Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 15:20:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,866 Commits 33 Branches 337 Tags
Commit Graph

979 Commits

Author SHA1 Message Date
Luke Taylor
3dd0716611 SEC-539: Altered storeSecurityContextInSession to take the SecurityContext as a parameter rather than calling SecurityContextHolder.getContext(). This allows SecurityContextHolder.clearContext() to be called immediately after reading the context in the finally block of doFilter(). 2007-08-28 21:58:30 +00:00
Luke Taylor
fa63d8ecfb SEC-539: Refactored if (httpSession == null) block in storeSecurityContextInSession() 2007-08-28 21:25:17 +00:00
Luke Taylor
ce3eb599ed SEC-539: Renamed populateSecurityContextFromSession to extractSecurityContextFromSession and removed the side-effect of setting SecurityContextHolder. It now returns the context found in the session (or null) and SecurityContextHolder.setContext() is called in a single place in doFilter(). 2007-08-28 21:11:48 +00:00
Luke Taylor
ba88214d1d SEC-539: Refactored populateSecurityContextFromSession() to reduce nested blocks and clarify logic. 2007-08-28 20:16:19 +00:00
Luke Taylor
27ef2caf45 SEC-539: Removed filterApplied boolean. 2007-08-28 19:56:33 +00:00
Luke Taylor
e8d11f28f2 SEC-539: Extracted storeSecurityContextInSession() method. 2007-08-28 19:54:24 +00:00
Luke Taylor
bcf69cbe3d SEC-539: Extracted populateSecurityContextFromSession() method. 2007-08-28 19:16:37 +00:00
Luke Taylor
6651a240de Replaced massive if/else with guard clause to reduce nesting. Moved declaration of filterApplied boolean to where it is actually set. It is only used when removing the attribute from the request at the end of the invocation, so should probably not be needed at all. request.removeAttribute() can be called regardless of whether the attribute is set or not. 2007-08-28 18:26:04 +00:00
Luke Taylor
6fe00b3433 SEC-501: Fix. Convert secure url paths to lower case if convertUrlToLowercaseBeforeComparison is true. 
Also removed unnecessary assertions from PathBasedFilterDefinitionMapTests.
 2007-08-28 16:53:05 +00:00
Luke Taylor
4ba77fa736 SEC-450: Added group subtree to LDAP test server and extra tests for DefaultLdapAuthoritiesPopulator to make sure searchSubtree parameter works as expected. 2007-08-28 15:26:59 +00:00
Luke Taylor
e189bc685f SEC-408: Fix. Provide getter for filterProcessesUrl. 2007-08-28 11:37:05 +00:00
Luke Taylor
c8077c5e87 SEC-506: Fix as suggested by reporter. Split the disgest header string ignoring separating commas which occur between quotes. 2007-08-28 00:31:30 +00:00
Luke Taylor
3f123e1478 SEC-518: Fix. "Cache" in EhCache is a class, so change the APIs to use the interface it implements (Ehcache). 2007-08-27 23:41:59 +00:00
Luke Taylor
87d6b8dedd SEC-412: Fix. Added extra constructor to UsernameNotFoundException allow use of extraInformation property of parent class. 2007-08-27 23:22:48 +00:00
Luke Taylor
dda88e3931 SEC-502: Fix. Use a Map instead of HashMap in the API. Also some minor tidying of test class. 2007-08-27 17:21:16 +00:00
Luke Taylor
57f3d268a1 SEC-519: Fix. Changed notNull() assertion for "key" parameter to hasText() to prevent the use of empty keys. 2007-08-27 17:17:25 +00:00
Luke Taylor
1c72b7989e Fix for SEC-522. Strip query parameters from logout URL before doing comparison with filterProcessesUrl. 2007-08-27 17:14:23 +00:00
Luke Taylor
82599a72ba Reformatted LogoutFilter. 2007-08-27 16:56:33 +00:00
Luke Taylor
f8689b18b2 SEC-526: Fixed. Support for different case prefixes ({SHA}, {sha} etc). 2007-08-27 16:23:14 +00:00
Luke Taylor
0425d3b638 Rolled back unnecessary changes (whitespace, imports etc) for SEC-398 to make actual change from revision 1858 clearer. 2007-08-27 13:29:39 +00:00
Ben Alex
db3024f9a4 SEC-271: Revert Ordered and ApplicationContextAware usage at this time, due to release of 1.0.. 2007-08-25 00:15:30 +00:00
Vishal Puri
2b4d8a6378 Removed print statement 2007-08-22 04:48:04 +00:00
Luke Taylor
3fbc7beb88 SEC-251: Document use of {1} parameter in javadoc for DefaultLdapAuthoritiesPopulator. 2007-08-17 15:45:57 +00:00
Vishal Puri
bc30b903f8 SEC-398: Lazy update of 'filterApplied' to true 2007-07-25 05:34:40 +00:00
Luke Taylor
a499e74102 SEC-449: Add spring-ldap dependency to pom.xml. 2007-07-24 17:23:47 +00:00
Luke Taylor
b646a06443 Fix for SEC-512. Removed unnecessary context creation. 2007-07-24 17:01:36 +00:00
Luke Taylor
aea1148ffb Fix broken test caused by null application context in AbtractAccessDecisionManager when auto-detection of voters is called. 2007-07-24 16:48:49 +00:00
Vishal Puri
c5cc42e16c made two instance variables protected for RBA solution 2007-07-23 07:59:28 +00:00
Vishal Puri
5ea8232f84 SEC-484: fixed concurrency issue 2007-07-23 07:58:31 +00:00
Vishal Puri
0e46e5307c SEC-271: added Ordered interface to AcessDecisionVoters 2007-07-06 13:34:43 +00:00
Vishal Puri
ef38844a6d Improved comments and made TokenBasedRememberMeServices modular to support subclasses 2007-06-27 08:33:37 +00:00
Ray Krueger
0159b617cf Refactored the failureUrl lookup into a protected method to allow customization 2007-06-19 13:09:57 +00:00
Vishal Puri
b2c30277f4 SEC-271: work on security:autoconfig 2007-06-19 04:08:19 +00:00
Carlos Sanchez
165d2c0122 [maven-release-plugin] prepare for next development iteration 2007-06-02 21:28:53 +00:00
Carlos Sanchez
942b5d7345 [maven-release-plugin] prepare release acegi-security-1.0.4-maven2 2007-06-02 21:21:51 +00:00
Ben Alex
4561c3a1f1 Remove unused imports that were causing warnings. 2007-05-25 05:33:06 +00:00
Ben Alex
e252f4a497 Make compatible with Assert static class in Spring 1.2.9. 2007-05-25 05:32:32 +00:00
Vishal Puri
5b97b3458c utility class added required to copy ordering information from one object to another 2007-05-25 03:25:28 +00:00
Ben Alex
10bf40fc03 SEC-472: Provide support for subclasses to select the login form URL to use for a given request. 2007-05-25 03:21:17 +00:00
Vishal Puri
b30162191e SEC-271: Moved spring security namespaces cnfig code to sandbox 2007-05-25 03:17:12 +00:00
Ben Alex
a8b402462e SEC-470: Provide flexibility to customize cookie name. 2007-05-25 03:12:49 +00:00
Ben Alex
24b31c0c57 SEC-443: Provide useRelativeContext property. 2007-05-25 02:55:25 +00:00
Ben Alex
c8d5374602 SEC-436: Add hashCode() methods. 2007-05-25 02:28:40 +00:00
Ben Alex
95735017e6 SEC-421: MutableAcl.setParent(MutableAcl) method to accept Acl parameter, not MutableAcl. 2007-05-25 02:22:18 +00:00
Ben Alex
d0d645788a SEC-405: Extract out target URL determination method. 2007-05-25 02:07:44 +00:00
Ben Alex
998fc938df SEC-403: Add support for Chinese. 2007-05-25 02:04:44 +00:00
Ben Alex
296d235135 SEC-343: Make obtainAllDefinedFilters() protected. 2007-05-25 02:03:12 +00:00
Ben Alex
1fa89e99c4 SEC-307: Preserve result of AuthenticationManager.authenticate(Authentication). 2007-05-25 02:00:37 +00:00
Ben Alex
3b9a8dc53e SEC-444: Handle synchronization issues if multiple authentications taking place for same session ID concurrently. 2007-05-25 01:38:42 +00:00
Ben Alex
4f13db5552 SEC-398: Delay sending of redirect until after HttpSession updated with revised SecurityContextHolder contents. 2007-05-25 01:24:07 +00:00