Commit Graph

218 Commits

Author SHA1 Message Date
Rob Winch d85c0395bb Fix checkstyle import into Eclipse
Issue gh-3747
2016-03-14 09:19:55 -05:00
Rob Winch 7de4e59167 Auto Import Eclipse Settings
Fixes gh-3747
2016-03-14 00:15:15 -05:00
Rob Winch 6bd16fc686 Extract ide.gradle
Issue gh-3747
2016-03-14 00:15:14 -05:00
Rob Winch b52ffe038e Add Checkstyle
Fixes gh-3746
2016-03-14 00:15:13 -05:00
Rob Winch 5775f7bd80 Update to Gradle 2.10
Do not use Gradle 2.11 as it causes issues with
Eclipse import

Fixes gh-3745
2016-03-13 20:11:29 -05:00
Rob Winch bb600a473e Start AssertJ Migration
Issue gh-3175
2016-03-09 14:26:30 -06:00
Justine Tunney 3bbcbaae9c Upgrade Apache Commons Collections to v3.2.2
Version 3.2.1 has a CVSS 10.0 vulnerability. That's the worst kind of
vulnerability that exists. By merely existing on the classpath, this
library causes the Java serialization parser for the entire JVM process
to go from being a state machine to a turing machine. A turing machine
with an exec() function!

https://commons.apache.org/proper/commons-collections/security-reports.html
http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
2016-03-08 08:56:01 -06:00
Rob Winch fc75a679d9 Polish SCryptPasswordEncoder
* JKD8 Base64 -> Spring Security's Base64 to continue to support older JDKs
* Spaces to tabs
* Javadoc cleanup
* Remove of @Override to compile in Eclipse

Issue gh-3702
2016-03-03 14:06:08 -06:00
Rob Winch 3480e3c05c Remove check.dependsOn springSnapshotTest 2015-12-21 16:09:59 -06:00
Rob Winch 3a8aec0c2f SEC-3178: Update to JUnit 4.12 2015-12-21 14:53:07 -06:00
Rob Winch e66eb539cc SEC-3173: Update to cas-client-3.4.1 2015-12-15 09:50:54 -06:00
Rob Winch c8f598778f Polish snasphot -> snapshot 2015-09-25 15:29:04 -05:00
Rob Winch 5ac13eb905 SEC-3079: Update to Gradle 2.6 2015-08-19 16:05:54 -05:00
Rob Winch 7914b96e23 SEC-3077: Update to Groovy 2.4.4 2015-08-19 16:05:14 -05:00
Andy Wilkinson 92c23fbbdc Upgrade to a version of Powermock that’s compatible with JUnit 4.12 2015-07-13 15:42:50 -05:00
Rob Winch 848523e47a SEC-3029: Add springSnapshotTests
Test against Spring Framework's latest Snapshots
2015-07-07 22:43:06 -05:00
Rob Winch 7b4a37f27e SEC-2967w: Update to Gradle 2.4 2015-05-07 10:16:07 -05:00
Rob Winch 7000652fd1 SEC-2927: No Dependency Management for Bom 2015-04-20 17:06:01 -05:00
Rob Winch a1ff94a34e SEC-2922: Specify Version in Manifest 2015-04-20 16:39:53 -05:00
Rob Winch d5dfeeca49 SEC-2927: Update chat-jc pom so Maven Builds
Previously there were some incorrect dependency versions. This commit fixes
that.

We added dependencyManagement for Spring Framework and corrected
Thymeleaf and embedded redis versions.
2015-04-20 15:53:26 -05:00
Rob Winch 0a2e496a84 SEC-2915: groovy/gradle spaces->tabs 2015-03-25 13:08:59 -05:00
Rob Winch 37740cd020 SEC-2861: Add WebSocket Documentation & Sample 2015-02-24 10:29:47 -06:00
Rob Winch c7718a1286 SEC-2857: Update to Gradle 2.3 2015-02-18 10:00:22 -06:00
Rob Winch 11116c2b80 SEC-2787: Update Versions 2014-12-10 16:37:19 -06:00
Rob Winch c67ff42b8a SEC-2783: XML Configuration Defaults Should Match JavaConfig
* j_username -> username
* j_password -> password
* j_spring_security_check -> login
* j_spring_cas_security_check -> login/cas
* j_spring_cas_security_proxyreceptor -> login/cas/proxyreceptor
* j_spring_openid_security_login -> login/openid
* j_spring_security_switch_user -> login/impersonate
* j_spring_security_exit_user -> logout/impersonate
* login_error -> error
* use-expressions=true by default
2014-12-08 15:09:15 -06:00
Rob Winch b56e5edbbd SEC-2784: Fix build plugins 2014-12-08 14:24:34 -06:00
Rob Winch 87a52ffbfd SEC-2784: Update to Gradle 2.2.1 2014-12-08 13:29:07 -06:00
Rob Winch dfa17bdb98 SEC-2747: Remove spring-core dependency from spring-security-crypto 2014-11-20 16:16:22 -06:00
Rob Winch 02c3565e22 Fix compiling in Eclipse 2014-09-16 10:18:46 -05:00
Rob Winch 6321665353 SEC-2676: Update to Spring Data Evans RC1 2014-08-15 20:46:59 -05:00
Rob Winch 1f861f512a SEC-2676: Add SpEL Spring Security Integration 2014-07-29 20:04:37 -05:00
Rob Winch 47e02c41b6 SEC-2647: IntelliJ testSourceDirs 2014-06-17 16:38:43 -05:00
Rob Winch ec1c5b0e78 SEC-2622: Set classesDirectory if exists for integrationTomcatRun 2014-06-13 12:22:01 -05:00
Rob Winch 41c19e88b2 SEC-2646: Use Gradle Wrapper with source code 2014-06-13 11:20:22 -05:00
Rob Winch 10c4d8f1af SEC-2651: Update Thymeleaf to Spring 4 variants in samples 2014-06-12 16:48:04 -05:00
Rob Winch 82e89db1c8 SEC-2622: Add integration test support to samples 2014-06-12 12:14:37 -05:00
Rob Winch fb25273672 SEC-2617: Fix JSTL Samples 2014-06-12 12:01:04 -05:00
Rob Winch b13603f480 SEC-2649: Update to Tomcat 7.0.54 2014-06-12 11:48:05 -05:00
Rob Winch 26ffbeadf0 SEC-2647: Add integration test classpath in IntelliJ 2014-06-12 11:37:42 -05:00
Rob Winch e86cbc8731 SEC-2646: Update to Gradle 1.12 2014-06-12 11:33:58 -05:00
Rob Winch 26db320d3c SEC-2579: Ignore springio props in release checks 2014-05-21 14:04:41 -05:00
Rob Winch e6e35932ed SEC-2603: Fix config groovy integration tests 2014-05-20 23:15:39 -05:00
Rob Winch 76bf378077 SEC-2580: Include ApacheDS in samples/ldap-xml 2014-05-01 11:28:27 -05:00
Rob Winch 00e1094178 Add springio-platform plugin 2014-04-23 14:35:22 -05:00
Rob Winch ccf96a4d69 SEC-2542: Polish dependency exclusions
This cleans up exclusions so the pom.xml are not as cluttered.
2014-04-02 09:47:29 -05:00
Rob Winch 3118e39de8 SEC-2542: Use exclusions to remove duplicate dependencies
A number of projects had duplicate dependencies on their classpaths
as a result of the same classes being available in more than one
artifact, each with different Maven coordinates. Typically this only
affected the tests, but meant that the actual classes that were
loaded was somewhat unpredictable and had the potential to vary
between an IDE and the command line depending on the order in which
the aritfacts appeared on the classpath. This commit adds a number of
exclusions to remove such duplicates.

In addition to the new exclusions, notable other changes are:

 - Spring Data JPA has been updated to 1.4.1. This brings its
   transitive dependency upon spring-data-commons into line with
   Spring LDAP's and prevents both spring-data-commons-core and
   spring-data-commons from being on the classpath
 - All Servlet API dependencies have been updated to use the official
   artifact with all transitive dependencies on unofficial servlet API
   artifacts being excluded.
 - In places, groovy has been replaced with groovy-all. This removes
   some duplicates caused by groovy's transitive dependencies.
 - JUnit has been updated to 4.11 which brings its transitive Hamcrest
   dependency into line with other components.

There appears to be a bug in Gradle which means that some exclusions
applied to an artifact do not work reliably. To work around this
problem it has been necessary to apply some exclusions at the
configuration level

Conflicts:
	samples/messages-jc/pom.xml
2014-04-02 09:47:26 -05:00
Rob Winch 6be4e3a9fc SEC-2506: Remove Bundlor Support 2014-03-05 13:32:16 -06:00
Rob Winch 4a1a2dfed4 Update min Spring version of 4.0.2.REELASE 2014-02-19 11:16:57 -06:00
Rob Winch e17adad878 SEC-2469: Support Spring LDAP 2.0.1+ 2014-02-12 08:11:26 -06:00
Rob Winch 2df5541905 SEC-2448: Update to HSQL 2.3.1 2013-12-14 10:19:06 -06:00
Rob Winch 4708287ad3 SEC-2444: Convert Java Config samples to thymeleaf and tiles 2013-12-13 15:47:28 -06:00
Rob Winch 6f9085dd5d SEC-2435: Update to Gradle 1.10-rc-2 2013-12-11 17:52:41 -06:00
Rob Winch 0da9b6c64b Update to spring.io 2013-12-09 16:51:45 -06:00
Rob Winch 4672c2a1f7 SEC-2430: Add Maven BOM 2013-12-09 15:51:49 -06:00
Rob Winch 548ed4e14a Update samples to declare repository already added 2013-12-06 14:46:52 -06:00
Rob Winch 6be4de854a Ensure artifactory uses customized pom 2013-12-06 14:46:52 -06:00
Rob Winch 74a6303b6f SEC-2385: Document how to use with Spring 4 2013-12-04 12:38:45 -06:00
Rob Winch 209cf317d6 SEC-2411: Update to Gradle 1.9 2013-11-25 16:57:42 -06:00
Rob Winch e657f89662 Remove checkRepositories 2013-11-01 09:32:24 -05:00
Rob Winch fa3d303f79 Remove repository release checks since init script adds automatically 2013-10-29 16:48:23 -05:00
Rob Winch 76a8bbe98d SEC-2354: Add failOnMissingWebXml=false to sample pom.xml 2013-10-07 08:12:35 -05:00
Rob Winch 88f41cdf62 SEC-2341: Update to Gradle 1.8
Some dependencies were necessary to update due to issues with JUnit
integration.
2013-09-24 15:35:51 -05:00
Rob Winch c156716be8 Ensure single version of org.slf4j 2013-09-18 16:13:03 -05:00
Rob Winch 53a0db6be1 SEC-2313: Gradle javadoc hotfix 2013-09-11 15:30:50 -07:00
Rob Winch 7203faf34f SEC-2300: Update Spring LDAP version to 1.3.2.RELEASE 2013-08-31 11:26:43 -05:00
Rob Winch 3d2f23602f SEC-2294: Update Spring Version to 3.2.4.RELEASE 2013-08-31 11:26:43 -05:00
Rob Winch ae368829f4 Tweak PermGen for tests 2013-08-28 13:30:25 -05:00
Rob Winch e1dfa81a0f GRADLE-1116: Add back workaround for depending on test sources 2013-08-13 09:13:02 -05:00
Rob Winch 337c3cf96c SEC-2255: Update to Gradle 1.7 2013-08-08 16:31:36 -05:00
Rob Winch 54bf6c846b SEC-2097: Remove configure() blocks from gradle/*.gradle 2013-08-08 16:29:43 -05:00
Rob Winch 976d9a9016 SEC-2194: Polish java config sample apps 2013-08-08 14:33:54 -05:00
Rob Winch 1f86d5dad9 SEC-2097: Add Tomcat Gradle plugin 2013-08-05 16:49:34 -05:00
Rob Winch 343a76de13 Use eclipse-wtp instead of eclipse in java projects 2013-08-05 16:49:34 -05:00
Rob Winch 6a1a6b080f No longer using Eclipse classpath container, so remove workarounds for it 2013-08-05 16:49:34 -05:00
Rob Winch ab2b461075 Gradle workaround for test source being deployed 2013-08-05 16:49:34 -05:00
Rob Winch 9d58317731 Use included configuration instead of sourceSets.main.output
Previously the crypto module was not exported in Eclipse because it was
listed as a test dependency to have it added as a dependency. Note that
this was all to work around GRADLE-1116

Now we add an included configuration that is exported for Eclipse, but not
added to the Maven pom (since all the crypto module is included in core).
2013-08-05 16:49:34 -05:00
Rob Winch 388a4dd9db SEC-2194: Add Java Config samples 2013-08-05 16:49:33 -05:00
Rob Winch 5e6ca12b01 SEC-2097: Update integrationTestCompile to use optional and provided
Also update slf4j version and remove explicit commons-logging from pom generation
2013-07-16 15:59:06 -05:00
Rob Winch 7d9f0d688a SEC-2207: Workaround for GRADLE-1116 2013-07-16 15:15:47 -05:00
Rob Winch 41b64e05d0 SEC-2211: check.dependsOn integrationTest 2013-07-16 15:15:47 -05:00
Rob Winch faa8b354b7 SEC-2209: add pom.xml 2013-07-16 15:15:47 -05:00
Rob Winch e5fc063680 SEC-2206: Gradle Propdeps 2013-07-16 15:15:42 -05:00
Rob Winch 07c3fdf8a7 SEC-2195: Update Groovy, Geb, Spock, httpcomponents, and Jetty 2013-07-16 15:02:39 -05:00
Rob Winch 1705c5d796 SEC-2207: Update Gradle to 1.6 2013-07-16 15:02:39 -05:00
Rob Winch 3c178a339e remove snapshot repo references 2013-07-01 13:00:57 -05:00
Rob Winch d0c4e6ca72 SEC-1953: Spring Security Java Config support
This is the initial migration of Spring Security Java Config from the
external project at
https://github.com/SpringSource/spring-security-javaconfig
2013-06-30 17:28:33 -05:00
Jean-Pierre Bergamin c02a1486c0 SEC-2118: Fixing spring and aspectj OSGi version ranges [3.2, 3.2) -> [3.2, 3.3) 2013-02-25 17:05:29 -06:00
Rob Winch 7edb1089a8 SEC-2096: Added release-checks 2012-12-18 15:15:46 -06:00
Rob Winch ebb82e1aa9 SEC-2096: Update to Spring 3.2.0.RELEASE 2012-12-18 15:15:46 -06:00
Rob Winch eaf4843474 Update to Gradle 1.3 2012-11-30 16:33:44 -06:00
Rob Winch 1ed643ca1f SEC-1998: Provide integration with WebAsyncManager#startCallableProcessing
Support integration of the Spring SecurityContext on Callable's used with
WebAsyncManager by registering SecurityContextCallableProcessingInterceptor.
2012-11-28 17:56:03 -06:00
Rob Winch 30780baf24 Externalize powermock dependencies for reuse 2012-11-08 22:49:20 -06:00
Rob Winch f61fab3509 Add fest-assert as default test dependency 2012-11-08 22:49:20 -06:00
Rob Winch ea6b444770 update to spring snapshot dependencies 2012-11-08 22:49:20 -06:00
Rob Winch ace6b804f7 Update to 3.2.x and added eclipse suffix to eclipse projects 2012-11-02 10:48:50 -05:00
Rob Winch c0dfb70ca0 Added generatePom task
This can be used to generate the pom.xml for adding the Spring Security
snapshot jars as a Maven Dependency to another project. For example,
if mywebapp requires the Spring Security 3.1.4.CI-SNAPSHOT jars one
could generate the pom.xml files and then use that to convert the project
into a valid Maven project within the IDE. Then the SNAPSHOT dependendies
could be added to mywebapp. This prevents the need to install the SNAPSHOT
dependencies in the local Maven repository.
2012-11-01 15:18:10 -05:00
Rob Winch 9e35e4aab4 Upgrade to Gradle 1.2 2012-09-21 14:19:24 -05:00
Rob Winch 191fc9c8be Update to Gradle 1.1 2012-09-04 10:14:19 -05:00
Rob Winch ab3031c8b9 SEC-1995: More Maven Central validation changes
Added developer information to the poms.
2012-08-09 23:43:07 -05:00
Rob Winch 5174a8020d SEC-1995: Maven Central validation changes
Ensure projects have the following so that Maven Central publishing works

  - Project name
  - Project description
  - Project URL
  - SCM information
  - Javadoc jar
2012-08-09 23:11:58 -05:00