewFilter w/ DefaultLoginPageGeneratingFilter
2013-10-14 15:00:24 -05:00
4ef0460ef6
SEC-2321: Improve Java Config defaults for JavaScript clients
2013-10-11 14:53:11 -05:00
76a8bbe98d
SEC-2354: Add failOnMissingWebXml=false to sample pom.xml
2013-10-07 08:12:35 -05:00
88f41cdf62
SEC-2341: Update to Gradle 1.8
...
Some dependencies were necessary to update due to issues with JUnit
integration.
2013-09-24 15:35:51 -05:00
3d2f23602f
SEC-2294: Update Spring Version to 3.2.4.RELEASE
2013-08-31 11:26:43 -05:00
658a93178c
SEC-2252: Add custom form guide
2013-08-19 15:22:04 -05:00
51b9c4a19a
Hide logout in main.jsp if not logged in
2013-08-17 14:38:39 -05:00
d62c2e0835
SEC-2244: Defaults based on loginPage are now updated when loginPage changes
2013-08-16 14:48:45 -05:00
e9bb9e766e
SEC-1574: Add CSRF Support
2013-08-15 14:49:21 -05:00
54c2166567
SEC-2194: Remove unnecessary MessageSecurityWebApplicationInitializer from helloworld
2013-08-15 12:50:41 -05:00
fea4d01aad
SEC-2194: hello samples displays username and logout properly
2013-08-15 12:50:41 -05:00
b5ecaf61ed
SEC-2194: Remove samples errors/tabs folders
2013-08-15 12:50:41 -05:00
f036970f8b
SEC-2194: Add margin to links in header of samples
2013-08-15 12:50:41 -05:00
2feded5fc5
SEC-2194: Update samples to have jsp-api
2013-08-15 12:50:40 -05:00
22e4d1646a
SEC-2194: Remove login page from hellomvc and insecuremvc
2013-08-15 12:50:40 -05:00
e8278f3b9b
SEC-2249: AbstractSecurityWebApplicationInitializer allows register config
2013-08-08 14:33:54 -05:00
976d9a9016
SEC-2194: Polish java config sample apps
2013-08-08 14:33:54 -05:00
1f86d5dad9
SEC-2097: Add Tomcat Gradle plugin
2013-08-05 16:49:34 -05:00
388a4dd9db
SEC-2194: Add Java Config samples
2013-08-05 16:49:33 -05:00
36418b964d
Remove samples/runall.sh
2013-08-01 13:19:21 -05:00
e242aeff3e
SEC-2230: Polish and clickjacking demo
2013-08-01 10:19:36 -05:00
8c3ac719bb
SEC-2230: Added testing certificates
2013-08-01 09:48:09 -05:00
0bc08f8a23
SEC-2230: Update contacts sample to use <headers> with no child elements
2013-08-01 09:47:57 -05:00
0adf5aea91
SEC-2098, SEC-2099: Created HeadersFilter
...
Created HeadersFilter for setting security headers added including a
bean definition parser for easy configuration of the headers. Enables
easy configuration for the X-Frame-Options, X-XSS-Protection and
X-Content-Type-Options headers. Also allows for additional headers to
be added.
2013-07-25 16:22:43 -05:00
5e6ca12b01
SEC-2097: Update integrationTestCompile to use optional and provided
...
Also update slf4j version and remove explicit commons-logging from pom generation
2013-07-16 15:59:06 -05:00
02551e1b7a
SEC-2214: Update Spring Version
2013-07-16 15:15:47 -05:00
faa8b354b7
SEC-2209: add pom.xml
2013-07-16 15:15:47 -05:00
e5fc063680
SEC-2206: Gradle Propdeps
2013-07-16 15:15:42 -05:00
07c3fdf8a7
SEC-2195: Update Groovy, Geb, Spock, httpcomponents, and Jetty
2013-07-16 15:02:39 -05:00
896339087f
SEC-2122: Update samples to use bcrypt.
...
Data sources modified to store bcrypt hashes and configs now
use BCryptPassworEncoder.
2013-05-17 18:44:30 +01:00
e8661913d1
SEC-2119: Update to 3.2 schema and use default schema version when available
2013-03-01 16:29:27 -06:00
22e333b9c6
SEC-2092: Add servlet api example
2012-12-11 17:44:57 -06:00
1ed643ca1f
SEC-1998: Provide integration with WebAsyncManager#startCallableProcessing
...
Support integration of the Spring SecurityContext on Callable's used with
WebAsyncManager by registering SecurityContextCallableProcessingInterceptor.
2012-11-28 17:56:03 -06:00
78cbdd2c93
Reserve Server Ports in integrationTests
...
Previously the build would look up a server port dynamically, but since
it closed the port immediately it may not be reserved by the time jetty
started up.
We now reserve the port and do not close it till just before Jetty starts.
While there is still a race condition, it is much smaller window of time
than it was previously.
2012-11-01 11:14:50 -05:00
6af3e1958b
Update to Groovy 1.8
2012-09-04 09:48:29 -05:00
a2452ab514
SEC-1906: Update to Gradle 1.0
2012-07-05 12:41:56 -05:00
dec44811fc
Gave correct role name
2012-02-28 14:41:14 +01:00
0e413cedcb
Gave correct role name
2012-02-28 14:39:30 +01:00
044861eb20
Renamed **/*Spec.groovy to **/*Tests.groovy to better follow conventions
2011-12-29 12:59:24 -06:00
b60367e30c
Upgrade to validater 4.2
2011-11-01 00:20:45 +00:00
9d66e1fac3
Exclude static resources from filter chain in tutorial sample.
2011-09-25 22:30:14 +01:00
7e44580c75
Minor refactoring of aspects tests.
2011-07-20 17:42:05 +01:00
dc92baa257
Remove truststore settings from tutorial sample as they aren't required.
2011-06-13 15:03:51 +01:00
e4ecdd55f6
Enable https in tutorial sample.
2011-06-13 13:45:09 +01:00
80fd96df6d
SEC-1650: Updates and corrections to tutorial sample to fit better with new tutorial.
2011-06-07 16:46:38 +01:00
c9b328d8c7
SEC-1757: Updated tutorial sample to state that listing of accounts is allowed by anyone and to display accounts for the different types of access to posting to Accounts
2011-06-02 21:19:01 -05:00
e8a1a6e40b
Added spring-expression to config module testCompile to fix build.
2011-05-19 23:50:35 +01:00
3de0041874
Reverted cas Readme.txt from instructing to run from samples/cas/sample
2011-05-16 22:09:58 -05:00
076a75d8c3
Cleaned up cas task dependency declarations
2011-05-15 22:09:28 -05:00
11dc3363cc
Moved cas server and cas sample into common parent folder (samples/cas)
2011-05-15 22:09:08 -05:00
1c1ffe2f0f
Added CA's to server.jks from cacerts included with Sun JDK
...
- Allow handshake to succeed for the build to upload to amazon
- Allows the same trust store to work for openid and CAS sample applications
2011-05-13 18:05:16 -05:00
e1f4c3d325
Created a casserver module to better isolate it from the cas sample application now that an overlay is being done
2011-05-12 22:17:43 -05:00
4d786d74cf
Reworded CASSampleSpec test method to reflect single logout
2011-05-12 22:17:43 -05:00
4c43bde064
Set log levels to ERROR level when running CAS integration tests
2011-05-12 22:17:43 -05:00
9525403385
Added CAS Server overlay to make single logout be synchronous and enabled itests for the cas sample
2011-05-12 22:17:43 -05:00
d2175468ee
Disable CAS interation tests until CI problems are resolved.
2011-04-28 19:17:29 +01:00
06faea8cfc
Typos.
2011-04-28 18:55:38 +01:00
97afb0c9ac
SEC-965: Added assert to LoginPage.at
2011-04-18 23:52:20 -05:00
01fb4bdb6d
SEC-1718: Update documentation and sample application to demonstrate how to use a PGT to authenticate to stateless services using a PT
2011-04-17 18:17:14 -05:00
abfa558c3c
Removed Dummy.java from cas sample
2011-04-17 18:14:16 -05:00
11331d34d9
SEC-1717: Document how to perform Single Logout with CAS and added integration test for sample application to test Single Logout
2011-04-17 18:14:16 -05:00
761d5af6ec
SEC-965: Added integration tests for CAS Sample Application
2011-04-17 18:14:14 -05:00
f1c064b3b9
SEC-965: Updated CAS Sample application for proxy authentication
...
* Configured for proxy authentication
* Cleaned up the jsps
* Changed the cas sample context root to cas-sample so the CAS Server's JSESSIONID cookie doesn't remove the cas samples
2011-04-17 18:00:37 -05:00
ddaf9eb64f
SEC-1705: Make sure a single OpenIDAuthenticationFilter bean is created by the namespace. Likewise for UsernamePasswordAuthenticationFilter.
2011-03-31 21:09:54 +01:00
a50c9afbab
Modified jaas sample's LoginModule to prevent empty string username/password
2011-03-07 22:25:19 -06:00
9e5d35235c
Made the principal for jaas sample serializable
2011-03-07 22:25:16 -06:00
72f031253f
Remove unnecessary dependency repos and update GAE version.
2011-02-28 15:43:25 +00:00
d58dd79a52
SEC-1494: Updated the tutorial webapp to use CSS and make use of the securityHiddenUI element when UI security is disabled.
2011-01-25 13:16:46 +00:00
19e56f4397
Stripping out unnecessary dependencies from sample jars.
2011-01-10 17:27:58 +00:00
7316bcff75
Updated outdated CAS sample readme with instructions for running CAS using gradle
2010-12-20 22:22:19 +00:00
bbcc611af5
CAS server version upgrade and minor tweaks to CAS sample build file.
2010-12-20 22:12:35 +00:00
4a40d80da1
SEC-1418: Deprecate GrantedAuthorityImpl in favour of final SimpleGrantedAuthority.
...
It should be noted that equality checks or lookups with Strings or other authority types will now fail where they would have succeeded before.
2010-12-03 16:41:46 +00:00
51a53ddbaa
Minor refactoring of GAE code to use specific GrantedAuthority type.
2010-11-17 14:15:11 +00:00
fc00d7ef1d
Move the unix scripts for the tutorial sample into a subdirectory
2010-11-12 15:19:46 +00:00
37810a19c4
SEC-1619: Added check in GAE sample for change of Google user while still logged into the app.
...
Also updated GAE version and build script. Uploading to GAE now works when run from the gradle build file using the command 'gradle gaeDeploy'.
2010-11-10 15:37:42 +00:00
ffccc5f446
SEC-1617: Added spring-security-taglibs as a runtime dependency to jaas.gradle
2010-11-08 19:27:44 -06:00
685e0417a7
SEC-1544: Update the tutorial sample to attempt to delete the JSESSIONID cookie on logout.
2010-09-19 18:30:52 +01:00
de819378fc
SEC-1536: added JAAS API Integration, updated doc, updated jaas sample
2010-09-13 13:12:45 -05:00
58d9903ebc
SEC-1564: JAAS Configuration can now be injected into DefaultJaasAuthenticationProvider
2010-09-10 20:17:22 -05:00
f4d57ab5e8
SEC-1456: Remove maven poms as we are now using gradle for the build.
2010-08-30 19:02:19 +01:00
bdb906e588
Enable parameterization for log levels in logback files to allow the use of command-line options for controlling log output.
2010-08-24 18:25:39 +01:00
b39b63bf3d
Add logback configuration for contacts sample.
2010-08-22 22:43:49 +01:00
b2fc1d8491
Fix namespace schema version in CAS sample.
2010-08-22 22:43:10 +01:00
07d8275ee6
Modify order of saxon and xerces deps in dependency list to prevent Aelfred parser from being used in build.
2010-08-22 22:31:01 +01:00
102bc2d6a0
Reduce unnecessary use of aspectj as a build dependency
2010-08-19 23:23:03 +01:00
c37ca1c2a9
Sample app build adjustments to remove unwanted deps such as jsp-api, tidy up use of JSTL, make sure all are using servlet 2.5 etc.
2010-08-19 22:41:51 +01:00
6abfa2e887
Update minimum required schema to 3.1.
2010-08-17 02:19:55 +01:00
992566b6cb
SEC-1527: Internationalization of contacts sample (Adding message resource bundle and RequestContextFilter). Re-working of L12n section of manual to mention existing localized message files and use of RequestContextFilter.
2010-08-14 01:07:51 +01:00
281d77271e
SEC-1486, SEC-1538, SEC-1537: Generification of AuthenticationDetailsSource. Deprecation of non-web pre-authentication classes and other unnecessary classes. Removal of reflection in WebAuthenticationDetailsSource.
2010-08-13 15:51:05 +01:00
Rob Winch
Spring Buildmaster
Marten Deinum
Luke Taylor
Abdull
Rob Winch