Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-11-04 00:28:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,638 Commits 48 Branches 362 Tags
Commit Graph

3195 Commits

Author SHA1 Message Date
Luke Taylor
48e2c38736 SEC-536: Added account status checking to Cas provider 2008-02-15 18:14:57 +00:00
Luke Taylor
04e187d1a7 Tiding up code in acl package (formatting, reduction onf nesting etc). 2008-02-15 18:09:26 +00:00
Luke Taylor
5e204e23f3 SEC-536: Introduced UserDetailsChecker strategy to extract code for checking status of accounts and allowing variation in pre/post authentication checks made by AbstractUserDetailsAuthenticationProvider 2008-02-15 18:05:12 +00:00
Luke Taylor
da90b81e16 Corrected toString output (using "username" instead of "principal") 2008-02-15 17:15:20 +00:00
Luke Taylor
48e2d5ad62 Refactored AbstractSecurityInterceptor, extracting method authenticateIfRequired(); 2008-02-15 17:05:58 +00:00
Luke Taylor
a930ce2bf6 SEC-577: Correct javadocs for switch user 2008-02-15 14:34:46 +00:00
Luke Taylor
985818ae2c SEC-581: Copy authentication details to CAS result token 2008-02-15 14:11:56 +00:00
Ben Alex
bdc791649d SEC-656: Provide ability to dependency inject additional exception to event mappings, rather than require subclassing. 2008-02-15 11:56:53 +00:00
Andrei Stefan
afca3d8adc tidying up changes 2008-02-15 10:56:05 +00:00
Andrei Stefan
24ff891fea tidying up changes 2008-02-15 10:55:27 +00:00
Andrei Stefan
69c2f31aa7 SEC-532: AclImpl tests class 2008-02-15 10:53:23 +00:00
Andrei Stefan
0eff5afc8f SEC-532: small bug-fix 2008-02-15 10:39:25 +00:00
Ben Alex
c65ec2aa38 Make authentication-failure-url attribute optional. 2008-02-12 17:40:49 +00:00
Andrei Stefan
b84c812305 SEC-532: added method that reproduces bug in SEC-590 2008-02-12 16:28:33 +00:00
Andrei Stefan
0dae2a2dfc SEC-532: added test methods; one method reproduces bug in SEC-590 2008-02-12 16:20:48 +00:00
Luke Taylor
ae28169383 SEC-482: Load AclService implementations from parent app contexts. 2008-02-10 12:42:06 +00:00
Luke Taylor
f0ec1eeabd Tidying. 2008-02-09 15:39:16 +00:00
Luke Taylor
3c775b5d0d Added access-decision-manager-ref attribute to intercept-methods element. Made interceptor bean autowired by default to pick up AfterInvocationManager. 2008-02-09 15:38:31 +00:00
Luke Taylor
10ab4136d1 SEC-309: Patch for Authentication tag to use property of authentication object, rather than invoking an operation on the principal. Allows use of nested properties. 2008-02-09 13:41:05 +00:00
Luke Taylor
e0d0cc20c7 SEC-665: Missed a method name... 2008-02-08 18:19:27 +00:00
Luke Taylor
bd5a64825d SEC-552: Replaced authorites populators in CAS and OpenID with a plain UserDetailsService 2008-02-08 13:23:43 +00:00
Luke Taylor
842c49c890 SEC-665: Renaming of rolemapping package to authoritymapping, and corresponding refactoring of classes. 2008-02-08 12:01:10 +00:00
Luke Taylor
549de2927e SEC-641: Avoid direct use of external classes in namespace parsing. 2008-02-07 15:03:27 +00:00
Luke Taylor
6e93ec92eb Added db creation message. 2008-02-07 13:35:27 +00:00
Luke Taylor
28153f2c7f Added TestDataSource class to cut down verbosity of in-memory test databases and to implement DisposableBean, so the database is destroyed when the application context containing it is closed. 2008-02-07 13:33:15 +00:00
Luke Taylor
208d1ee8e2 SEC-456: Added test class for UserDetailsServiceLdapAuthoritiesPopulator 2008-02-07 13:31:25 +00:00
Luke Taylor
9292317e1c Deleted unused context file. 2008-02-07 13:30:03 +00:00
Luke Taylor
b6d3ed135d SEC-456: Added class Javadoc 2008-02-06 17:24:45 +00:00
Luke Taylor
b2cc817835 SEC-456: Basic LDAP authorities populator that delegates to a UserDetailsService. 2008-02-06 17:22:27 +00:00
Luke Taylor
99621a225d SEC-481: Refactoring commence method of AuthenticationProcessingFilterEtryPoint to allow alternative redirect options. Extracted two methods, "buildRedirectUrlToLoginPage" and "buildHttpsRedirectUrlForRequest" and introduced a RedirectUrlBuilder class for assembling the URLs from schemes, ports etc. 2008-02-06 16:38:47 +00:00
Luke Taylor
adbf18a091 SEC-507: Updated JSR-250 impl to include better support for PermitAll and DenyAll as suggested by Ryan Heaton. Includes JSR-250 voter which is now used by AnnotationDriverbeanDefinitionParser. 2008-02-06 13:14:46 +00:00
Luke Taylor
c1895acb6b Changed package doc which mentioned adding filter to web.xml rather than filter chain. 2008-02-06 10:36:25 +00:00
Andrei Stefan
98ccaa61e7 SEC-532: test class for ObjectIdentityRetrievalStrategyImpl 2008-02-06 09:26:39 +00:00
Andrei Stefan
5d09f1264b SEC-532: Added test method for different hashCode calculation when different Serializable classes are used (the method is commmented as, now, it doesn't pass the test) 2008-02-06 09:26:05 +00:00
Andrei Stefan
419a7a6426 SEC-532: added more test methods for JdbcAclService implementation 2008-02-06 09:24:13 +00:00
Luke Taylor
2c0c731aaa SEC-552: Removed accidentally commited incomplete caching-related classes. 2008-02-05 16:59:41 +00:00
Luke Taylor
b82fbb698d SEC-641: Updated to set "source" values on BeanDefinitions where possible. 2008-02-05 14:48:39 +00:00
Luke Taylor
8859034d11 SEC-641: Reomove use of SecurityConfigException during parsing. 2008-02-05 11:46:27 +00:00
Luke Taylor
717ab0b3cc SEC-641: Replaced use of Assert with more tooling friendly calls to parserContext.getReaderContext().error() 2008-02-05 11:29:52 +00:00
Luke Taylor
abb6402cec Import cleaning. 2008-02-05 10:51:52 +00:00
Luke Taylor
84c7ac5e57 SEC-664: Removed validateUserDetails method from AbstractRememberMeServices, wrapped the UserDetailsService in a status-checking one and added a catch block for AccountStatusExceptions. Also some minor tidying up of other remember-me classes. 2008-02-04 21:26:07 +00:00
Luke Taylor
d3f26f09b6 Added support for locking user accounts in namespace <user-service> "user" elements (for use in testing). 2008-02-04 21:23:49 +00:00
Luke Taylor
2343577fec Update new X509 namespace config to use status checking of user accounts by default. 2008-02-04 19:43:09 +00:00
Luke Taylor
600ab04cc7 SEC-663: Added null check for pre-authenticated principal value (and skip authentication attempt if null). 2008-02-04 19:36:44 +00:00
Luke Taylor
3f1ab233dc SEC-662: Add check for a null authentication object returned by provider and skip passing it to session controller. 2008-02-04 19:27:12 +00:00
Andrei Stefan
9be3f20faa 2008-02-04 16:44:11 +00:00
Luke Taylor
1191701d8b SEC-372: Added switchFailureUrl to SwitchUserProcessingFilter. Also did some refactoring to use the StatusCheckingUserDetailsService decorator, rather than checking status internally. 2008-02-04 14:02:30 +00:00
Luke Taylor
424ac4f117 Commented out tests which are breaking build. 2008-02-02 22:03:35 +00:00
Luke Taylor
ab5d416e00 SEC-516: Make default SavedRequest a "GET" in test to prevent NPE. 2008-02-02 21:41:41 +00:00
Andrei Stefan
842dec0180 2008-02-01 15:35:20 +00:00