Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,332 Commits 33 Branches 333 Tags 109 MiB
Commit Graph

3332 Commits

Author SHA1 Message Date
Luke Taylor f6ff958411 Renamed rnc file. 2008-07-30 11:05:44 +00:00
Luke Taylor 4bb3eb12c3 SEC-933: global-method-security and aop:aspectj-autoproxy throws NullPointerException in some situations 
http://jira.springframework.org/browse/SEC-933. Removed the setting of the attributeSource field from the interceptor in MethodDefinitionSourceAdvisor as this was overwriting the version supplied with the constructor with null (causing the NPE).
Also implemented lazy initialization of the authentication provider list from the bean factory in a custom NamespaceAuthenticationManager (extends ProviderManager and introspects the BeanFactory when getProviders() is first called). This should prevent the perennial problem of the eager initialization of UserDetailsService and other beans when the interceptor is eagerly initialized by something like aspectj-autoproxy.
 2008-07-30 11:01:23 +00:00
Luke Taylor f538a36cd3 SEC-939: Changed XML header to include schema locations for clarification. 2008-07-29 10:40:50 +00:00
Luke Taylor 6e06789a28 SEC-937: Added CAS logout filter to sample application 2008-07-28 10:53:55 +00:00
Luke Taylor 6b45eda37c SEC-877, SEC-553: Added code to sandbox/other 2008-07-17 17:46:11 +00:00
Luke Taylor f453264bde SEC-909: custom remember me services doesn't get registered as logout handler 
http://jira.springframework.org/browse/SEC-909. HttpSecurityBeanDefinitionParser now passes the resolved RememberMeServices bean name to the LogoutBeanDefinitionparser so that it an use it explicitly.
 2008-07-15 18:22:53 +00:00
Luke Taylor 1ddc033fe5 SEC-903: Wrong attribute mapping when using jdbc-user-service bean 
http://jira.springframework.org/browse/SEC-903. Corrected property name set by JdbcUserServiceBeanDefinitionParser (was setting authorities query rather than groups one).
 2008-07-15 16:43:57 +00:00
Luke Taylor e303e8b71a SEC-924: Implement automatic injection of namespace created RememberMeServices into custom AbstractProcessingFilter based beans. 
http://jira.springframework.org/browse/SEC-924. Delayed setting of NullRememberMeServices in AbstractProcessingFilter until afterPropertiesSet method is called, allowing the null value to be read by the namespace and the confgiured RememberMeServices bean injected.
 2008-07-15 14:52:13 +00:00
Luke Taylor bf5896600e OPEN - issue SEC-913: SwitchUserProcessingFilter modifies the switchFailureUrl member variable on failure 
http://jira.springframework.org/browse/SEC-913. Applied patch as suggested (use sendRedirect method for failure URL).
 2008-07-15 13:42:30 +00:00
Luke Taylor b4c63db680 SEC-921: Improved messages_zh_CN.properties for Chinese 
http://jira.springframework.org/browse/SEC-921. Added contributed file.
 2008-07-15 11:11:21 +00:00
Luke Taylor a56c13fb22 SEC-912: Added callback methods to BasicProcessingFilter for successful and unsuccessful authentication. 2008-07-12 17:40:39 +00:00
Luke Taylor 697c7c5f48 SEC-918: Added more info on DB schema to javadoc 2008-07-12 15:21:24 +00:00
Luke Taylor b32a418175 Added mmore info on 'springSecurityFilter' chain and warning not to use this bean name explicitly 2008-07-12 15:14:43 +00:00
Luke Taylor 4cebc67088 Added example config for JDBCDaoImpl and user-service-ref in namespace 2008-07-11 19:33:15 +00:00
Luke Taylor fbc7c31b5e SEC-918: Added DDL or user and authorities tables to section on JDBC UserDetailsService 2008-07-11 19:21:00 +00:00
Luke Taylor 7dc998196a Added faq on JDK and Spring version requirements 2008-07-11 14:43:36 +00:00
Luke Taylor 768219af81 Added exta sub-headings to facilitate searching for particular topics from content page 2008-07-11 13:27:19 +00:00
Luke Taylor 7039bfdfbe Minor text spacing correction 2008-07-11 13:11:35 +00:00
Luke Taylor d13b32c77f Clarified that paths are relative to the checked out source tree 2008-07-11 12:19:19 +00:00
Luke Taylor dce709a669 Minor code formatting in docbookk 2008-07-11 12:14:00 +00:00
Luke Taylor d9634bcb39 SEC-920: Update preauth sample to make use of internal authentication manager 
http://jira.springframework.org/browse/SEC-920. Updated context file to use <custom-authentication-provider>.
 2008-07-11 10:56:57 +00:00
Luke Taylor 8fe1b4b402 SEC-914: Slight modification of tld description text for readability. 2008-07-11 08:14:28 +00:00
Luke Taylor 30f1e5729a SEC-914: Corrected tagllib descriptor documentation for var attribute in authentication tag. 2008-07-11 07:52:52 +00:00
Luke Taylor 6d179122d3 SEC-916: Added Spanish messages contribution. 2008-07-10 15:32:01 +00:00
Luke Taylor bd4ed794ea SEC-904: Renamed SessionRegistryImplMultithreadedTests 2008-07-02 19:25:28 +00:00
Luke Taylor 2cda6242c8 SEC-904: Moved multi-threaded tests into sandbox 2008-07-02 19:19:21 +00:00
Luke Taylor 479693ced7 SEC-900: Added extra checks on expiry time 2008-07-02 18:40:55 +00:00
Luke Taylor d5df35f739 Update sandbox poms post-release 2008-07-02 16:27:02 +00:00
Luke Taylor b99a5dec29 Various mods to heavyduty app 2008-07-02 16:25:18 +00:00
Luke Taylor e1fcacbca5 Added general question on other security concerns 2008-07-01 21:00:30 +00:00
Luke Taylor bf45ff94e7 SEC-901: Improve docs on custom-filter and avoiding conflicts with namespace filters 2008-07-01 14:20:18 +00:00
Luke Taylor c372c2df87 SEC-896: Changed result.toString() to String.valueOf(result) in tag class to prevent NPE when value of property is null 2008-06-30 21:02:23 +00:00
Luke Taylor dd5edbcce9 Added labels to faqs 2008-06-30 20:59:27 +00:00
Luke Taylor 3a25766da1 Adding sub-headings etc to 'secure objects' section 2008-06-27 13:12:27 +00:00
Luke Taylor 6ff0b969d5 Corrected ldap sample config (traditional bean version was wrong) 2008-06-23 23:43:48 +00:00
Luke Taylor 775a6c3939 [maven-release-plugin] prepare for next development iteration 2008-06-23 14:10:35 +00:00
Luke Taylor 87d50aecce [maven-release-plugin] prepare release spring-security-parent-2.0.3 2008-06-23 14:05:36 +00:00
Luke Taylor 125f5911c0 Heavyduty sample additions to check multiple-parameter values 2008-06-23 13:27:08 +00:00
Luke Taylor 57558de3ec Added error page URL to openid login sample 2008-06-23 13:18:35 +00:00
Luke Taylor 456e737d31 Corrections to readme 2008-06-23 13:16:50 +00:00
Luke Taylor 66008817c4 Changed OSGi version prior to 2.0.3 release 2008-06-23 13:14:42 +00:00
Luke Taylor 5ec06778f5 removed optional scope from jaxen dependecy in preauth sample as it breaks war file 2008-06-23 13:00:03 +00:00
Luke Taylor 2fa991c44f Some reorganization of itest module 2008-06-22 21:42:25 +00:00
Luke Taylor 3ee8733261 SEC-879: Added required BeanPostProcessor to set SessionRegistry is set on namespace registered AbstractProcessingFilter and SessionFixationProtectionFilter when using custom ConcurrentSessionController 
http://jira.springframework.org/browse/SEC-879.
 2008-06-20 22:08:05 +00:00
Luke Taylor d5ee89bb7c Correct typo in error message. 2008-06-19 15:21:03 +00:00
Luke Taylor ff5bfccdba SEC-892: Linked use of create-session='never' in namespace to corresponding properties in ExceptionTranslationFilter and AbstractProcessingFilter 2008-06-19 13:46:45 +00:00
Scott Battaglia 5b089aea16 SEC-852 
provided mechanism to do get a proxy ticket
 2008-06-18 17:34:14 +00:00
Scott Battaglia d7f194df78 SEC-886 
upgraded to the most recent CAS Client for Java (3.1.3)
 2008-06-18 17:22:20 +00:00
Luke Taylor c56d524bd9 SEC-887: Added setter method for account status checker. 2008-06-18 12:00:45 +00:00
Luke Taylor af5f193ec1 SEC-890: Corrected use of dataSource property name in RememberMeBDP. 2008-06-18 10:35:30 +00:00