Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,931 Commits 33 Branches 333 Tags 109 MiB
Commit Graph

2931 Commits

Author SHA1 Message Date
Luke Taylor 883b92e7bd SEC-822: Converted to long arithmetic to prevent integer overflowing with long token validity periods 2008-05-08 15:07:40 +00:00
Luke Taylor 301d021bf5 SEC-817: NPE in org.springframework.security.config.FilterChainProxyPostProcessor 
Reversed order of beanName.equals() call as suggested.
 2008-05-07 13:58:53 +00:00
Luke Taylor 8ad2d681ab SEC-818: Changed redirect URL validation to ignore potential property placeholders at parsing time and report a warning through the parser context rather than an error. Also validated the URLs in the beans themselves using Asserts, so an exception will occur later when the beans have been created rather than while assembling the bean definitions. 2008-05-07 13:49:20 +00:00
Luke Taylor 5cf0c84e2f SEC-814: Added standard bean config to ldap example and updated doc to provide some pointers to DefaultLdapAuthoritiesPopulator 2008-05-06 14:50:14 +00:00
Luke Taylor afc757e618 Removed reference to LdapDataAccessException since it isn't actually mentioned except in javadoc 2008-05-06 14:43:52 +00:00
Luke Taylor c333070fe3 Javadoc tidying 2008-05-06 13:59:46 +00:00
Luke Taylor fca3a2a709 SEC-812: Added missing TextUtils file 2008-05-05 19:09:09 +00:00
Luke Taylor fa44c74993 SEC-812: Added entity-escaping of username stored under last username key, to prevent problems if it is rendered in a page without escaping the text. 2008-05-05 18:37:02 +00:00
Luke Taylor 06719053f1 Removed commons lang dependency. 2008-05-05 17:18:47 +00:00
Luke Taylor e7b6fe09e1 Corrected css for 'poweredBy' 2008-05-03 16:18:19 +00:00
Ben Alex 9961c7f867 Moved to correct build location. 2008-05-02 10:52:57 +00:00
Ben Alex 7a2e1e13d3 SEC-811: Provide a mechanism to allocate and rebuild cryptographically strong, randomised tokens. 2008-05-02 10:38:56 +00:00
Luke Taylor a599ef5398 [maven-release-plugin] prepare for next development iteration 2008-05-01 20:09:03 +00:00
Luke Taylor 3e808335a4 [maven-release-plugin] prepare release spring-security-parent-2.0.1 2008-05-01 20:07:46 +00:00
Luke Taylor 054e2f6c38 SEC-624: Start of preauth document 2008-05-01 19:51:35 +00:00
Luke Taylor 79ca0d1612 Set correct 'test' scope on core-tests dependency 2008-05-01 19:47:47 +00:00
Luke Taylor 18a9965b80 Moved dummy file out of default package for easy exclusion from javadoc 2008-05-01 19:45:36 +00:00
Luke Taylor de179c3e46 Fixed javadoc links 2008-05-01 19:44:34 +00:00
Luke Taylor fc498954c6 Updated sample context files to point at 2.0.1 schema 2008-05-01 17:51:48 +00:00
Luke Taylor 014f21ee85 Deleted attributes sample 2008-05-01 17:50:47 +00:00
Luke Taylor 6ecfa0541f SEC-806: Osgi-ified more modules 2008-05-01 17:11:31 +00:00
Luke Taylor 4984d4be65 OPEN - issue SEC-757: Add validation of redirect URLs on namespace 
http://jira.springframework.org/browse/SEC-757. Added validation method to ConfigUtils and calls to it for url attributes.
 2008-05-01 16:39:31 +00:00
Luke Taylor af3dc22586 added Ruud S. to contributors list 2008-05-01 16:37:33 +00:00
Luke Taylor 26d2b03667 Updates to heavyduty sample 2008-05-01 16:36:16 +00:00
Ben Alex e7e256a9d5 SEC-787: Consistently use lowercase in all ACL module SQL statements. 2008-05-01 07:48:10 +00:00
Luke Taylor 0df9dee9dd SEC-806: Improved OSGi bundle version information support 2008-04-30 18:02:47 +00:00
Luke Taylor 81ebd094ff OPEN - issue SEC-808: Switch namespace schema version to 2.0.1 and update spring.schemas 
http://jira.springframework.org/browse/SEC-808. Replaced 2.0 text with that from the 2.0 release, rather than the website schema.
 2008-04-29 18:59:25 +00:00
Luke Taylor 473f6a32c6 OPEN - issue SEC-808: Switch namespace schema version to 2.0.1 and update spring.schemas 
http://jira.springframework.org/browse/SEC-808. Created new 2.0.1 schema files and updated tests to use them.
 2008-04-29 18:53:33 +00:00
Luke Taylor 8281aeb0da SEC-807: Allow mapping to a standard Ldap UserDetails through the namespace 
http://jira.springframework.org/browse/SEC-807. Added extra test for Ldap provider parser.
 2008-04-29 18:01:59 +00:00
Luke Taylor e4b32b8d29 OPEN - issue SEC-807: Allow mapping to a standard Ldap UserDetails through the namespace 
http://jira.springframework.org/browse/SEC-807. Added support for user-details-class attribute to ldap-authentication-provider and ldap-user-service.
 2008-04-29 16:53:24 +00:00
Luke Taylor 104716fedb SEC-805: Add extra fields to InetOrgPerson 
http://jira.springframework.org/browse/SEC-805. Added a substantial number of new fields to the class.
 2008-04-29 14:39:58 +00:00
Luke Taylor 49bec559a9 SEC-804: Added notes to LDAP section to explain how to customize returned UserDetails 2008-04-29 10:57:52 +00:00
Luke Taylor f96fa66a60 Added Michael Mayr to contributors list 2008-04-29 10:56:47 +00:00
Luke Taylor ef112f7967 Fixed autoboxing problem. 2008-04-28 15:26:20 +00:00
Luke Taylor 341455cde4 SEC-799: Import cleaning following other changes. 2008-04-28 15:19:25 +00:00
Luke Taylor 2d692718e0 SEC-799: Add better detection of missing server-ref element for <ldap-user-service> and <ldap-authentication-provider /> 
http://jira.springframework.org/browse/SEC-799. Updated ContextSourceSettingPostProcessor to set the standard ContextSource as an alias if it is needed by a bean but has not been set (because the user specified their own server id on <ldap-server />).
 2008-04-28 15:01:20 +00:00
Luke Taylor 270fa92780 Improved Javadoc comment 2008-04-28 09:20:37 +00:00
Luke Taylor 0c28845d4e SEC-787: Converted SQL in BasicLookupStrategy to lower case to make it consistent with other classes. 2008-04-26 13:08:31 +00:00
Luke Taylor d3a0f05de9 SEC-783: GlobalMethodSecurityBeanDefinitionParser should support AfterInvocationProviders 
http://jira.springframework.org/browse/SEC-783. Added support for custom-after-invocation-provider
 2008-04-25 12:28:30 +00:00
Luke Taylor 348d211b8c SEC-797: Minor javadoc correction. 2008-04-24 23:12:55 +00:00
Luke Taylor d1e23b3d2c SEC-783: Added custom-after-invocation-provider element to namespace. 2008-04-24 02:02:23 +00:00
Luke Taylor 1090072fff SEC-795: Add check for protected login page when using namespace 
http://jira.springframework.org/browse/SEC-795. I've added checks for the various scenarios which will result in a protected login page and suitable warning messages.
 2008-04-24 01:59:19 +00:00
Luke Taylor 882509fb2a Renamed context file 2008-04-24 00:27:37 +00:00
Luke Taylor 5d51b35cfa SEC-792: Filters should only be added to the default stack if they are labelled using custom-filter. 
http://jira.springframework.org/browse/SEC-792. Updated FilterChainProxyPostProcessor to raise an exception if two filters have the same order, and also to unwrap wrapped filters once the sorting by order has been performed.
 2008-04-23 23:19:44 +00:00
Luke Taylor eba18675fc Removed old acegi file from tutorial sample as it's causing confusion with users. 2008-04-23 21:08:41 +00:00
Luke Taylor 38774ec94f SEC-792: Filters should only be added to the default stack if they are labelled using custom-filter. 
http://jira.springframework.org/browse/SEC-792. The filters are now maintained as a list in the context and have to be stored there explicitly on registration.
 2008-04-23 16:06:54 +00:00
Luke Taylor 80cd7f4acc Removed accidental commit of tutorial context file 2008-04-23 13:13:56 +00:00
Luke Taylor c184d2d8c5 Added 'heavyduty' sample to sandbox for testing 2008-04-23 13:11:26 +00:00
Luke Taylor 01185475a1 OPEN - issue SEC-793: ldap-authentication-provider element parser ignores hash attribute. 
http://jira.springframework.org/browse/SEC-793. Added support for hash attribute. password-encoder still takes precendence with a warning if both are present.
 2008-04-23 12:50:09 +00:00
Luke Taylor 7e63fe7357 SEC-790: DefaultLoginPageGeneratingFilter should be a better HTTP citizen 
http://jira.springframework.org/browse/SEC-790. Applied submitted patch.
 2008-04-23 00:41:52 +00:00