761d5af6ec
SEC-965: Added integration tests for CAS Sample Application
2011-04-17 18:14:14 -05:00
f1c064b3b9
SEC-965: Updated CAS Sample application for proxy authentication
...
* Configured for proxy authentication
* Cleaned up the jsps
* Changed the cas sample context root to cas-sample so the CAS Server's JSESSIONID cookie doesn't remove the cas samples
2011-04-17 18:00:37 -05:00
a76a947b12
SEC-965: Added support for CAS proxy ticket authentication on any URL
2011-04-17 18:00:35 -05:00
373d07ce46
SEC-1181: Added mock testing, to avoid need for AD server
2011-04-15 20:10:48 +01:00
6db7472928
SEC-1181: Added extra I18N messages for LDAP locked, disabled etc.
2011-04-15 20:10:48 +01:00
59ac4c8b96
SEC-1181: Added option to parse AD sub-error codes.
2011-04-15 20:10:48 +01:00
428991d997
Some additional tests to confirm there are no issues with spaces in LDAP URL.
2011-04-15 20:10:48 +01:00
530f686149
SEC-1181: Basic AuthenticationProvider for Active Directory.
2011-04-15 20:10:47 +01:00
4dc5d7d16e
Typo.
2011-04-14 18:04:38 +01:00
8d702a4f98
SEC-1699: Make sure a FilterInvocation is passed to the AccessDecisionManager when checking the login page access in DefaultFilterChainValidator.
2011-04-14 18:04:29 +01:00
acf4b91a89
SEC-1674: Test to check that absolute URLs work in SimpleUrlLogoutSuccessHandler.
2011-04-14 15:06:05 +01:00
f9625836bb
Typo in Javadoc.
2011-04-14 15:04:37 +01:00
ef72dd1986
SEC-1714: RegexRequestMatcher should prepend question mark to query string.
2011-04-11 14:02:54 +01:00
49dd928faa
SEC-1712: Javadoc typo fix.
2011-04-08 17:24:12 +01:00
160fed1bfe
SEC-1713: Fix typo in schema RNC file.
2011-04-08 17:22:57 +01:00
5c05575c0d
Cleaned up warnings in openid module
2011-04-07 23:28:34 -05:00
68ba11ba7b
SEC-1711: Support verifying that attribute exchange parameters were signed
2011-04-07 23:28:34 -05:00
62ba0fca5c
SEC-1710: Added shutdown method to OpenID4JavaConsumer that invokes MultiThreadedHttpConnectionManager.shutdownAll()
2011-04-07 23:28:05 -05:00
3f1d8782c3
Minor fix to bundlor template for config module.
2011-04-06 14:02:01 +01:00
01c9c4e4db
SEC-1697: Don't publish authorization success events in AbstractSecurityInterceptor by default.
2011-04-06 13:58:58 +01:00
74b0c1780e
SEC-1707: Added metadata-source-ref attribute to namespace appendix.
2011-04-05 15:25:49 +01:00
8d99918798
SEC-1491: Add support for an external priority SecurityMetadataSource to be referenced from global-method-security.
2011-04-05 15:07:43 +01:00
3084ad878f
SEC-1491: Added AnnotationMetadataExtractor to SecuredAnnotationSecurityMetadataSource to allow a custom security annotation to be used.
2011-04-04 19:48:27 +01:00
244047ffe9
Delete unused test entities.
2011-04-04 18:39:57 +01:00
ead669f10c
Move single-use annotation test classes into SecuredAnnotationSecurityMetadataDefinitionSourceTests.
2011-04-04 18:25:25 +01:00
ddaf9eb64f
SEC-1705: Make sure a single OpenIDAuthenticationFilter bean is created by the namespace. Likewise for UsernamePasswordAuthenticationFilter.
2011-03-31 21:09:54 +01:00
79e17e22bc
SEC-1703: Updated namespace for intercept-url
2011-03-29 21:58:29 -05:00
d9d5ee1114
SEC-1703: Updated cas custom-filter@ref to match example bean id and custom-filter@position to be CAS_FILTER
2011-03-29 20:13:07 -05:00
9c88576992
Added extra FAQ on "Bad Credentials" message and on testing LDAP authentication. Minor mods to LDAP doc.
2011-03-29 15:30:08 +01:00
78d5495945
SEC-1702: Add Burt's patch implementing hashcode method in AntPathRequestMatcher
2011-03-25 20:44:18 +00:00
4a1908188a
SEC-1701: Trim claimed identity parameter value before submitting to OpenID4Java.
2011-03-25 19:13:06 +00:00
236efadfb7
SEC-1698: Update documentation to use correct package for RequestHeaderAuthenticationFilter
2011-03-16 23:53:29 -05:00
1dc309b041
SEC-1689: Minor doc updates related to use of password encoding and the crypto package.
2011-03-17 01:45:19 +00:00
e470eaa41d
SEC-1689: Moved core codec code into crypto package and removed existing duplication (Hex encoding etc). Refactoring of crypto code to use CharSequence for where possible instead of String.
2011-03-17 01:43:31 +00:00
3a3b2df1c5
Minor rewording of "child web context" FAQ.
2011-03-13 20:45:22 +00:00
bb3b8e4683
Update AspectJPlugin to configure EclipseProject and EclipseClasspath tasks
2011-03-12 18:46:17 -06:00
315c225bcb
Removed unused aspectj gradle file
2011-03-10 23:04:25 +00:00
4654f7065a
SEC-1693: Expand upper bound on EHCache OSGi version to version 2.5
2011-03-10 19:38:04 +00:00
9c09f0b73d
Remove unnecessary repos from main build file (EBR should only be needed for bundlor) and we generally have no need to build against snapshots other than for one-off testing.
2011-03-10 19:36:10 +00:00
50828cdd43
SEC-1689: Move crypto module code to core for simplicity.
2011-03-10 18:58:47 +00:00
a25d131f21
Some doc clarifications on the use of UserDetailService vs AuthenticationProvider.
2011-03-10 16:12:16 +00:00
b26f2309f4
Add paragraph to manual database appendix to clarify that the standard schema is completely optional if you aren't using JdbcDaoImpl.
2011-03-10 13:41:44 +00:00
9cf8ba02ba
Adding some extra section IDs in namespace appendix to provide bookmarkable URLs.
2011-03-10 13:15:58 +00:00
ccc548b9e4
Fixing bundlor warnings.
2011-03-08 16:20:37 +00:00
5a6afbff95
SEC-1688: Allow injection of a PasswordEncoder from the crypto module into DaoAuthenticationProvider.
2011-03-08 16:20:26 +00:00
885f0270dc
Some adjustments to the core build to make sure crypto classes are correctly exported to other tasks.
2011-03-08 16:19:51 +00:00
57c3afd31a
SEC-1689: Adjust manual to remove references to separate crypto module.
2011-03-08 12:58:28 +00:00
a50c9afbab
Modified jaas sample's LoginModule to prevent empty string username/password
2011-03-07 22:25:19 -06:00
9e5d35235c
Made the principal for jaas sample serializable
2011-03-07 22:25:16 -06:00
6983b166d8
Configure Eclipse wtp to use the same context root as jetty
2011-03-07 22:12:13 -06:00
Rob Winch
Luke Taylor