Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-03-09 06:50:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,846 Commits 35 Branches 337 Tags
31d5b5068c
Commit Graph

181 Commits

Author SHA1 Message Date
Johnny Lim
f94399cff9 Polish 2016-11-17 09:49:41 -06:00
Rob Winch
8e546454a5 Polish ApacheDSContainer LDAPs support 
Issue gh-4096
 2016-10-25 10:17:08 -05:00
Gunnar Hillert
406bb1d4d5 Add LDAPs support to ApacheDSContainer 
* Add the ability to enable LDAP over SSL (LDAPs)
* Add tests

Fixes gh-4096
 2016-10-25 10:16:35 -05:00
Rob Winch
b443baef04 Polish GrantedAuthorityDefaults 
* Move GrantedAuthorityDefaults to config module
* Move setting of default role into config module vs
  ApplicationContextAware

Issue gh-3701
 2016-09-22 15:13:05 -05:00
Eddú Meléndez
eabeaf35d6 Make single definition of defaultRolePrefix and rolePrefix 
Previous to this commit, role prefix had to be set in every class
causing repetition. Now, bean `GrantedAuthorityDefaults` can be used to
define the role prefix in a single point.

Fixes gh-3701
 2016-09-21 14:55:41 -05:00
Juan Ignacio Barisich
1171e25bc7 LdapUserDetails extends CredentialsContainer 
LdapUserDetails extends CredentialsContainer in order to clear password when erase-credentials is true.

Fixes gh-4029
 2016-08-19 12:26:07 -04:00
Eddú Meléndez
13b0ddb7e6 Fix test assertions 2016-07-07 13:29:00 -05:00
Rob Winch
77a478ba0d Fix ApacheDSEmbeddedLdifTests checkstyle 
Issue gh-54
 2016-06-21 09:56:34 -05:00
Marcin Zajączkowski
a3c4a5fde7 SEC-2387 - add ignored failing test case 2016-06-21 09:53:38 -05:00
Eddú Meléndez
a2ead4cf7a Polish 
Fixes gh-3892
 2016-06-20 12:35:43 -05:00
Filip Hanik
6b436ff409 Avoid duplicate attribute search. 
When using search-and-bind strategy, the user attributes are already returned in the first search.
If the user happens to not have privileges to perform a search, the second search may fail.
(user only has bind privileges)
See https://github.com/cloudfoundry/uaa/issues/342
 2016-06-17 16:43:06 -05:00
Rob Winch
f221920a19 Clean up code to conform to basic checkstyle 
Issue gh-3746
 2016-03-14 00:15:12 -05:00
Billy Korando
71d4ce96ad Convert to assertj 
Fixes gh-3175
 2016-03-09 14:30:17 -06:00
Rob Winch
bb600a473e Start AssertJ Migration 
Issue gh-3175
 2016-03-09 14:26:30 -06:00
Rob Winch
5f84902e72 Merge pull request from ckarawani/master 
SEC-2757: Removed assertion of 'sn' when creating LdapUserDetails
 2015-10-01 16:18:26 -05:00
Thomas Darimont
ad1d858e2b SEC-3056 - Fix JavaDoc errors. 
Fixed JavaDoc errors accross multiple modules in order to make javadoc happy with Java 8.
 2015-08-03 08:02:24 -05:00
Rob Winch
75f57b96cb SEC-2493: Fix javadoc for DefaultLdapAuthoritiesPopulator 2015-07-14 13:20:05 -05:00
Carl Karawani
d1cfb1ca74 SEC-2757: Removed assertion of 'sn' needing to be defined on Person when creating LdapUserDetails 2015-06-15 16:54:54 -04:00
kris
1a716d0593 SEC-2954: Update ActiveDirectoryLdapAuthenticationProvider javadoc 
Cleaning up docs to match
cd352f665b (diff-c7d6415af2848047b4b7bde824f66fcb)
 2015-04-30 11:54:18 -05:00
Rob Winch
ae6af5d73c SEC-2915: Updated Java Code Formatting 2015-03-25 13:09:18 -05:00
Rob Winch
cf9f58a4ac SEC-2915: XML spaces->tabs 2015-03-25 13:08:52 -05:00
Rob Winch
3adbf53502 SEC-2897: ActiveDirectoryLdapAuthenticationProvider uses bindPrincipal 2015-03-10 16:33:48 -05:00
Chris Bonham
d579d00892 SEC-2559: Added missing givenName attribute to Person 2015-02-24 23:50:09 -06:00
Rob Winch
c0fbd30e65 SEC-2071: Move optional constructor arg last 2015-02-24 23:35:45 -06:00
Henri Tremblay
fbb902c9b5 SEC-2071: ActiveDirectoryLdapAuthenticationProvider custom rootDn 
Allow to provide a root DN different from the domain
 2015-02-24 23:33:42 -06:00
Rob Winch
cd352f665b SEC-1915: Polish 
* Restore default search filter to remain passive
* Check the search filter in setSearchFilter
* Add additional tests
 2015-02-24 21:37:49 -06:00
Mateusz Rasiński
c54346b690 SEC-1915: Custom ActiveDirectory search filter 
Currently the search filter used when retrieving user details is hard coded.

New property in ActiveDirectoryLdapAuthenticationProvider:
- searchFilter - the LDAP search filter to use when searching for authorities,
default to search using 'userPrincipalName' (current) OR 'sAMAccountName'
 2015-02-24 21:14:58 -06:00
Rob Winch
6e204fff72 SEC-2781: Remove deprecations 2014-12-04 15:28:40 -06:00
Andy Wilkinson
a28650c715 Provide a ClassLoader to be used to load LDIF files 
Prior to this change, ApacheDSContainer created a LdifFileLoader
without a ClassLoader. This limited its ability to load LDIF files
and causes a problem with an executable war in Spring Boot. See [1]
for details.

ApacheDSContainer now initialises LdifFileLoader with a ClassLoader.
This allows it to locate LDIF files packaged in WEB-INF/classes in
the case of an executable war file. The executable jar case was not
affected by this problem as, in that case, the LDIF file is pacakaged
in the root of the jar and is accessible via getSystemResourceAsStream

[1] https://github.com/spring-projects/spring-boot/issues/1550
 2014-09-24 13:49:15 -05:00
Rob Winch
02c3565e22 Fix compiling in Eclipse 2014-09-16 10:18:46 -05:00
Rob Winch
4a633a938a SEC-2690: Add guard around debug statement 2014-07-28 16:25:27 -05:00
Rob Winch
0f6235bbe0 SEC-2690: Polish LdapAuthority 
- Make dn required (as javadoc inidicates)
- Simplify .equals since role cannot be null
- Formatting polish
 2014-07-28 16:25:27 -05:00
Rob Winch
aac4ede3a4 SEC-2690: Polish method modifiers 
- Make methods final where possible
- Make methods private where possible
 2014-07-28 16:25:27 -05:00
Rob Winch
1761b29e58 SEC-2690: String[]->List<String> 
Use Collections rather than Arrays since Collections can be immutable.
 2014-07-28 16:25:27 -05:00
Rob Winch
15c837d5de SEC-2690: Revert explicit TcpTransport since causes tests to fail 2014-07-28 16:25:26 -05:00
Rob Winch
6b43b261bc SEC-2690: Formatting cleanup 2014-07-28 12:41:56 -05:00
Filip Hanik
93b863d2e5 SEC-2690: Support static nested groups in LDAP 
This refers to groups that have member: <another group DN> as an attribute
- Add in a utility method in the SpringSecurityLdapTemplate to retrieve multiple attributes and their values from an LDAP record
- Make the DefaultLdapAuthoritiesPopulator more extensible
- Add an LdapAuthority object that holds the DN in addition to other group attributes
- Add a NestedLdapAuthoritiesPopulator to search statically nested groups
 2014-07-28 12:40:19 -05:00
Rob Winch
6dc0733d9e SEC-2659: ApacheDSContainer fails on import multiple ldif 2014-06-17 17:19:51 -05:00
Rob Winch
3ba1f66f9d SEC-2606: ApacheDSServerIntegrationTests scan for available port 2014-05-21 06:51:11 -05:00
Rob Winch
cbd06a4994 SEC-2472: Support LDAP crypto PasswordEncoder 2014-05-20 23:15:36 -05:00
Rob Winch
fa6218cf73 SEC-2558: Fix failing ApacheDSContainerTests when port is taken 2014-04-15 11:52:09 -05:00
Rob Winch
a7005bd742 SEC-2500: Prevent anonymous bind for ActiveDirectoryLdapAuthenticator 2014-03-10 14:33:39 -05:00
Rob Winch
8afa8d8588 Fix integration tests 2014-03-06 07:56:40 -06:00
Rob Winch
e17adad878 SEC-2469: Support Spring LDAP 2.0.1+ 2014-02-12 08:11:26 -06:00
Mat Booth
c6a534cad8 SEC-2418: Minor fix to toString method in LdapUserDetailsImpl 2013-12-02 12:00:09 -06:00
Rob Winch
5bc6f64b03 SEC-2405: Added tests for OBJECT_FACTORIES 2013-11-20 14:04:15 -06:00
Mattias Hellborg Arthursson
bc6fc518d3 SEC-2405: Use DirContextAdapter directly from search. Configure OBJECT_FACTORIES on DirContext created for ActiveDirectory. 2013-11-20 13:51:51 -06:00
Rob Winch
d9c9cd7f84 Remove warnings from defaultSpringSecurityContextSource 2013-09-13 15:54:21 -07:00
Rob Winch
b4cbcee7f0 SEC-2308: DefaultSpringSecurityContextSource allow empty baseUrl 2013-09-13 15:53:35 -07:00
Rob Winch
34893cd53a Remove ApacheDSContainerTests successfulStartupAndShutdown since it was commented out 2013-04-25 11:21:23 -05:00