Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 15:20:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,409 Commits 33 Branches 337 Tags
Commit Graph

537 Commits

Author SHA1 Message Date
Rob Winch
316886affc SEC-2931: Fix CsrfFilter Javadoc 2015-07-14 13:40:59 -05:00
Rob Winch
aed288da05 Fix Spring IO Tests 2015-07-08 11:48:43 -05:00
Rob Winch
1f74ac811e Fix Spring IO Tests 2015-07-08 11:09:29 -05:00
Rob Winch
197ddb3cd1 SEC-3029: Fix Compatibility with Spring 4.2.x 2015-07-07 22:46:31 -05:00
Alex Panchenko
0a118336d4 SEC-2955: Convert to "static" for inner classes 2015-04-30 12:54:52 -05:00
Rob Winch
a67ef1c3a2 SEC-2944: Polish 2015-04-30 10:00:04 -05:00
Gunnar Hillert
3099f92154 SEC-2944 Add HttpStatusReturningLogoutSuccessHandler 
* Add HttpStatusReturningLogoutSuccessHandler to provide better logout capabilities for RESTful APIs
 2015-04-30 09:56:02 -05:00
Rob Winch
e08e9cda00 SEC-2851: Remove DataAccessException import from Persistent RememberMe 2015-04-21 14:57:32 -05:00
Rob Winch
09acc2b7a5 SEC-2962: SecurityContextHolderAwareRequestFilter default rolePrefix 2015-04-21 11:42:48 -05:00
Rob Winch
d5dfeeca49 SEC-2927: Update chat-jc pom so Maven Builds 
Previously there were some incorrect dependency versions. This commit fixes
that.

We added dependencyManagement for Spring Framework and corrected
Thymeleaf and embedded redis versions.
 2015-04-20 15:53:26 -05:00
Rob Winch
0bfbd2923a SEC-2915: Fix defaut login page tests with tabs 2015-04-17 12:13:44 -05:00
Rob Winch
4fdfb8caba SEC-2915: More Tabs -> Spaces 2015-04-17 11:34:34 -05:00
Rob Winch
db531d9100 SEC-2917: Update to Spring 4.1.6 2015-03-25 15:18:59 -05:00
Rob Winch
ae6af5d73c SEC-2915: Updated Java Code Formatting 2015-03-25 13:09:18 -05:00
Rob Winch
0a2e496a84 SEC-2915: groovy/gradle spaces->tabs 2015-03-25 13:08:59 -05:00
Rob Winch
cf9f58a4ac SEC-2915: XML spaces->tabs 2015-03-25 13:08:52 -05:00
Rob Winch
b85ad33aef SEC-2888: Polish 2015-03-13 16:10:39 -05:00
Pascal Gehl
85955015f7 SEC-2888 AntPathRequestMatcher ignores variables in pattern when pattern 
finishes with /**
 2015-03-13 16:03:08 -05:00
Rob Winch
e776a1fd35 SEC-2803: Add HttpStatusEntryPoint 2015-03-11 14:45:59 -05:00
Rob Winch
9d0085bb64 SEC-2882: DefaultLoginPageGeneratingFilter match on /login 
Previously DefaultLoginPageGeneratingFilter would match on /**/login
which was not ideal since other parts of the application may want to
match on the URL.

Now it matches on /login.
 2015-03-10 11:52:26 -05:00
Rob Winch
217152c8fd Polish Http403ForbiddenEntryPoint whitespace 2015-03-10 10:58:58 -05:00
Rob Winch
b04388ad62 SEC-2805: Remove unnecessary cast in Http403ForbiddenEntryPoint 2015-03-10 10:58:21 -05:00
Rob Winch
62d74aef3d Merge pull request #103 from bcecchinato/fix-logs 
Trivial logging fix in saveContext method in HttpSessionSecurityContextRepository
 2015-02-25 00:02:44 -06:00
Rob Winch
6fd45df1e4 SEC-2879: Add Test 2015-02-24 23:19:04 -06:00
Michael Cramer
8c0b16820b SEC-2879: JdbcTokenRepositoryImpl updateToken should use lastUsed arg 2015-02-24 23:18:38 -06:00
Marcin Mielnicki
9ea7372405 SEC-2878: Clean imports in UsernamePasswordAuthenticationFilter 2015-02-24 22:53:44 -06:00
Rob Winch
5f57e5b0c3 SEC-2873: Remember Me XML Configuration Defaults Should Match Java Config 2015-02-24 20:49:56 -06:00
Rob Winch
76d9ef4ec3 SEC-2872: CsrfAuthenticationStrategy Delay Saving CsrfToken 2015-02-24 17:30:57 -06:00
Rob Winch
98ae03fc40 SEC-2832: Add Tests 2015-02-24 17:30:56 -06:00
Stillglade
310e5bb285 SEC-2832: Update request attributes with new CsrfToken 2015-02-24 17:30:19 -06:00
Rob Winch
d973f5f80c SEC-2078: AbstractPreAuthenticatedProcessingFilter requriesAuthentication support for non-String Principals 
Previously, if the Principal returned by getPreAuthenticatedPrincipal was not a String,
it prevented requiresAuthentication from detecting when the Principal was the same.
This caused the need to authenticate the user for every request even when the Principal
did not change.

Now requiresAuthentication will check to see if the result of
getPreAuthenticatedPrincipal is equal to the current Authentication.getPrincipal().
 2015-02-24 16:37:55 -06:00
Rob Winch
706e7fd7a2 SEC-2863: Update to Spring 4.1.5 2015-02-20 11:43:04 -06:00
Rob Winch
6a8475adbb SEC-2830: Provide Same Origin support for SockJS 2015-02-18 11:21:02 -06:00
Rob Winch
a27c33754c SEC-2859: Add CsrfTokenArgumentResolver 2015-02-18 10:51:30 -06:00
Rob Winch
1a35292750 SEC-2791: AbstractRememberMeServices sets the version 
If the maxAge < 1 then the version must be 1 otherwise browsers ignore
the value.
 2015-02-04 15:57:45 -06:00
Rob Winch
1a00c397a4 SEC-2835: Polish 2015-02-04 15:50:24 -06:00
Rob Winch
07c54e5d0e SEC-2831: Regex/AntPath RequestMatcher handle invalid HTTP method 2015-02-04 11:57:46 -06:00
Kazuki Shimizu
31234ecef9 SEC-2835: Add DelegatingAuthenticationFailureHandler 
Add the DelegatingAuthenticationFailureHandler class to support
map each exception to AuthenticationFailureHandler. This class gives
more powerful options to customize default behavior for users.
 2015-02-04 10:49:13 -06:00
Kazuki Shimizu
1d0eee1d0b SEC-2840: Modify typo in DelegatingAccessDeniedHandler 2015-02-04 10:49:41 +09:00
Rob Winch
6627f76df7 SEC-2758: Make ROLE_ consistent 2015-01-29 17:08:43 -06:00
Rob Winch
8f0001f59a Next Development Version 2014-12-11 20:39:26 -06:00
Spring Buildmaster
49b69196de Release version 4.0.0.RC1 2014-12-11 20:36:55 -06:00
Rob Winch
11116c2b80 SEC-2787: Update Versions 2014-12-10 16:37:19 -06:00
Rob Winch
c67ff42b8a SEC-2783: XML Configuration Defaults Should Match JavaConfig 
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
 2014-12-08 15:09:15 -06:00
Rob Winch
b56e5edbbd SEC-2784: Fix build plugins 2014-12-08 14:24:34 -06:00
Rob Winch
6e204fff72 SEC-2781: Remove deprecations 2014-12-04 15:28:40 -06:00
Rob Winch
eedbf44235 SEC-2348: Security HTTP Response Headers enabled by default w/ XML 2014-11-21 16:06:29 -06:00
Rob Winch
2e1e9885ec SEC-2054: Polish 
Fix the tests to use .getName() for assertions
 2014-11-21 11:08:30 -06:00
Rob Winch
e2f7b38b87 SEC-2054: BasicAuthenticationFilter not invoked on ERROR dispatch 2014-11-21 10:47:45 -06:00
Rob Winch
dfa17bdb98 SEC-2747: Remove spring-core dependency from spring-security-crypto 2014-11-20 16:16:22 -06:00