Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-24 11:13:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,064 Commits 58 Branches 351 Tags
Commit Graph

76 Commits

Author SHA1 Message Date
Luke Taylor
3c02989d67 Removal of jmock test dependency and upgrading of mockito version to 1.8.5. Minor adjustments to other build deps and configurations (e.g. prevent groovy from being used as a transitive dep, since we only use it for tests). 2010-08-18 02:32:43 +01:00
Luke Taylor
64375484a1 More build and logging tuning. 2010-08-04 22:55:17 +01:00
Luke Taylor
ea5f2088b5 Comment out OpenLDAP tests to allow running in IDEA, and reduce default load configuration of performance test class. 2010-07-12 12:40:19 +01:00
Luke Taylor
69a10c48ae Switch to using slf4j/logback for logging. 
We still compile modules against commons-logging but all runtime logging and samples will use logback
 2010-07-12 12:39:52 +01:00
Luke Taylor
e1f575c545 SEC-1480: Add simple equals and hashcode methods based on DN value to LdapUserDetailsImpl to allow its use as a map key (in SessionRegistry, for example). 2010-05-15 02:29:11 +01:00
Luke Taylor
2b9beffd08 SEC-1444: Fix JNDI escaping problems in LDAP authentication. 
CompositeName adds quotes to names which contain a forward slash ("/") character. These are automatically removed by Spring LDAP's DistinguishedName, but only if they are at the ends of the String. Since we were preprending the base to the (quoted) DN, resulting in something like ["cn=joe/b",ou=people], this was causing problems with the DN value returned from the search. Additionally, the bind succeeds when a DN is used with a slash, but the subsequent call to getAttributes() fails. This call now passes in a DistinguishedName for the user DN instance instead of a String.
 2010-03-27 15:30:15 +00:00
Luke Taylor
052537c8b0 Removing $Id$ markers and stripping trailing whitespace from the codebase. 2010-01-08 21:05:13 +00:00
Luke Taylor
caff3ee9ba SEC-1231: Authentication.getAuthorities should be of type Collection<GrantedAuthority> and not List<GrantedAuthority>. Refactored the interface and related classes to match (UserDetails etc). 2009-10-05 19:28:53 +00:00
Luke Taylor
245fc96137 SEC-1075: Update the embedded LDAP server to use Apache DS 1.5. Updated to use the new 1.5.5 release for the embedded server. 2009-09-01 23:21:44 +00:00
Luke Taylor
f6f5855b52 SEC-1222: Provide a constructor for LdapUserDetailsService that does not require an LdapAuthoritiesPopulator. Done. 2009-09-01 16:42:11 +00:00
Luke Taylor
2f9a98c7ce SEC-214: Update keywords. 2009-08-18 23:39:33 +00:00
Luke Taylor
8ed9f8a057 Remove wrongly named file 2009-08-18 23:32:40 +00:00
Luke Taylor
4df370b100 SEC-214: Add functionality to be able to use LDAP password policy request/response controls. Added PasswordPolicyAwareContextSource, ppolicy control implementations (from Sandbox) and modified BindAuthenticator to check for the presence of the response control, adding the control to the retured DirContextAdapter if appropriate. LdapUserDetailsImpl also contains the data for grace logins remaining and time till password expiry. Added OpenLDAP startup script with test data and integration test which operates against the data (must be run manually). 2009-08-18 23:09:16 +00:00
Luke Taylor
01b8def455 SEC-1145: Added test to confirm that there is no pooling issue in the trunk. There are already checks for the presence of the pooling flag. 2009-06-03 17:13:33 +00:00
Luke Taylor
6d655aa514 SEC-1132: More refactoring to remove cycles ad reduce complexity metrics 2009-05-04 14:24:54 +00:00
Luke Taylor
929b6bb1a0 Refactoring to remove warnings in LDAP module. 2009-04-27 11:05:58 +00:00
Luke Taylor
b2b2c95e55 SEC-1098: Added ignorePartialResultException property which is set on the LDAP template. 2009-04-21 03:37:16 +00:00
Luke Taylor
c7baeab172 SEC-1117: Moved check for empty password from LdapAuthenticationProvider to BindAuthenticator to allow use with Ntlm. 2009-04-20 06:08:00 +00:00
Luke Taylor
350f75f7f3 SEC-1084: Retain Authentication.details when authenticating in LdapAuthenticationProvider. 2009-04-20 05:02:42 +00:00
Luke Taylor
93bdcccaee SEC-1132: Moved userdetails into core and added core/authority sub-package 2009-04-15 07:39:21 +00:00
Luke Taylor
10673780db OPEN - issue SEC-1136: Removed SpringSecurityException. Introduced new AclException as base class for Acl module. Refactored JAAS authentication to map to AuthenticationExcpetions rather than SpringSecurityException. Modified ExceptionTranslationFilter to look explicitly for AuthenticationException or AccessDeniedException (which it should do since these are the only two it handles). 2009-04-13 14:56:49 +00:00
Luke Taylor
ca7d055c2b SEC-1132: Created core and authentication packages within core module. 2009-04-13 13:43:23 +00:00
Luke Taylor
f746a20ab4 SEC-1132: package refactoring of non-core modules 2009-03-27 05:01:03 +00:00
Luke Taylor
bec84f874a SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples. 2009-03-26 07:18:36 +00:00
Luke Taylor
2c985a1c36 SEC-1126: separated out spring-security-config module containing namespace configuration classes and resources 2009-03-23 04:23:48 +00:00
Luke Taylor
4aae5ec42e SEC-1124: Refactored LDAP code into separate module 2009-03-19 06:30:32 +00:00