3c97d68346
Upgrade to bundlor RC1
2010-01-05 22:34:27 +00:00
dc5417f1d5
SEC-1352: Added support for placeholders in <user-service>
...
The username, password and authorities attributes can now be placeholders.
2010-01-05 22:34:10 +00:00
f5d36aef65
SEC-1350: Improved Javadoc for AbstractPreAuthenticatedProcessingFilter
...
Added clarification that the credentials returned
by the subclass should not be null or they will
typically be rejected by the provider. Also added
some general overview.
2010-01-05 16:01:55 +00:00
93973a4b75
SEC-1304: Removed compareTo method from GrantedAuthorityImpl
...
This method had been left by mistake when the Comparable
interface was removed. See also SEC-1347.
2010-01-04 19:13:49 +00:00
c6b8fe5e55
SEC-1346: Added missing 'return' statements after redirects.
...
ConcurrentSessionFilter and SessionManagementFilter now return immediately after redirecting to the expired URL and invalid session URLs respectively. Extra tests added to check.
2010-01-03 19:06:58 +00:00
80aacf447f
Refactored JaasAuthenticationProvider
...
The toUrl() method on File gives a deprecation warning with Java 6, so I reimplemented
the logic for building the Jaas config URL.
2010-01-03 16:28:44 +00:00
893f212fa5
Tidying
2010-01-02 19:53:19 +00:00
b737fa451d
SEC-1344: Minor CAS doc updates
2009-12-29 14:45:29 +00:00
0aab19ed4b
Added additional info on concurrent session usage
2009-12-28 14:32:54 +00:00
744ed95b51
SEC-1343: ref manual typos
2009-12-28 13:59:21 +00:00
7e817b9640
NOJIRA formatting fix
2009-12-24 14:40:24 +00:00
4afe6c2c6a
SEC-1341
...
made it more extensible
2009-12-24 14:39:40 +00:00
3bb5ca5d4b
NOJIRA
...
upgraded to latest CAS client (3.1.10)
2009-12-24 14:26:58 +00:00
bcb1ff8921
SEC-1342: Introduced extra factory method in SecurityConfig to get round problem with Spring converting a string with commas to an array
2009-12-23 14:12:59 +00:00
115d5b84ff
[maven-release-plugin] prepare for next development iteration
2009-12-22 22:20:01 +00:00
6c6ef08353
[maven-release-plugin] prepare release spring-security-3.0.0.RELEASE
2009-12-22 22:19:38 +00:00
d695c85ad8
Removed maven structure from sandbox, and 'other' module, which is out of date.
2009-12-22 22:00:34 +00:00
a7770a64d3
Update cas server version in runall.sh
2009-12-22 21:31:26 +00:00
48be79108a
Gradle build file for 'heavyduty' sample
2009-12-22 19:55:53 +00:00
aad7d01c84
Updated CAS server version for sample use to 3.3.5
2009-12-22 19:35:20 +00:00
b96b14c5d0
Changed 'Advanced Topics' to more general 'Additional Topics'
2009-12-22 19:02:34 +00:00
1af9f8efea
SEC-1327: Minor doc update
2009-12-22 13:40:05 +00:00
be56d72912
SEC-1340: Minor doc corrections
2009-12-22 13:25:10 +00:00
e64866ae6a
Updated bundlor templates and introduced spring.version variable
2009-12-22 01:10:04 +00:00
052685e154
Add taglibs chapter to manual
2009-12-22 01:09:56 +00:00
3418aab46e
SEC-1327: Javadoc additions to clarify some behaviour
2009-12-21 17:32:54 +00:00
dd90f9332c
SEC-1326: Removed unncecessary exclusions
2009-12-21 17:32:45 +00:00
fcce29f8df
SEC-1326: Updating dependencies to match Spring versions. Removing unused deps.
2009-12-21 17:32:38 +00:00
89809e9029
SEC-1329: Added info on attribute-exchange configuration to the namespace chapter
2009-12-19 18:32:57 +00:00
97a31cae04
SEC-1333: Added error message for invalid redirect URL assertion
2009-12-18 19:29:36 +00:00
aeed49393c
Switching StringBuffer to StringBuilder throughout the codebase (APIs permitting).
2009-12-18 18:44:42 +00:00
fac07ba8ff
Schema updates to Spring 3.0
2009-12-18 18:44:17 +00:00
75311bad9a
LDAP API correction in ref manual
2009-12-18 18:04:08 +00:00
76731254c0
SEC-1328: Fixed issue with redirect to context relative URLs where the context name is part of the domain name.
2009-12-18 18:04:03 +00:00
85a58fd473
SEC-1331: Modify namespace to allow omission of user passwords in user-service element and generate random ones internally, preventing authentication against the data..
2009-12-18 15:39:13 +00:00
fabe03ba33
Doc updates
2009-12-18 15:39:02 +00:00
354b043fd1
SEC-1337: Add Serializable interface to internal comparator
2009-12-18 14:12:32 +00:00
55679971f0
SEC-1337: Make User serializable by moving anonymous comparator class
2009-12-18 13:49:02 +00:00
27dfff106e
Better FAQ css formatting
2009-12-18 12:56:27 +00:00
0297996bbb
Updated to Spring 3 release
2009-12-17 12:36:30 +00:00
06e092d46a
Midor Javadoc correction.
2009-12-15 15:39:01 +00:00
efb9ab4ff8
Completed initial draft of taglibs chapter
2009-12-15 00:03:04 +00:00
3a24ddfb43
Corrected description in tld file for accescontrollist tag, removing reference to outdated class.
2009-12-15 00:02:02 +00:00
88caa4d221
SEC-1322: More doc updates following further user requests for clarification
2009-12-14 15:13:57 +00:00
6805761d85
Extra test to confirm http-method specific matching behaviour.
2009-12-14 13:55:48 +00:00
cad32ffe39
SEC-1325: Tighten up Authentication interface contract to disallow null authorities. Modified internals of AbstractAuthenticationToken to use an empty list instead of null. Clarified Javadoc. removed unnecessary null checks in classes which use the interface.
2009-12-13 17:37:24 +00:00
ef3d9c7877
Tidying Javadoc.
2009-12-13 16:20:28 +00:00
1e8ea55030
SEC-1320: JaasAuthenticationProvider can not find jaas realm defined inside service archive. Added flag to control refresh of configuration on startup.
2009-12-13 16:19:53 +00:00
fdc9c5fd08
Ref manual content and docbook improvements
2009-12-12 21:21:59 +00:00
282bfc3151
Added some integration tests for Basic authentication, both alone and in combination with form login.
2009-12-12 17:32:27 +00:00
Luke Taylor
Scott Battaglia