Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,652 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

2652 Commits

Author SHA1 Message Date
Luke Taylor 4d306c2c1e Fix spring-portlet dep at 2.0.8 2008-04-01 12:43:08 +00:00
Luke Taylor e05d1da102 Refactored AuthenticationUserDetailsService to userdetails package as it isn't preauth specific 2008-03-31 23:08:30 +00:00
Luke Taylor f898bec370 OPEN - issue SEC-742: IllegalArgumentException if namespace configuration defines RememberMeServices without BasicProcessingFilter 
http://jira.springframework.org/browse/SEC-742. Fix. Post processor was assuming there was a BasicProcessinFilter in the app context when a remember-me services was present.
 2008-03-31 22:44:11 +00:00
Luke Taylor c347834401 OPEN - issue SEC-605: JdbcDaoImpl of UserDetailsService should provide a method for customizing creation of the final UserDetails object 
http://jira.springframework.org/browse/SEC-605. Added a createUserDetails method and also some other methods which are responsible for executing the individual queries for loading the userinformation and authorities.
 2008-03-31 18:01:07 +00:00
Luke Taylor 40e51dd5fe OPEN - issue SEC-649: Add user-service-ref attribute to remember-me namespace element 
http://jira.springframework.org/browse/SEC-649. Added attribute to namespace and parsing support.
 2008-03-31 17:27:58 +00:00
Luke Taylor cc752cfc28 OPEN - issue SEC-732: Encapsulate query objects in JdbcDaoImpl and JdbcUserDetailsManager 
http://jira.springframework.org/browse/SEC-732. Updated these classes to hide the internal query and update objects to allow future refactoring.
 2008-03-31 16:52:31 +00:00
Luke Taylor 53b084e2f9 Simple tests to detect invalid configurations, particularly when the namespace has been updated without applying the spring-security.xsl transformation, which prevents certain elements from appearing at top level. 2008-03-31 16:30:28 +00:00
Luke Taylor b1ae4922d2 SEC-726: Added entry-point-ref to <http> namespace element to allow customization of authentication process. 2008-03-31 16:22:40 +00:00
Luke Taylor f523cef578 Fixed broken portlet test 2008-03-31 13:30:29 +00:00
Luke Taylor 9db55f336c SEC-739: Removed siteminder provider code. 2008-03-31 12:23:32 +00:00
Luke Taylor 512c64fb98 SEC-738: Add session-registry-alias attribute to concurrent-session-control 
http://jira.springframework.org/browse/SEC-738. Added this attribute. Also various bugfixes in handling of attribute names for concurrent session control.
 2008-03-31 12:01:37 +00:00
Luke Taylor 07f820f1a6 Minor portlet-related changes suggested by John Lewis: Javadoc and default values of booleans. 2008-03-31 10:10:13 +00:00
Luke Taylor c9b6fe9555 OPEN - issue SEC-657: Create pre-authenticated processing filter which obtains username from request header 
http://jira.springframework.org/browse/SEC-657. Added filter and test class.
 2008-03-30 13:37:13 +00:00
Luke Taylor b98c72056a SEC-728: Change use of String.getBytes() in password encoders to use UTF-8 2008-03-29 15:21:31 +00:00
Luke Taylor 91a5a6c266 SEC-737: sandboxed captcha 2008-03-29 14:49:40 +00:00
Luke Taylor 52875e2c12 updated wtp version to 2.0 2008-03-29 14:48:31 +00:00
Luke Taylor e74f826d6f Fixed broken sandbox build 2008-03-29 14:45:31 +00:00
Scott Battaglia ea489baf6f SEC-730 
updated configuration to new CAS client
 2008-03-28 18:25:02 +00:00
Luke Taylor 1463b9769d SEC-629: authentication-provider doesn't support caching. 
http://jira.springframework.org/browse/SEC-629. Added support for cache-ref elements on jdbc-user-service and ldap-user-service
 2008-03-28 17:55:12 +00:00
Luke Taylor db6fafaf56 SEC-629: authentication-provider doesn't support caching. Refactored MockUserCache class to top level 2008-03-28 14:17:05 +00:00
Ben Alex 1490fe0b0a Various fine-tuning so people can see AspectJ expressions and a simple, minimal configuration. 2008-03-28 00:47:08 +00:00
Ben Alex 595a14dbd5 Sample should permit people to anonymously call all methods except post(Account). 2008-03-28 00:44:42 +00:00
Luke Taylor 1fece47b49 SEC-691: Applied patch to allow setting of returned user attributes from LDAP search. 2008-03-27 14:41:11 +00:00
Luke Taylor 350a626587 SEC-477: Added preauthenticated websphere contribution. 2008-03-27 14:25:17 +00:00
Luke Taylor 608e8d3610 SEC-672. Forgot to set core-tiger packaging type to 'bundle' 2008-03-26 21:54:48 +00:00
Luke Taylor 584853bbcb Tidied imports. 2008-03-26 21:49:26 +00:00
Luke Taylor ef5b3e2f9c SEC-733: Changed names of <global-method-security> attributes as discussed with Ben and updated sample to reflect the changes. Also changed explicit instantiation of Jsr250 and Secured annotation MethodDefinitionSource beans in GlobalMethodSecurityBDP into bean definitions to make more tooling friendly. 2008-03-26 21:48:24 +00:00
Luke Taylor 9ea2408ac6 Fixed error in choosing main entry point (it's an alias not a bean name, so doesn't appear in the entry map - you have to get it direct from the bean factory). 2008-03-26 17:34:42 +00:00
Luke Taylor 071c91540c SEC-722: Added explicit login page to open-id element in openid sample. 2008-03-26 17:01:54 +00:00
Luke Taylor 743d72ca7b Added log4j support to tutorial app 2008-03-26 15:27:09 +00:00
Luke Taylor 1cd7865ed5 SEC-729: Removed version numbers and jstl declarations from sample parent pom 2008-03-26 15:21:41 +00:00
Luke Taylor 1b8a3c5673 SEC-689: Updated session fixation protection namespace support to set session registry on SessionFixationProtectionFilter. 2008-03-26 14:51:16 +00:00
Luke Taylor eeb14b3965 Changed filter order numbers to start at zero (makes them more readable in log compared with large negative numbers) 2008-03-26 12:22:26 +00:00
Luke Taylor 4681ff3d50 SEC-689: Fix 1.4 compatibility issue (overlooked autoboxing of boolean) 2008-03-26 12:09:57 +00:00
Luke Taylor 43b51ca64d SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added support to namespace.
 2008-03-26 12:00:58 +00:00
Luke Taylor 2af2f299cb SEC-689: Further tests, logging improvements. 2008-03-26 00:00:56 +00:00
Luke Taylor a29842a467 SEC-689: Tests for SessionFixationProtectionFilter 2008-03-25 23:24:38 +00:00
Luke Taylor 8f5bcb64a6 SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added a general SessionFixationProtectionFilter which can be added to the filter stack to detect when a user has been authenticated and then migrate them to a new session. Also added support to <http/> namespace element.
 2008-03-25 22:32:26 +00:00
Luke Taylor 83bcc6ad7c Removed loggers from subclasses of SpringSecurityFilter in favour of using base class logger. 2008-03-25 14:51:34 +00:00
Ben Alex 0860333a3f SEC-733: AspectJ Pointcut Expression Parsing support. 2008-03-25 08:28:53 +00:00
Ben Alex f4eb15b08b SEC-428: Tests to prove proxy-target-class="true" works. 2008-03-24 23:10:01 +00:00
Luke Taylor f8b5000d40 SEC-428: Make sure context is cleared before running test. 2008-03-24 22:56:43 +00:00
Luke Taylor 18fef571c3 Import cleaning. 2008-03-24 22:44:42 +00:00
Luke Taylor 028af06d61 SEC-428: Security interceptor does not work with schema based aop:config 
http://jira.springframework.org/browse/SEC-428. Fixed broken test method.
 2008-03-24 22:43:08 +00:00
Luke Taylor a375d8e59e SEC-428: Added test 2008-03-24 20:50:58 +00:00
Luke Taylor 1dd5f42142 Adding svn keywords, correcting typos etc. 2008-03-24 20:48:45 +00:00
Scott Battaglia ed645958fa per email with Ben and Luke removed cas-adapter and reworked cas module to just be the CAS client code. 2008-03-24 20:24:33 +00:00
Ben Alex 9a4977ebd1 SEC-99/428/429/563: Various refactoring of method security metadata support. 2008-03-24 09:40:13 +00:00
Ben Alex beba7221cf Update dependency versions and POM structure. 2008-03-24 09:16:12 +00:00
Ben Alex f67c7bcb38 Update dependency versions and POM structure 2008-03-24 09:06:46 +00:00