Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,652 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

1499 Commits

Author SHA1 Message Date
Luke Taylor e05d1da102 Refactored AuthenticationUserDetailsService to userdetails package as it isn't preauth specific 2008-03-31 23:08:30 +00:00
Luke Taylor f898bec370 OPEN - issue SEC-742: IllegalArgumentException if namespace configuration defines RememberMeServices without BasicProcessingFilter 
http://jira.springframework.org/browse/SEC-742. Fix. Post processor was assuming there was a BasicProcessinFilter in the app context when a remember-me services was present.
 2008-03-31 22:44:11 +00:00
Luke Taylor c347834401 OPEN - issue SEC-605: JdbcDaoImpl of UserDetailsService should provide a method for customizing creation of the final UserDetails object 
http://jira.springframework.org/browse/SEC-605. Added a createUserDetails method and also some other methods which are responsible for executing the individual queries for loading the userinformation and authorities.
 2008-03-31 18:01:07 +00:00
Luke Taylor 40e51dd5fe OPEN - issue SEC-649: Add user-service-ref attribute to remember-me namespace element 
http://jira.springframework.org/browse/SEC-649. Added attribute to namespace and parsing support.
 2008-03-31 17:27:58 +00:00
Luke Taylor cc752cfc28 OPEN - issue SEC-732: Encapsulate query objects in JdbcDaoImpl and JdbcUserDetailsManager 
http://jira.springframework.org/browse/SEC-732. Updated these classes to hide the internal query and update objects to allow future refactoring.
 2008-03-31 16:52:31 +00:00
Luke Taylor 53b084e2f9 Simple tests to detect invalid configurations, particularly when the namespace has been updated without applying the spring-security.xsl transformation, which prevents certain elements from appearing at top level. 2008-03-31 16:30:28 +00:00
Luke Taylor b1ae4922d2 SEC-726: Added entry-point-ref to <http> namespace element to allow customization of authentication process. 2008-03-31 16:22:40 +00:00
Luke Taylor 9db55f336c SEC-739: Removed siteminder provider code. 2008-03-31 12:23:32 +00:00
Luke Taylor 512c64fb98 SEC-738: Add session-registry-alias attribute to concurrent-session-control 
http://jira.springframework.org/browse/SEC-738. Added this attribute. Also various bugfixes in handling of attribute names for concurrent session control.
 2008-03-31 12:01:37 +00:00
Luke Taylor 07f820f1a6 Minor portlet-related changes suggested by John Lewis: Javadoc and default values of booleans. 2008-03-31 10:10:13 +00:00
Luke Taylor c9b6fe9555 OPEN - issue SEC-657: Create pre-authenticated processing filter which obtains username from request header 
http://jira.springframework.org/browse/SEC-657. Added filter and test class.
 2008-03-30 13:37:13 +00:00
Luke Taylor b98c72056a SEC-728: Change use of String.getBytes() in password encoders to use UTF-8 2008-03-29 15:21:31 +00:00
Luke Taylor 1463b9769d SEC-629: authentication-provider doesn't support caching. 
http://jira.springframework.org/browse/SEC-629. Added support for cache-ref elements on jdbc-user-service and ldap-user-service
 2008-03-28 17:55:12 +00:00
Luke Taylor db6fafaf56 SEC-629: authentication-provider doesn't support caching. Refactored MockUserCache class to top level 2008-03-28 14:17:05 +00:00
Luke Taylor 1fece47b49 SEC-691: Applied patch to allow setting of returned user attributes from LDAP search. 2008-03-27 14:41:11 +00:00
Luke Taylor 350a626587 SEC-477: Added preauthenticated websphere contribution. 2008-03-27 14:25:17 +00:00
Luke Taylor 584853bbcb Tidied imports. 2008-03-26 21:49:26 +00:00
Luke Taylor ef5b3e2f9c SEC-733: Changed names of <global-method-security> attributes as discussed with Ben and updated sample to reflect the changes. Also changed explicit instantiation of Jsr250 and Secured annotation MethodDefinitionSource beans in GlobalMethodSecurityBDP into bean definitions to make more tooling friendly. 2008-03-26 21:48:24 +00:00
Luke Taylor 9ea2408ac6 Fixed error in choosing main entry point (it's an alias not a bean name, so doesn't appear in the entry map - you have to get it direct from the bean factory). 2008-03-26 17:34:42 +00:00
Luke Taylor 1b8a3c5673 SEC-689: Updated session fixation protection namespace support to set session registry on SessionFixationProtectionFilter. 2008-03-26 14:51:16 +00:00
Luke Taylor eeb14b3965 Changed filter order numbers to start at zero (makes them more readable in log compared with large negative numbers) 2008-03-26 12:22:26 +00:00
Luke Taylor 4681ff3d50 SEC-689: Fix 1.4 compatibility issue (overlooked autoboxing of boolean) 2008-03-26 12:09:57 +00:00
Luke Taylor 43b51ca64d SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added support to namespace.
 2008-03-26 12:00:58 +00:00
Luke Taylor 2af2f299cb SEC-689: Further tests, logging improvements. 2008-03-26 00:00:56 +00:00
Luke Taylor a29842a467 SEC-689: Tests for SessionFixationProtectionFilter 2008-03-25 23:24:38 +00:00
Luke Taylor 8f5bcb64a6 SEC-689: Session Fixation protection should be available to all authentication mechanisms. 
http://jira.springframework.org/browse/SEC-689. Added a general SessionFixationProtectionFilter which can be added to the filter stack to detect when a user has been authenticated and then migrate them to a new session. Also added support to <http/> namespace element.
 2008-03-25 22:32:26 +00:00
Luke Taylor 83bcc6ad7c Removed loggers from subclasses of SpringSecurityFilter in favour of using base class logger. 2008-03-25 14:51:34 +00:00
Ben Alex 0860333a3f SEC-733: AspectJ Pointcut Expression Parsing support. 2008-03-25 08:28:53 +00:00
Ben Alex f4eb15b08b SEC-428: Tests to prove proxy-target-class="true" works. 2008-03-24 23:10:01 +00:00
Luke Taylor f8b5000d40 SEC-428: Make sure context is cleared before running test. 2008-03-24 22:56:43 +00:00
Luke Taylor 18fef571c3 Import cleaning. 2008-03-24 22:44:42 +00:00
Luke Taylor 028af06d61 SEC-428: Security interceptor does not work with schema based aop:config 
http://jira.springframework.org/browse/SEC-428. Fixed broken test method.
 2008-03-24 22:43:08 +00:00
Luke Taylor a375d8e59e SEC-428: Added test 2008-03-24 20:50:58 +00:00
Luke Taylor 1dd5f42142 Adding svn keywords, correcting typos etc. 2008-03-24 20:48:45 +00:00
Ben Alex 9a4977ebd1 SEC-99/428/429/563: Various refactoring of method security metadata support. 2008-03-24 09:40:13 +00:00
Ben Alex 6ab301981c Update dependency versions and POM structure. 2008-03-24 09:05:44 +00:00
Luke Taylor fe0e05a6c8 SEC-725: PasswordEncoderParser: <security:password-encoder> element does not pick up 'base64' attribute value 
http://jira.springframework.org/browse/SEC-725. Added fix as recommended in issue.
 2008-03-23 22:38:13 +00:00
Luke Taylor b54e3978dc SEC-729: Organization of pom dependencies, particularly for servlet-api and jstl. Some other adjustments, removal of unrequired deps etc 2008-03-23 00:31:32 +00:00
Luke Taylor 30a6abbe50 Tidied formatting of toString output for FilterBasedLdapUserSearch 2008-03-22 21:40:54 +00:00
Luke Taylor 162933155e Added implementation of GrantedAuthoritiesContainer to allow refactoring of duplication in various preauth details classes 2008-03-22 19:29:13 +00:00
Luke Taylor 2ea94e2cc9 Tidying imports etc 2008-03-22 11:44:28 +00:00
Luke Taylor 563dabda2f SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added OpenIDProvider to bean registry and fixed login page generator to use correct URL for OpenID. Added user-service-ref to namespace element. Changed OpenID sample to use <openid-login />.
 2008-03-21 23:47:09 +00:00
Luke Taylor b89dbc6060 Import cleaning 2008-03-21 21:51:48 +00:00
Luke Taylor 9871685ea3 SEC-722: Fixed problem with empty loginpage string (rather than null) preventing default login page filter from being added to the stack. 2008-03-21 21:50:26 +00:00
Luke Taylor b73736ffaf Updated example configuration in javadoc for LdapAuthenticationProvider. 2008-03-21 17:12:22 +00:00
Ben Alex 16ea8faa0d SEC-727: Ensure SecurityConfig cannot be constructed unsafely; also update SecurityConfigTests to JUnit 4. 2008-03-21 02:15:47 +00:00
Luke Taylor acc22b2745 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added check for MAIN_ENTRY_POINT bean when resolving entry points. If this has been set during parsing it will be used.
 2008-03-20 20:11:34 +00:00
Luke Taylor 815f04b6c3 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added element to namespace and modified form login parser to handle open id element. Also added openID support to login page generator.
 2008-03-20 20:05:11 +00:00
Luke Taylor bbc5fea598 SEC-722: Add Open ID Namespace Support 
http://jira.springframework.org/browse/SEC-722. Added extra constants for OpenID support.
 2008-03-20 19:51:59 +00:00
Luke Taylor d333655b0b Updated to commons logging 1.1.1 to get rid of servlet api dependency in their pom 2008-03-20 19:43:55 +00:00