Commit Graph

168 Commits

Author SHA1 Message Date
Rob Winch 8f0001f59a Next Development Version 2014-12-11 20:39:26 -06:00
Spring Buildmaster 49b69196de Release version 4.0.0.RC1 2014-12-11 20:36:55 -06:00
Rob Winch 11116c2b80 SEC-2787: Update Versions 2014-12-10 16:37:19 -06:00
Rob Winch b56e5edbbd SEC-2784: Fix build plugins 2014-12-08 14:24:34 -06:00
Rob Winch 6e204fff72 SEC-2781: Remove deprecations 2014-12-04 15:28:40 -06:00
Rob Winch dfa17bdb98 SEC-2747: Remove spring-core dependency from spring-security-crypto 2014-11-20 16:16:22 -06:00
Andy Wilkinson a28650c715 Provide a ClassLoader to be used to load LDIF files
Prior to this change, ApacheDSContainer created a LdifFileLoader
without a ClassLoader. This limited its ability to load LDIF files
and causes a problem with an executable war in Spring Boot. See [1]
for details.

ApacheDSContainer now initialises LdifFileLoader with a ClassLoader.
This allows it to locate LDIF files packaged in WEB-INF/classes in
the case of an executable war file. The executable jar case was not
affected by this problem as, in that case, the LDIF file is pacakaged
in the root of the jar and is accessible via getSystemResourceAsStream

[1] https://github.com/spring-projects/spring-boot/issues/1550
2014-09-24 13:49:15 -05:00
Rob Winch 02c3565e22 Fix compiling in Eclipse 2014-09-16 10:18:46 -05:00
Rob Winch 3187ee8bf3 SEC-2700: Register WithSecurityContextTestExecutionListener by default 2014-08-15 16:41:33 -05:00
Rob Winch 94a0816153 Exclude spring-data-commons from spring-ldap-core 2014-08-01 14:04:47 -05:00
Rob Winch 4a633a938a SEC-2690: Add guard around debug statement 2014-07-28 16:25:27 -05:00
Rob Winch 0f6235bbe0 SEC-2690: Polish LdapAuthority
- Make dn required (as javadoc inidicates)
- Simplify .equals since role cannot be null
- Formatting polish
2014-07-28 16:25:27 -05:00
Rob Winch aac4ede3a4 SEC-2690: Polish method modifiers
- Make methods final where possible
- Make methods private where possible
2014-07-28 16:25:27 -05:00
Rob Winch 1761b29e58 SEC-2690: String[]->List<String>
Use Collections rather than Arrays since Collections can be immutable.
2014-07-28 16:25:27 -05:00
Rob Winch 15c837d5de SEC-2690: Revert explicit TcpTransport since causes tests to fail 2014-07-28 16:25:26 -05:00
Rob Winch 6b43b261bc SEC-2690: Formatting cleanup 2014-07-28 12:41:56 -05:00
Filip Hanik 93b863d2e5 SEC-2690: Support static nested groups in LDAP
This refers to groups that have member: <another group DN> as an attribute
- Add in a utility method in the SpringSecurityLdapTemplate to retrieve multiple attributes and their values from an LDAP record
- Make the DefaultLdapAuthoritiesPopulator more extensible
- Add an LdapAuthority object that holds the DN in addition to other group attributes
- Add a NestedLdapAuthoritiesPopulator to search statically nested groups
2014-07-28 12:40:19 -05:00
Rob Winch b72c1ad314 SEC-2686: Create SecurityMockMvcConfigurer 2014-07-22 15:11:37 -05:00
Rob Winch 6dc0733d9e SEC-2659: ApacheDSContainer fails on import multiple ldif 2014-06-17 17:19:51 -05:00
Rob Winch 3ba1f66f9d SEC-2606: ApacheDSServerIntegrationTests scan for available port 2014-05-21 06:51:11 -05:00
Rob Winch cbd06a4994 SEC-2472: Support LDAP crypto PasswordEncoder 2014-05-20 23:15:36 -05:00
Rob Winch fa6218cf73 SEC-2558: Fix failing ApacheDSContainerTests when port is taken 2014-04-15 11:52:09 -05:00
Rob Winch 3118e39de8 SEC-2542: Use exclusions to remove duplicate dependencies
A number of projects had duplicate dependencies on their classpaths
as a result of the same classes being available in more than one
artifact, each with different Maven coordinates. Typically this only
affected the tests, but meant that the actual classes that were
loaded was somewhat unpredictable and had the potential to vary
between an IDE and the command line depending on the order in which
the aritfacts appeared on the classpath. This commit adds a number of
exclusions to remove such duplicates.

In addition to the new exclusions, notable other changes are:

 - Spring Data JPA has been updated to 1.4.1. This brings its
   transitive dependency upon spring-data-commons into line with
   Spring LDAP's and prevents both spring-data-commons-core and
   spring-data-commons from being on the classpath
 - All Servlet API dependencies have been updated to use the official
   artifact with all transitive dependencies on unofficial servlet API
   artifacts being excluded.
 - In places, groovy has been replaced with groovy-all. This removes
   some duplicates caused by groovy's transitive dependencies.
 - JUnit has been updated to 4.11 which brings its transitive Hamcrest
   dependency into line with other components.

There appears to be a bug in Gradle which means that some exclusions
applied to an artifact do not work reliably. To work around this
problem it has been necessary to apply some exclusions at the
configuration level

Conflicts:
	samples/messages-jc/pom.xml
2014-04-02 09:47:26 -05:00
Rob Winch a7005bd742 SEC-2500: Prevent anonymous bind for ActiveDirectoryLdapAuthenticator 2014-03-10 14:33:39 -05:00
Rob Winch 9988fa141c Update Spring Security version in pom.xml 2014-03-06 08:13:52 -06:00
Rob Winch 8afa8d8588 Fix integration tests 2014-03-06 07:56:40 -06:00
Rob Winch 6be4e3a9fc SEC-2506: Remove Bundlor Support 2014-03-05 13:32:16 -06:00
Rob Winch 7f99a2dfbb SEC-2487: Update to Spring 3.2.8.RELEASE 2014-02-19 09:30:40 -06:00
Rob Winch e17adad878 SEC-2469: Support Spring LDAP 2.0.1+ 2014-02-12 08:11:26 -06:00
Luke Taylor 058b9debef Minor slapd config changes 2014-02-11 14:23:54 +00:00
Rob Winch ec8b48150d SEC-2474: Update poms 2014-02-07 17:01:11 -06:00
Rob Winch 54ffa28bde remove apacheDSWorkDir since custom tmp dir is created 2013-12-13 16:38:35 -06:00
Rob Winch a34178bc40 SEC-2434: Update to Spring 3.2.6 and Spring 4.0 GA 2013-12-12 08:16:59 -06:00
Rob Winch 4460e84b29 Updates to pom.xml author and repo 2013-12-09 08:57:30 -06:00
Mat Booth c6a534cad8 SEC-2418: Minor fix to toString method in LdapUserDetailsImpl 2013-12-02 12:00:09 -06:00
Rob Winch 5bc6f64b03 SEC-2405: Added tests for OBJECT_FACTORIES 2013-11-20 14:04:15 -06:00
Mattias Hellborg Arthursson bc6fc518d3 SEC-2405: Use DirContextAdapter directly from search. Configure OBJECT_FACTORIES on DirContext created for ActiveDirectory. 2013-11-20 13:51:51 -06:00
Rob Winch 2c8946c406 Next development version 2013-11-01 14:20:55 -05:00
Spring Buildmaster 9c703a3051 Release version 3.2.0.RC2 2013-11-01 14:20:49 -05:00
Rob Winch 88f41cdf62 SEC-2341: Update to Gradle 1.8
Some dependencies were necessary to update due to issues with JUnit
integration.
2013-09-24 15:35:51 -05:00
Rob Winch d9c9cd7f84 Remove warnings from defaultSpringSecurityContextSource 2013-09-13 15:54:21 -07:00
Rob Winch b4cbcee7f0 SEC-2308: DefaultSpringSecurityContextSource allow empty baseUrl 2013-09-13 15:53:35 -07:00
Rob Winch 7203faf34f SEC-2300: Update Spring LDAP version to 1.3.2.RELEASE 2013-08-31 11:26:43 -05:00
Rob Winch 3d2f23602f SEC-2294: Update Spring Version to 3.2.4.RELEASE 2013-08-31 11:26:43 -05:00
Rob Winch 976d9a9016 SEC-2194: Polish java config sample apps 2013-08-08 14:33:54 -05:00
Rob Winch 5e6ca12b01 SEC-2097: Update integrationTestCompile to use optional and provided
Also update slf4j version and remove explicit commons-logging from pom generation
2013-07-16 15:59:06 -05:00
Rob Winch 02551e1b7a SEC-2214: Update Spring Version 2013-07-16 15:15:47 -05:00
Rob Winch faa8b354b7 SEC-2209: add pom.xml 2013-07-16 15:15:47 -05:00
Rob Winch e5fc063680 SEC-2206: Gradle Propdeps 2013-07-16 15:15:42 -05:00
Rob Winch d0c4e6ca72 SEC-1953: Spring Security Java Config support
This is the initial migration of Spring Security Java Config from the
external project at
https://github.com/SpringSource/spring-security-javaconfig
2013-06-30 17:28:33 -05:00