Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-30 22:28:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,618 Commits 48 Branches 362 Tags
Commit Graph

2618 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Luke Taylor
43b51ca64d SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added support to namespace.
 2008-03-26 12:00:58 +00:00
Luke Taylor
2af2f299cb SEC-689: Further tests, logging improvements. 2008-03-26 00:00:56 +00:00
Luke Taylor
a29842a467 SEC-689: Tests for SessionFixationProtectionFilter 2008-03-25 23:24:38 +00:00
Luke Taylor
8f5bcb64a6 SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added a general SessionFixationProtectionFilter which can be added to the filter stack to detect when a user has been authenticated and then migrate them to a new session. Also added support to <http/> namespace element.
 2008-03-25 22:32:26 +00:00
Luke Taylor
83bcc6ad7c Removed loggers from subclasses of SpringSecurityFilter in favour of using base class logger. 2008-03-25 14:51:34 +00:00
Ben Alex
0860333a3f SEC-733: AspectJ Pointcut Expression Parsing support. 2008-03-25 08:28:53 +00:00
Ben Alex
f4eb15b08b SEC-428: Tests to prove proxy-target-class="true" works. 2008-03-24 23:10:01 +00:00
Luke Taylor
f8b5000d40 SEC-428: Make sure context is cleared before running test. 2008-03-24 22:56:43 +00:00
Luke Taylor
18fef571c3 Import cleaning. 2008-03-24 22:44:42 +00:00
Luke Taylor
028af06d61 SEC-428: Security interceptor does not work with schema based aop:config 
http://jira.springframework.org/browse/SEC-428. Fixed broken test method.
 2008-03-24 22:43:08 +00:00
Luke Taylor
a375d8e59e SEC-428: Added test 2008-03-24 20:50:58 +00:00
Luke Taylor
1dd5f42142 Adding svn keywords, correcting typos etc. 2008-03-24 20:48:45 +00:00
Scott Battaglia
ed645958fa per email with Ben and Luke removed cas-adapter and reworked cas module to just be the CAS client code. 2008-03-24 20:24:33 +00:00
Ben Alex
9a4977ebd1 SEC-99/428/429/563: Various refactoring of method security metadata support. 2008-03-24 09:40:13 +00:00
Ben Alex
beba7221cf Update dependency versions and POM structure. 2008-03-24 09:16:12 +00:00
Ben Alex
f67c7bcb38 Update dependency versions and POM structure 2008-03-24 09:06:46 +00:00
Ben Alex
6ab301981c Update dependency versions and POM structure. 2008-03-24 09:05:44 +00:00
Luke Taylor
9a02b9862e Fixed preauth sample configuration to match recent changes in naming in core code. 2008-03-23 23:03:28 +00:00
Luke Taylor
fe0e05a6c8 SEC-725: PasswordEncoderParser: <security:password-encoder> element does not pick up 'base64' attribute value 
http://jira.springframework.org/browse/SEC-725. Added fix as recommended in issue.
 2008-03-23 22:38:13 +00:00
Luke Taylor
b54e3978dc SEC-729: Organization of pom dependencies, particularly for servlet-api and jstl. Some other adjustments, removal of unrequired deps etc 2008-03-23 00:31:32 +00:00
Luke Taylor
3d0e0fcea5 fixed links in reference.xml 2008-03-23 00:16:34 +00:00
Luke Taylor
30a6abbe50 Tidied formatting of toString output for FilterBasedLdapUserSearch 2008-03-22 21:40:54 +00:00
Luke Taylor
162933155e Added implementation of GrantedAuthoritiesContainer to allow refactoring of duplication in various preauth details classes 2008-03-22 19:29:13 +00:00
Luke Taylor
2ea94e2cc9 Tidying imports etc 2008-03-22 11:44:28 +00:00
Luke Taylor
1d47945893 Added portlet and ldap samples to build 2008-03-22 11:43:24 +00:00
Luke Taylor
696e3c8034 Udated maven eclipse plugin version 2008-03-22 11:42:52 +00:00
Luke Taylor
69f2075872 SEC-722: Fix jstl versions in openID sample login page. 2008-03-22 00:05:53 +00:00
Luke Taylor
563dabda2f SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added OpenIDProvider to bean registry and fixed login page generator to use correct URL for OpenID. Added user-service-ref to namespace element. Changed OpenID sample to use <openid-login />.
 2008-03-21 23:47:09 +00:00
Luke Taylor
b89dbc6060 Import cleaning 2008-03-21 21:51:48 +00:00
Luke Taylor
9871685ea3 SEC-722: Fixed problem with empty loginpage string (rather than null) preventing default login page filter from being added to the stack. 2008-03-21 21:50:26 +00:00
Luke Taylor
b73736ffaf Updated example configuration in javadoc for LdapAuthenticationProvider. 2008-03-21 17:12:22 +00:00
Luke Taylor
037ccd5eaa Removed eclipse settings directory 2008-03-21 13:53:36 +00:00
Ben Alex
16ea8faa0d SEC-727: Ensure SecurityConfig cannot be constructed unsafely; also update SecurityConfigTests to JUnit 4. 2008-03-21 02:15:47 +00:00
Ben Alex
119cc9ff04 Remove notice.txt due to mvn eclipse:eclipse issues with import from parent directory. 2008-03-21 01:22:31 +00:00
Luke Taylor
5466fe0022 Added servlet api dep to captcha and cas 2008-03-20 21:33:45 +00:00
Luke Taylor
acc22b2745 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added check for MAIN_ENTRY_POINT bean when resolving entry points. If this has been set during parsing it will be used.
 2008-03-20 20:11:34 +00:00
Luke Taylor
815f04b6c3 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added element to namespace and modified form login parser to handle open id element. Also added openID support to login page generator.
 2008-03-20 20:05:11 +00:00
Luke Taylor
b62ad5b097 SEC-722: Changed openID filter to use its owen ordering value as it may be used together with form login. 2008-03-20 19:55:32 +00:00
Luke Taylor
bbc5fea598 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added extra constants for OpenID support.
 2008-03-20 19:51:59 +00:00
Luke Taylor
d333655b0b Updated to commons logging 1.1.1 to get rid of servlet api dependency in their pom 2008-03-20 19:43:55 +00:00
Luke Taylor
56b967f935 Removed filer name duplication in rnc file. 2008-03-20 15:10:21 +00:00
Luke Taylor
a65b5a9ed8 Corrected separators between http method strings in rnc file. 2008-03-20 14:56:02 +00:00
Luke Taylor
8f379768a8 SEC-720: Design for extension: PreAuthenticatedGrantedAuthoritiesUserDetailsService 
http://jira.springframework.org/browse/SEC-720. Added createUserDetails method to allow custom UserDetails object t be created.
 2008-03-19 18:29:38 +00:00
Luke Taylor
f3a6f768ba SEC-724: Create portlet sample 
http://jira.springframework.org/browse/SEC-724
 2008-03-19 17:58:07 +00:00
Luke Taylor
030550a88e Applied XSL transform to XSD file 2008-03-19 17:04:39 +00:00
Luke Taylor
2a0a041386 SEC-719: removed explicit toString() call to prevent NPE when userInfo is null 2008-03-19 16:15:45 +00:00
Luke Taylor
b78bd3ed4f SEC-719: Change default value of useAuthTypeAsCredentials to true to prevent tests breaking 2008-03-19 16:02:52 +00:00
Luke Taylor
5de0f3b8f0 SEC-719: Refactor portlet code to make more use of core classes 
http://jira.springframework.org/browse/SEC-719. Rewrote provider as a preauthenticated provider.
 2008-03-19 15:45:42 +00:00
Luke Taylor
f8d855f1a2 SEC-716: Default (non-web) AuthenticationDetailsSource implementation. 2008-03-18 18:45:38 +00:00
Luke Taylor
c9ff912b2f SEC-723: Change PreAuthenticatedAuthenticationProvider to reject authentication tokens with null credentials. Also introduced a property "throwExceptionWhenTokenIsRejected" which raises a BadCredentialsException when the toke is invalid. 2008-03-18 18:29:48 +00:00