Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-01-10 16:37:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,575 Commits 49 Branches 369 Tags
Commit Graph

38 Commits

Author SHA1 Message Date
Luke Taylor
471206a29d SEC-1229: Redesign Concurrent Session Control implementation. Added ConcurrentSessionControlAuthenticatedSessionStrategy 2009-08-27 10:43:01 +00:00
Luke Taylor
ab0d66071a SEC-1226: Introduce RedirectStrategy to replace RedirectUtils. Implemented strategy and applied throughout relevant classes. 2009-08-27 10:42:11 +00:00
Luke Taylor
e6631be778 Import cleaning 2009-08-10 16:07:05 +00:00
Luke Taylor
6f76fe6fbb Import cleaning 2009-08-10 16:04:54 +00:00
Luke Taylor
f536c80020 SEC-1202: Removed SpringSecurityFilter and replaced with use of GenericFilterBean from spring-web 2009-08-10 14:18:18 +00:00
Luke Taylor
90d76373cc SEC-1142: Support for session timeout detection. Added redirect to invalidSessionUrl in SessionManagementFilter when an invalid session Id is supplied in the request. 2009-08-07 17:12:12 +00:00
Luke Taylor
3e6054b69f SEC-1211: Rename SessionFixationProtectionFilter to SessionManagementFilter, since it no longer performs session-fixation protection directly, but just executes the AuthenticatedSessionStrategy. 2009-07-29 00:52:30 +00:00
Luke Taylor
609a68b12a SEC-1077: Added DefaultAuthenticatedSessionStrategy test to check that saved request attribute is retained when migrateAttributes is false. 2009-07-28 23:47:26 +00:00
Luke Taylor
db90122179 SEC-1211: Create strategy for session handling on successful authentication. Added AuthenticatedSessionStrategy interface and default implementation which encapsulates the functionality that was previously in SessionFixationProtectionFilter and AbstractAuthentictationProcessingFilter. Updated the namespace to make use of these. 2009-07-28 18:00:24 +00:00
Luke Taylor
f404bb3d74 SEC-1167: Introduce more flexible SavedRequest handling. Separated the concept of SavedRequest from SecurityContextHolderAwareFilter since the two are orthogonal requirements. This no longer takes a wrapper class property or uses reflection. SavedRequest functionality is accessed through the RequestCache interface, with the default implementation being HttpSessionRequestCache. A separate filter RequestCacheAwareFilter is now responsible for reconstituting the SavedRequest if it matches the current request. The functionality for matching and returning the wrapper is contained in the RequestCache method though. 2009-07-20 22:34:40 +00:00
Luke Taylor
8ddd96af2b SEC-1186: intermediate commit of namespace changes for improved tooling support 2009-06-26 12:44:46 +00:00
Luke Taylor
5808da12ff SEC-1094: Simplified WebXml attribute mapping. Removed generic jaxen-based implementation on which it was based in favour of simple DOM model traversal. Updated sample. 2009-06-08 15:23:41 +00:00
Luke Taylor
66f7e8bcc8 SEC-1168: Added filter-security-metadat-source to namespace. 2009-06-08 12:59:13 +00:00
Luke Taylor
a8215fa2cb SEC-1160: Renaming of authentication filters and entry points and associated doc changes 2009-05-12 05:37:11 +00:00
Luke Taylor
4bad213b19 SEC-1132: Moved remaining preauth code from core to web 2009-05-12 00:11:06 +00:00
Luke Taylor
d5b7ce69cc SEC-1158: Decoupling of Pre/Post annotations implementation from Spring EL. 2009-05-11 05:35:20 +00:00
Luke Taylor
29fafbbf18 Misc tidying up of old files and refactoring of tests 2009-05-05 13:29:59 +00:00
Luke Taylor
6d655aa514 SEC-1132: More refactoring to remove cycles ad reduce complexity metrics 2009-05-04 14:24:54 +00:00
Luke Taylor
5b543f83ec Removed web dependency on core-tests 2009-05-04 02:25:49 +00:00
Luke Taylor
dca566ff1f SEC-1149: WebInvocationPrivilegeEvaluator now contains methods to evaluate the permissions on URIs directly. Deleted FilterInvocationUtils. 2009-05-02 06:02:17 +00:00
Luke Taylor
d1cb85e4f3 Refactoring of methods names in UrlUtils for consistency. 2009-05-01 10:43:41 +00:00
Luke Taylor
f6800fbe04 Refactored to remove dependency on FilterInvocationUtils. 2009-05-01 08:57:28 +00:00
Luke Taylor
e94baf38b3 Tidying up to remove warnings (generics, use of deprecated test classes etc). 2009-04-28 06:49:43 +00:00
Luke Taylor
6bd7421a1b SEC-1078: Converted WASSecurityHelper to an internal interface and added test for scenario from this issue. 2009-04-27 06:01:40 +00:00
Luke Taylor
1454cbb78e SEC-1132: Moved TextUtils to web module and StringSplit utils into Digest authentication package (as they aren't used elsewhere). 2009-04-25 08:04:26 +00:00
Luke Taylor
a76cbee4bc SEC-1132: Moved ThrowableAnalyzer code to web module as it is only used in ExceptionTranslationFilter 2009-04-25 07:03:15 +00:00
Luke Taylor
cac2bce382 Refactored SessionRegistryImpl to remove servlet API deps and moved back into core, along with other concurrent authentication package classes. 2009-04-21 06:05:14 +00:00
Luke Taylor
271fbb7ddf SEC-1081: Fix for PersistentTokenBasedRememberMeServices int overflow problem. 2009-04-20 09:08:35 +00:00
Luke Taylor
c21300d3ad Tidying imports. 2009-04-19 02:29:16 +00:00
Luke Taylor
6b3d0eac40 SEC-1111: Fix for "java.io.CharConversionException: Not an ISO 8859-1 character". Use response.getWriter() instead of printing to ServletOutputStream. 2009-04-18 07:35:34 +00:00
Luke Taylor
93bdcccaee SEC-1132: Moved userdetails into core and added core/authority sub-package 2009-04-15 07:39:21 +00:00
Luke Taylor
c770998d92 SEC-1132: Move authoritymapping to core as it is actually used in loading authorities for a use, not in making access decisions. 2009-04-14 04:22:57 +00:00
Luke Taylor
ca7d055c2b SEC-1132: Created core and authentication packages within core module. 2009-04-13 13:43:23 +00:00
Luke Taylor
9efb5a7007 SEC-1132: Moved access-control/authorization specific code to org.sf.security.access package. Created provisioning package for user management classes to remove cyclical deps. Some other moving of classes to remove code tangles. Restructuring of portlet module under org.sf.security.portlet 2009-04-12 12:23:23 +00:00
Luke Taylor
7c4d54f356 SEC-1131: Applied patch for portlet upgrade 2009-04-12 05:52:20 +00:00
Luke Taylor
f746a20ab4 SEC-1132: package refactoring of non-core modules 2009-03-27 05:01:03 +00:00
Luke Taylor
bec84f874a SEC-1125: Further refactoring of web packages following creation of web module. Fixing samples. 2009-03-26 07:18:36 +00:00
Luke Taylor
2a9a8a41db SEC-1125: Created separate web module spring-security-web 2009-03-25 06:28:18 +00:00